0s autopkgtest [22:03:50]: starting date: 2024-03-12 0s autopkgtest [22:03:50]: git checkout: d9c0295 adt_testbed.py: supress warnings from apt using a shell pipeline 0s autopkgtest [22:03:50]: host juju-7f2275-prod-proposed-migration-environment-2; command line: /home/ubuntu/autopkgtest/runner/autopkgtest --output-dir /tmp/autopkgtest-work.06n5wc_b/out --timeout-copy=6000 --setup-commands /home/ubuntu/autopkgtest-cloud/worker-config-production/setup-canonical.sh --setup-commands /home/ubuntu/autopkgtest/setup-commands/setup-testbed --apt-pocket=proposed=src:e2fsprogs,src:borgbackup,src:borgbackup2,src:fuse --apt-upgrade sssd --timeout-short=300 --timeout-copy=20000 --timeout-build=20000 '--env=ADT_TEST_TRIGGERS=e2fsprogs/1.47.0-2.4~exp1ubuntu2 borgbackup/1.2.7-2build2 borgbackup2/2.0.0b8-2build1 fuse/2.9.9-8.1' -- ssh -s /home/ubuntu/autopkgtest/ssh-setup/nova -- --flavor autopkgtest --security-groups autopkgtest-juju-7f2275-prod-proposed-migration-environment-2@bos03-arm64-17.secgroup --name adt-noble-arm64-sssd-20240312-220349-juju-7f2275-prod-proposed-migration-environment-2 --image adt/ubuntu-noble-arm64-server --keyname testbed-juju-7f2275-prod-proposed-migration-environment-2 --net-id=net_prod-proposed-migration -e TERM=linux -e ''"'"'http_proxy=http://squid.internal:3128'"'"'' -e ''"'"'https_proxy=http://squid.internal:3128'"'"'' -e ''"'"'no_proxy=127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com'"'"'' --mirror=http://ftpmaster.internal/ubuntu/ 244s autopkgtest [22:07:54]: @@@@@@@@@@@@@@@@@@@@ test bed setup 245s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 245s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [450 kB] 245s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [39.7 kB] 245s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [4812 B] 245s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [2782 kB] 246s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 Packages [599 kB] 246s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 c-n-f Metadata [3144 B] 246s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted arm64 Packages [20.3 kB] 246s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted arm64 c-n-f Metadata [116 B] 246s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe arm64 Packages [3161 kB] 246s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe arm64 c-n-f Metadata [8528 B] 246s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse arm64 Packages [42.0 kB] 246s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse arm64 c-n-f Metadata [116 B] 248s Fetched 7227 kB in 2s (4461 kB/s) 248s Reading package lists... 250s Reading package lists... 251s Building dependency tree... 251s Reading state information... 251s Calculating upgrade... 252s The following packages will be REMOVED: 252s libext2fs2 252s The following NEW packages will be installed: 252s libext2fs2t64 252s The following packages will be upgraded: 252s e2fsprogs e2fsprogs-l10n firmware-sof-signed libcom-err2 libss2 logsave 252s 6 upgraded, 1 newly installed, 1 to remove and 0 not upgraded. 252s Need to get 4792 kB of archives. 252s After this operation, 12.3 kB of additional disk space will be used. 252s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 logsave arm64 1.47.0-2.4~exp1ubuntu2 [22.1 kB] 252s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 e2fsprogs-l10n all 1.47.0-2.4~exp1ubuntu2 [5996 B] 252s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libext2fs2t64 arm64 1.47.0-2.4~exp1ubuntu2 [225 kB] 252s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 e2fsprogs arm64 1.47.0-2.4~exp1ubuntu2 [594 kB] 252s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libcom-err2 arm64 1.47.0-2.4~exp1ubuntu2 [22.3 kB] 252s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libss2 arm64 1.47.0-2.4~exp1ubuntu2 [16.5 kB] 252s Get:7 http://ftpmaster.internal/ubuntu noble/main arm64 firmware-sof-signed all 2023.12.1-1ubuntu1 [3906 kB] 253s Fetched 4792 kB in 1s (6431 kB/s) 253s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74748 files and directories currently installed.) 253s Preparing to unpack .../logsave_1.47.0-2.4~exp1ubuntu2_arm64.deb ... 253s Unpacking logsave (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 253s Preparing to unpack .../e2fsprogs-l10n_1.47.0-2.4~exp1ubuntu2_all.deb ... 253s Unpacking e2fsprogs-l10n (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 253s dpkg: libext2fs2:arm64: dependency problems, but removing anyway as you requested: 253s libblockdev-fs3:arm64 depends on libext2fs2 (>= 1.42.11). 253s e2fsprogs depends on libext2fs2 (= 1.47.0-2ubuntu1). 253s btrfs-progs depends on libext2fs2 (>= 1.42). 253s 253s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74748 files and directories currently installed.) 253s Removing libext2fs2:arm64 (1.47.0-2ubuntu1) ... 254s Selecting previously unselected package libext2fs2t64:arm64. 254s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74741 files and directories currently installed.) 254s Preparing to unpack .../libext2fs2t64_1.47.0-2.4~exp1ubuntu2_arm64.deb ... 254s Adding 'diversion of /lib/aarch64-linux-gnu/libe2p.so.2 to /lib/aarch64-linux-gnu/libe2p.so.2.usr-is-merged by libext2fs2t64' 254s Adding 'diversion of /lib/aarch64-linux-gnu/libe2p.so.2.3 to /lib/aarch64-linux-gnu/libe2p.so.2.3.usr-is-merged by libext2fs2t64' 254s Adding 'diversion of /lib/aarch64-linux-gnu/libext2fs.so.2 to /lib/aarch64-linux-gnu/libext2fs.so.2.usr-is-merged by libext2fs2t64' 254s Adding 'diversion of /lib/aarch64-linux-gnu/libext2fs.so.2.4 to /lib/aarch64-linux-gnu/libext2fs.so.2.4.usr-is-merged by libext2fs2t64' 254s Unpacking libext2fs2t64:arm64 (1.47.0-2.4~exp1ubuntu2) ... 254s Setting up libext2fs2t64:arm64 (1.47.0-2.4~exp1ubuntu2) ... 254s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74757 files and directories currently installed.) 254s Preparing to unpack .../e2fsprogs_1.47.0-2.4~exp1ubuntu2_arm64.deb ... 254s Unpacking e2fsprogs (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 254s Preparing to unpack .../libcom-err2_1.47.0-2.4~exp1ubuntu2_arm64.deb ... 254s Unpacking libcom-err2:arm64 (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 254s Preparing to unpack .../libss2_1.47.0-2.4~exp1ubuntu2_arm64.deb ... 254s Unpacking libss2:arm64 (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 254s Preparing to unpack .../firmware-sof-signed_2023.12.1-1ubuntu1_all.deb ... 254s Unpacking firmware-sof-signed (2023.12.1-1ubuntu1) over (2.2.6-1ubuntu4) ... 254s Setting up firmware-sof-signed (2023.12.1-1ubuntu1) ... 254s Setting up libcom-err2:arm64 (1.47.0-2.4~exp1ubuntu2) ... 254s Setting up libss2:arm64 (1.47.0-2.4~exp1ubuntu2) ... 254s Setting up logsave (1.47.0-2.4~exp1ubuntu2) ... 254s Setting up e2fsprogs (1.47.0-2.4~exp1ubuntu2) ... 254s update-initramfs: deferring update (trigger activated) 255s e2scrub_all.service is a disabled or a static unit not running, not starting it. 255s Setting up e2fsprogs-l10n (1.47.0-2.4~exp1ubuntu2) ... 255s Processing triggers for man-db (2.12.0-3) ... 256s Processing triggers for libc-bin (2.39-0ubuntu2) ... 256s Processing triggers for initramfs-tools (0.142ubuntu20) ... 256s update-initramfs: Generating /boot/initrd.img-6.8.0-11-generic 256s W: No lz4 in /usr/bin:/sbin:/bin, using gzip 272s System running in EFI mode, skipping. 272s Reading package lists... 272s Building dependency tree... 272s Reading state information... 273s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 275s sh: Attempting to set up Debian/Ubuntu apt sources automatically 275s sh: Distribution appears to be Ubuntu 276s Reading package lists... 277s Building dependency tree... 277s Reading state information... 277s eatmydata is already the newest version (131-1). 277s dbus is already the newest version (1.14.10-4ubuntu1). 277s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 277s Reading package lists... 277s Building dependency tree... 277s Reading state information... 278s rng-tools-debian is already the newest version (2.4). 278s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 278s Reading package lists... 278s Building dependency tree... 278s Reading state information... 279s haveged is already the newest version (1.9.14-1ubuntu1). 279s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 279s Reading package lists... 279s Building dependency tree... 279s Reading state information... 280s The following packages will be REMOVED: 280s cloud-init* python3-configobj* python3-debconf* 280s 0 upgraded, 0 newly installed, 3 to remove and 0 not upgraded. 280s After this operation, 3248 kB disk space will be freed. 280s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74768 files and directories currently installed.) 280s Removing cloud-init (24.1-0ubuntu1) ... 281s Removing python3-configobj (5.0.8-3) ... 281s Removing python3-debconf (1.5.86) ... 281s Processing triggers for man-db (2.12.0-3) ... 281s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74379 files and directories currently installed.) 281s Purging configuration files for cloud-init (24.1-0ubuntu1) ... 282s dpkg: warning: while removing cloud-init, directory '/etc/cloud/cloud.cfg.d' not empty so not removed 282s Processing triggers for rsyslog (8.2312.0-3ubuntu3) ... 282s Reading package lists... 282s Building dependency tree... 282s Reading state information... 283s linux-generic is already the newest version (6.8.0-11.11+1). 283s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 283s Hit:1 http://ftpmaster.internal/ubuntu noble InRelease 283s Hit:2 http://ftpmaster.internal/ubuntu noble-updates InRelease 284s Hit:3 http://ftpmaster.internal/ubuntu noble-security InRelease 284s Hit:4 http://ftpmaster.internal/ubuntu noble-proposed InRelease 285s Reading package lists... 285s Reading package lists... 285s Building dependency tree... 285s Reading state information... 286s Calculating upgrade... 286s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 286s Reading package lists... 286s Building dependency tree... 286s Reading state information... 287s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 287s autopkgtest [22:08:37]: rebooting testbed after setup commands that affected boot 507s autopkgtest [22:12:17]: testbed running kernel: Linux 6.8.0-11-generic #11-Ubuntu SMP PREEMPT_DYNAMIC Wed Feb 14 02:53:31 UTC 2024 507s autopkgtest [22:12:17]: testbed dpkg architecture: arm64 508s autopkgtest [22:12:18]: @@@@@@@@@@@@@@@@@@@@ apt-source sssd 518s Get:1 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (dsc) [5269 B] 518s Get:2 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (tar) [7983 kB] 518s Get:3 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (asc) [833 B] 518s Get:4 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (diff) [48.4 kB] 518s gpgv: Signature made Mon Feb 26 21:56:54 2024 UTC 518s gpgv: using RSA key E92FD0B36B14F1F4D8E0EB2F106DA1C8C3CBBF14 518s gpgv: Can't check signature: No public key 518s dpkg-source: warning: cannot verify inline signature for ./sssd_2.9.4-1ubuntu1.dsc: no acceptable signature found 519s autopkgtest [22:12:29]: testing package sssd version 2.9.4-1ubuntu1 519s autopkgtest [22:12:29]: build not needed 521s autopkgtest [22:12:31]: test ldap-user-group-ldap-auth: preparing testbed 523s Reading package lists... 524s Building dependency tree... 524s Reading state information... 524s Correcting dependencies...Starting pkgProblemResolver with broken count: 0 524s Starting 2 pkgProblemResolver with broken count: 0 524s Done 524s Done 525s Starting pkgProblemResolver with broken count: 0 525s Starting 2 pkgProblemResolver with broken count: 0 525s Done 525s The following additional packages will be installed: 525s expect ldap-utils libavahi-client3 libavahi-common-data libavahi-common3 525s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 525s libevent-2.1-7 libini-config5 libipa-hbac-dev libipa-hbac0 libjose0 libkrad0 525s libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo libodbc2 525s libpam-pwquality libpam-sss libpath-utils1 libpwquality-common libpwquality1 525s libref-array1 libsmbclient libsss-certmap-dev libsss-certmap0 525s libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev libsss-nss-idmap0 525s libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0 libverto-libevent1 525s libverto1 libwbclient0 python3-libipa-hbac python3-libsss-nss-idmap 525s python3-sss samba-libs slapd sssd sssd-ad sssd-ad-common sssd-common 525s sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap 525s sssd-passkey sssd-proxy sssd-tools tcl-expect tcl8.6 525s Suggested packages: 525s tk8.6 libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal 525s odbc-postgresql tdsodbc adcli libsasl2-modules-ldap tcl-tclreadline 525s Recommended packages: 525s cracklib-runtime libsasl2-modules-gssapi-mit 525s | libsasl2-modules-gssapi-heimdal 525s The following NEW packages will be installed: 525s expect ldap-utils libavahi-client3 libavahi-common-data libavahi-common3 525s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 525s libevent-2.1-7 libini-config5 libipa-hbac-dev libipa-hbac0 libjose0 libkrad0 525s libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo libodbc2 525s libpam-pwquality libpam-sss libpath-utils1 libpwquality-common libpwquality1 525s libref-array1 libsmbclient libsss-certmap-dev libsss-certmap0 525s libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev libsss-nss-idmap0 525s libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0 libverto-libevent1 525s libverto1 libwbclient0 python3-libipa-hbac python3-libsss-nss-idmap 525s python3-sss samba-libs slapd sssd sssd-ad sssd-ad-common sssd-common 525s sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap 525s sssd-passkey sssd-proxy sssd-tools tcl-expect tcl8.6 526s 0 upgraded, 64 newly installed, 0 to remove and 0 not upgraded. 526s 1 not fully installed or removed. 526s Need to get 12.6 MB of archives. 526s After this operation, 59.9 MB of additional disk space will be used. 526s Get:1 http://ftpmaster.internal/ubuntu noble/main arm64 libtalloc2 arm64 2.4.2-1 [26.6 kB] 526s Get:2 http://ftpmaster.internal/ubuntu noble/main arm64 libtdb1 arm64 1.4.10-1 [48.4 kB] 526s Get:3 http://ftpmaster.internal/ubuntu noble/main arm64 libtevent0 arm64 0.16.1-1 [41.8 kB] 526s Get:4 http://ftpmaster.internal/ubuntu noble/main arm64 libldb2 arm64 2:2.8.0+samba4.19.5+dfsg-1ubuntu1 [187 kB] 526s Get:5 http://ftpmaster.internal/ubuntu noble/main arm64 python3-sss arm64 2.9.4-1ubuntu1 [46.5 kB] 526s Get:6 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-idmap0 arm64 2.9.4-1ubuntu1 [21.8 kB] 526s Get:7 http://ftpmaster.internal/ubuntu noble/main arm64 libnss-sss arm64 2.9.4-1ubuntu1 [31.7 kB] 526s Get:8 http://ftpmaster.internal/ubuntu noble/main arm64 libcrack2 arm64 2.9.6-5.1 [28.7 kB] 526s Get:9 http://ftpmaster.internal/ubuntu noble/main arm64 libpwquality-common all 1.4.5-3 [7658 B] 526s Get:10 http://ftpmaster.internal/ubuntu noble/main arm64 libpwquality1 arm64 1.4.5-3 [13.2 kB] 526s Get:11 http://ftpmaster.internal/ubuntu noble/main arm64 libpam-pwquality arm64 1.4.5-3 [11.6 kB] 526s Get:12 http://ftpmaster.internal/ubuntu noble/main arm64 libpam-sss arm64 2.9.4-1ubuntu1 [48.8 kB] 526s Get:13 http://ftpmaster.internal/ubuntu noble/main arm64 libc-ares2 arm64 1.27.0-1 [74.1 kB] 526s Get:14 http://ftpmaster.internal/ubuntu noble/main arm64 libdhash1 arm64 0.6.2-2 [8540 B] 526s Get:15 http://ftpmaster.internal/ubuntu noble/main arm64 libbasicobjects0 arm64 0.6.2-2 [5586 B] 526s Get:16 http://ftpmaster.internal/ubuntu noble/main arm64 libcollection4 arm64 0.6.2-2 [23.0 kB] 526s Get:17 http://ftpmaster.internal/ubuntu noble/main arm64 libpath-utils1 arm64 0.6.2-2 [8722 B] 526s Get:18 http://ftpmaster.internal/ubuntu noble/main arm64 libref-array1 arm64 0.6.2-2 [7042 B] 526s Get:19 http://ftpmaster.internal/ubuntu noble/main arm64 libini-config5 arm64 0.6.2-2 [43.7 kB] 526s Get:20 http://ftpmaster.internal/ubuntu noble/main arm64 libnfsidmap1 arm64 1:2.6.3-3ubuntu1 [47.1 kB] 526s Get:21 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-certmap0 arm64 2.9.4-1ubuntu1 [45.8 kB] 526s Get:22 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-nss-idmap0 arm64 2.9.4-1ubuntu1 [30.3 kB] 526s Get:23 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-common arm64 2.9.4-1ubuntu1 [1147 kB] 526s Get:24 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-common-data arm64 0.8-13ubuntu2 [29.5 kB] 526s Get:25 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-common3 arm64 0.8-13ubuntu2 [23.2 kB] 526s Get:26 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-client3 arm64 0.8-13ubuntu2 [27.3 kB] 526s Get:27 http://ftpmaster.internal/ubuntu noble/main arm64 libwbclient0 arm64 2:4.19.5+dfsg-1ubuntu1 [70.6 kB] 526s Get:28 http://ftpmaster.internal/ubuntu noble/main arm64 samba-libs arm64 2:4.19.5+dfsg-1ubuntu1 [6061 kB] 527s Get:29 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ad-common arm64 2.9.4-1ubuntu1 [75.4 kB] 527s Get:30 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-krb5-common arm64 2.9.4-1ubuntu1 [87.9 kB] 527s Get:31 http://ftpmaster.internal/ubuntu noble/main arm64 libsmbclient arm64 2:4.19.5+dfsg-1ubuntu1 [62.2 kB] 527s Get:32 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ad arm64 2.9.4-1ubuntu1 [134 kB] 527s Get:33 http://ftpmaster.internal/ubuntu noble/main arm64 libipa-hbac0 arm64 2.9.4-1ubuntu1 [16.7 kB] 527s Get:34 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ipa arm64 2.9.4-1ubuntu1 [220 kB] 527s Get:35 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-krb5 arm64 2.9.4-1ubuntu1 [14.3 kB] 527s Get:36 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ldap arm64 2.9.4-1ubuntu1 [31.3 kB] 527s Get:37 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-proxy arm64 2.9.4-1ubuntu1 [44.6 kB] 527s Get:38 http://ftpmaster.internal/ubuntu noble/main arm64 sssd arm64 2.9.4-1ubuntu1 [4120 B] 527s Get:39 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-dbus arm64 2.9.4-1ubuntu1 [103 kB] 527s Get:40 http://ftpmaster.internal/ubuntu noble/universe arm64 libjose0 arm64 11-3 [44.1 kB] 527s Get:41 http://ftpmaster.internal/ubuntu noble/main arm64 libevent-2.1-7 arm64 2.1.12-stable-9 [138 kB] 527s Get:42 http://ftpmaster.internal/ubuntu noble/main arm64 libverto-libevent1 arm64 0.3.1-1ubuntu5 [5848 B] 527s Get:43 http://ftpmaster.internal/ubuntu noble/main arm64 libverto1 arm64 0.3.1-1ubuntu5 [10.2 kB] 527s Get:44 http://ftpmaster.internal/ubuntu noble/main arm64 libkrad0 arm64 1.20.1-5build1 [22.1 kB] 527s Get:45 http://ftpmaster.internal/ubuntu noble/universe arm64 sssd-idp arm64 2.9.4-1ubuntu1 [27.9 kB] 527s Get:46 http://ftpmaster.internal/ubuntu noble/universe arm64 sssd-kcm arm64 2.9.4-1ubuntu1 [139 kB] 527s Get:47 http://ftpmaster.internal/ubuntu noble/universe arm64 sssd-passkey arm64 2.9.4-1ubuntu1 [32.7 kB] 527s Get:48 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-tools arm64 2.9.4-1ubuntu1 [97.5 kB] 527s Get:49 http://ftpmaster.internal/ubuntu noble/main arm64 libipa-hbac-dev arm64 2.9.4-1ubuntu1 [6660 B] 527s Get:50 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-certmap-dev arm64 2.9.4-1ubuntu1 [5722 B] 527s Get:51 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-idmap-dev arm64 2.9.4-1ubuntu1 [8380 B] 527s Get:52 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-nss-idmap-dev arm64 2.9.4-1ubuntu1 [6714 B] 527s Get:53 http://ftpmaster.internal/ubuntu noble/universe arm64 libnss-sudo all 1.9.15p5-3ubuntu1 [14.9 kB] 527s Get:54 http://ftpmaster.internal/ubuntu noble/universe arm64 libsss-sudo arm64 2.9.4-1ubuntu1 [20.4 kB] 527s Get:55 http://ftpmaster.internal/ubuntu noble/universe arm64 python3-libipa-hbac arm64 2.9.4-1ubuntu1 [16.6 kB] 527s Get:56 http://ftpmaster.internal/ubuntu noble/universe arm64 python3-libsss-nss-idmap arm64 2.9.4-1ubuntu1 [9160 B] 527s Get:57 http://ftpmaster.internal/ubuntu noble/main arm64 libltdl7 arm64 2.4.7-7 [40.3 kB] 527s Get:58 http://ftpmaster.internal/ubuntu noble/main arm64 libodbc2 arm64 2.3.12-1 [144 kB] 527s Get:59 http://ftpmaster.internal/ubuntu noble/main arm64 slapd arm64 2.6.7+dfsg-1~exp1ubuntu1 [1515 kB] 527s Get:60 http://ftpmaster.internal/ubuntu noble/main arm64 ldap-utils arm64 2.6.7+dfsg-1~exp1ubuntu1 [149 kB] 527s Get:61 http://ftpmaster.internal/ubuntu noble/main arm64 libtcl8.6 arm64 8.6.13+dfsg-2 [980 kB] 527s Get:62 http://ftpmaster.internal/ubuntu noble/main arm64 tcl8.6 arm64 8.6.13+dfsg-2 [14.6 kB] 527s Get:63 http://ftpmaster.internal/ubuntu noble/universe arm64 tcl-expect arm64 5.45.4-2build1 [103 kB] 527s Get:64 http://ftpmaster.internal/ubuntu noble/universe arm64 expect arm64 5.45.4-2build1 [137 kB] 528s Preconfiguring packages ... 528s Fetched 12.6 MB in 2s (6308 kB/s) 528s Selecting previously unselected package libtalloc2:arm64. 529s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74324 files and directories currently installed.) 529s Preparing to unpack .../00-libtalloc2_2.4.2-1_arm64.deb ... 529s Unpacking libtalloc2:arm64 (2.4.2-1) ... 529s Selecting previously unselected package libtdb1:arm64. 529s Preparing to unpack .../01-libtdb1_1.4.10-1_arm64.deb ... 529s Unpacking libtdb1:arm64 (1.4.10-1) ... 529s Selecting previously unselected package libtevent0:arm64. 529s Preparing to unpack .../02-libtevent0_0.16.1-1_arm64.deb ... 529s Unpacking libtevent0:arm64 (0.16.1-1) ... 529s Selecting previously unselected package libldb2:arm64. 529s Preparing to unpack .../03-libldb2_2%3a2.8.0+samba4.19.5+dfsg-1ubuntu1_arm64.deb ... 529s Unpacking libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 529s Selecting previously unselected package python3-sss. 529s Preparing to unpack .../04-python3-sss_2.9.4-1ubuntu1_arm64.deb ... 529s Unpacking python3-sss (2.9.4-1ubuntu1) ... 529s Selecting previously unselected package libsss-idmap0. 529s Preparing to unpack .../05-libsss-idmap0_2.9.4-1ubuntu1_arm64.deb ... 529s Unpacking libsss-idmap0 (2.9.4-1ubuntu1) ... 529s Selecting previously unselected package libnss-sss:arm64. 529s Preparing to unpack .../06-libnss-sss_2.9.4-1ubuntu1_arm64.deb ... 529s Unpacking libnss-sss:arm64 (2.9.4-1ubuntu1) ... 529s Selecting previously unselected package libcrack2:arm64. 529s Preparing to unpack .../07-libcrack2_2.9.6-5.1_arm64.deb ... 529s Unpacking libcrack2:arm64 (2.9.6-5.1) ... 529s Selecting previously unselected package libpwquality-common. 529s Preparing to unpack .../08-libpwquality-common_1.4.5-3_all.deb ... 529s Unpacking libpwquality-common (1.4.5-3) ... 529s Selecting previously unselected package libpwquality1:arm64. 529s Preparing to unpack .../09-libpwquality1_1.4.5-3_arm64.deb ... 529s Unpacking libpwquality1:arm64 (1.4.5-3) ... 529s Selecting previously unselected package libpam-pwquality:arm64. 529s Preparing to unpack .../10-libpam-pwquality_1.4.5-3_arm64.deb ... 529s Unpacking libpam-pwquality:arm64 (1.4.5-3) ... 529s Selecting previously unselected package libpam-sss:arm64. 529s Preparing to unpack .../11-libpam-sss_2.9.4-1ubuntu1_arm64.deb ... 529s Unpacking libpam-sss:arm64 (2.9.4-1ubuntu1) ... 529s Selecting previously unselected package libc-ares2:arm64. 529s Preparing to unpack .../12-libc-ares2_1.27.0-1_arm64.deb ... 529s Unpacking libc-ares2:arm64 (1.27.0-1) ... 529s Selecting previously unselected package libdhash1:arm64. 529s Preparing to unpack .../13-libdhash1_0.6.2-2_arm64.deb ... 529s Unpacking libdhash1:arm64 (0.6.2-2) ... 529s Selecting previously unselected package libbasicobjects0:arm64. 529s Preparing to unpack .../14-libbasicobjects0_0.6.2-2_arm64.deb ... 529s Unpacking libbasicobjects0:arm64 (0.6.2-2) ... 529s Selecting previously unselected package libcollection4:arm64. 529s Preparing to unpack .../15-libcollection4_0.6.2-2_arm64.deb ... 529s Unpacking libcollection4:arm64 (0.6.2-2) ... 529s Selecting previously unselected package libpath-utils1:arm64. 529s Preparing to unpack .../16-libpath-utils1_0.6.2-2_arm64.deb ... 529s Unpacking libpath-utils1:arm64 (0.6.2-2) ... 529s Selecting previously unselected package libref-array1:arm64. 529s Preparing to unpack .../17-libref-array1_0.6.2-2_arm64.deb ... 529s Unpacking libref-array1:arm64 (0.6.2-2) ... 529s Selecting previously unselected package libini-config5:arm64. 529s Preparing to unpack .../18-libini-config5_0.6.2-2_arm64.deb ... 529s Unpacking libini-config5:arm64 (0.6.2-2) ... 529s Selecting previously unselected package libnfsidmap1:arm64. 529s Preparing to unpack .../19-libnfsidmap1_1%3a2.6.3-3ubuntu1_arm64.deb ... 529s Unpacking libnfsidmap1:arm64 (1:2.6.3-3ubuntu1) ... 529s Selecting previously unselected package libsss-certmap0. 529s Preparing to unpack .../20-libsss-certmap0_2.9.4-1ubuntu1_arm64.deb ... 529s Unpacking libsss-certmap0 (2.9.4-1ubuntu1) ... 529s Selecting previously unselected package libsss-nss-idmap0. 529s Preparing to unpack .../21-libsss-nss-idmap0_2.9.4-1ubuntu1_arm64.deb ... 529s Unpacking libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 529s Selecting previously unselected package sssd-common. 529s Preparing to unpack .../22-sssd-common_2.9.4-1ubuntu1_arm64.deb ... 529s Unpacking sssd-common (2.9.4-1ubuntu1) ... 529s Selecting previously unselected package libavahi-common-data:arm64. 529s Preparing to unpack .../23-libavahi-common-data_0.8-13ubuntu2_arm64.deb ... 529s Unpacking libavahi-common-data:arm64 (0.8-13ubuntu2) ... 529s Selecting previously unselected package libavahi-common3:arm64. 529s Preparing to unpack .../24-libavahi-common3_0.8-13ubuntu2_arm64.deb ... 529s Unpacking libavahi-common3:arm64 (0.8-13ubuntu2) ... 529s Selecting previously unselected package libavahi-client3:arm64. 529s Preparing to unpack .../25-libavahi-client3_0.8-13ubuntu2_arm64.deb ... 529s Unpacking libavahi-client3:arm64 (0.8-13ubuntu2) ... 529s Selecting previously unselected package libwbclient0:arm64. 529s Preparing to unpack .../26-libwbclient0_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 529s Unpacking libwbclient0:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 529s Selecting previously unselected package samba-libs:arm64. 529s Preparing to unpack .../27-samba-libs_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 529s Unpacking samba-libs:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 530s Selecting previously unselected package sssd-ad-common. 530s Preparing to unpack .../28-sssd-ad-common_2.9.4-1ubuntu1_arm64.deb ... 530s Unpacking sssd-ad-common (2.9.4-1ubuntu1) ... 530s Selecting previously unselected package sssd-krb5-common. 530s Preparing to unpack .../29-sssd-krb5-common_2.9.4-1ubuntu1_arm64.deb ... 530s Unpacking sssd-krb5-common (2.9.4-1ubuntu1) ... 530s Selecting previously unselected package libsmbclient:arm64. 530s Preparing to unpack .../30-libsmbclient_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 530s Unpacking libsmbclient:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 530s Selecting previously unselected package sssd-ad. 530s Preparing to unpack .../31-sssd-ad_2.9.4-1ubuntu1_arm64.deb ... 530s Unpacking sssd-ad (2.9.4-1ubuntu1) ... 530s Selecting previously unselected package libipa-hbac0. 530s Preparing to unpack .../32-libipa-hbac0_2.9.4-1ubuntu1_arm64.deb ... 530s Unpacking libipa-hbac0 (2.9.4-1ubuntu1) ... 530s Selecting previously unselected package sssd-ipa. 530s Preparing to unpack .../33-sssd-ipa_2.9.4-1ubuntu1_arm64.deb ... 530s Unpacking sssd-ipa (2.9.4-1ubuntu1) ... 530s Selecting previously unselected package sssd-krb5. 530s Preparing to unpack .../34-sssd-krb5_2.9.4-1ubuntu1_arm64.deb ... 530s Unpacking sssd-krb5 (2.9.4-1ubuntu1) ... 530s Selecting previously unselected package sssd-ldap. 530s Preparing to unpack .../35-sssd-ldap_2.9.4-1ubuntu1_arm64.deb ... 530s Unpacking sssd-ldap (2.9.4-1ubuntu1) ... 530s Selecting previously unselected package sssd-proxy. 530s Preparing to unpack .../36-sssd-proxy_2.9.4-1ubuntu1_arm64.deb ... 530s Unpacking sssd-proxy (2.9.4-1ubuntu1) ... 530s Selecting previously unselected package sssd. 530s Preparing to unpack .../37-sssd_2.9.4-1ubuntu1_arm64.deb ... 530s Unpacking sssd (2.9.4-1ubuntu1) ... 530s Selecting previously unselected package sssd-dbus. 530s Preparing to unpack .../38-sssd-dbus_2.9.4-1ubuntu1_arm64.deb ... 530s Unpacking sssd-dbus (2.9.4-1ubuntu1) ... 530s Selecting previously unselected package libjose0:arm64. 530s Preparing to unpack .../39-libjose0_11-3_arm64.deb ... 530s Unpacking libjose0:arm64 (11-3) ... 530s Selecting previously unselected package libevent-2.1-7:arm64. 530s Preparing to unpack .../40-libevent-2.1-7_2.1.12-stable-9_arm64.deb ... 530s Unpacking libevent-2.1-7:arm64 (2.1.12-stable-9) ... 530s Selecting previously unselected package libverto-libevent1:arm64. 530s Preparing to unpack .../41-libverto-libevent1_0.3.1-1ubuntu5_arm64.deb ... 530s Unpacking libverto-libevent1:arm64 (0.3.1-1ubuntu5) ... 530s Selecting previously unselected package libverto1:arm64. 530s Preparing to unpack .../42-libverto1_0.3.1-1ubuntu5_arm64.deb ... 530s Unpacking libverto1:arm64 (0.3.1-1ubuntu5) ... 530s Selecting previously unselected package libkrad0:arm64. 530s Preparing to unpack .../43-libkrad0_1.20.1-5build1_arm64.deb ... 530s Unpacking libkrad0:arm64 (1.20.1-5build1) ... 530s Selecting previously unselected package sssd-idp. 530s Preparing to unpack .../44-sssd-idp_2.9.4-1ubuntu1_arm64.deb ... 530s Unpacking sssd-idp (2.9.4-1ubuntu1) ... 530s Selecting previously unselected package sssd-kcm. 530s Preparing to unpack .../45-sssd-kcm_2.9.4-1ubuntu1_arm64.deb ... 530s Unpacking sssd-kcm (2.9.4-1ubuntu1) ... 530s Selecting previously unselected package sssd-passkey. 530s Preparing to unpack .../46-sssd-passkey_2.9.4-1ubuntu1_arm64.deb ... 530s Unpacking sssd-passkey (2.9.4-1ubuntu1) ... 531s Selecting previously unselected package sssd-tools. 531s Preparing to unpack .../47-sssd-tools_2.9.4-1ubuntu1_arm64.deb ... 531s Unpacking sssd-tools (2.9.4-1ubuntu1) ... 531s Selecting previously unselected package libipa-hbac-dev. 531s Preparing to unpack .../48-libipa-hbac-dev_2.9.4-1ubuntu1_arm64.deb ... 531s Unpacking libipa-hbac-dev (2.9.4-1ubuntu1) ... 531s Selecting previously unselected package libsss-certmap-dev. 531s Preparing to unpack .../49-libsss-certmap-dev_2.9.4-1ubuntu1_arm64.deb ... 531s Unpacking libsss-certmap-dev (2.9.4-1ubuntu1) ... 531s Selecting previously unselected package libsss-idmap-dev. 531s Preparing to unpack .../50-libsss-idmap-dev_2.9.4-1ubuntu1_arm64.deb ... 531s Unpacking libsss-idmap-dev (2.9.4-1ubuntu1) ... 531s Selecting previously unselected package libsss-nss-idmap-dev. 531s Preparing to unpack .../51-libsss-nss-idmap-dev_2.9.4-1ubuntu1_arm64.deb ... 531s Unpacking libsss-nss-idmap-dev (2.9.4-1ubuntu1) ... 531s Selecting previously unselected package libnss-sudo. 531s Preparing to unpack .../52-libnss-sudo_1.9.15p5-3ubuntu1_all.deb ... 531s Unpacking libnss-sudo (1.9.15p5-3ubuntu1) ... 531s Selecting previously unselected package libsss-sudo. 531s Preparing to unpack .../53-libsss-sudo_2.9.4-1ubuntu1_arm64.deb ... 531s Unpacking libsss-sudo (2.9.4-1ubuntu1) ... 531s Selecting previously unselected package python3-libipa-hbac. 531s Preparing to unpack .../54-python3-libipa-hbac_2.9.4-1ubuntu1_arm64.deb ... 531s Unpacking python3-libipa-hbac (2.9.4-1ubuntu1) ... 531s Selecting previously unselected package python3-libsss-nss-idmap. 531s Preparing to unpack .../55-python3-libsss-nss-idmap_2.9.4-1ubuntu1_arm64.deb ... 531s Unpacking python3-libsss-nss-idmap (2.9.4-1ubuntu1) ... 531s Selecting previously unselected package libltdl7:arm64. 531s Preparing to unpack .../56-libltdl7_2.4.7-7_arm64.deb ... 531s Unpacking libltdl7:arm64 (2.4.7-7) ... 531s Selecting previously unselected package libodbc2:arm64. 531s Preparing to unpack .../57-libodbc2_2.3.12-1_arm64.deb ... 531s Unpacking libodbc2:arm64 (2.3.12-1) ... 531s Selecting previously unselected package slapd. 531s Preparing to unpack .../58-slapd_2.6.7+dfsg-1~exp1ubuntu1_arm64.deb ... 531s Unpacking slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 531s Selecting previously unselected package ldap-utils. 531s Preparing to unpack .../59-ldap-utils_2.6.7+dfsg-1~exp1ubuntu1_arm64.deb ... 531s Unpacking ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 531s Selecting previously unselected package libtcl8.6:arm64. 531s Preparing to unpack .../60-libtcl8.6_8.6.13+dfsg-2_arm64.deb ... 531s Unpacking libtcl8.6:arm64 (8.6.13+dfsg-2) ... 532s Selecting previously unselected package tcl8.6. 532s Preparing to unpack .../61-tcl8.6_8.6.13+dfsg-2_arm64.deb ... 532s Unpacking tcl8.6 (8.6.13+dfsg-2) ... 532s Selecting previously unselected package tcl-expect:arm64. 532s Preparing to unpack .../62-tcl-expect_5.45.4-2build1_arm64.deb ... 532s Unpacking tcl-expect:arm64 (5.45.4-2build1) ... 532s Selecting previously unselected package expect. 532s Preparing to unpack .../63-expect_5.45.4-2build1_arm64.deb ... 532s Unpacking expect (5.45.4-2build1) ... 532s Setting up libpwquality-common (1.4.5-3) ... 532s Setting up libpath-utils1:arm64 (0.6.2-2) ... 532s Setting up libnfsidmap1:arm64 (1:2.6.3-3ubuntu1) ... 532s Setting up libsss-idmap0 (2.9.4-1ubuntu1) ... 532s Setting up libbasicobjects0:arm64 (0.6.2-2) ... 532s Setting up libsss-idmap-dev (2.9.4-1ubuntu1) ... 532s Setting up libtdb1:arm64 (1.4.10-1) ... 532s Setting up libc-ares2:arm64 (1.27.0-1) ... 532s Setting up ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 532s Setting up libjose0:arm64 (11-3) ... 532s Setting up libwbclient0:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 532s Setting up libtalloc2:arm64 (2.4.2-1) ... 532s Setting up libdhash1:arm64 (0.6.2-2) ... 532s Setting up libtevent0:arm64 (0.16.1-1) ... 532s Setting up libavahi-common-data:arm64 (0.8-13ubuntu2) ... 532s Setting up libevent-2.1-7:arm64 (2.1.12-stable-9) ... 532s Setting up libtcl8.6:arm64 (8.6.13+dfsg-2) ... 532s Setting up libltdl7:arm64 (2.4.7-7) ... 532s Setting up libcrack2:arm64 (2.9.6-5.1) ... 532s Setting up libcollection4:arm64 (0.6.2-2) ... 532s Setting up libodbc2:arm64 (2.3.12-1) ... 532s Setting up libipa-hbac0 (2.9.4-1ubuntu1) ... 532s Setting up python3-libipa-hbac (2.9.4-1ubuntu1) ... 532s Setting up libref-array1:arm64 (0.6.2-2) ... 532s Setting up libnss-sudo (1.9.15p5-3ubuntu1) ... 532s Setting up libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 532s Setting up libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 532s Setting up libnss-sss:arm64 (2.9.4-1ubuntu1) ... 532s Setting up slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 533s Creating new user openldap... done. 533s Creating initial configuration... done. 533s Creating LDAP directory... done. 534s Setting up tcl8.6 (8.6.13+dfsg-2) ... 534s Setting up libsss-sudo (2.9.4-1ubuntu1) ... 534s Setting up libsss-nss-idmap-dev (2.9.4-1ubuntu1) ... 534s Setting up libipa-hbac-dev (2.9.4-1ubuntu1) ... 534s Setting up libini-config5:arm64 (0.6.2-2) ... 534s Setting up libavahi-common3:arm64 (0.8-13ubuntu2) ... 534s Setting up tcl-expect:arm64 (5.45.4-2build1) ... 534s Setting up python3-sss (2.9.4-1ubuntu1) ... 534s Setting up libsss-certmap0 (2.9.4-1ubuntu1) ... 534s Setting up libpwquality1:arm64 (1.4.5-3) ... 534s Setting up python3-libsss-nss-idmap (2.9.4-1ubuntu1) ... 534s Setting up libavahi-client3:arm64 (0.8-13ubuntu2) ... 534s Setting up expect (5.45.4-2build1) ... 534s Setting up libpam-pwquality:arm64 (1.4.5-3) ... 534s Setting up samba-libs:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 534s Setting up libsss-certmap-dev (2.9.4-1ubuntu1) ... 534s Setting up libsmbclient:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 534s Setting up libpam-sss:arm64 (2.9.4-1ubuntu1) ... 534s Setting up sssd-common (2.9.4-1ubuntu1) ... 534s Creating SSSD system user & group... 534s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 534s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 534s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 534s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 535s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 535s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 535s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 535s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 536s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 536s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 537s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 537s sssd-autofs.service is a disabled or a static unit, not starting it. 537s sssd-nss.service is a disabled or a static unit, not starting it. 537s sssd-pam.service is a disabled or a static unit, not starting it. 537s sssd-ssh.service is a disabled or a static unit, not starting it. 537s sssd-sudo.service is a disabled or a static unit, not starting it. 537s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 537s Setting up sssd-proxy (2.9.4-1ubuntu1) ... 537s Setting up sssd-kcm (2.9.4-1ubuntu1) ... 537s Created symlink /etc/systemd/system/sockets.target.wants/sssd-kcm.socket → /usr/lib/systemd/system/sssd-kcm.socket. 538s sssd-kcm.service is a disabled or a static unit, not starting it. 538s Setting up sssd-dbus (2.9.4-1ubuntu1) ... 539s sssd-ifp.service is a disabled or a static unit, not starting it. 539s Setting up sssd-ad-common (2.9.4-1ubuntu1) ... 539s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 541s sssd-pac.service is a disabled or a static unit, not starting it. 541s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 541s Setting up sssd-krb5-common (2.9.4-1ubuntu1) ... 541s Setting up sssd-krb5 (2.9.4-1ubuntu1) ... 541s Setting up sssd-ldap (2.9.4-1ubuntu1) ... 541s Setting up sssd-ad (2.9.4-1ubuntu1) ... 541s Setting up sssd-tools (2.9.4-1ubuntu1) ... 541s Setting up sssd-ipa (2.9.4-1ubuntu1) ... 541s Setting up sssd (2.9.4-1ubuntu1) ... 541s Setting up libverto-libevent1:arm64 (0.3.1-1ubuntu5) ... 541s Setting up libverto1:arm64 (0.3.1-1ubuntu5) ... 541s Setting up libkrad0:arm64 (1.20.1-5build1) ... 541s Setting up sssd-passkey (2.9.4-1ubuntu1) ... 541s Setting up sssd-idp (2.9.4-1ubuntu1) ... 541s Setting up autopkgtest-satdep (0) ... 541s Processing triggers for libc-bin (2.39-0ubuntu2) ... 541s Processing triggers for ufw (0.36.2-5) ... 542s Processing triggers for man-db (2.12.0-3) ... 543s Processing triggers for dbus (1.14.10-4ubuntu1) ... 555s (Reading database ... 75609 files and directories currently installed.) 555s Removing autopkgtest-satdep (0) ... 557s autopkgtest [22:13:07]: test ldap-user-group-ldap-auth: [----------------------- 557s + . debian/tests/util 557s + . debian/tests/common-tests 557s + mydomain=example.com 557s + myhostname=ldap.example.com 557s + mysuffix=dc=example,dc=com 557s + admin_dn=cn=admin,dc=example,dc=com 557s + admin_pw=secret 557s + ldap_user=testuser1 557s + ldap_user_pw=testuser1secret 557s + ldap_group=ldapusers 557s + adjust_hostname ldap.example.com 557s + local myhostname=ldap.example.com 557s + echo ldap.example.com 557s + hostname ldap.example.com 557s + grep -qE ldap.example.com /etc/hosts 557s + echo 127.0.1.10 ldap.example.com 557s + reconfigure_slapd 557s + debconf-set-selections 558s + rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb 558s + dpkg-reconfigure -fnoninteractive -pcritical slapd 558s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 558s Moving old database directory to /var/backups: 558s - directory unknown... done. 558s Creating initial configuration... done. 558s Creating LDAP directory... done. 559s + generate_certs ldap.example.com 559s + local cn=ldap.example.com 559s + local cert=/etc/ldap/server.pem 559s + local key=/etc/ldap/server.key 559s + local cnf=/etc/ldap/openssl.cnf 559s + cat 559s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 559s ...........................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 559s ............++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 559s ----- 559s + chmod 0640 /etc/ldap/server.key 559s + chgrp openldap /etc/ldap/server.key 559s + [ ! -f /etc/ldap/server.pem ] 559s + [ ! -f /etc/ldap/server.key ] 559s + enable_ldap_ssl 559s + cat 559s + cat 559s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 559s modifying entry "cn=config" 559s 559s + populate_ldap_rfc2307 559s + cat 559s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 559s adding new entry "ou=People,dc=example,dc=com" 559s 559s adding new entry "ou=Group,dc=example,dc=com" 559s 559s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 559s 559s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 559s 559s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 559s 559s + configure_sssd_ldap_rfc2307 559s + cat 559s + chmod 0600 /etc/sssd/sssd.conf 559s + systemctl restart sssd 559s + enable_pam_mkhomedir 559s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 559s + echo session optional pam_mkhomedir.so 559s + run_common_tests 559s + echo Assert local user databases do not have our LDAP test data 559s + check_local_user testuser1 559s Assert local user databases do not have our LDAP test data 559s + local local_user=testuser1 559s + grep -q ^testuser1 /etc/passwd 559s + check_local_group testuser1 559s + local local_group=testuser1 559s + grep -q ^testuser1 /etc/group 559s + check_local_group ldapusers 559s + local local_group=ldapusers 559s + grep -q ^ldapusers /etc/group 559s + echo The LDAP user is known to the system via getent 559s + check_getent_user testuser1 559s + local getent_user=testuser1 559s + local output 559s The LDAP user is known to the system via getent 559s + getent passwd testuser1 559s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 559s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 559s The LDAP user's private group is known to the system via getent 559s + echo The LDAP user's private group is known to the system via getent 559s + check_getent_group testuser1 559s + local getent_group=testuser1 559s + local output 559s + getent group testuser1 559s + output=testuser1:*:10001:testuser1 559s + [ -z testuser1:*:10001:testuser1 ] 559s + echo The LDAP group ldapusers is known to the system via getent 559s + check_getent_group ldapusers 559s + local getent_group=ldapusers 559s + local output 559s + getent group ldapusers 559s The LDAP group ldapusers is known to the system via getent 559s The id(1) command can resolve the group membership of the LDAP user 559s + output=ldapusers:*:10100:testuser1 559s + [ -z ldapusers:*:10100:testuser1 ] 559s + echo The id(1) command can resolve the group membership of the LDAP user 559s + id -Gn testuser1 559s + output=testuser1 ldapusers 559s + [ testuser1 ldapusers != testuser1 ldapusers ] 559s + echo The LDAP user can login on a terminal 559s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1secret 559s The LDAP user can login on a terminal 559s spawn login 559s ldap.example.com login: testuser1 559s Password: 559s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic aarch64) 559s 559s * Documentation: https://help.ubuntu.com 559s * Management: https://landscape.canonical.com 559s * Support: https://ubuntu.com/pro 559s 559s 559s The programs included with the Ubuntu system are free software; 559s the exact distribution terms for each program are described in the 559s individual files in /usr/share/doc/*/copyright. 559s 559s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 559s applicable law. 559s 559s 559s The programs included with the Ubuntu system are free software; 559s the exact distribution terms for each program are described in the 559s individual files in /usr/share/doc/*/copyright. 559s 559s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 559s applicable law. 559s 559s Creating directory '/home/testuser1'. 559s [?2004htestuser1@ldap:~$ id -un 559s [?2004l testuser1 560s [?2004htestuser1@ldap:~$ autopkgtest [22:13:10]: test ldap-user-group-ldap-auth: -----------------------] 560s autopkgtest [22:13:10]: test ldap-user-group-ldap-auth: - - - - - - - - - - results - - - - - - - - - - 560s ldap-user-group-ldap-auth PASS 560s autopkgtest [22:13:10]: test ldap-user-group-krb5-auth: preparing testbed 562s Reading package lists... 562s Building dependency tree... 562s Reading state information... 563s Correcting dependencies...Starting pkgProblemResolver with broken count: 0 563s Starting 2 pkgProblemResolver with broken count: 0 563s Done 563s Done 563s Starting pkgProblemResolver with broken count: 0 563s Starting 2 pkgProblemResolver with broken count: 0 563s Done 564s The following additional packages will be installed: 564s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4 564s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 564s Suggested packages: 564s krb5-kdc-ldap krb5-kpropd krb5-k5tls krb5-doc 564s The following NEW packages will be installed: 564s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4 564s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 564s 0 upgraded, 8 newly installed, 0 to remove and 0 not upgraded. 564s 1 not fully installed or removed. 564s Need to get 594 kB of archives. 564s After this operation, 2907 kB of additional disk space will be used. 564s Get:1 http://ftpmaster.internal/ubuntu noble/main arm64 libgssrpc4 arm64 1.20.1-5build1 [57.4 kB] 564s Get:2 http://ftpmaster.internal/ubuntu noble/main arm64 libkadm5clnt-mit12 arm64 1.20.1-5build1 [39.9 kB] 564s Get:3 http://ftpmaster.internal/ubuntu noble/main arm64 libkdb5-10 arm64 1.20.1-5build1 [39.8 kB] 565s Get:4 http://ftpmaster.internal/ubuntu noble/main arm64 libkadm5srv-mit12 arm64 1.20.1-5build1 [53.2 kB] 565s Get:5 http://ftpmaster.internal/ubuntu noble/universe arm64 krb5-user arm64 1.20.1-5build1 [108 kB] 565s Get:6 http://ftpmaster.internal/ubuntu noble/main arm64 krb5-config all 2.7 [22.0 kB] 565s Get:7 http://ftpmaster.internal/ubuntu noble/universe arm64 krb5-kdc arm64 1.20.1-5build1 [180 kB] 565s Get:8 http://ftpmaster.internal/ubuntu noble/universe arm64 krb5-admin-server arm64 1.20.1-5build1 [94.6 kB] 565s Preconfiguring packages ... 567s Fetched 594 kB in 1s (714 kB/s) 567s Selecting previously unselected package libgssrpc4:arm64. 567s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75609 files and directories currently installed.) 567s Preparing to unpack .../0-libgssrpc4_1.20.1-5build1_arm64.deb ... 567s Unpacking libgssrpc4:arm64 (1.20.1-5build1) ... 567s Selecting previously unselected package libkadm5clnt-mit12:arm64. 567s Preparing to unpack .../1-libkadm5clnt-mit12_1.20.1-5build1_arm64.deb ... 567s Unpacking libkadm5clnt-mit12:arm64 (1.20.1-5build1) ... 567s Selecting previously unselected package libkdb5-10:arm64. 567s Preparing to unpack .../2-libkdb5-10_1.20.1-5build1_arm64.deb ... 567s Unpacking libkdb5-10:arm64 (1.20.1-5build1) ... 567s Selecting previously unselected package libkadm5srv-mit12:arm64. 567s Preparing to unpack .../3-libkadm5srv-mit12_1.20.1-5build1_arm64.deb ... 567s Unpacking libkadm5srv-mit12:arm64 (1.20.1-5build1) ... 567s Selecting previously unselected package krb5-user. 568s Preparing to unpack .../4-krb5-user_1.20.1-5build1_arm64.deb ... 568s Unpacking krb5-user (1.20.1-5build1) ... 568s Selecting previously unselected package krb5-config. 568s Preparing to unpack .../5-krb5-config_2.7_all.deb ... 568s Unpacking krb5-config (2.7) ... 568s Selecting previously unselected package krb5-kdc. 568s Preparing to unpack .../6-krb5-kdc_1.20.1-5build1_arm64.deb ... 568s Unpacking krb5-kdc (1.20.1-5build1) ... 568s Selecting previously unselected package krb5-admin-server. 568s Preparing to unpack .../7-krb5-admin-server_1.20.1-5build1_arm64.deb ... 568s Unpacking krb5-admin-server (1.20.1-5build1) ... 568s Setting up libgssrpc4:arm64 (1.20.1-5build1) ... 568s Setting up krb5-config (2.7) ... 569s Setting up libkadm5clnt-mit12:arm64 (1.20.1-5build1) ... 569s Setting up libkdb5-10:arm64 (1.20.1-5build1) ... 569s Setting up libkadm5srv-mit12:arm64 (1.20.1-5build1) ... 569s Setting up krb5-user (1.20.1-5build1) ... 569s update-alternatives: using /usr/bin/kinit.mit to provide /usr/bin/kinit (kinit) in auto mode 569s update-alternatives: using /usr/bin/klist.mit to provide /usr/bin/klist (klist) in auto mode 569s update-alternatives: using /usr/bin/kswitch.mit to provide /usr/bin/kswitch (kswitch) in auto mode 569s update-alternatives: using /usr/bin/ksu.mit to provide /usr/bin/ksu (ksu) in auto mode 569s update-alternatives: using /usr/bin/kpasswd.mit to provide /usr/bin/kpasswd (kpasswd) in auto mode 569s update-alternatives: using /usr/bin/kdestroy.mit to provide /usr/bin/kdestroy (kdestroy) in auto mode 569s update-alternatives: using /usr/bin/kadmin.mit to provide /usr/bin/kadmin (kadmin) in auto mode 569s update-alternatives: using /usr/bin/ktutil.mit to provide /usr/bin/ktutil (ktutil) in auto mode 569s Setting up krb5-kdc (1.20.1-5build1) ... 569s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-kdc.service → /usr/lib/systemd/system/krb5-kdc.service. 570s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 570s Setting up krb5-admin-server (1.20.1-5build1) ... 570s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-admin-server.service → /usr/lib/systemd/system/krb5-admin-server.service. 571s Setting up autopkgtest-satdep (0) ... 571s Processing triggers for man-db (2.12.0-3) ... 571s Processing triggers for libc-bin (2.39-0ubuntu2) ... 580s (Reading database ... 75702 files and directories currently installed.) 580s Removing autopkgtest-satdep (0) ... 581s autopkgtest [22:13:31]: test ldap-user-group-krb5-auth: [----------------------- 581s + . debian/tests/util 581s + . debian/tests/common-tests 581s + mydomain=example.com 581s + myhostname=ldap.example.com 581s + mysuffix=dc=example,dc=com 581s + myrealm=EXAMPLE.COM 581s + admin_dn=cn=admin,dc=example,dc=com 581s + admin_pw=secret 581s + ldap_user=testuser1 581s + ldap_user_pw=testuser1secret 581s + kerberos_principal_pw=testuser1kerberos 581s + ldap_group=ldapusers 581s + adjust_hostname ldap.example.com 581s + local myhostname=ldap.example.com 581s + echo ldap.example.com 581s + hostname ldap.example.com 581s + grep -qE ldap.example.com /etc/hosts 581s + reconfigure_slapd 581s + debconf-set-selections 581s + rm -rf /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1 /var/backups/unknown-2.6.7+dfsg-1~exp1ubuntu1-20240312-221308.ldapdb 581s + dpkg-reconfigure -fnoninteractive -pcritical slapd 582s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 582s Moving old database directory to /var/backups: 582s - directory unknown... done. 582s Creating initial configuration... done. 582s Creating LDAP directory... done. 583s + generate_certs ldap.example.com 583s + local cn=ldap.example.com 583s + local cert=/etc/ldap/server.pem 583s + local key=/etc/ldap/server.key 583s + local cnf=/etc/ldap/openssl.cnf 583s + cat 583s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 583s ......................................................................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 583s ....................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 583s ----- 583s + chmod 0640 /etc/ldap/server.key 583s + chgrp openldap /etc/ldap/server.key 583s + [ ! -f /etc/ldap/server.pem ] 583s + [ ! -f /etc/ldap/server.key ] 583s + enable_ldap_ssl 583s + cat 583s + cat 583s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 583s modifying entry "cn=config" 583s 583s + populate_ldap_rfc2307 583s + cat 583s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 583s adding new entry "ou=People,dc=example,dc=com" 583s 583s adding new entry "ou=Group,dc=example,dc=com" 583s 583s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 583s 583s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 583s 583s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 583s 583s + create_realm EXAMPLE.COM ldap.example.com 583s + local realm_name=EXAMPLE.COM 583s + local kerberos_server=ldap.example.com 583s + rm -rf /var/lib/krb5kdc/* 583s + rm -rf /etc/krb5kdc/kdc.conf 583s + rm -f /etc/krb5.keytab 583s + cat 583s + cat 583s + echo # */admin * 583s + kdb5_util create -s -P secretpassword 583s Initializing database '/var/lib/krb5kdc/principal' for realm 'EXAMPLE.COM', 583s master key name 'K/M@EXAMPLE.COM' 583s + systemctl restart krb5-kdc.service krb5-admin-server.service 583s + create_krb_principal testuser1 testuser1kerberos 583s + local principal=testuser1 583s + local password=testuser1kerberos 583s + kadmin.local -q addprinc -pw testuser1kerberos testuser1 583s No policy specified for testuser1@EXAMPLE.COM; defaulting to no policy 583s Authenticating as principal root/admin@EXAMPLE.COM with password. 583s Principal "testuser1@EXAMPLE.COM" created. 583s + configure_sssd_ldap_rfc2307_krb5_auth 583s + cat 583s + chmod 0600 /etc/sssd/sssd.conf 583s + systemctl restart sssd 583s + enable_pam_mkhomedir 583s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 583s Assert local user databases do not have our LDAP test data 583s + run_common_tests 583s + echo Assert local user databases do not have our LDAP test data 583s + check_local_user testuser1 583s + local local_user=testuser1 583s + grep -q ^testuser1 /etc/passwd 583s + check_local_group testuser1 583s + local local_group=testuser1 583s + grep -q ^testuser1 /etc/group 583s + check_local_group ldapusers 583s + local local_group=ldapusers 583s + grep -q ^ldapusers /etc/group 583s The LDAP user is known to the system via getent 583s + echo The LDAP user is known to the system via getent 583s + check_getent_user testuser1 583s + local getent_user=testuser1 583s + local output 583s + getent passwd testuser1 583s The LDAP user's private group is known to the system via getent 583s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 583s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 583s + echo The LDAP user's private group is known to the system via getent 583s + check_getent_group testuser1 583s + local getent_group=testuser1 583s + local output 583s + getent group testuser1 583s The LDAP group ldapusers is known to the system via getent 583s + output=testuser1:*:10001:testuser1 583s + [ -z testuser1:*:10001:testuser1 ] 583s + echo The LDAP group ldapusers is known to the system via getent 583s + check_getent_group ldapusers 583s + local getent_group=ldapusers 583s + local output 583s + getent group ldapusers 583s The id(1) command can resolve the group membership of the LDAP user 583s + output=ldapusers:*:10100:testuser1 583s + [ -z ldapusers:*:10100:testuser1 ] 583s + echo The id(1) command can resolve the group membership of the LDAP user 583s + id -Gn testuser1 583s The Kerberos principal can login on a terminal 583s + output=testuser1 ldapusers 583s + [ testuser1 ldapusers != testuser1 ldapusers ] 583s + echo The Kerberos principal can login on a terminal 583s + kdestroy 583s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1kerberos testuser1@EXAMPLE.COM 583s spawn login 584s ldap.example.com login: testuser1 584s Password: 584s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic aarch64) 584s 584s * Documentation: https://help.ubuntu.com 584s * Management: https://landscape.canonical.com 584s * Support: https://ubuntu.com/pro 584s 584s 584s The programs included with the Ubuntu system are free software; 584s the exact distribution terms for each program are described in the 584s individual files in /usr/share/doc/*/copyright. 584s 584s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 584s applicable law. 584s 584s Last login: Tue Mar 12 22:13:09 UTC 2024 on pts/0 584s [?2004htestuser1@ldap:~$ id -un 584s [?2004l testuser1 584s [?2004htestuser1@ldap:~$ klist 584s [?2004l Ticket cache: FILE:/tmp/krb5cc_10001_Jod193 584s Default principal: testuser1@EXAMPLE.COM 584s 584s autopkgtest [22:13:34]: test ldap-user-group-krb5-auth: -----------------------] 585s autopkgtest [22:13:35]: test ldap-user-group-krb5-auth: - - - - - - - - - - results - - - - - - - - - - 585s ldap-user-group-krb5-auth PASS 585s autopkgtest [22:13:35]: test sssd-softhism2-certificates-tests.sh: preparing testbed 650s autopkgtest [22:14:40]: @@@@@@@@@@@@@@@@@@@@ test bed setup 650s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 650s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [4812 B] 650s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [2782 kB] 652s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [39.7 kB] 652s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [450 kB] 652s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 Packages [599 kB] 652s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 c-n-f Metadata [3144 B] 652s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted arm64 Packages [20.3 kB] 652s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted arm64 c-n-f Metadata [116 B] 652s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe arm64 Packages [3161 kB] 653s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe arm64 c-n-f Metadata [8528 B] 653s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse arm64 Packages [42.0 kB] 653s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse arm64 c-n-f Metadata [116 B] 654s Fetched 7227 kB in 4s (2051 kB/s) 655s Reading package lists... 657s Reading package lists... 657s Building dependency tree... 657s Reading state information... 657s Calculating upgrade... 658s The following packages will be REMOVED: 658s libext2fs2 658s The following NEW packages will be installed: 658s libext2fs2t64 658s The following packages will be upgraded: 658s e2fsprogs e2fsprogs-l10n firmware-sof-signed libcom-err2 libss2 logsave 658s 6 upgraded, 1 newly installed, 1 to remove and 0 not upgraded. 658s Need to get 4792 kB of archives. 658s After this operation, 12.3 kB of additional disk space will be used. 658s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 logsave arm64 1.47.0-2.4~exp1ubuntu2 [22.1 kB] 658s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 e2fsprogs-l10n all 1.47.0-2.4~exp1ubuntu2 [5996 B] 658s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libext2fs2t64 arm64 1.47.0-2.4~exp1ubuntu2 [225 kB] 658s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 e2fsprogs arm64 1.47.0-2.4~exp1ubuntu2 [594 kB] 659s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libcom-err2 arm64 1.47.0-2.4~exp1ubuntu2 [22.3 kB] 659s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libss2 arm64 1.47.0-2.4~exp1ubuntu2 [16.5 kB] 659s Get:7 http://ftpmaster.internal/ubuntu noble/main arm64 firmware-sof-signed all 2023.12.1-1ubuntu1 [3906 kB] 660s Fetched 4792 kB in 1s (3336 kB/s) 660s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74748 files and directories currently installed.) 660s Preparing to unpack .../logsave_1.47.0-2.4~exp1ubuntu2_arm64.deb ... 660s Unpacking logsave (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 660s Preparing to unpack .../e2fsprogs-l10n_1.47.0-2.4~exp1ubuntu2_all.deb ... 660s Unpacking e2fsprogs-l10n (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 660s dpkg: libext2fs2:arm64: dependency problems, but removing anyway as you requested: 660s libblockdev-fs3:arm64 depends on libext2fs2 (>= 1.42.11). 660s e2fsprogs depends on libext2fs2 (= 1.47.0-2ubuntu1). 660s btrfs-progs depends on libext2fs2 (>= 1.42). 660s 660s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74748 files and directories currently installed.) 660s Removing libext2fs2:arm64 (1.47.0-2ubuntu1) ... 660s Selecting previously unselected package libext2fs2t64:arm64. 660s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74741 files and directories currently installed.) 660s Preparing to unpack .../libext2fs2t64_1.47.0-2.4~exp1ubuntu2_arm64.deb ... 660s Adding 'diversion of /lib/aarch64-linux-gnu/libe2p.so.2 to /lib/aarch64-linux-gnu/libe2p.so.2.usr-is-merged by libext2fs2t64' 660s Adding 'diversion of /lib/aarch64-linux-gnu/libe2p.so.2.3 to /lib/aarch64-linux-gnu/libe2p.so.2.3.usr-is-merged by libext2fs2t64' 660s Adding 'diversion of /lib/aarch64-linux-gnu/libext2fs.so.2 to /lib/aarch64-linux-gnu/libext2fs.so.2.usr-is-merged by libext2fs2t64' 660s Adding 'diversion of /lib/aarch64-linux-gnu/libext2fs.so.2.4 to /lib/aarch64-linux-gnu/libext2fs.so.2.4.usr-is-merged by libext2fs2t64' 660s Unpacking libext2fs2t64:arm64 (1.47.0-2.4~exp1ubuntu2) ... 660s Setting up libext2fs2t64:arm64 (1.47.0-2.4~exp1ubuntu2) ... 660s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74757 files and directories currently installed.) 660s Preparing to unpack .../e2fsprogs_1.47.0-2.4~exp1ubuntu2_arm64.deb ... 660s Unpacking e2fsprogs (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 660s Preparing to unpack .../libcom-err2_1.47.0-2.4~exp1ubuntu2_arm64.deb ... 660s Unpacking libcom-err2:arm64 (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 661s Preparing to unpack .../libss2_1.47.0-2.4~exp1ubuntu2_arm64.deb ... 661s Unpacking libss2:arm64 (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 661s Preparing to unpack .../firmware-sof-signed_2023.12.1-1ubuntu1_all.deb ... 661s Unpacking firmware-sof-signed (2023.12.1-1ubuntu1) over (2.2.6-1ubuntu4) ... 661s Setting up firmware-sof-signed (2023.12.1-1ubuntu1) ... 661s Setting up libcom-err2:arm64 (1.47.0-2.4~exp1ubuntu2) ... 661s Setting up libss2:arm64 (1.47.0-2.4~exp1ubuntu2) ... 661s Setting up logsave (1.47.0-2.4~exp1ubuntu2) ... 661s Setting up e2fsprogs (1.47.0-2.4~exp1ubuntu2) ... 661s update-initramfs: deferring update (trigger activated) 661s e2scrub_all.service is a disabled or a static unit not running, not starting it. 661s Setting up e2fsprogs-l10n (1.47.0-2.4~exp1ubuntu2) ... 661s Processing triggers for man-db (2.12.0-3) ... 662s Processing triggers for libc-bin (2.39-0ubuntu2) ... 662s Processing triggers for initramfs-tools (0.142ubuntu20) ... 662s update-initramfs: Generating /boot/initrd.img-6.8.0-11-generic 662s W: No lz4 in /usr/bin:/sbin:/bin, using gzip 679s System running in EFI mode, skipping. 679s Reading package lists... 679s Building dependency tree... 679s Reading state information... 680s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 681s sh: Attempting to set up Debian/Ubuntu apt sources automatically 681s sh: Distribution appears to be Ubuntu 682s Reading package lists... 682s Building dependency tree... 682s Reading state information... 683s eatmydata is already the newest version (131-1). 683s dbus is already the newest version (1.14.10-4ubuntu1). 683s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 683s Reading package lists... 683s Building dependency tree... 683s Reading state information... 684s rng-tools-debian is already the newest version (2.4). 684s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 684s Reading package lists... 684s Building dependency tree... 684s Reading state information... 684s haveged is already the newest version (1.9.14-1ubuntu1). 684s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 685s Reading package lists... 685s Building dependency tree... 685s Reading state information... 685s The following packages will be REMOVED: 685s cloud-init* python3-configobj* python3-debconf* 686s 0 upgraded, 0 newly installed, 3 to remove and 0 not upgraded. 686s After this operation, 3248 kB disk space will be freed. 686s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74768 files and directories currently installed.) 686s Removing cloud-init (24.1-0ubuntu1) ... 686s Removing python3-configobj (5.0.8-3) ... 686s Removing python3-debconf (1.5.86) ... 686s Processing triggers for man-db (2.12.0-3) ... 687s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74379 files and directories currently installed.) 687s Purging configuration files for cloud-init (24.1-0ubuntu1) ... 687s dpkg: warning: while removing cloud-init, directory '/etc/cloud/cloud.cfg.d' not empty so not removed 687s Processing triggers for rsyslog (8.2312.0-3ubuntu3) ... 688s Reading package lists... 688s Building dependency tree... 688s Reading state information... 688s linux-generic is already the newest version (6.8.0-11.11+1). 688s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 689s Hit:1 http://ftpmaster.internal/ubuntu noble InRelease 689s Hit:2 http://ftpmaster.internal/ubuntu noble-updates InRelease 689s Hit:3 http://ftpmaster.internal/ubuntu noble-security InRelease 689s Hit:4 http://ftpmaster.internal/ubuntu noble-proposed InRelease 690s Reading package lists... 690s Reading package lists... 690s Building dependency tree... 690s Reading state information... 691s Calculating upgrade... 691s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 691s Reading package lists... 692s Building dependency tree... 692s Reading state information... 692s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 692s autopkgtest [22:15:22]: rebooting testbed after setup commands that affected boot 718s autopkgtest [22:15:48]: testbed dpkg architecture: arm64 722s Reading package lists... 723s Building dependency tree... 723s Reading state information... 723s Correcting dependencies...Starting pkgProblemResolver with broken count: 0 723s Starting 2 pkgProblemResolver with broken count: 0 723s Done 723s Done 724s Starting pkgProblemResolver with broken count: 0 724s Starting 2 pkgProblemResolver with broken count: 0 724s Done 724s The following additional packages will be installed: 724s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 724s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 724s libevent-2.1-7 libgnutls-dane0 libini-config5 libipa-hbac0 libldb2 724s libnfsidmap1 libnss-sss libpam-pwquality libpam-sss libpath-utils1 724s libpwquality-common libpwquality1 libref-array1 libsmbclient libsofthsm2 724s libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 724s libtevent0 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 724s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 724s sssd-krb5-common sssd-ldap sssd-proxy 724s Suggested packages: 724s dns-root-data adcli libsss-sudo sssd-tools libsasl2-modules-ldap 724s Recommended packages: 724s cracklib-runtime libsasl2-modules-gssapi-mit 724s | libsasl2-modules-gssapi-heimdal ldap-utils 724s The following NEW packages will be installed: 724s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 724s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 724s libevent-2.1-7 libgnutls-dane0 libini-config5 libipa-hbac0 libldb2 724s libnfsidmap1 libnss-sss libpam-pwquality libpam-sss libpath-utils1 724s libpwquality-common libpwquality1 libref-array1 libsmbclient libsofthsm2 724s libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 724s libtevent0 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 724s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 724s sssd-krb5-common sssd-ldap sssd-proxy 725s 0 upgraded, 45 newly installed, 0 to remove and 0 not upgraded. 725s 1 not fully installed or removed. 725s Need to get 10.1 MB of archives. 725s After this operation, 48.6 MB of additional disk space will be used. 725s Get:1 http://ftpmaster.internal/ubuntu noble/main arm64 libevent-2.1-7 arm64 2.1.12-stable-9 [138 kB] 725s Get:2 http://ftpmaster.internal/ubuntu noble/main arm64 libunbound8 arm64 1.19.1-1ubuntu1 [423 kB] 725s Get:3 http://ftpmaster.internal/ubuntu noble/main arm64 libgnutls-dane0 arm64 3.8.3-1ubuntu1 [23.3 kB] 725s Get:4 http://ftpmaster.internal/ubuntu noble/universe arm64 gnutls-bin arm64 3.8.3-1ubuntu1 [267 kB] 725s Get:5 http://ftpmaster.internal/ubuntu noble/universe arm64 softhsm2-common arm64 2.6.1-2.2 [5806 B] 725s Get:6 http://ftpmaster.internal/ubuntu noble/universe arm64 libsofthsm2 arm64 2.6.1-2.2 [246 kB] 725s Get:7 http://ftpmaster.internal/ubuntu noble/universe arm64 softhsm2 arm64 2.6.1-2.2 [167 kB] 725s Get:8 http://ftpmaster.internal/ubuntu noble/main arm64 libtalloc2 arm64 2.4.2-1 [26.6 kB] 725s Get:9 http://ftpmaster.internal/ubuntu noble/main arm64 libtdb1 arm64 1.4.10-1 [48.4 kB] 725s Get:10 http://ftpmaster.internal/ubuntu noble/main arm64 libtevent0 arm64 0.16.1-1 [41.8 kB] 725s Get:11 http://ftpmaster.internal/ubuntu noble/main arm64 libldb2 arm64 2:2.8.0+samba4.19.5+dfsg-1ubuntu1 [187 kB] 725s Get:12 http://ftpmaster.internal/ubuntu noble/main arm64 python3-sss arm64 2.9.4-1ubuntu1 [46.5 kB] 725s Get:13 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-idmap0 arm64 2.9.4-1ubuntu1 [21.8 kB] 725s Get:14 http://ftpmaster.internal/ubuntu noble/main arm64 libnss-sss arm64 2.9.4-1ubuntu1 [31.7 kB] 725s Get:15 http://ftpmaster.internal/ubuntu noble/main arm64 libcrack2 arm64 2.9.6-5.1 [28.7 kB] 725s Get:16 http://ftpmaster.internal/ubuntu noble/main arm64 libpwquality-common all 1.4.5-3 [7658 B] 725s Get:17 http://ftpmaster.internal/ubuntu noble/main arm64 libpwquality1 arm64 1.4.5-3 [13.2 kB] 725s Get:18 http://ftpmaster.internal/ubuntu noble/main arm64 libpam-pwquality arm64 1.4.5-3 [11.6 kB] 725s Get:19 http://ftpmaster.internal/ubuntu noble/main arm64 libpam-sss arm64 2.9.4-1ubuntu1 [48.8 kB] 725s Get:20 http://ftpmaster.internal/ubuntu noble/main arm64 libc-ares2 arm64 1.27.0-1 [74.1 kB] 725s Get:21 http://ftpmaster.internal/ubuntu noble/main arm64 libdhash1 arm64 0.6.2-2 [8540 B] 725s Get:22 http://ftpmaster.internal/ubuntu noble/main arm64 libbasicobjects0 arm64 0.6.2-2 [5586 B] 725s Get:23 http://ftpmaster.internal/ubuntu noble/main arm64 libcollection4 arm64 0.6.2-2 [23.0 kB] 725s Get:24 http://ftpmaster.internal/ubuntu noble/main arm64 libpath-utils1 arm64 0.6.2-2 [8722 B] 725s Get:25 http://ftpmaster.internal/ubuntu noble/main arm64 libref-array1 arm64 0.6.2-2 [7042 B] 725s Get:26 http://ftpmaster.internal/ubuntu noble/main arm64 libini-config5 arm64 0.6.2-2 [43.7 kB] 725s Get:27 http://ftpmaster.internal/ubuntu noble/main arm64 libnfsidmap1 arm64 1:2.6.3-3ubuntu1 [47.1 kB] 726s Get:28 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-certmap0 arm64 2.9.4-1ubuntu1 [45.8 kB] 726s Get:29 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-nss-idmap0 arm64 2.9.4-1ubuntu1 [30.3 kB] 726s Get:30 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-common arm64 2.9.4-1ubuntu1 [1147 kB] 726s Get:31 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-common-data arm64 0.8-13ubuntu2 [29.5 kB] 726s Get:32 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-common3 arm64 0.8-13ubuntu2 [23.2 kB] 726s Get:33 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-client3 arm64 0.8-13ubuntu2 [27.3 kB] 726s Get:34 http://ftpmaster.internal/ubuntu noble/main arm64 libwbclient0 arm64 2:4.19.5+dfsg-1ubuntu1 [70.6 kB] 726s Get:35 http://ftpmaster.internal/ubuntu noble/main arm64 samba-libs arm64 2:4.19.5+dfsg-1ubuntu1 [6061 kB] 727s Get:36 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ad-common arm64 2.9.4-1ubuntu1 [75.4 kB] 727s Get:37 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-krb5-common arm64 2.9.4-1ubuntu1 [87.9 kB] 727s Get:38 http://ftpmaster.internal/ubuntu noble/main arm64 libsmbclient arm64 2:4.19.5+dfsg-1ubuntu1 [62.2 kB] 727s Get:39 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ad arm64 2.9.4-1ubuntu1 [134 kB] 727s Get:40 http://ftpmaster.internal/ubuntu noble/main arm64 libipa-hbac0 arm64 2.9.4-1ubuntu1 [16.7 kB] 727s Get:41 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ipa arm64 2.9.4-1ubuntu1 [220 kB] 727s Get:42 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-krb5 arm64 2.9.4-1ubuntu1 [14.3 kB] 727s Get:43 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ldap arm64 2.9.4-1ubuntu1 [31.3 kB] 727s Get:44 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-proxy arm64 2.9.4-1ubuntu1 [44.6 kB] 727s Get:45 http://ftpmaster.internal/ubuntu noble/main arm64 sssd arm64 2.9.4-1ubuntu1 [4120 B] 727s Fetched 10.1 MB in 2s (4744 kB/s) 727s Selecting previously unselected package libevent-2.1-7:arm64. 728s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74324 files and directories currently installed.) 728s Preparing to unpack .../00-libevent-2.1-7_2.1.12-stable-9_arm64.deb ... 728s Unpacking libevent-2.1-7:arm64 (2.1.12-stable-9) ... 728s Selecting previously unselected package libunbound8:arm64. 728s Preparing to unpack .../01-libunbound8_1.19.1-1ubuntu1_arm64.deb ... 728s Unpacking libunbound8:arm64 (1.19.1-1ubuntu1) ... 728s Selecting previously unselected package libgnutls-dane0:arm64. 728s Preparing to unpack .../02-libgnutls-dane0_3.8.3-1ubuntu1_arm64.deb ... 728s Unpacking libgnutls-dane0:arm64 (3.8.3-1ubuntu1) ... 728s Selecting previously unselected package gnutls-bin. 728s Preparing to unpack .../03-gnutls-bin_3.8.3-1ubuntu1_arm64.deb ... 728s Unpacking gnutls-bin (3.8.3-1ubuntu1) ... 728s Selecting previously unselected package softhsm2-common. 728s Preparing to unpack .../04-softhsm2-common_2.6.1-2.2_arm64.deb ... 728s Unpacking softhsm2-common (2.6.1-2.2) ... 728s Selecting previously unselected package libsofthsm2. 728s Preparing to unpack .../05-libsofthsm2_2.6.1-2.2_arm64.deb ... 728s Unpacking libsofthsm2 (2.6.1-2.2) ... 728s Selecting previously unselected package softhsm2. 728s Preparing to unpack .../06-softhsm2_2.6.1-2.2_arm64.deb ... 728s Unpacking softhsm2 (2.6.1-2.2) ... 728s Selecting previously unselected package libtalloc2:arm64. 728s Preparing to unpack .../07-libtalloc2_2.4.2-1_arm64.deb ... 728s Unpacking libtalloc2:arm64 (2.4.2-1) ... 728s Selecting previously unselected package libtdb1:arm64. 728s Preparing to unpack .../08-libtdb1_1.4.10-1_arm64.deb ... 728s Unpacking libtdb1:arm64 (1.4.10-1) ... 728s Selecting previously unselected package libtevent0:arm64. 728s Preparing to unpack .../09-libtevent0_0.16.1-1_arm64.deb ... 728s Unpacking libtevent0:arm64 (0.16.1-1) ... 728s Selecting previously unselected package libldb2:arm64. 728s Preparing to unpack .../10-libldb2_2%3a2.8.0+samba4.19.5+dfsg-1ubuntu1_arm64.deb ... 728s Unpacking libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 728s Selecting previously unselected package python3-sss. 728s Preparing to unpack .../11-python3-sss_2.9.4-1ubuntu1_arm64.deb ... 728s Unpacking python3-sss (2.9.4-1ubuntu1) ... 729s Selecting previously unselected package libsss-idmap0. 729s Preparing to unpack .../12-libsss-idmap0_2.9.4-1ubuntu1_arm64.deb ... 729s Unpacking libsss-idmap0 (2.9.4-1ubuntu1) ... 729s Selecting previously unselected package libnss-sss:arm64. 729s Preparing to unpack .../13-libnss-sss_2.9.4-1ubuntu1_arm64.deb ... 729s Unpacking libnss-sss:arm64 (2.9.4-1ubuntu1) ... 729s Selecting previously unselected package libcrack2:arm64. 729s Preparing to unpack .../14-libcrack2_2.9.6-5.1_arm64.deb ... 729s Unpacking libcrack2:arm64 (2.9.6-5.1) ... 729s Selecting previously unselected package libpwquality-common. 729s Preparing to unpack .../15-libpwquality-common_1.4.5-3_all.deb ... 729s Unpacking libpwquality-common (1.4.5-3) ... 729s Selecting previously unselected package libpwquality1:arm64. 729s Preparing to unpack .../16-libpwquality1_1.4.5-3_arm64.deb ... 729s Unpacking libpwquality1:arm64 (1.4.5-3) ... 729s Selecting previously unselected package libpam-pwquality:arm64. 729s Preparing to unpack .../17-libpam-pwquality_1.4.5-3_arm64.deb ... 729s Unpacking libpam-pwquality:arm64 (1.4.5-3) ... 729s Selecting previously unselected package libpam-sss:arm64. 729s Preparing to unpack .../18-libpam-sss_2.9.4-1ubuntu1_arm64.deb ... 729s Unpacking libpam-sss:arm64 (2.9.4-1ubuntu1) ... 729s Selecting previously unselected package libc-ares2:arm64. 729s Preparing to unpack .../19-libc-ares2_1.27.0-1_arm64.deb ... 729s Unpacking libc-ares2:arm64 (1.27.0-1) ... 729s Selecting previously unselected package libdhash1:arm64. 729s Preparing to unpack .../20-libdhash1_0.6.2-2_arm64.deb ... 729s Unpacking libdhash1:arm64 (0.6.2-2) ... 729s Selecting previously unselected package libbasicobjects0:arm64. 729s Preparing to unpack .../21-libbasicobjects0_0.6.2-2_arm64.deb ... 729s Unpacking libbasicobjects0:arm64 (0.6.2-2) ... 729s Selecting previously unselected package libcollection4:arm64. 729s Preparing to unpack .../22-libcollection4_0.6.2-2_arm64.deb ... 729s Unpacking libcollection4:arm64 (0.6.2-2) ... 729s Selecting previously unselected package libpath-utils1:arm64. 729s Preparing to unpack .../23-libpath-utils1_0.6.2-2_arm64.deb ... 729s Unpacking libpath-utils1:arm64 (0.6.2-2) ... 729s Selecting previously unselected package libref-array1:arm64. 729s Preparing to unpack .../24-libref-array1_0.6.2-2_arm64.deb ... 729s Unpacking libref-array1:arm64 (0.6.2-2) ... 729s Selecting previously unselected package libini-config5:arm64. 730s Preparing to unpack .../25-libini-config5_0.6.2-2_arm64.deb ... 730s Unpacking libini-config5:arm64 (0.6.2-2) ... 730s Selecting previously unselected package libnfsidmap1:arm64. 730s Preparing to unpack .../26-libnfsidmap1_1%3a2.6.3-3ubuntu1_arm64.deb ... 730s Unpacking libnfsidmap1:arm64 (1:2.6.3-3ubuntu1) ... 730s Selecting previously unselected package libsss-certmap0. 730s Preparing to unpack .../27-libsss-certmap0_2.9.4-1ubuntu1_arm64.deb ... 730s Unpacking libsss-certmap0 (2.9.4-1ubuntu1) ... 730s Selecting previously unselected package libsss-nss-idmap0. 730s Preparing to unpack .../28-libsss-nss-idmap0_2.9.4-1ubuntu1_arm64.deb ... 730s Unpacking libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 730s Selecting previously unselected package sssd-common. 730s Preparing to unpack .../29-sssd-common_2.9.4-1ubuntu1_arm64.deb ... 730s Unpacking sssd-common (2.9.4-1ubuntu1) ... 730s Selecting previously unselected package libavahi-common-data:arm64. 730s Preparing to unpack .../30-libavahi-common-data_0.8-13ubuntu2_arm64.deb ... 730s Unpacking libavahi-common-data:arm64 (0.8-13ubuntu2) ... 730s Selecting previously unselected package libavahi-common3:arm64. 730s Preparing to unpack .../31-libavahi-common3_0.8-13ubuntu2_arm64.deb ... 730s Unpacking libavahi-common3:arm64 (0.8-13ubuntu2) ... 730s Selecting previously unselected package libavahi-client3:arm64. 730s Preparing to unpack .../32-libavahi-client3_0.8-13ubuntu2_arm64.deb ... 730s Unpacking libavahi-client3:arm64 (0.8-13ubuntu2) ... 730s Selecting previously unselected package libwbclient0:arm64. 730s Preparing to unpack .../33-libwbclient0_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 730s Unpacking libwbclient0:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 730s Selecting previously unselected package samba-libs:arm64. 730s Preparing to unpack .../34-samba-libs_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 730s Unpacking samba-libs:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 731s Selecting previously unselected package sssd-ad-common. 731s Preparing to unpack .../35-sssd-ad-common_2.9.4-1ubuntu1_arm64.deb ... 731s Unpacking sssd-ad-common (2.9.4-1ubuntu1) ... 731s Selecting previously unselected package sssd-krb5-common. 731s Preparing to unpack .../36-sssd-krb5-common_2.9.4-1ubuntu1_arm64.deb ... 731s Unpacking sssd-krb5-common (2.9.4-1ubuntu1) ... 731s Selecting previously unselected package libsmbclient:arm64. 731s Preparing to unpack .../37-libsmbclient_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 731s Unpacking libsmbclient:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 731s Selecting previously unselected package sssd-ad. 731s Preparing to unpack .../38-sssd-ad_2.9.4-1ubuntu1_arm64.deb ... 731s Unpacking sssd-ad (2.9.4-1ubuntu1) ... 731s Selecting previously unselected package libipa-hbac0. 731s Preparing to unpack .../39-libipa-hbac0_2.9.4-1ubuntu1_arm64.deb ... 731s Unpacking libipa-hbac0 (2.9.4-1ubuntu1) ... 731s Selecting previously unselected package sssd-ipa. 731s Preparing to unpack .../40-sssd-ipa_2.9.4-1ubuntu1_arm64.deb ... 731s Unpacking sssd-ipa (2.9.4-1ubuntu1) ... 731s Selecting previously unselected package sssd-krb5. 731s Preparing to unpack .../41-sssd-krb5_2.9.4-1ubuntu1_arm64.deb ... 731s Unpacking sssd-krb5 (2.9.4-1ubuntu1) ... 731s Selecting previously unselected package sssd-ldap. 731s Preparing to unpack .../42-sssd-ldap_2.9.4-1ubuntu1_arm64.deb ... 731s Unpacking sssd-ldap (2.9.4-1ubuntu1) ... 731s Selecting previously unselected package sssd-proxy. 731s Preparing to unpack .../43-sssd-proxy_2.9.4-1ubuntu1_arm64.deb ... 731s Unpacking sssd-proxy (2.9.4-1ubuntu1) ... 731s Selecting previously unselected package sssd. 731s Preparing to unpack .../44-sssd_2.9.4-1ubuntu1_arm64.deb ... 731s Unpacking sssd (2.9.4-1ubuntu1) ... 731s Setting up libpwquality-common (1.4.5-3) ... 731s Setting up libpath-utils1:arm64 (0.6.2-2) ... 731s Setting up softhsm2-common (2.6.1-2.2) ... 731s 731s Creating config file /etc/softhsm/softhsm2.conf with new version 732s Setting up libnfsidmap1:arm64 (1:2.6.3-3ubuntu1) ... 732s Setting up libsss-idmap0 (2.9.4-1ubuntu1) ... 732s Setting up libbasicobjects0:arm64 (0.6.2-2) ... 732s Setting up libtdb1:arm64 (1.4.10-1) ... 732s Setting up libc-ares2:arm64 (1.27.0-1) ... 732s Setting up libwbclient0:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 732s Setting up libtalloc2:arm64 (2.4.2-1) ... 732s Setting up libdhash1:arm64 (0.6.2-2) ... 732s Setting up libtevent0:arm64 (0.16.1-1) ... 732s Setting up libavahi-common-data:arm64 (0.8-13ubuntu2) ... 732s Setting up libevent-2.1-7:arm64 (2.1.12-stable-9) ... 732s Setting up libcrack2:arm64 (2.9.6-5.1) ... 732s Setting up libcollection4:arm64 (0.6.2-2) ... 732s Setting up libipa-hbac0 (2.9.4-1ubuntu1) ... 732s Setting up libref-array1:arm64 (0.6.2-2) ... 732s Setting up libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 732s Setting up libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 732s Setting up libnss-sss:arm64 (2.9.4-1ubuntu1) ... 732s Setting up libsofthsm2 (2.6.1-2.2) ... 732s Setting up softhsm2 (2.6.1-2.2) ... 732s Setting up libini-config5:arm64 (0.6.2-2) ... 732s Setting up libavahi-common3:arm64 (0.8-13ubuntu2) ... 732s Setting up python3-sss (2.9.4-1ubuntu1) ... 732s Setting up libsss-certmap0 (2.9.4-1ubuntu1) ... 732s Setting up libunbound8:arm64 (1.19.1-1ubuntu1) ... 732s Setting up libpwquality1:arm64 (1.4.5-3) ... 732s Setting up libavahi-client3:arm64 (0.8-13ubuntu2) ... 732s Setting up libgnutls-dane0:arm64 (3.8.3-1ubuntu1) ... 732s Setting up libpam-pwquality:arm64 (1.4.5-3) ... 732s Setting up samba-libs:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 732s Setting up libsmbclient:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 732s Setting up libpam-sss:arm64 (2.9.4-1ubuntu1) ... 732s Setting up gnutls-bin (3.8.3-1ubuntu1) ... 732s Setting up sssd-common (2.9.4-1ubuntu1) ... 732s Creating SSSD system user & group... 733s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 733s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 733s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 733s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 733s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 734s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 734s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 734s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 734s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 735s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 735s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 735s sssd-autofs.service is a disabled or a static unit, not starting it. 735s sssd-nss.service is a disabled or a static unit, not starting it. 736s sssd-pam.service is a disabled or a static unit, not starting it. 736s sssd-ssh.service is a disabled or a static unit, not starting it. 736s sssd-sudo.service is a disabled or a static unit, not starting it. 736s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 736s Setting up sssd-proxy (2.9.4-1ubuntu1) ... 736s Setting up sssd-ad-common (2.9.4-1ubuntu1) ... 736s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 737s sssd-pac.service is a disabled or a static unit, not starting it. 737s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 737s Setting up sssd-krb5-common (2.9.4-1ubuntu1) ... 737s Setting up sssd-krb5 (2.9.4-1ubuntu1) ... 737s Setting up sssd-ldap (2.9.4-1ubuntu1) ... 737s Setting up sssd-ad (2.9.4-1ubuntu1) ... 737s Setting up sssd-ipa (2.9.4-1ubuntu1) ... 737s Setting up sssd (2.9.4-1ubuntu1) ... 737s Setting up autopkgtest-satdep (0) ... 737s Processing triggers for man-db (2.12.0-3) ... 738s Processing triggers for libc-bin (2.39-0ubuntu2) ... 744s (Reading database ... 74912 files and directories currently installed.) 744s Removing autopkgtest-satdep (0) ... 748s autopkgtest [22:16:18]: test sssd-softhism2-certificates-tests.sh: [----------------------- 748s + '[' -z ubuntu ']' 748s + required_tools=(p11tool openssl softhsm2-util) 748s + for cmd in "${required_tools[@]}" 748s + command -v p11tool 748s + for cmd in "${required_tools[@]}" 748s + command -v openssl 748s + for cmd in "${required_tools[@]}" 748s + command -v softhsm2-util 748s + PIN=053350 748s +++ find /usr/lib/softhsm/libsofthsm2.so 748s +++ head -n 1 749s ++ realpath /usr/lib/softhsm/libsofthsm2.so 749s + SOFTHSM2_MODULE=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 749s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 749s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 749s + '[' '!' -v NO_SSSD_TESTS ']' 749s + '[' '!' -x /usr/libexec/sssd/p11_child ']' 749s + ca_db_arg=ca_db 749s ++ /usr/libexec/sssd/p11_child --help 749s + p11_child_help='Usage: p11_child [OPTION...] 749s -d, --debug-level=INT Debug level 749s --debug-timestamps=INT Add debug timestamps 749s --debug-microseconds=INT Show timestamps with microseconds 749s --dumpable=INT Allow core dumps 749s --debug-fd=INT An open file descriptor for the debug 749s logs 749s --logger=stderr|files|journald Set logger 749s --auth Run in auth mode 749s --pre Run in pre-auth mode 749s --wait_for_card Wait until card is available 749s --verification Run in verification mode 749s --pin Expect PIN on stdin 749s --keypad Expect PIN on keypad 749s --verify=STRING Tune validation 749s --ca_db=STRING CA DB to use 749s --module_name=STRING Module name for authentication 749s --token_name=STRING Token name for authentication 749s --key_id=STRING Key ID for authentication 749s --label=STRING Label for authentication 749s --certificate=STRING certificate to verify, base64 encoded 749s --uri=STRING PKCS#11 URI to restrict selection 749s --chain-id=LONG Tevent chain ID used for logging 749s purposes 749s 749s Help options: 749s -?, --help Show this help message 749s --usage Display brief usage message' 749s + echo 'Usage: p11_child [OPTION...] 749s -d, --debug-level=INT Debug level 749s --debug-timestamps=INT Add debug timestamps 749s --debug-microseconds=INT Show timestamps with microseconds 749s --dumpable=INT Allow core dumps 749s --debug-fd=INT An open file descriptor for the debug 749s logs 749s --logger=stderr|files|journald Set logger 749s --auth Run in auth mode 749s --pre Run in pre-auth mode 749s --wait_for_card Wait until card is available 749s --verification Run in verification mode 749s --pin Expect PIN on stdin 749s --keypad Expect PIN on keypad 749s --verify=STRING Tune validation 749s --ca_db=STRING CA DB to use 749s --module_name=STRING Module name for authentication 749s --token_name=STRING Token name for authentication 749s --key_id=STRING Key ID for authentication 749s --label=STRING Label for authentication 749s --certificate=STRING certificate to verify, base64 encoded 749s --uri=STRING PKCS#11 URI to restrict selection 749s --chain-id=LONG Tevent chain ID used for logging 749s purposes 749s 749s Help options: 749s -?, --help Show this help message 749s --usage Display brief usage message' 749s + grep nssdb -qs 749s + echo 'Usage: p11_child [OPTION...] 749s -d, --debug-level=INT Debug level 749s --debug-timestamps=INT Add debug timestamps 749s --debug-microseconds=INT Show timestamps with microseconds 749s --dumpable=INT Allow core dumps 749s --debug-fd=INT An open file descriptor for the debug 749s logs 749s --logger=stderr|files|journald Set logger 749s --auth Run in auth mode 749s --pre Run in pre-auth mode 749s --wait_for_card Wait until card is available 749s --verification Run in verification mode 749s --pin Expect PIN on stdin 749s --keypad Expect PIN on keypad 749s --verify=STRING Tune validation 749s --ca_db=STRING CA DB to use 749s --module_name=STRING Module name for authentication 749s --token_name=STRING Token name for authentication 749s --key_id=STRING Key ID for authentication 749s --label=STRING Label for authentication 749s --certificate=STRING certificate to verify, base64 encoded 749s --uri=STRING PKCS#11 URI to restrict selection 749s --chain-id=LONG Tevent chain ID used for logging 749s purposes 749s 749s Help options: 749s -?, --help Show this help message 749s --usage Display brief usage message' 749s + grep -qs -- --ca_db 749s + '[' '!' -e /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so ']' 749s ++ mktemp -d -t sssd-softhsm2-XXXXXX 749s + tmpdir=/tmp/sssd-softhsm2-kWVoB5 749s + keys_size=1024 749s + [[ ! -v KEEP_TEMPORARY_FILES ]] 749s + trap 'rm -rf "$tmpdir"' EXIT 749s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 749s + echo -n 01 749s + touch /tmp/sssd-softhsm2-kWVoB5/index.txt 749s + mkdir -p /tmp/sssd-softhsm2-kWVoB5/new_certs 749s + cat 749s + root_ca_key_pass=pass:random-root-CA-password-535 749s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-kWVoB5/test-root-CA-key.pem -passout pass:random-root-CA-password-535 1024 749s + openssl req -passin pass:random-root-CA-password-535 -batch -config /tmp/sssd-softhsm2-kWVoB5/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-kWVoB5/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 749s + openssl x509 -noout -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 749s + cat 749s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-15212 749s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-15212 1024 749s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-15212 -config /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.config -key /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-535 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-certificate-request.pem 749s + openssl req -text -noout -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-certificate-request.pem 749s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-kWVoB5/test-root-CA.config -passin pass:random-root-CA-password-535 -keyfile /tmp/sssd-softhsm2-kWVoB5/test-root-CA-key.pem -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem 749s Using configuration from /tmp/sssd-softhsm2-kWVoB5/test-root-CA.config 749s Check that the request matches the signature 749s Signature ok 749s Certificate Details: 749s Serial Number: 1 (0x1) 749s Validity 749s Not Before: Mar 12 22:16:19 2024 GMT 749s Not After : Mar 12 22:16:19 2025 GMT 749s Subject: 749s organizationName = Test Organization 749s organizationalUnitName = Test Organization Unit 749s commonName = Test Organization Intermediate CA 749s X509v3 extensions: 749s X509v3 Subject Key Identifier: 749s C0:33:F3:F0:D8:62:D1:C5:4C:E3:8E:F6:EA:40:5A:4D:D9:9F:91:88 749s X509v3 Authority Key Identifier: 749s keyid:5A:4B:6F:72:07:5B:81:7A:AF:01:E9:8A:E9:57:C8:97:A3:C8:83:97 749s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 749s serial:00 749s X509v3 Basic Constraints: 749s CA:TRUE 749s X509v3 Key Usage: critical 749s Digital Signature, Certificate Sign, CRL Sign 749s Certificate is to be certified until Mar 12 22:16:19 2025 GMT (365 days) 749s 749s Write out database with 1 new entries 749s Database updated 749s Certificate Request: 749s Data: 749s Version: 1 (0x0) 749s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 749s Subject Public Key Info: 749s Public Key Algorithm: rsaEncryption 749s Public-Key: (1024 bit) 749s Modulus: 749s 00:d3:82:10:8d:a3:fe:04:ff:bd:ba:f9:8b:b3:27: 749s d8:2a:62:78:72:36:6f:13:3a:db:a3:d1:e9:9c:f9: 749s c7:1b:2e:b8:2e:ed:4c:75:de:24:66:03:d4:71:f9: 749s 8b:9e:2e:29:2e:96:f7:7f:d0:04:58:ea:28:ba:36: 749s ee:36:7d:22:82:c3:db:d5:93:d5:22:64:1b:22:c9: 749s 84:f0:2f:d7:eb:dd:40:92:83:08:56:45:06:c9:e2: 749s f3:1a:9e:ac:a8:ff:6f:f2:79:dc:2e:1d:50:a6:3f: 749s 2e:2d:b7:2d:fe:5d:ce:aa:c4:8f:89:04:28:8e:6a: 749s c5:ab:c2:83:7f:f3:32:91:a5 749s Exponent: 65537 (0x10001) 749s Attributes: 749s (none) 749s Requested Extensions: 749s Signature Algorithm: sha256WithRSAEncryption 749s Signature Value: 749s 47:ab:bd:67:01:6b:3b:48:8a:bb:95:1f:77:69:84:df:e9:90: 749s 59:1e:8d:61:6c:ed:90:85:36:67:3c:42:c2:b9:56:be:b3:35: 749s b9:94:c8:a0:ea:d5:ab:f0:3d:ae:73:ac:db:23:02:7c:a0:c6: 749s d3:12:7c:fe:a3:2b:4b:4b:99:84:2b:18:b3:f4:74:fb:a1:a0: 749s 00:ff:12:11:45:be:9d:c0:df:c8:2e:ec:9c:ea:6a:cf:29:dd: 749s 08:f6:b2:33:de:98:e4:19:c7:7a:ca:58:85:1b:f1:af:25:4c: 749s 9a:5d:b0:c0:ae:86:40:2d:1a:31:20:c5:a3:85:64:82:8b:a6: 749s ff:11 749s + openssl x509 -noout -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem 749s + openssl verify -CAfile /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem 749s /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem: OK 749s + cat 749s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-4272 749s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-4272 1024 749s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-4272 -config /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-15212 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-certificate-request.pem 749s + openssl req -text -noout -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-certificate-request.pem 749s Certificate Request: 749s Data: 749s Version: 1 (0x0) 749s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 749s Subject Public Key Info: 749s Public Key Algorithm: rsaEncryption 749s Public-Key: (1024 bit) 749s Modulus: 749s 00:c8:84:24:44:24:22:55:1a:71:e5:c7:64:b5:02: 749s 37:7a:64:a5:97:71:67:27:9e:b7:52:1f:6e:92:38: 749s 7f:95:4c:a1:7e:e6:0a:93:de:d7:1f:9d:ca:79:59: 749s a0:61:67:7a:6d:1a:8f:fd:1b:ff:1a:3e:03:20:52: 749s 9a:27:f5:17:f5:c0:30:fb:e0:59:7d:70:20:93:66: 749s 00:12:bf:5a:cd:7c:5a:bd:2b:4d:29:6f:05:6c:a4: 749s ff:bc:cf:6c:90:da:6a:9c:78:8c:55:e8:ff:86:0f: 749s 98:26:72:54:05:b4:a9:18:c4:44:96:6a:7c:6e:2e: 749s 2b:d8:f0:f0:ec:da:c9:73:0d 749s Exponent: 65537 (0x10001) 749s Attributes: 749s (none) 749s Requested Extensions: 749s Signature Algorithm: sha256WithRSAEncryption 749s Signature Value: 749s a0:77:ee:93:89:76:2d:4c:7b:e7:34:3d:84:1d:a2:73:ff:35: 749s 15:b5:69:16:d5:4e:ac:15:b9:fa:7a:4f:e6:ac:5c:eb:f9:6c: 749s 9e:7f:19:20:0f:5d:f0:49:04:7f:64:ff:18:61:35:d5:b4:33: 749s 5a:29:98:24:ba:3a:df:9c:61:f5:e7:ac:74:46:94:5d:2e:10: 749s 81:cd:25:1a:69:be:52:95:0a:9d:7a:f6:61:df:6a:fa:26:23: 749s 57:a2:b3:1a:bd:85:81:22:fc:9a:e6:51:7c:90:e9:07:b1:27: 749s 28:76:16:50:60:3b:85:aa:f3:cc:74:af:54:e2:f2:28:30:da: 749s b4:1b 749s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-15212 -keyfile /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem 749s Using configuration from /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.config 749s Check that the request matches the signature 749s Signature ok 749s Certificate Details: 749s Serial Number: 2 (0x2) 749s Validity 749s Not Before: Mar 12 22:16:19 2024 GMT 749s Not After : Mar 12 22:16:19 2025 GMT 749s Subject: 749s organizationName = Test Organization 749s organizationalUnitName = Test Organization Unit 749s commonName = Test Organization Sub Intermediate CA 749s X509v3 extensions: 749s X509v3 Subject Key Identifier: 749s 27:24:50:BC:2A:8E:37:54:26:61:D2:0D:95:1C:2A:7B:39:E7:E8:32 749s X509v3 Authority Key Identifier: 749s keyid:C0:33:F3:F0:D8:62:D1:C5:4C:E3:8E:F6:EA:40:5A:4D:D9:9F:91:88 749s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 749s serial:01 749s X509v3 Basic Constraints: 749s CA:TRUE 749s X509v3 Key Usage: critical 749s Digital Signature, Certificate Sign, CRL Sign 749s Certificate is to be certified until Mar 12 22:16:19 2025 GMT (365 days) 749s 749s Write out database with 1 new entries 749s Database updated 749s + openssl x509 -noout -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem 749s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem 749s /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem: OK 749s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem 749s + local cmd=openssl 749s + shift 749s + openssl verify -CAfile /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem 749s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 749s error 20 at 0 depth lookup: unable to get local issuer certificate 749s error /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem: verification failed 749s + cat 749s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-11609 749s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-11609 1024 749s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-11609 -key /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001-request.pem 749s + openssl req -text -noout -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001-request.pem 749s Certificate Request: 749s Data: 749s Version: 1 (0x0) 749s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 749s Subject Public Key Info: 749s Public Key Algorithm: rsaEncryption 749s Public-Key: (1024 bit) 749s Modulus: 749s 00:f3:51:df:86:dc:d1:82:58:9d:7b:a8:36:4f:4c: 749s 65:8d:2a:f6:f4:8c:d0:1f:a6:a1:64:af:8a:fe:4e: 749s 22:7f:cf:b9:aa:5e:4e:2a:41:95:eb:c6:06:6f:76: 749s bc:6b:b0:bb:17:31:99:00:33:67:59:79:96:3e:ce: 749s fd:a7:28:9f:f1:84:80:25:cb:87:6e:04:8c:3a:63: 749s 28:52:76:29:e5:d0:ea:77:ac:32:fd:c9:95:11:35: 749s 7c:47:e4:a5:a6:21:76:07:ad:06:40:19:c6:91:69: 749s 77:b0:b4:7e:22:24:42:fa:84:09:50:1f:08:f2:43: 749s b0:db:88:72:25:4b:b1:0f:2f 749s Exponent: 65537 (0x10001) 749s Attributes: 749s Requested Extensions: 749s X509v3 Basic Constraints: 749s CA:FALSE 749s Netscape Cert Type: 749s SSL Client, S/MIME 749s Netscape Comment: 749s Test Organization Root CA trusted Certificate 749s X509v3 Subject Key Identifier: 749s 8E:5E:A7:84:97:81:20:E9:7C:C9:3A:E4:14:AC:3B:0E:91:48:EE:01 749s X509v3 Key Usage: critical 749s Digital Signature, Non Repudiation, Key Encipherment 749s X509v3 Extended Key Usage: 749s TLS Web Client Authentication, E-mail Protection 749s X509v3 Subject Alternative Name: 749s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 749s Signature Algorithm: sha256WithRSAEncryption 749s Signature Value: 749s b3:ae:d3:fa:1b:79:88:89:91:37:f5:7c:f9:99:33:b3:99:85: 749s 09:c7:eb:a1:59:e4:0e:89:68:f2:ef:74:5c:21:02:22:37:c4: 749s 7e:82:6c:dd:26:7b:f4:fb:1b:7f:b6:8c:c0:b0:31:d5:fa:0a: 749s fd:e6:e3:e9:32:a4:07:9d:b1:4d:b5:f7:95:b3:07:a2:83:7c: 749s b0:71:8b:11:2b:e9:85:52:f1:55:6e:a9:51:00:0e:34:0d:95: 749s 2d:80:bb:12:6e:b3:36:cf:5a:af:b4:2b:ee:95:78:2b:65:c8: 749s f9:87:71:1d:2c:b6:e0:70:02:5b:77:64:4c:ee:cb:7c:d8:e3: 749s 11:42 749s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-kWVoB5/test-root-CA.config -passin pass:random-root-CA-password-535 -keyfile /tmp/sssd-softhsm2-kWVoB5/test-root-CA-key.pem -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 749s Using configuration from /tmp/sssd-softhsm2-kWVoB5/test-root-CA.config 749s Check that the request matches the signature 749s Signature ok 749s Certificate Details: 749s Serial Number: 3 (0x3) 749s Validity 749s Not Before: Mar 12 22:16:19 2024 GMT 749s Not After : Mar 12 22:16:19 2025 GMT 749s Subject: 749s organizationName = Test Organization 749s organizationalUnitName = Test Organization Unit 749s commonName = Test Organization Root Trusted Certificate 0001 749s X509v3 extensions: 749s X509v3 Authority Key Identifier: 749s 5A:4B:6F:72:07:5B:81:7A:AF:01:E9:8A:E9:57:C8:97:A3:C8:83:97 749s X509v3 Basic Constraints: 749s CA:FALSE 749s Netscape Cert Type: 749s SSL Client, S/MIME 749s Netscape Comment: 749s Test Organization Root CA trusted Certificate 749s X509v3 Subject Key Identifier: 749s 8E:5E:A7:84:97:81:20:E9:7C:C9:3A:E4:14:AC:3B:0E:91:48:EE:01 749s X509v3 Key Usage: critical 749s Digital Signature, Non Repudiation, Key Encipherment 749s X509v3 Extended Key Usage: 749s TLS Web Client Authentication, E-mail Protection 749s X509v3 Subject Alternative Name: 749s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 749s Certificate is to be certified until Mar 12 22:16:19 2025 GMT (365 days) 749s 749s Write out database with 1 new entries 749s Database updated 749s + openssl x509 -noout -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 749s + openssl verify -CAfile /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 749s /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem: OK 749s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 749s + local cmd=openssl 749s + shift 749s + openssl verify -CAfile /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 749s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 749s error 20 at 0 depth lookup: unable to get local issuer certificate 749s error /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem: verification failed 749s + cat 749s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-7504 749s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-7504 1024 749s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-7504 -key /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001-request.pem 749s + openssl req -text -noout -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001-request.pem 749s Certificate Request: 749s Data: 749s Version: 1 (0x0) 749s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 749s Subject Public Key Info: 749s Public Key Algorithm: rsaEncryption 749s Public-Key: (1024 bit) 749s Modulus: 749s 00:b5:99:f6:10:09:02:9d:f8:03:a3:1d:71:58:89: 749s d4:30:e8:d4:7f:7d:c9:f8:d3:d3:d2:43:b8:0a:31: 749s b6:95:d1:7f:51:f2:2a:37:95:5f:10:74:80:46:b0: 749s 5e:85:71:50:3f:f7:88:7a:30:8c:49:c5:14:92:e3: 749s 35:0b:3d:f2:6a:56:63:8b:92:53:f4:c7:52:55:12: 749s 52:aa:9f:c9:88:28:ab:b3:0b:1b:e2:56:18:9e:56: 749s e9:52:38:c4:75:d8:b5:28:6e:3a:3a:5a:97:e6:d6: 749s 43:8e:06:cf:fe:5c:64:4d:fe:6c:06:8a:e7:3a:99: 749s 50:ad:62:00:98:22:21:d7:6f 749s Exponent: 65537 (0x10001) 749s Attributes: 749s Requested Extensions: 749s X509v3 Basic Constraints: 749s CA:FALSE 749s Netscape Cert Type: 749s SSL Client, S/MIME 749s Netscape Comment: 749s Test Organization Intermediate CA trusted Certificate 749s X509v3 Subject Key Identifier: 749s F4:1D:D1:28:A1:F4:BE:22:20:34:53:20:E1:CA:AF:ED:84:2D:8F:0F 749s X509v3 Key Usage: critical 749s Digital Signature, Non Repudiation, Key Encipherment 749s X509v3 Extended Key Usage: 749s TLS Web Client Authentication, E-mail Protection 749s X509v3 Subject Alternative Name: 749s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 749s Signature Algorithm: sha256WithRSAEncryption 749s Signature Value: 749s 34:24:04:71:e9:10:9a:47:f1:9a:19:c8:86:ae:2a:9b:da:00: 749s f8:d9:7e:76:ec:4e:a8:b0:2a:f5:94:6f:55:6c:74:90:d8:21: 749s db:ea:c8:bd:13:90:0c:40:9a:2d:5f:18:77:6e:79:64:88:ea: 749s 5f:7a:80:b1:83:3d:39:2a:65:1f:67:39:87:b7:cd:c9:67:9f: 749s 2e:d1:3c:aa:3e:c3:99:46:75:94:c0:5d:81:f1:c7:b8:16:2e: 749s 8d:3e:46:fa:03:69:6e:7e:38:36:5f:f6:34:88:0b:43:4d:a6: 749s ba:a7:ca:53:3a:5d:4a:01:c5:0e:9f:62:e8:73:12:d1:d5:9e: 749s ea:59 749s + openssl ca -passin pass:random-intermediate-CA-password-15212 -config /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 749s Using configuration from /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.config 749s Check that the request matches the signature 749s Signature ok 749s Certificate Details: 749s Serial Number: 4 (0x4) 749s Validity 749s Not Before: Mar 12 22:16:19 2024 GMT 749s Not After : Mar 12 22:16:19 2025 GMT 749s Subject: 749s organizationName = Test Organization 749s organizationalUnitName = Test Organization Unit 749s commonName = Test Organization Intermediate Trusted Certificate 0001 749s X509v3 extensions: 749s X509v3 Authority Key Identifier: 749s C0:33:F3:F0:D8:62:D1:C5:4C:E3:8E:F6:EA:40:5A:4D:D9:9F:91:88 749s X509v3 Basic Constraints: 749s CA:FALSE 749s Netscape Cert Type: 749s SSL Client, S/MIME 749s Netscape Comment: 749s Test Organization Intermediate CA trusted Certificate 749s X509v3 Subject Key Identifier: 749s F4:1D:D1:28:A1:F4:BE:22:20:34:53:20:E1:CA:AF:ED:84:2D:8F:0F 749s X509v3 Key Usage: critical 749s Digital Signature, Non Repudiation, Key Encipherment 749s X509v3 Extended Key Usage: 749s TLS Web Client Authentication, E-mail Protection 749s X509v3 Subject Alternative Name: 749s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 749s Certificate is to be certified until Mar 12 22:16:19 2025 GMT (365 days) 749s 749s Write out database with 1 new entries 749s Database updated 749s + openssl x509 -noout -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 749s This certificate should not be trusted fully 749s + echo 'This certificate should not be trusted fully' 749s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 749s + local cmd=openssl 749s + shift 749s + openssl verify -CAfile /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 749s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 749s error 2 at 1 depth lookup: unable to get issuer certificate 749s error /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 749s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 749s /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem: OK 749s + cat 749s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26575 749s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-26575 1024 749s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-26575 -key /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 749s + openssl req -text -noout -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 749s Certificate Request: 749s Data: 749s Version: 1 (0x0) 749s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 749s Subject Public Key Info: 749s Public Key Algorithm: rsaEncryption 749s Public-Key: (1024 bit) 749s Modulus: 749s 00:b0:c2:34:34:10:a3:cd:f0:04:f8:84:3d:f5:91: 749s 57:cd:49:d1:9b:d7:11:a0:fd:a8:48:6c:4a:39:50: 749s 89:a5:49:b5:84:c0:ed:0c:c6:b9:f3:a2:34:11:ff: 749s a8:ce:d4:9f:22:93:2f:48:61:4a:ca:36:fb:cd:5e: 749s 93:22:47:e8:b5:6c:b3:9b:61:a0:7c:5f:15:d8:fc: 749s f3:de:6a:c1:9f:b2:25:58:4c:27:3f:dc:df:01:04: 749s e8:dc:e7:54:25:7f:c0:95:f6:ce:72:a2:ea:04:22: 749s 11:95:af:68:ff:35:86:54:cb:28:99:de:3d:9b:6c: 749s d0:1f:5a:03:fc:7a:27:53:89 749s Exponent: 65537 (0x10001) 749s Attributes: 749s Requested Extensions: 749s X509v3 Basic Constraints: 749s CA:FALSE 749s Netscape Cert Type: 749s SSL Client, S/MIME 749s Netscape Comment: 749s Test Organization Sub Intermediate CA trusted Certificate 749s X509v3 Subject Key Identifier: 749s 49:37:F0:FB:2F:85:1A:D4:29:7A:A5:54:26:E8:62:AF:3F:07:05:C8 749s X509v3 Key Usage: critical 749s Digital Signature, Non Repudiation, Key Encipherment 749s X509v3 Extended Key Usage: 749s TLS Web Client Authentication, E-mail Protection 749s X509v3 Subject Alternative Name: 749s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 749s Signature Algorithm: sha256WithRSAEncryption 749s Signature Value: 749s 94:39:b3:b5:a7:d4:d0:6b:af:5f:ab:f3:4a:ff:4d:77:e7:6b: 749s 77:42:99:4c:a0:dc:0f:0f:fd:99:3a:3b:77:f8:2b:7c:b3:a6: 749s 89:58:a3:6e:d7:f8:a1:ea:b9:23:27:c4:e9:bf:17:4c:c0:0e: 749s 78:cc:9e:4f:d3:23:09:34:9f:3f:19:f6:59:2e:83:58:f6:ab: 749s a9:a9:0f:4d:9a:e8:07:1b:96:65:1c:be:3f:a1:69:79:50:09: 749s 9f:c9:b0:91:02:b9:cb:26:16:b8:10:70:a3:0a:f7:46:2c:a6: 749s 99:83:00:61:0d:cc:68:a7:77:97:cd:2c:e3:34:ec:db:28:33: 749s 13:41 749s + openssl ca -passin pass:random-sub-intermediate-CA-password-4272 -config /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 749s Using configuration from /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.config 749s Check that the request matches the signature 749s Signature ok 749s Certificate Details: 749s Serial Number: 5 (0x5) 749s Validity 749s Not Before: Mar 12 22:16:19 2024 GMT 749s Not After : Mar 12 22:16:19 2025 GMT 749s Subject: 749s organizationName = Test Organization 749s organizationalUnitName = Test Organization Unit 749s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 749s X509v3 extensions: 749s X509v3 Authority Key Identifier: 749s 27:24:50:BC:2A:8E:37:54:26:61:D2:0D:95:1C:2A:7B:39:E7:E8:32 749s X509v3 Basic Constraints: 749s CA:FALSE 749s Netscape Cert Type: 749s SSL Client, S/MIME 749s Netscape Comment: 749s Test Organization Sub Intermediate CA trusted Certificate 749s X509v3 Subject Key Identifier: 749s 49:37:F0:FB:2F:85:1A:D4:29:7A:A5:54:26:E8:62:AF:3F:07:05:C8 749s X509v3 Key Usage: critical 749s Digital Signature, Non Repudiation, Key Encipherment 749s X509v3 Extended Key Usage: 749s TLS Web Client Authentication, E-mail Protection 749s X509v3 Subject Alternative Name: 749s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 749s Certificate is to be certified until Mar 12 22:16:19 2025 GMT (365 days) 749s 749s Write out database with 1 new entries 749s Database updated 749s + openssl x509 -noout -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 749s This certificate should not be trusted fully 749s + echo 'This certificate should not be trusted fully' 749s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 749s + local cmd=openssl 749s + shift 749s + openssl verify -CAfile /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 749s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 749s error 2 at 1 depth lookup: unable to get issuer certificate 749s error /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 749s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 749s + local cmd=openssl 749s + shift 749s + openssl verify -CAfile /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 749s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 749s error 20 at 0 depth lookup: unable to get local issuer certificate 749s error /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 749s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 749s /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 749s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 749s + local cmd=openssl 749s + shift 749s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 749s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 749s error 20 at 0 depth lookup: unable to get local issuer certificate 749s error /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 749s Building a the full-chain CA file... 749s + echo 'Building a the full-chain CA file...' 749s + cat /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem 749s + cat /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem 749s + cat /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem 749s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 749s + openssl pkcs7 -print_certs -noout 749s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 749s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 749s 749s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 749s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 749s 749s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 749s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 749s 749s + openssl verify -CAfile /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem 749s /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem: OK 749s + openssl verify -CAfile /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 749s /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem: OK 749s + openssl verify -CAfile /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 749s /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem: OK 749s + openssl verify -CAfile /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-root-intermediate-chain-CA.pem 749s /tmp/sssd-softhsm2-kWVoB5/test-root-intermediate-chain-CA.pem: OK 749s + openssl verify -CAfile /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 749s /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 749s + echo 'Certificates generation completed!' 749s + [[ -v NO_SSSD_TESTS ]] 749s + invalid_certificate /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 /dev/null 749s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 /dev/null 749s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 749s Certificates generation completed! 749s + local key_pass=pass:random-root-ca-trusted-cert-0001-11609 749s + local key_ring=/dev/null 749s + local verify_option= 749s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 749s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 749s + local key_pass=pass:random-root-ca-trusted-cert-0001-11609 749s + local key_cn 749s + local key_name 749s + local tokens_dir 749s + local output_cert_file 749s + token_name= 749s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem .pem 749s + key_name=test-root-CA-trusted-certificate-0001 750s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 750s ++ sed -n 's/ *commonName *= //p' 750s + key_cn='Test Organization Root Trusted Certificate 0001' 750s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 750s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf 750s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf 750s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 750s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001 750s + token_name='Test Organization Root Tr Token' 750s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 750s + local key_file 750s + local decrypted_key 750s + mkdir -p /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001 750s + key_file=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001-key.pem 750s + decrypted_key=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001-key-decrypted.pem 750s + cat 750s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 053350 --so-pin 053350 --free 750s Slot 0 has a free/uninitialized token. 750s The token has been initialized and is reassigned to slot 1871159338 750s + softhsm2-util --show-slots 750s Available slots: 750s Slot 1871159338 750s Slot info: 750s Description: SoftHSM slot ID 0x6f87a02a 750s Manufacturer ID: SoftHSM project 750s Hardware version: 2.6 750s Firmware version: 2.6 750s Token present: yes 750s Token info: 750s Manufacturer ID: SoftHSM project 750s Model: SoftHSM v2 750s Hardware version: 2.6 750s Firmware version: 2.6 750s Serial number: cc3afb906f87a02a 750s Initialized: yes 750s User PIN init.: yes 750s Label: Test Organization Root Tr Token 750s Slot 1 750s Slot info: 750s Description: SoftHSM slot ID 0x1 750s Manufacturer ID: SoftHSM project 750s Hardware version: 2.6 750s Firmware version: 2.6 750s Token present: yes 750s Token info: 750s Manufacturer ID: SoftHSM project 750s Model: SoftHSM v2 750s Hardware version: 2.6 750s Firmware version: 2.6 750s Serial number: 750s Initialized: no 750s User PIN init.: no 750s Label: 750s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 750s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-11609 -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001-key-decrypted.pem 750s writing RSA key 750s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 750s + rm /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001-key-decrypted.pem 750s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 750s Object 0: 750s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=cc3afb906f87a02a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 750s Type: X.509 Certificate (RSA-1024) 750s Expires: Wed Mar 12 22:16:19 2025 750s Label: Test Organization Root Trusted Certificate 0001 750s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 750s 750s + echo 'Test Organization Root Tr Token' 750s Test Organization Root Tr Token 750s + '[' -n '' ']' 750s + local output_base_name=SSSD-child-23872 750s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-23872.output 750s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-23872.pem 750s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 750s [p11_child[2012]] [main] (0x0400): p11_child started. 750s [p11_child[2012]] [main] (0x2000): Running in [pre-auth] mode. 750s [p11_child[2012]] [main] (0x2000): Running with effective IDs: [0][0]. 750s [p11_child[2012]] [main] (0x2000): Running with real IDs [0][0]. 750s [p11_child[2012]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 750s [p11_child[2012]] [do_work] (0x0040): init_verification failed. 750s [p11_child[2012]] [main] (0x0020): p11_child failed (5) 750s + return 2 750s + valid_certificate /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 /dev/null no_verification 750s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 /dev/null no_verification 750s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 750s + local key_pass=pass:random-root-ca-trusted-cert-0001-11609 750s + local key_ring=/dev/null 750s + local verify_option=no_verification 750s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 750s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 750s + local key_pass=pass:random-root-ca-trusted-cert-0001-11609 750s + local key_cn 750s + local key_name 750s + local tokens_dir 750s + local output_cert_file 750s + token_name= 750s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem .pem 750s + key_name=test-root-CA-trusted-certificate-0001 750s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 750s ++ sed -n 's/ *commonName *= //p' 750s + key_cn='Test Organization Root Trusted Certificate 0001' 750s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 750s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf 750s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf 750s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 750s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001 750s + token_name='Test Organization Root Tr Token' 750s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 750s Test Organization Root Tr Token 750s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001 ']' 750s + echo 'Test Organization Root Tr Token' 750s + '[' -n no_verification ']' 750s + local verify_arg=--verify=no_verification 750s + local output_base_name=SSSD-child-23554 750s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-23554.output 750s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-23554.pem 750s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 750s [p11_child[2018]] [main] (0x0400): p11_child started. 750s [p11_child[2018]] [main] (0x2000): Running in [pre-auth] mode. 750s [p11_child[2018]] [main] (0x2000): Running with effective IDs: [0][0]. 750s [p11_child[2018]] [main] (0x2000): Running with real IDs [0][0]. 750s [p11_child[2018]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 750s [p11_child[2018]] [do_card] (0x4000): Module List: 750s [p11_child[2018]] [do_card] (0x4000): common name: [softhsm2]. 750s [p11_child[2018]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 750s [p11_child[2018]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6f87a02a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 750s [p11_child[2018]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 750s [p11_child[2018]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6f87a02a][1871159338] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 750s [p11_child[2018]] [do_card] (0x4000): Login NOT required. 750s [p11_child[2018]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 750s [p11_child[2018]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 750s [p11_child[2018]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6f87a02a;slot-manufacturer=SoftHSM%20project;slot-id=1871159338;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=cc3afb906f87a02a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 750s [p11_child[2018]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 750s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-23554.output 750s + echo '-----BEGIN CERTIFICATE-----' 750s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-23554.output 750s + echo '-----END CERTIFICATE-----' 750s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-23554.pem 750s Certificate: 750s Data: 750s Version: 3 (0x2) 750s Serial Number: 3 (0x3) 750s Signature Algorithm: sha256WithRSAEncryption 750s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 750s Validity 750s Not Before: Mar 12 22:16:19 2024 GMT 750s Not After : Mar 12 22:16:19 2025 GMT 750s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 750s Subject Public Key Info: 750s Public Key Algorithm: rsaEncryption 750s Public-Key: (1024 bit) 750s Modulus: 750s 00:f3:51:df:86:dc:d1:82:58:9d:7b:a8:36:4f:4c: 750s 65:8d:2a:f6:f4:8c:d0:1f:a6:a1:64:af:8a:fe:4e: 750s 22:7f:cf:b9:aa:5e:4e:2a:41:95:eb:c6:06:6f:76: 750s bc:6b:b0:bb:17:31:99:00:33:67:59:79:96:3e:ce: 750s fd:a7:28:9f:f1:84:80:25:cb:87:6e:04:8c:3a:63: 750s 28:52:76:29:e5:d0:ea:77:ac:32:fd:c9:95:11:35: 750s 7c:47:e4:a5:a6:21:76:07:ad:06:40:19:c6:91:69: 750s 77:b0:b4:7e:22:24:42:fa:84:09:50:1f:08:f2:43: 750s b0:db:88:72:25:4b:b1:0f:2f 750s Exponent: 65537 (0x10001) 750s X509v3 extensions: 750s X509v3 Authority Key Identifier: 750s 5A:4B:6F:72:07:5B:81:7A:AF:01:E9:8A:E9:57:C8:97:A3:C8:83:97 750s X509v3 Basic Constraints: 750s CA:FALSE 750s Netscape Cert Type: 750s SSL Client, S/MIME 750s Netscape Comment: 750s Test Organization Root CA trusted Certificate 750s X509v3 Subject Key Identifier: 750s 8E:5E:A7:84:97:81:20:E9:7C:C9:3A:E4:14:AC:3B:0E:91:48:EE:01 750s X509v3 Key Usage: critical 750s Digital Signature, Non Repudiation, Key Encipherment 750s X509v3 Extended Key Usage: 750s TLS Web Client Authentication, E-mail Protection 750s X509v3 Subject Alternative Name: 750s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 750s Signature Algorithm: sha256WithRSAEncryption 750s Signature Value: 750s a0:3c:d7:7a:ef:f1:79:47:be:cd:86:c0:01:5e:57:22:b2:27: 750s 36:a8:f8:9a:d6:d0:fb:a9:d9:51:4c:41:a2:18:31:75:a9:ae: 750s c2:8f:5e:28:3d:e8:af:ff:e6:de:99:82:fd:d0:d8:f9:fd:d5: 750s 52:ec:83:d0:e9:52:f7:3a:7f:b8:f3:3b:82:05:56:0b:5d:b9: 750s d7:9c:86:c1:7e:97:8d:55:52:73:16:d1:f5:11:7f:7e:32:be: 750s d2:54:a7:4c:24:10:97:11:7c:ce:8a:46:97:12:7d:2b:f8:15: 750s 6d:1c:00:d3:5c:94:2f:da:df:a4:97:c1:52:59:cd:61:28:68: 750s 1d:ca 750s + local found_md5 expected_md5 750s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 750s + expected_md5=Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F 750s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-23554.pem 750s + found_md5=Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F 750s + '[' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F '!=' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F ']' 750s + output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-23554-auth.output 750s ++ basename /tmp/sssd-softhsm2-kWVoB5/SSSD-child-23554-auth.output .output 750s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-23554-auth.pem 750s + echo -n 053350 750s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 750s [p11_child[2026]] [main] (0x0400): p11_child started. 750s [p11_child[2026]] [main] (0x2000): Running in [auth] mode. 750s [p11_child[2026]] [main] (0x2000): Running with effective IDs: [0][0]. 750s [p11_child[2026]] [main] (0x2000): Running with real IDs [0][0]. 750s [p11_child[2026]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 750s [p11_child[2026]] [do_card] (0x4000): Module List: 750s [p11_child[2026]] [do_card] (0x4000): common name: [softhsm2]. 750s [p11_child[2026]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 750s [p11_child[2026]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6f87a02a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 750s [p11_child[2026]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 750s [p11_child[2026]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6f87a02a][1871159338] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 750s [p11_child[2026]] [do_card] (0x4000): Login required. 750s [p11_child[2026]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 750s [p11_child[2026]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 750s [p11_child[2026]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6f87a02a;slot-manufacturer=SoftHSM%20project;slot-id=1871159338;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=cc3afb906f87a02a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 750s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 750s [p11_child[2026]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 750s [p11_child[2026]] [do_card] (0x4000): Certificate verified and validated. 750s [p11_child[2026]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 750s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-23554-auth.output 750s + echo '-----BEGIN CERTIFICATE-----' 750s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-23554-auth.output 750s + echo '-----END CERTIFICATE-----' 750s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-23554-auth.pem 750s Certificate: 750s Data: 750s Version: 3 (0x2) 750s Serial Number: 3 (0x3) 750s Signature Algorithm: sha256WithRSAEncryption 750s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 750s Validity 750s Not Before: Mar 12 22:16:19 2024 GMT 750s Not After : Mar 12 22:16:19 2025 GMT 750s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 750s Subject Public Key Info: 750s Public Key Algorithm: rsaEncryption 750s Public-Key: (1024 bit) 750s Modulus: 750s 00:f3:51:df:86:dc:d1:82:58:9d:7b:a8:36:4f:4c: 750s 65:8d:2a:f6:f4:8c:d0:1f:a6:a1:64:af:8a:fe:4e: 750s 22:7f:cf:b9:aa:5e:4e:2a:41:95:eb:c6:06:6f:76: 750s bc:6b:b0:bb:17:31:99:00:33:67:59:79:96:3e:ce: 750s fd:a7:28:9f:f1:84:80:25:cb:87:6e:04:8c:3a:63: 750s 28:52:76:29:e5:d0:ea:77:ac:32:fd:c9:95:11:35: 750s 7c:47:e4:a5:a6:21:76:07:ad:06:40:19:c6:91:69: 750s 77:b0:b4:7e:22:24:42:fa:84:09:50:1f:08:f2:43: 750s b0:db:88:72:25:4b:b1:0f:2f 750s Exponent: 65537 (0x10001) 750s X509v3 extensions: 750s X509v3 Authority Key Identifier: 750s 5A:4B:6F:72:07:5B:81:7A:AF:01:E9:8A:E9:57:C8:97:A3:C8:83:97 750s X509v3 Basic Constraints: 750s CA:FALSE 750s Netscape Cert Type: 750s SSL Client, S/MIME 750s Netscape Comment: 750s Test Organization Root CA trusted Certificate 750s X509v3 Subject Key Identifier: 750s 8E:5E:A7:84:97:81:20:E9:7C:C9:3A:E4:14:AC:3B:0E:91:48:EE:01 750s X509v3 Key Usage: critical 750s Digital Signature, Non Repudiation, Key Encipherment 750s X509v3 Extended Key Usage: 750s TLS Web Client Authentication, E-mail Protection 750s X509v3 Subject Alternative Name: 750s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 750s Signature Algorithm: sha256WithRSAEncryption 750s Signature Value: 750s a0:3c:d7:7a:ef:f1:79:47:be:cd:86:c0:01:5e:57:22:b2:27: 750s 36:a8:f8:9a:d6:d0:fb:a9:d9:51:4c:41:a2:18:31:75:a9:ae: 750s c2:8f:5e:28:3d:e8:af:ff:e6:de:99:82:fd:d0:d8:f9:fd:d5: 750s 52:ec:83:d0:e9:52:f7:3a:7f:b8:f3:3b:82:05:56:0b:5d:b9: 750s d7:9c:86:c1:7e:97:8d:55:52:73:16:d1:f5:11:7f:7e:32:be: 750s d2:54:a7:4c:24:10:97:11:7c:ce:8a:46:97:12:7d:2b:f8:15: 750s 6d:1c:00:d3:5c:94:2f:da:df:a4:97:c1:52:59:cd:61:28:68: 750s 1d:ca 750s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-23554-auth.pem 751s + found_md5=Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F 751s + '[' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F '!=' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F ']' 751s Test Organization Root Tr Token 751s Certificate: 751s Data: 751s Version: 3 (0x2) 751s Serial Number: 3 (0x3) 751s Signature Algorithm: sha256WithRSAEncryption 751s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 751s Validity 751s Not Before: Mar 12 22:16:19 2024 GMT 751s Not After : Mar 12 22:16:19 2025 GMT 751s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 751s Subject Public Key Info: 751s Public Key Algorithm: rsaEncryption 751s Public-Key: (1024 bit) 751s Modulus: 751s 00:f3:51:df:86:dc:d1:82:58:9d:7b:a8:36:4f:4c: 751s 65:8d:2a:f6:f4:8c:d0:1f:a6:a1:64:af:8a:fe:4e: 751s 22:7f:cf:b9:aa:5e:4e:2a:41:95:eb:c6:06:6f:76: 751s bc:6b:b0:bb:17:31:99:00:33:67:59:79:96:3e:ce: 751s fd:a7:28:9f:f1:84:80:25:cb:87:6e:04:8c:3a:63: 751s 28:52:76:29:e5:d0:ea:77:ac:32:fd:c9:95:11:35: 751s 7c:47:e4:a5:a6:21:76:07:ad:06:40:19:c6:91:69: 751s 77:b0:b4:7e:22:24:42:fa:84:09:50:1f:08:f2:43: 751s b0:db:88:72:25:4b:b1:0f:2f 751s Exponent: 65537 (0x10001) 751s X509v3 extensions: 751s X509v3 Authority Key Identifier: 751s 5A:4B:6F:72:07:5B:81:7A:AF:01:E9:8A:E9:57:C8:97:A3:C8:83:97 751s X509v3 Basic Constraints: 751s CA:FALSE 751s Netscape Cert Type: 751s SSL Client, S/MIME 751s Netscape Comment: 751s Test Organization Root CA trusted Certificate 751s X509v3 Subject Key Identifier: 751s 8E:5E:A7:84:97:81:20:E9:7C:C9:3A:E4:14:AC:3B:0E:91:48:EE:01 751s X509v3 Key Usage: critical 751s Digital Signature, Non Repudiation, Key Encipherment 751s X509v3 Extended Key Usage: 751s TLS Web Client Authentication, E-mail Protection 751s X509v3 Subject Alternative Name: 751s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 751s Signature Algorithm: sha256WithRSAEncryption 751s Signature Value: 751s a0:3c:d7:7a:ef:f1:79:47:be:cd:86:c0:01:5e:57:22:b2:27: 751s 36:a8:f8:9a:d6:d0:fb:a9:d9:51:4c:41:a2:18:31:75:a9:ae: 751s c2:8f:5e:28:3d:e8:af:ff:e6:de:99:82:fd:d0:d8:f9:fd:d5: 751s 52:ec:83:d0:e9:52:f7:3a:7f:b8:f3:3b:82:05:56:0b:5d:b9: 751s d7:9c:86:c1:7e:97:8d:55:52:73:16:d1:f5:11:7f:7e:32:be: 751s d2:54:a7:4c:24:10:97:11:7c:ce:8a:46:97:12:7d:2b:f8:15: 751s 6d:1c:00:d3:5c:94:2f:da:df:a4:97:c1:52:59:cd:61:28:68: 751s 1d:ca 751s + valid_certificate /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 751s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 751s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 751s + local key_pass=pass:random-root-ca-trusted-cert-0001-11609 751s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 751s + local verify_option= 751s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 751s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 751s + local key_pass=pass:random-root-ca-trusted-cert-0001-11609 751s + local key_cn 751s + local key_name 751s + local tokens_dir 751s + local output_cert_file 751s + token_name= 751s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem .pem 751s + key_name=test-root-CA-trusted-certificate-0001 751s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 751s ++ sed -n 's/ *commonName *= //p' 751s + key_cn='Test Organization Root Trusted Certificate 0001' 751s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 751s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf 751s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf 751s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 751s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001 751s + token_name='Test Organization Root Tr Token' 751s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 751s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001 ']' 751s + echo 'Test Organization Root Tr Token' 751s + '[' -n '' ']' 751s + local output_base_name=SSSD-child-21712 751s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-21712.output 751s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-21712.pem 751s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 751s [p11_child[2036]] [main] (0x0400): p11_child started. 751s [p11_child[2036]] [main] (0x2000): Running in [pre-auth] mode. 751s [p11_child[2036]] [main] (0x2000): Running with effective IDs: [0][0]. 751s [p11_child[2036]] [main] (0x2000): Running with real IDs [0][0]. 751s [p11_child[2036]] [do_card] (0x4000): Module List: 751s [p11_child[2036]] [do_card] (0x4000): common name: [softhsm2]. 751s [p11_child[2036]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 751s [p11_child[2036]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6f87a02a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 751s [p11_child[2036]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 751s [p11_child[2036]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6f87a02a][1871159338] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 751s [p11_child[2036]] [do_card] (0x4000): Login NOT required. 751s [p11_child[2036]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 751s [p11_child[2036]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 751s [p11_child[2036]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 751s [p11_child[2036]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6f87a02a;slot-manufacturer=SoftHSM%20project;slot-id=1871159338;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=cc3afb906f87a02a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 751s [p11_child[2036]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 751s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21712.output 751s + echo '-----BEGIN CERTIFICATE-----' 751s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21712.output 751s + echo '-----END CERTIFICATE-----' 751s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21712.pem 751s + local found_md5 expected_md5 751s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 751s + expected_md5=Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F 751s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21712.pem 751s + found_md5=Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F 751s + '[' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F '!=' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F ']' 751s + output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-21712-auth.output 751s ++ basename /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21712-auth.output .output 751s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-21712-auth.pem 751s + echo -n 053350 751s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 751s [p11_child[2044]] [main] (0x0400): p11_child started. 751s [p11_child[2044]] [main] (0x2000): Running in [auth] mode. 751s [p11_child[2044]] [main] (0x2000): Running with effective IDs: [0][0]. 751s [p11_child[2044]] [main] (0x2000): Running with real IDs [0][0]. 751s [p11_child[2044]] [do_card] (0x4000): Module List: 751s [p11_child[2044]] [do_card] (0x4000): common name: [softhsm2]. 751s [p11_child[2044]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 751s [p11_child[2044]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6f87a02a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 751s [p11_child[2044]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 751s [p11_child[2044]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6f87a02a][1871159338] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 751s [p11_child[2044]] [do_card] (0x4000): Login required. 751s [p11_child[2044]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 751s [p11_child[2044]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 751s [p11_child[2044]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 751s [p11_child[2044]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6f87a02a;slot-manufacturer=SoftHSM%20project;slot-id=1871159338;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=cc3afb906f87a02a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 751s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 751s [p11_child[2044]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 751s [p11_child[2044]] [do_card] (0x4000): Certificate verified and validated. 751s [p11_child[2044]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 751s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21712-auth.output 752s + echo '-----BEGIN CERTIFICATE-----' 752s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21712-auth.output 752s + echo '-----END CERTIFICATE-----' 752s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21712-auth.pem 752s Certificate: 752s Data: 752s Version: 3 (0x2) 752s Serial Number: 3 (0x3) 752s Signature Algorithm: sha256WithRSAEncryption 752s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 752s Validity 752s Not Before: Mar 12 22:16:19 2024 GMT 752s Not After : Mar 12 22:16:19 2025 GMT 752s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 752s Subject Public Key Info: 752s Public Key Algorithm: rsaEncryption 752s Public-Key: (1024 bit) 752s Modulus: 752s 00:f3:51:df:86:dc:d1:82:58:9d:7b:a8:36:4f:4c: 752s 65:8d:2a:f6:f4:8c:d0:1f:a6:a1:64:af:8a:fe:4e: 752s 22:7f:cf:b9:aa:5e:4e:2a:41:95:eb:c6:06:6f:76: 752s bc:6b:b0:bb:17:31:99:00:33:67:59:79:96:3e:ce: 752s fd:a7:28:9f:f1:84:80:25:cb:87:6e:04:8c:3a:63: 752s 28:52:76:29:e5:d0:ea:77:ac:32:fd:c9:95:11:35: 752s 7c:47:e4:a5:a6:21:76:07:ad:06:40:19:c6:91:69: 752s 77:b0:b4:7e:22:24:42:fa:84:09:50:1f:08:f2:43: 752s b0:db:88:72:25:4b:b1:0f:2f 752s Exponent: 65537 (0x10001) 752s X509v3 extensions: 752s X509v3 Authority Key Identifier: 752s 5A:4B:6F:72:07:5B:81:7A:AF:01:E9:8A:E9:57:C8:97:A3:C8:83:97 752s X509v3 Basic Constraints: 752s CA:FALSE 752s Netscape Cert Type: 752s SSL Client, S/MIME 752s Netscape Comment: 752s Test Organization Root CA trusted Certificate 752s X509v3 Subject Key Identifier: 752s 8E:5E:A7:84:97:81:20:E9:7C:C9:3A:E4:14:AC:3B:0E:91:48:EE:01 752s X509v3 Key Usage: critical 752s Digital Signature, Non Repudiation, Key Encipherment 752s X509v3 Extended Key Usage: 752s TLS Web Client Authentication, E-mail Protection 752s X509v3 Subject Alternative Name: 752s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 752s Signature Algorithm: sha256WithRSAEncryption 752s Signature Value: 752s a0:3c:d7:7a:ef:f1:79:47:be:cd:86:c0:01:5e:57:22:b2:27: 752s 36:a8:f8:9a:d6:d0:fb:a9:d9:51:4c:41:a2:18:31:75:a9:ae: 752s c2:8f:5e:28:3d:e8:af:ff:e6:de:99:82:fd:d0:d8:f9:fd:d5: 752s 52:ec:83:d0:e9:52:f7:3a:7f:b8:f3:3b:82:05:56:0b:5d:b9: 752s d7:9c:86:c1:7e:97:8d:55:52:73:16:d1:f5:11:7f:7e:32:be: 752s d2:54:a7:4c:24:10:97:11:7c:ce:8a:46:97:12:7d:2b:f8:15: 752s 6d:1c:00:d3:5c:94:2f:da:df:a4:97:c1:52:59:cd:61:28:68: 752s 1d:ca 752s Test Organization Root Tr Token 752s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21712-auth.pem 752s + found_md5=Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F 752s + '[' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F '!=' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F ']' 752s + valid_certificate /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem partial_chain 752s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem partial_chain 752s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 752s + local key_pass=pass:random-root-ca-trusted-cert-0001-11609 752s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 752s + local verify_option=partial_chain 752s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 752s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 752s + local key_pass=pass:random-root-ca-trusted-cert-0001-11609 752s + local key_cn 752s + local key_name 752s + local tokens_dir 752s + local output_cert_file 752s + token_name= 752s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem .pem 752s + key_name=test-root-CA-trusted-certificate-0001 752s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 752s ++ sed -n 's/ *commonName *= //p' 752s + key_cn='Test Organization Root Trusted Certificate 0001' 752s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 752s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf 752s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf 752s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 752s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001 752s + token_name='Test Organization Root Tr Token' 752s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 752s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001 ']' 752s + echo 'Test Organization Root Tr Token' 752s + '[' -n partial_chain ']' 752s + local verify_arg=--verify=partial_chain 752s + local output_base_name=SSSD-child-18582 752s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-18582.output 752s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-18582.pem 752s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 752s [p11_child[2054]] [main] (0x0400): p11_child started. 752s [p11_child[2054]] [main] (0x2000): Running in [pre-auth] mode. 752s [p11_child[2054]] [main] (0x2000): Running with effective IDs: [0][0]. 752s [p11_child[2054]] [main] (0x2000): Running with real IDs [0][0]. 752s [p11_child[2054]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 753s [p11_child[2054]] [do_card] (0x4000): Module List: 753s [p11_child[2054]] [do_card] (0x4000): common name: [softhsm2]. 753s [p11_child[2054]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 753s [p11_child[2054]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6f87a02a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 753s [p11_child[2054]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 753s [p11_child[2054]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6f87a02a][1871159338] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 753s [p11_child[2054]] [do_card] (0x4000): Login NOT required. 753s [p11_child[2054]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 753s [p11_child[2054]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 753s [p11_child[2054]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 753s [p11_child[2054]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6f87a02a;slot-manufacturer=SoftHSM%20project;slot-id=1871159338;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=cc3afb906f87a02a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 753s [p11_child[2054]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 753s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-18582.output 753s + echo '-----BEGIN CERTIFICATE-----' 753s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-18582.output 753s + echo '-----END CERTIFICATE-----' 753s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-18582.pem 753s Certificate: 753s Data: 753s Version: 3 (0x2) 753s Serial Number: 3 (0x3) 753s Signature Algorithm: sha256WithRSAEncryption 753s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 753s Validity 753s Not Before: Mar 12 22:16:19 2024 GMT 753s Not After : Mar 12 22:16:19 2025 GMT 753s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 753s Subject Public Key Info: 753s Public Key Algorithm: rsaEncryption 753s Public-Key: (1024 bit) 753s Modulus: 753s 00:f3:51:df:86:dc:d1:82:58:9d:7b:a8:36:4f:4c: 753s 65:8d:2a:f6:f4:8c:d0:1f:a6:a1:64:af:8a:fe:4e: 753s 22:7f:cf:b9:aa:5e:4e:2a:41:95:eb:c6:06:6f:76: 753s bc:6b:b0:bb:17:31:99:00:33:67:59:79:96:3e:ce: 753s fd:a7:28:9f:f1:84:80:25:cb:87:6e:04:8c:3a:63: 753s 28:52:76:29:e5:d0:ea:77:ac:32:fd:c9:95:11:35: 753s 7c:47:e4:a5:a6:21:76:07:ad:06:40:19:c6:91:69: 753s 77:b0:b4:7e:22:24:42:fa:84:09:50:1f:08:f2:43: 753s b0:db:88:72:25:4b:b1:0f:2f 753s Exponent: 65537 (0x10001) 753s X509v3 extensions: 753s X509v3 Authority Key Identifier: 753s 5A:4B:6F:72:07:5B:81:7A:AF:01:E9:8A:E9:57:C8:97:A3:C8:83:97 753s X509v3 Basic Constraints: 753s CA:FALSE 753s Netscape Cert Type: 753s SSL Client, S/MIME 753s Netscape Comment: 753s Test Organization Root CA trusted Certificate 753s X509v3 Subject Key Identifier: 753s 8E:5E:A7:84:97:81:20:E9:7C:C9:3A:E4:14:AC:3B:0E:91:48:EE:01 753s X509v3 Key Usage: critical 753s Digital Signature, Non Repudiation, Key Encipherment 753s X509v3 Extended Key Usage: 753s TLS Web Client Authentication, E-mail Protection 753s X509v3 Subject Alternative Name: 753s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 753s Signature Algorithm: sha256WithRSAEncryption 753s Signature Value: 753s a0:3c:d7:7a:ef:f1:79:47:be:cd:86:c0:01:5e:57:22:b2:27: 753s 36:a8:f8:9a:d6:d0:fb:a9:d9:51:4c:41:a2:18:31:75:a9:ae: 753s c2:8f:5e:28:3d:e8:af:ff:e6:de:99:82:fd:d0:d8:f9:fd:d5: 753s 52:ec:83:d0:e9:52:f7:3a:7f:b8:f3:3b:82:05:56:0b:5d:b9: 753s d7:9c:86:c1:7e:97:8d:55:52:73:16:d1:f5:11:7f:7e:32:be: 753s d2:54:a7:4c:24:10:97:11:7c:ce:8a:46:97:12:7d:2b:f8:15: 753s 6d:1c:00:d3:5c:94:2f:da:df:a4:97:c1:52:59:cd:61:28:68: 753s 1d:ca 753s + local found_md5 expected_md5 753s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 753s + expected_md5=Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F 753s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-18582.pem 753s + found_md5=Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F 753s + '[' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F '!=' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F ']' 753s + output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-18582-auth.output 753s ++ basename /tmp/sssd-softhsm2-kWVoB5/SSSD-child-18582-auth.output .output 753s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-18582-auth.pem 753s + echo -n 053350 753s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 753s [p11_child[2062]] [main] (0x0400): p11_child started. 753s [p11_child[2062]] [main] (0x2000): Running in [auth] mode. 753s [p11_child[2062]] [main] (0x2000): Running with effective IDs: [0][0]. 753s [p11_child[2062]] [main] (0x2000): Running with real IDs [0][0]. 753s [p11_child[2062]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 753s [p11_child[2062]] [do_card] (0x4000): Module List: 753s [p11_child[2062]] [do_card] (0x4000): common name: [softhsm2]. 753s [p11_child[2062]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 753s [p11_child[2062]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6f87a02a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 753s [p11_child[2062]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 753s [p11_child[2062]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6f87a02a][1871159338] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 753s [p11_child[2062]] [do_card] (0x4000): Login required. 753s [p11_child[2062]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 753s [p11_child[2062]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 753s [p11_child[2062]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 753s [p11_child[2062]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6f87a02a;slot-manufacturer=SoftHSM%20project;slot-id=1871159338;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=cc3afb906f87a02a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 753s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 753s [p11_child[2062]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 753s [p11_child[2062]] [do_card] (0x4000): Certificate verified and validated. 753s [p11_child[2062]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 753s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-18582-auth.output 753s + echo '-----BEGIN CERTIFICATE-----' 753s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-18582-auth.output 753s + echo '-----END CERTIFICATE-----' 753s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-18582-auth.pem 753s Certificate: 753s Data: 753s Version: 3 (0x2) 753s Serial Number: 3 (0x3) 753s Signature Algorithm: sha256WithRSAEncryption 753s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 753s Validity 753s Not Before: Mar 12 22:16:19 2024 GMT 753s Not After : Mar 12 22:16:19 2025 GMT 753s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 753s Subject Public Key Info: 753s Public Key Algorithm: rsaEncryption 753s Public-Key: (1024 bit) 753s Modulus: 753s 00:f3:51:df:86:dc:d1:82:58:9d:7b:a8:36:4f:4c: 753s 65:8d:2a:f6:f4:8c:d0:1f:a6:a1:64:af:8a:fe:4e: 753s 22:7f:cf:b9:aa:5e:4e:2a:41:95:eb:c6:06:6f:76: 753s bc:6b:b0:bb:17:31:99:00:33:67:59:79:96:3e:ce: 753s fd:a7:28:9f:f1:84:80:25:cb:87:6e:04:8c:3a:63: 753s 28:52:76:29:e5:d0:ea:77:ac:32:fd:c9:95:11:35: 753s 7c:47:e4:a5:a6:21:76:07:ad:06:40:19:c6:91:69: 753s 77:b0:b4:7e:22:24:42:fa:84:09:50:1f:08:f2:43: 753s b0:db:88:72:25:4b:b1:0f:2f 753s Exponent: 65537 (0x10001) 753s X509v3 extensions: 753s X509v3 Authority Key Identifier: 753s 5A:4B:6F:72:07:5B:81:7A:AF:01:E9:8A:E9:57:C8:97:A3:C8:83:97 753s X509v3 Basic Constraints: 753s CA:FALSE 753s Netscape Cert Type: 753s SSL Client, S/MIME 753s Netscape Comment: 753s Test Organization Root CA trusted Certificate 753s X509v3 Subject Key Identifier: 753s 8E:5E:A7:84:97:81:20:E9:7C:C9:3A:E4:14:AC:3B:0E:91:48:EE:01 753s X509v3 Key Usage: critical 753s Digital Signature, Non Repudiation, Key Encipherment 753s X509v3 Extended Key Usage: 753s TLS Web Client Authentication, E-mail Protection 753s X509v3 Subject Alternative Name: 753s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 753s Signature Algorithm: sha256WithRSAEncryption 753s Signature Value: 753s a0:3c:d7:7a:ef:f1:79:47:be:cd:86:c0:01:5e:57:22:b2:27: 753s 36:a8:f8:9a:d6:d0:fb:a9:d9:51:4c:41:a2:18:31:75:a9:ae: 753s c2:8f:5e:28:3d:e8:af:ff:e6:de:99:82:fd:d0:d8:f9:fd:d5: 753s 52:ec:83:d0:e9:52:f7:3a:7f:b8:f3:3b:82:05:56:0b:5d:b9: 753s d7:9c:86:c1:7e:97:8d:55:52:73:16:d1:f5:11:7f:7e:32:be: 753s d2:54:a7:4c:24:10:97:11:7c:ce:8a:46:97:12:7d:2b:f8:15: 753s 6d:1c:00:d3:5c:94:2f:da:df:a4:97:c1:52:59:cd:61:28:68: 753s 1d:ca 753s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-18582-auth.pem 753s + found_md5=Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F 753s + '[' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F '!=' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F ']' 753s + valid_certificate /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 753s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 753s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 753s + local key_pass=pass:random-root-ca-trusted-cert-0001-11609 753s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 753s + local verify_option= 753s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 753s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 753s + local key_pass=pass:random-root-ca-trusted-cert-0001-11609 753s + local key_cn 753s + local key_name 753s + local tokens_dir 753s + local output_cert_file 753s + token_name= 753s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem .pem 753s + key_name=test-root-CA-trusted-certificate-0001 753s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 753s ++ sed -n 's/ *commonName *= //p' 753s + key_cn='Test Organization Root Trusted Certificate 0001' 753s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 753s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf 753s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf 753s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 753s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001 753s + token_name='Test Organization Root Tr Token' 753s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 753s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001 ']' 753s + echo 'Test Organization Root Tr Token' 753s + '[' -n '' ']' 753s + local output_base_name=SSSD-child-4327 753s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-4327.output 753s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-4327.pem 753s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 753s Test Organization Root Tr Token 753s [p11_child[2072]] [main] (0x0400): p11_child started. 753s [p11_child[2072]] [main] (0x2000): Running in [pre-auth] mode. 753s [p11_child[2072]] [main] (0x2000): Running with effective IDs: [0][0]. 753s [p11_child[2072]] [main] (0x2000): Running with real IDs [0][0]. 753s [p11_child[2072]] [do_card] (0x4000): Module List: 753s [p11_child[2072]] [do_card] (0x4000): common name: [softhsm2]. 753s [p11_child[2072]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 753s [p11_child[2072]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6f87a02a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 753s [p11_child[2072]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 753s [p11_child[2072]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6f87a02a][1871159338] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 753s [p11_child[2072]] [do_card] (0x4000): Login NOT required. 753s [p11_child[2072]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 753s [p11_child[2072]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 753s [p11_child[2072]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 753s [p11_child[2072]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6f87a02a;slot-manufacturer=SoftHSM%20project;slot-id=1871159338;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=cc3afb906f87a02a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 753s [p11_child[2072]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 753s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-4327.output 753s + echo '-----BEGIN CERTIFICATE-----' 753s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-4327.output 753s + echo '-----END CERTIFICATE-----' 753s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-4327.pem 753s Certificate: 753s Data: 753s Version: 3 (0x2) 753s Serial Number: 3 (0x3) 753s Signature Algorithm: sha256WithRSAEncryption 753s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 753s Validity 753s Not Before: Mar 12 22:16:19 2024 GMT 753s Not After : Mar 12 22:16:19 2025 GMT 753s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 753s Subject Public Key Info: 753s Public Key Algorithm: rsaEncryption 753s Public-Key: (1024 bit) 753s Modulus: 753s 00:f3:51:df:86:dc:d1:82:58:9d:7b:a8:36:4f:4c: 753s 65:8d:2a:f6:f4:8c:d0:1f:a6:a1:64:af:8a:fe:4e: 753s 22:7f:cf:b9:aa:5e:4e:2a:41:95:eb:c6:06:6f:76: 753s bc:6b:b0:bb:17:31:99:00:33:67:59:79:96:3e:ce: 753s fd:a7:28:9f:f1:84:80:25:cb:87:6e:04:8c:3a:63: 753s 28:52:76:29:e5:d0:ea:77:ac:32:fd:c9:95:11:35: 753s 7c:47:e4:a5:a6:21:76:07:ad:06:40:19:c6:91:69: 753s 77:b0:b4:7e:22:24:42:fa:84:09:50:1f:08:f2:43: 753s b0:db:88:72:25:4b:b1:0f:2f 753s Exponent: 65537 (0x10001) 753s X509v3 extensions: 753s X509v3 Authority Key Identifier: 753s 5A:4B:6F:72:07:5B:81:7A:AF:01:E9:8A:E9:57:C8:97:A3:C8:83:97 753s X509v3 Basic Constraints: 753s CA:FALSE 753s Netscape Cert Type: 753s SSL Client, S/MIME 753s Netscape Comment: 753s Test Organization Root CA trusted Certificate 753s X509v3 Subject Key Identifier: 753s 8E:5E:A7:84:97:81:20:E9:7C:C9:3A:E4:14:AC:3B:0E:91:48:EE:01 753s X509v3 Key Usage: critical 753s Digital Signature, Non Repudiation, Key Encipherment 753s X509v3 Extended Key Usage: 753s TLS Web Client Authentication, E-mail Protection 753s X509v3 Subject Alternative Name: 753s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 753s Signature Algorithm: sha256WithRSAEncryption 753s Signature Value: 753s a0:3c:d7:7a:ef:f1:79:47:be:cd:86:c0:01:5e:57:22:b2:27: 753s 36:a8:f8:9a:d6:d0:fb:a9:d9:51:4c:41:a2:18:31:75:a9:ae: 753s c2:8f:5e:28:3d:e8:af:ff:e6:de:99:82:fd:d0:d8:f9:fd:d5: 753s 52:ec:83:d0:e9:52:f7:3a:7f:b8:f3:3b:82:05:56:0b:5d:b9: 753s d7:9c:86:c1:7e:97:8d:55:52:73:16:d1:f5:11:7f:7e:32:be: 753s d2:54:a7:4c:24:10:97:11:7c:ce:8a:46:97:12:7d:2b:f8:15: 753s 6d:1c:00:d3:5c:94:2f:da:df:a4:97:c1:52:59:cd:61:28:68: 753s 1d:ca 753s + local found_md5 expected_md5 753s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 753s + expected_md5=Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F 753s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-4327.pem 753s + found_md5=Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F 753s + '[' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F '!=' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F ']' 753s + output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-4327-auth.output 753s ++ basename /tmp/sssd-softhsm2-kWVoB5/SSSD-child-4327-auth.output .output 753s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-4327-auth.pem 753s + echo -n 053350 753s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 753s [p11_child[2080]] [main] (0x0400): p11_child started. 753s [p11_child[2080]] [main] (0x2000): Running in [auth] mode. 753s [p11_child[2080]] [main] (0x2000): Running with effective IDs: [0][0]. 753s [p11_child[2080]] [main] (0x2000): Running with real IDs [0][0]. 753s [p11_child[2080]] [do_card] (0x4000): Module List: 753s [p11_child[2080]] [do_card] (0x4000): common name: [softhsm2]. 753s [p11_child[2080]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 753s [p11_child[2080]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6f87a02a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 753s [p11_child[2080]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 753s [p11_child[2080]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6f87a02a][1871159338] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 753s [p11_child[2080]] [do_card] (0x4000): Login required. 753s [p11_child[2080]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 753s [p11_child[2080]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 753s [p11_child[2080]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 753s [p11_child[2080]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6f87a02a;slot-manufacturer=SoftHSM%20project;slot-id=1871159338;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=cc3afb906f87a02a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 753s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 753s [p11_child[2080]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 753s [p11_child[2080]] [do_card] (0x4000): Certificate verified and validated. 753s [p11_child[2080]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 753s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-4327-auth.output 753s + echo '-----BEGIN CERTIFICATE-----' 753s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-4327-auth.output 753s + echo '-----END CERTIFICATE-----' 753s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-4327-auth.pem 753s Certificate: 753s Data: 753s Version: 3 (0x2) 753s Serial Number: 3 (0x3) 753s Signature Algorithm: sha256WithRSAEncryption 753s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 753s Validity 753s Not Before: Mar 12 22:16:19 2024 GMT 753s Not After : Mar 12 22:16:19 2025 GMT 753s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 753s Subject Public Key Info: 753s Public Key Algorithm: rsaEncryption 753s Public-Key: (1024 bit) 753s Modulus: 753s 00:f3:51:df:86:dc:d1:82:58:9d:7b:a8:36:4f:4c: 753s 65:8d:2a:f6:f4:8c:d0:1f:a6:a1:64:af:8a:fe:4e: 753s 22:7f:cf:b9:aa:5e:4e:2a:41:95:eb:c6:06:6f:76: 753s bc:6b:b0:bb:17:31:99:00:33:67:59:79:96:3e:ce: 753s fd:a7:28:9f:f1:84:80:25:cb:87:6e:04:8c:3a:63: 753s 28:52:76:29:e5:d0:ea:77:ac:32:fd:c9:95:11:35: 753s 7c:47:e4:a5:a6:21:76:07:ad:06:40:19:c6:91:69: 753s 77:b0:b4:7e:22:24:42:fa:84:09:50:1f:08:f2:43: 753s b0:db:88:72:25:4b:b1:0f:2f 753s Exponent: 65537 (0x10001) 753s X509v3 extensions: 753s X509v3 Authority Key Identifier: 753s 5A:4B:6F:72:07:5B:81:7A:AF:01:E9:8A:E9:57:C8:97:A3:C8:83:97 753s X509v3 Basic Constraints: 753s CA:FALSE 753s Netscape Cert Type: 753s SSL Client, S/MIME 753s Netscape Comment: 753s Test Organization Root CA trusted Certificate 753s X509v3 Subject Key Identifier: 753s 8E:5E:A7:84:97:81:20:E9:7C:C9:3A:E4:14:AC:3B:0E:91:48:EE:01 753s X509v3 Key Usage: critical 753s Digital Signature, Non Repudiation, Key Encipherment 753s X509v3 Extended Key Usage: 753s TLS Web Client Authentication, E-mail Protection 753s X509v3 Subject Alternative Name: 753s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 753s Signature Algorithm: sha256WithRSAEncryption 753s Signature Value: 753s a0:3c:d7:7a:ef:f1:79:47:be:cd:86:c0:01:5e:57:22:b2:27: 753s 36:a8:f8:9a:d6:d0:fb:a9:d9:51:4c:41:a2:18:31:75:a9:ae: 753s c2:8f:5e:28:3d:e8:af:ff:e6:de:99:82:fd:d0:d8:f9:fd:d5: 753s 52:ec:83:d0:e9:52:f7:3a:7f:b8:f3:3b:82:05:56:0b:5d:b9: 753s d7:9c:86:c1:7e:97:8d:55:52:73:16:d1:f5:11:7f:7e:32:be: 753s d2:54:a7:4c:24:10:97:11:7c:ce:8a:46:97:12:7d:2b:f8:15: 753s 6d:1c:00:d3:5c:94:2f:da:df:a4:97:c1:52:59:cd:61:28:68: 753s 1d:ca 753s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-4327-auth.pem 753s + found_md5=Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F 753s + '[' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F '!=' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F ']' 753s + valid_certificate /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem partial_chain 753s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem partial_chain 753s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 753s + local key_pass=pass:random-root-ca-trusted-cert-0001-11609 753s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 753s + local verify_option=partial_chain 753s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 753s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 753s + local key_pass=pass:random-root-ca-trusted-cert-0001-11609 753s + local key_cn 753s + local key_name 753s + local tokens_dir 753s + local output_cert_file 753s + token_name= 753s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem .pem 753s + key_name=test-root-CA-trusted-certificate-0001 753s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 753s ++ sed -n 's/ *commonName *= //p' 753s + key_cn='Test Organization Root Trusted Certificate 0001' 753s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 753s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf 753s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf 753s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 753s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001 753s + token_name='Test Organization Root Tr Token' 753s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 753s Test Organization Root Tr Token 753s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001 ']' 753s + echo 'Test Organization Root Tr Token' 753s + '[' -n partial_chain ']' 753s + local verify_arg=--verify=partial_chain 753s + local output_base_name=SSSD-child-16464 753s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-16464.output 753s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-16464.pem 753s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 753s [p11_child[2090]] [main] (0x0400): p11_child started. 753s [p11_child[2090]] [main] (0x2000): Running in [pre-auth] mode. 753s [p11_child[2090]] [main] (0x2000): Running with effective IDs: [0][0]. 753s [p11_child[2090]] [main] (0x2000): Running with real IDs [0][0]. 753s [p11_child[2090]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 753s [p11_child[2090]] [do_card] (0x4000): Module List: 753s [p11_child[2090]] [do_card] (0x4000): common name: [softhsm2]. 753s [p11_child[2090]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 753s [p11_child[2090]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6f87a02a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 753s [p11_child[2090]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 753s [p11_child[2090]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6f87a02a][1871159338] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 753s [p11_child[2090]] [do_card] (0x4000): Login NOT required. 753s [p11_child[2090]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 753s [p11_child[2090]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 753s [p11_child[2090]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 753s [p11_child[2090]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6f87a02a;slot-manufacturer=SoftHSM%20project;slot-id=1871159338;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=cc3afb906f87a02a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 753s [p11_child[2090]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 753s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-16464.output 753s + echo '-----BEGIN CERTIFICATE-----' 753s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-16464.output 753s + echo '-----END CERTIFICATE-----' 753s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-16464.pem 753s Certificate: 753s Data: 753s Version: 3 (0x2) 753s Serial Number: 3 (0x3) 753s Signature Algorithm: sha256WithRSAEncryption 753s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 753s Validity 753s Not Before: Mar 12 22:16:19 2024 GMT 753s Not After : Mar 12 22:16:19 2025 GMT 753s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 753s Subject Public Key Info: 753s Public Key Algorithm: rsaEncryption 753s Public-Key: (1024 bit) 753s Modulus: 753s 00:f3:51:df:86:dc:d1:82:58:9d:7b:a8:36:4f:4c: 753s 65:8d:2a:f6:f4:8c:d0:1f:a6:a1:64:af:8a:fe:4e: 753s 22:7f:cf:b9:aa:5e:4e:2a:41:95:eb:c6:06:6f:76: 753s bc:6b:b0:bb:17:31:99:00:33:67:59:79:96:3e:ce: 753s fd:a7:28:9f:f1:84:80:25:cb:87:6e:04:8c:3a:63: 753s 28:52:76:29:e5:d0:ea:77:ac:32:fd:c9:95:11:35: 753s 7c:47:e4:a5:a6:21:76:07:ad:06:40:19:c6:91:69: 753s 77:b0:b4:7e:22:24:42:fa:84:09:50:1f:08:f2:43: 753s b0:db:88:72:25:4b:b1:0f:2f 753s Exponent: 65537 (0x10001) 753s X509v3 extensions: 753s X509v3 Authority Key Identifier: 753s 5A:4B:6F:72:07:5B:81:7A:AF:01:E9:8A:E9:57:C8:97:A3:C8:83:97 753s X509v3 Basic Constraints: 753s CA:FALSE 753s Netscape Cert Type: 753s SSL Client, S/MIME 753s Netscape Comment: 753s Test Organization Root CA trusted Certificate 753s X509v3 Subject Key Identifier: 753s 8E:5E:A7:84:97:81:20:E9:7C:C9:3A:E4:14:AC:3B:0E:91:48:EE:01 753s X509v3 Key Usage: critical 753s Digital Signature, Non Repudiation, Key Encipherment 753s X509v3 Extended Key Usage: 753s TLS Web Client Authentication, E-mail Protection 753s X509v3 Subject Alternative Name: 753s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 753s Signature Algorithm: sha256WithRSAEncryption 753s Signature Value: 753s a0:3c:d7:7a:ef:f1:79:47:be:cd:86:c0:01:5e:57:22:b2:27: 753s 36:a8:f8:9a:d6:d0:fb:a9:d9:51:4c:41:a2:18:31:75:a9:ae: 753s c2:8f:5e:28:3d:e8:af:ff:e6:de:99:82:fd:d0:d8:f9:fd:d5: 753s 52:ec:83:d0:e9:52:f7:3a:7f:b8:f3:3b:82:05:56:0b:5d:b9: 753s d7:9c:86:c1:7e:97:8d:55:52:73:16:d1:f5:11:7f:7e:32:be: 753s d2:54:a7:4c:24:10:97:11:7c:ce:8a:46:97:12:7d:2b:f8:15: 753s 6d:1c:00:d3:5c:94:2f:da:df:a4:97:c1:52:59:cd:61:28:68: 753s 1d:ca 753s + local found_md5 expected_md5 753s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 753s + expected_md5=Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F 753s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-16464.pem 753s + found_md5=Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F 753s + '[' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F '!=' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F ']' 753s + output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-16464-auth.output 753s ++ basename /tmp/sssd-softhsm2-kWVoB5/SSSD-child-16464-auth.output .output 753s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-16464-auth.pem 753s + echo -n 053350 753s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 753s [p11_child[2098]] [main] (0x0400): p11_child started. 753s [p11_child[2098]] [main] (0x2000): Running in [auth] mode. 753s [p11_child[2098]] [main] (0x2000): Running with effective IDs: [0][0]. 753s [p11_child[2098]] [main] (0x2000): Running with real IDs [0][0]. 753s [p11_child[2098]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 753s [p11_child[2098]] [do_card] (0x4000): Module List: 753s [p11_child[2098]] [do_card] (0x4000): common name: [softhsm2]. 753s [p11_child[2098]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 753s [p11_child[2098]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6f87a02a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 753s [p11_child[2098]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 753s [p11_child[2098]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6f87a02a][1871159338] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 753s [p11_child[2098]] [do_card] (0x4000): Login required. 753s [p11_child[2098]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 753s [p11_child[2098]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 753s [p11_child[2098]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 753s [p11_child[2098]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6f87a02a;slot-manufacturer=SoftHSM%20project;slot-id=1871159338;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=cc3afb906f87a02a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 753s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 753s [p11_child[2098]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 753s [p11_child[2098]] [do_card] (0x4000): Certificate verified and validated. 753s [p11_child[2098]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 753s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-16464-auth.output 753s + echo '-----BEGIN CERTIFICATE-----' 753s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-16464-auth.output 753s + echo '-----END CERTIFICATE-----' 753s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-16464-auth.pem 753s Certificate: 753s Data: 753s Version: 3 (0x2) 753s Serial Number: 3 (0x3) 753s Signature Algorithm: sha256WithRSAEncryption 753s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 753s Validity 753s Not Before: Mar 12 22:16:19 2024 GMT 753s Not After : Mar 12 22:16:19 2025 GMT 753s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 753s Subject Public Key Info: 753s Public Key Algorithm: rsaEncryption 753s Public-Key: (1024 bit) 753s Modulus: 753s 00:f3:51:df:86:dc:d1:82:58:9d:7b:a8:36:4f:4c: 753s 65:8d:2a:f6:f4:8c:d0:1f:a6:a1:64:af:8a:fe:4e: 753s 22:7f:cf:b9:aa:5e:4e:2a:41:95:eb:c6:06:6f:76: 753s bc:6b:b0:bb:17:31:99:00:33:67:59:79:96:3e:ce: 753s fd:a7:28:9f:f1:84:80:25:cb:87:6e:04:8c:3a:63: 753s 28:52:76:29:e5:d0:ea:77:ac:32:fd:c9:95:11:35: 753s 7c:47:e4:a5:a6:21:76:07:ad:06:40:19:c6:91:69: 753s 77:b0:b4:7e:22:24:42:fa:84:09:50:1f:08:f2:43: 753s b0:db:88:72:25:4b:b1:0f:2f 753s Exponent: 65537 (0x10001) 753s X509v3 extensions: 753s X509v3 Authority Key Identifier: 753s 5A:4B:6F:72:07:5B:81:7A:AF:01:E9:8A:E9:57:C8:97:A3:C8:83:97 753s X509v3 Basic Constraints: 753s CA:FALSE 753s Netscape Cert Type: 753s SSL Client, S/MIME 753s Netscape Comment: 753s Test Organization Root CA trusted Certificate 753s X509v3 Subject Key Identifier: 753s 8E:5E:A7:84:97:81:20:E9:7C:C9:3A:E4:14:AC:3B:0E:91:48:EE:01 753s X509v3 Key Usage: critical 753s Digital Signature, Non Repudiation, Key Encipherment 753s X509v3 Extended Key Usage: 753s TLS Web Client Authentication, E-mail Protection 753s X509v3 Subject Alternative Name: 753s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 753s Signature Algorithm: sha256WithRSAEncryption 753s Signature Value: 753s a0:3c:d7:7a:ef:f1:79:47:be:cd:86:c0:01:5e:57:22:b2:27: 753s 36:a8:f8:9a:d6:d0:fb:a9:d9:51:4c:41:a2:18:31:75:a9:ae: 753s c2:8f:5e:28:3d:e8:af:ff:e6:de:99:82:fd:d0:d8:f9:fd:d5: 753s 52:ec:83:d0:e9:52:f7:3a:7f:b8:f3:3b:82:05:56:0b:5d:b9: 753s d7:9c:86:c1:7e:97:8d:55:52:73:16:d1:f5:11:7f:7e:32:be: 753s d2:54:a7:4c:24:10:97:11:7c:ce:8a:46:97:12:7d:2b:f8:15: 753s 6d:1c:00:d3:5c:94:2f:da:df:a4:97:c1:52:59:cd:61:28:68: 753s 1d:ca 753s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-16464-auth.pem 753s + found_md5=Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F 753s + '[' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F '!=' Modulus=F351DF86DCD182589D7BA8364F4C658D2AF6F48CD01FA6A164AF8AFE4E227FCFB9AA5E4E2A4195EBC6066F76BC6BB0BB1731990033675979963ECEFDA7289FF1848025CB876E048C3A6328527629E5D0EA77AC32FDC99511357C47E4A5A6217607AD064019C6916977B0B47E222442FA8409501F08F243B0DB8872254BB10F2F ']' 753s + invalid_certificate /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem 753s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem 753s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 753s + local key_pass=pass:random-root-ca-trusted-cert-0001-11609 753s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem 753s + local verify_option= 753s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 753s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 753s + local key_pass=pass:random-root-ca-trusted-cert-0001-11609 753s + local key_cn 753s + local key_name 753s + local tokens_dir 753s + local output_cert_file 753s + token_name= 753s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem .pem 753s + key_name=test-root-CA-trusted-certificate-0001 753s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 753s ++ sed -n 's/ *commonName *= //p' 754s + key_cn='Test Organization Root Trusted Certificate 0001' 754s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 754s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf 754s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf 754s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 754s Test Organization Root Tr Token 754s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001 754s + token_name='Test Organization Root Tr Token' 754s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 754s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001 ']' 754s + echo 'Test Organization Root Tr Token' 754s + '[' -n '' ']' 754s + local output_base_name=SSSD-child-19987 754s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-19987.output 754s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-19987.pem 754s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem 754s [p11_child[2108]] [main] (0x0400): p11_child started. 754s [p11_child[2108]] [main] (0x2000): Running in [pre-auth] mode. 754s [p11_child[2108]] [main] (0x2000): Running with effective IDs: [0][0]. 754s [p11_child[2108]] [main] (0x2000): Running with real IDs [0][0]. 754s [p11_child[2108]] [do_card] (0x4000): Module List: 754s [p11_child[2108]] [do_card] (0x4000): common name: [softhsm2]. 754s [p11_child[2108]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2108]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6f87a02a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 754s [p11_child[2108]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 754s [p11_child[2108]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6f87a02a][1871159338] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2108]] [do_card] (0x4000): Login NOT required. 754s [p11_child[2108]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 754s [p11_child[2108]] [do_verification] (0x0040): X509_verify_cert failed [0]. 754s [p11_child[2108]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 754s [p11_child[2108]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 754s [p11_child[2108]] [do_card] (0x4000): No certificate found. 754s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-19987.output 754s + return 2 754s + invalid_certificate /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem partial_chain 754s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem partial_chain 754s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 754s + local key_pass=pass:random-root-ca-trusted-cert-0001-11609 754s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem 754s + local verify_option=partial_chain 754s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-11609 754s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 754s + local key_pass=pass:random-root-ca-trusted-cert-0001-11609 754s + local key_cn 754s + local key_name 754s + local tokens_dir 754s + local output_cert_file 754s + token_name= 754s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem .pem 754s + key_name=test-root-CA-trusted-certificate-0001 754s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-root-CA-trusted-certificate-0001.pem 754s ++ sed -n 's/ *commonName *= //p' 754s + key_cn='Test Organization Root Trusted Certificate 0001' 754s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 754s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf 754s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf 754s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 754s Test Organization Root Tr Token 754s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001 754s + token_name='Test Organization Root Tr Token' 754s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 754s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-root-CA-trusted-certificate-0001 ']' 754s + echo 'Test Organization Root Tr Token' 754s + '[' -n partial_chain ']' 754s + local verify_arg=--verify=partial_chain 754s + local output_base_name=SSSD-child-27069 754s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-27069.output 754s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-27069.pem 754s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem 754s [p11_child[2115]] [main] (0x0400): p11_child started. 754s [p11_child[2115]] [main] (0x2000): Running in [pre-auth] mode. 754s [p11_child[2115]] [main] (0x2000): Running with effective IDs: [0][0]. 754s [p11_child[2115]] [main] (0x2000): Running with real IDs [0][0]. 754s [p11_child[2115]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 754s [p11_child[2115]] [do_card] (0x4000): Module List: 754s [p11_child[2115]] [do_card] (0x4000): common name: [softhsm2]. 754s [p11_child[2115]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2115]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6f87a02a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 754s [p11_child[2115]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 754s [p11_child[2115]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6f87a02a][1871159338] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2115]] [do_card] (0x4000): Login NOT required. 754s [p11_child[2115]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 754s [p11_child[2115]] [do_verification] (0x0040): X509_verify_cert failed [0]. 754s [p11_child[2115]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 754s [p11_child[2115]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 754s [p11_child[2115]] [do_card] (0x4000): No certificate found. 754s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-27069.output 754s + return 2 754s + invalid_certificate /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 /dev/null 754s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 /dev/null 754s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local key_ring=/dev/null 754s + local verify_option= 754s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local key_cn 754s + local key_name 754s + local tokens_dir 754s + local output_cert_file 754s + token_name= 754s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem .pem 754s + key_name=test-intermediate-CA-trusted-certificate-0001 754s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s ++ sed -n 's/ *commonName *= //p' 754s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 754s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 754s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 754s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 754s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 754s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001 754s + token_name='Test Organization Interme Token' 754s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 754s + local key_file 754s + local decrypted_key 754s + mkdir -p /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001 754s + key_file=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001-key.pem 754s + decrypted_key=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 754s + cat 754s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 053350 --so-pin 053350 --free 754s Slot 0 has a free/uninitialized token. 754s The token has been initialized and is reassigned to slot 1057882931 754s + softhsm2-util --show-slots 754s Available slots: 754s Slot 1057882931 754s Slot info: 754s Description: SoftHSM slot ID 0x3f0e0333 754s Manufacturer ID: SoftHSM project 754s Hardware version: 2.6 754s Firmware version: 2.6 754s Token present: yes 754s Token info: 754s Manufacturer ID: SoftHSM project 754s Model: SoftHSM v2 754s Hardware version: 2.6 754s Firmware version: 2.6 754s Serial number: 2f35c05bbf0e0333 754s Initialized: yes 754s User PIN init.: yes 754s Label: Test Organization Interme Token 754s Slot 1 754s Slot info: 754s Description: SoftHSM slot ID 0x1 754s Manufacturer ID: SoftHSM project 754s Hardware version: 2.6 754s Firmware version: 2.6 754s Token present: yes 754s Token info: 754s Manufacturer ID: SoftHSM project 754s Model: SoftHSM v2 754s Hardware version: 2.6 754s Firmware version: 2.6 754s Serial number: 754s Initialized: no 754s User PIN init.: no 754s Label: 754s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 754s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-7504 -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 754s writing RSA key 754s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 754s + rm /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 754s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 754s Object 0: 754s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=2f35c05bbf0e0333;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 754s Type: X.509 Certificate (RSA-1024) 754s Expires: Wed Mar 12 22:16:19 2025 754s Label: Test Organization Intermediate Trusted Certificate 0001 754s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 754s 754s + echo 'Test Organization Interme Token' 754s + '[' -n '' ']' 754s Test Organization Interme Token 754s + local output_base_name=SSSD-child-26851 754s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-26851.output 754s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-26851.pem 754s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 754s [p11_child[2131]] [main] (0x0400): p11_child started. 754s [p11_child[2131]] [main] (0x2000): Running in [pre-auth] mode. 754s [p11_child[2131]] [main] (0x2000): Running with effective IDs: [0][0]. 754s [p11_child[2131]] [main] (0x2000): Running with real IDs [0][0]. 754s [p11_child[2131]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 754s [p11_child[2131]] [do_work] (0x0040): init_verification failed. 754s [p11_child[2131]] [main] (0x0020): p11_child failed (5) 754s + return 2 754s + valid_certificate /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 /dev/null no_verification 754s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 /dev/null no_verification 754s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local key_ring=/dev/null 754s + local verify_option=no_verification 754s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local key_cn 754s + local key_name 754s + local tokens_dir 754s + local output_cert_file 754s + token_name= 754s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem .pem 754s + key_name=test-intermediate-CA-trusted-certificate-0001 754s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s ++ sed -n 's/ *commonName *= //p' 754s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 754s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 754s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 754s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 754s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 754s Test Organization Interme Token 754s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001 754s + token_name='Test Organization Interme Token' 754s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 754s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 754s + echo 'Test Organization Interme Token' 754s + '[' -n no_verification ']' 754s + local verify_arg=--verify=no_verification 754s + local output_base_name=SSSD-child-25651 754s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-25651.output 754s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-25651.pem 754s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 754s [p11_child[2137]] [main] (0x0400): p11_child started. 754s [p11_child[2137]] [main] (0x2000): Running in [pre-auth] mode. 754s [p11_child[2137]] [main] (0x2000): Running with effective IDs: [0][0]. 754s [p11_child[2137]] [main] (0x2000): Running with real IDs [0][0]. 754s [p11_child[2137]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 754s [p11_child[2137]] [do_card] (0x4000): Module List: 754s [p11_child[2137]] [do_card] (0x4000): common name: [softhsm2]. 754s [p11_child[2137]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2137]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3f0e0333] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 754s [p11_child[2137]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 754s [p11_child[2137]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3f0e0333][1057882931] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2137]] [do_card] (0x4000): Login NOT required. 754s [p11_child[2137]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 754s [p11_child[2137]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 754s [p11_child[2137]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3f0e0333;slot-manufacturer=SoftHSM%20project;slot-id=1057882931;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=2f35c05bbf0e0333;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 754s [p11_child[2137]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 754s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-25651.output 754s + echo '-----BEGIN CERTIFICATE-----' 754s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-25651.output 754s + echo '-----END CERTIFICATE-----' 754s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-25651.pem 754s Certificate: 754s Data: 754s Version: 3 (0x2) 754s Serial Number: 4 (0x4) 754s Signature Algorithm: sha256WithRSAEncryption 754s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 754s Validity 754s Not Before: Mar 12 22:16:19 2024 GMT 754s Not After : Mar 12 22:16:19 2025 GMT 754s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 754s Subject Public Key Info: 754s Public Key Algorithm: rsaEncryption 754s Public-Key: (1024 bit) 754s Modulus: 754s 00:b5:99:f6:10:09:02:9d:f8:03:a3:1d:71:58:89: 754s d4:30:e8:d4:7f:7d:c9:f8:d3:d3:d2:43:b8:0a:31: 754s b6:95:d1:7f:51:f2:2a:37:95:5f:10:74:80:46:b0: 754s 5e:85:71:50:3f:f7:88:7a:30:8c:49:c5:14:92:e3: 754s 35:0b:3d:f2:6a:56:63:8b:92:53:f4:c7:52:55:12: 754s 52:aa:9f:c9:88:28:ab:b3:0b:1b:e2:56:18:9e:56: 754s e9:52:38:c4:75:d8:b5:28:6e:3a:3a:5a:97:e6:d6: 754s 43:8e:06:cf:fe:5c:64:4d:fe:6c:06:8a:e7:3a:99: 754s 50:ad:62:00:98:22:21:d7:6f 754s Exponent: 65537 (0x10001) 754s X509v3 extensions: 754s X509v3 Authority Key Identifier: 754s C0:33:F3:F0:D8:62:D1:C5:4C:E3:8E:F6:EA:40:5A:4D:D9:9F:91:88 754s X509v3 Basic Constraints: 754s CA:FALSE 754s Netscape Cert Type: 754s SSL Client, S/MIME 754s Netscape Comment: 754s Test Organization Intermediate CA trusted Certificate 754s X509v3 Subject Key Identifier: 754s F4:1D:D1:28:A1:F4:BE:22:20:34:53:20:E1:CA:AF:ED:84:2D:8F:0F 754s X509v3 Key Usage: critical 754s Digital Signature, Non Repudiation, Key Encipherment 754s X509v3 Extended Key Usage: 754s TLS Web Client Authentication, E-mail Protection 754s X509v3 Subject Alternative Name: 754s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 754s Signature Algorithm: sha256WithRSAEncryption 754s Signature Value: 754s b2:9f:8b:a5:c8:a6:1f:7e:9a:d3:9a:ed:28:fe:cb:29:01:9c: 754s 29:25:c0:8b:52:07:a4:72:31:1a:c6:b3:c0:eb:48:a4:19:eb: 754s 80:d5:be:9d:0e:c8:12:f8:aa:d8:75:2e:39:31:37:8e:e0:7f: 754s 88:29:07:2d:55:22:24:fe:6d:3c:ad:a8:20:9c:88:ce:cf:f0: 754s f7:9f:50:b3:37:1d:72:0f:47:0b:fd:a7:d2:16:c0:a3:35:63: 754s 95:c0:d9:fe:64:86:be:59:08:8d:82:df:27:48:1a:19:95:09: 754s e3:7a:21:6d:9e:e0:ca:a0:4c:8a:9e:a2:29:5a:b2:21:97:2e: 754s b4:9e 754s + local found_md5 expected_md5 754s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s + expected_md5=Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F 754s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-25651.pem 754s + found_md5=Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F 754s + '[' Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F '!=' Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F ']' 754s + output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-25651-auth.output 754s ++ basename /tmp/sssd-softhsm2-kWVoB5/SSSD-child-25651-auth.output .output 754s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-25651-auth.pem 754s + echo -n 053350 754s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 754s [p11_child[2145]] [main] (0x0400): p11_child started. 754s [p11_child[2145]] [main] (0x2000): Running in [auth] mode. 754s [p11_child[2145]] [main] (0x2000): Running with effective IDs: [0][0]. 754s [p11_child[2145]] [main] (0x2000): Running with real IDs [0][0]. 754s [p11_child[2145]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 754s [p11_child[2145]] [do_card] (0x4000): Module List: 754s [p11_child[2145]] [do_card] (0x4000): common name: [softhsm2]. 754s [p11_child[2145]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2145]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3f0e0333] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 754s [p11_child[2145]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 754s [p11_child[2145]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3f0e0333][1057882931] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2145]] [do_card] (0x4000): Login required. 754s [p11_child[2145]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 754s [p11_child[2145]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 754s [p11_child[2145]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3f0e0333;slot-manufacturer=SoftHSM%20project;slot-id=1057882931;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=2f35c05bbf0e0333;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 754s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 754s [p11_child[2145]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 754s [p11_child[2145]] [do_card] (0x4000): Certificate verified and validated. 754s [p11_child[2145]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 754s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-25651-auth.output 754s + echo '-----BEGIN CERTIFICATE-----' 754s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-25651-auth.output 754s + echo '-----END CERTIFICATE-----' 754s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-25651-auth.pem 754s Certificate: 754s Data: 754s Version: 3 (0x2) 754s Serial Number: 4 (0x4) 754s Signature Algorithm: sha256WithRSAEncryption 754s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 754s Validity 754s Not Before: Mar 12 22:16:19 2024 GMT 754s Not After : Mar 12 22:16:19 2025 GMT 754s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 754s Subject Public Key Info: 754s Public Key Algorithm: rsaEncryption 754s Public-Key: (1024 bit) 754s Modulus: 754s 00:b5:99:f6:10:09:02:9d:f8:03:a3:1d:71:58:89: 754s d4:30:e8:d4:7f:7d:c9:f8:d3:d3:d2:43:b8:0a:31: 754s b6:95:d1:7f:51:f2:2a:37:95:5f:10:74:80:46:b0: 754s 5e:85:71:50:3f:f7:88:7a:30:8c:49:c5:14:92:e3: 754s 35:0b:3d:f2:6a:56:63:8b:92:53:f4:c7:52:55:12: 754s 52:aa:9f:c9:88:28:ab:b3:0b:1b:e2:56:18:9e:56: 754s e9:52:38:c4:75:d8:b5:28:6e:3a:3a:5a:97:e6:d6: 754s 43:8e:06:cf:fe:5c:64:4d:fe:6c:06:8a:e7:3a:99: 754s 50:ad:62:00:98:22:21:d7:6f 754s Exponent: 65537 (0x10001) 754s X509v3 extensions: 754s X509v3 Authority Key Identifier: 754s C0:33:F3:F0:D8:62:D1:C5:4C:E3:8E:F6:EA:40:5A:4D:D9:9F:91:88 754s X509v3 Basic Constraints: 754s CA:FALSE 754s Netscape Cert Type: 754s SSL Client, S/MIME 754s Netscape Comment: 754s Test Organization Intermediate CA trusted Certificate 754s X509v3 Subject Key Identifier: 754s F4:1D:D1:28:A1:F4:BE:22:20:34:53:20:E1:CA:AF:ED:84:2D:8F:0F 754s X509v3 Key Usage: critical 754s Digital Signature, Non Repudiation, Key Encipherment 754s X509v3 Extended Key Usage: 754s TLS Web Client Authentication, E-mail Protection 754s X509v3 Subject Alternative Name: 754s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 754s Signature Algorithm: sha256WithRSAEncryption 754s Signature Value: 754s b2:9f:8b:a5:c8:a6:1f:7e:9a:d3:9a:ed:28:fe:cb:29:01:9c: 754s 29:25:c0:8b:52:07:a4:72:31:1a:c6:b3:c0:eb:48:a4:19:eb: 754s 80:d5:be:9d:0e:c8:12:f8:aa:d8:75:2e:39:31:37:8e:e0:7f: 754s 88:29:07:2d:55:22:24:fe:6d:3c:ad:a8:20:9c:88:ce:cf:f0: 754s f7:9f:50:b3:37:1d:72:0f:47:0b:fd:a7:d2:16:c0:a3:35:63: 754s 95:c0:d9:fe:64:86:be:59:08:8d:82:df:27:48:1a:19:95:09: 754s e3:7a:21:6d:9e:e0:ca:a0:4c:8a:9e:a2:29:5a:b2:21:97:2e: 754s b4:9e 754s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-25651-auth.pem 754s + found_md5=Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F 754s + '[' Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F '!=' Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F ']' 754s + invalid_certificate /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 754s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 754s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 754s + local verify_option= 754s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local key_cn 754s + local key_name 754s + local tokens_dir 754s + local output_cert_file 754s + token_name= 754s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem .pem 754s + key_name=test-intermediate-CA-trusted-certificate-0001 754s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s ++ sed -n 's/ *commonName *= //p' 754s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 754s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 754s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 754s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 754s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 754s Test Organization Interme Token 754s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001 754s + token_name='Test Organization Interme Token' 754s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 754s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 754s + echo 'Test Organization Interme Token' 754s + '[' -n '' ']' 754s + local output_base_name=SSSD-child-2038 754s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-2038.output 754s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-2038.pem 754s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 754s [p11_child[2155]] [main] (0x0400): p11_child started. 754s [p11_child[2155]] [main] (0x2000): Running in [pre-auth] mode. 754s [p11_child[2155]] [main] (0x2000): Running with effective IDs: [0][0]. 754s [p11_child[2155]] [main] (0x2000): Running with real IDs [0][0]. 754s [p11_child[2155]] [do_card] (0x4000): Module List: 754s [p11_child[2155]] [do_card] (0x4000): common name: [softhsm2]. 754s [p11_child[2155]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2155]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3f0e0333] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 754s [p11_child[2155]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 754s [p11_child[2155]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3f0e0333][1057882931] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2155]] [do_card] (0x4000): Login NOT required. 754s [p11_child[2155]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 754s [p11_child[2155]] [do_verification] (0x0040): X509_verify_cert failed [0]. 754s [p11_child[2155]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 754s [p11_child[2155]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 754s [p11_child[2155]] [do_card] (0x4000): No certificate found. 754s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-2038.output 754s + return 2 754s + invalid_certificate /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem partial_chain 754s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem partial_chain 754s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 754s + local verify_option=partial_chain 754s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local key_cn 754s + local key_name 754s + local tokens_dir 754s + local output_cert_file 754s + token_name= 754s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem .pem 754s + key_name=test-intermediate-CA-trusted-certificate-0001 754s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s ++ sed -n 's/ *commonName *= //p' 754s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 754s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 754s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 754s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 754s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 754s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001 754s + token_name='Test Organization Interme Token' 754s Test Organization Interme Token 754s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 754s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 754s + echo 'Test Organization Interme Token' 754s + '[' -n partial_chain ']' 754s + local verify_arg=--verify=partial_chain 754s + local output_base_name=SSSD-child-8155 754s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-8155.output 754s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-8155.pem 754s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 754s [p11_child[2162]] [main] (0x0400): p11_child started. 754s [p11_child[2162]] [main] (0x2000): Running in [pre-auth] mode. 754s [p11_child[2162]] [main] (0x2000): Running with effective IDs: [0][0]. 754s [p11_child[2162]] [main] (0x2000): Running with real IDs [0][0]. 754s [p11_child[2162]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 754s [p11_child[2162]] [do_card] (0x4000): Module List: 754s [p11_child[2162]] [do_card] (0x4000): common name: [softhsm2]. 754s [p11_child[2162]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2162]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3f0e0333] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 754s [p11_child[2162]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 754s [p11_child[2162]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3f0e0333][1057882931] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2162]] [do_card] (0x4000): Login NOT required. 754s [p11_child[2162]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 754s [p11_child[2162]] [do_verification] (0x0040): X509_verify_cert failed [0]. 754s [p11_child[2162]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 754s [p11_child[2162]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 754s [p11_child[2162]] [do_card] (0x4000): No certificate found. 754s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-8155.output 754s + return 2 754s + valid_certificate /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 754s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 754s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 754s + local verify_option= 754s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local key_cn 754s + local key_name 754s + local tokens_dir 754s + local output_cert_file 754s + token_name= 754s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem .pem 754s + key_name=test-intermediate-CA-trusted-certificate-0001 754s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s ++ sed -n 's/ *commonName *= //p' 754s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 754s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 754s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 754s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 754s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 754s Test Organization Interme Token 754s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001 754s + token_name='Test Organization Interme Token' 754s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 754s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 754s + echo 'Test Organization Interme Token' 754s + '[' -n '' ']' 754s + local output_base_name=SSSD-child-21951 754s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-21951.output 754s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-21951.pem 754s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 754s [p11_child[2169]] [main] (0x0400): p11_child started. 754s [p11_child[2169]] [main] (0x2000): Running in [pre-auth] mode. 754s [p11_child[2169]] [main] (0x2000): Running with effective IDs: [0][0]. 754s [p11_child[2169]] [main] (0x2000): Running with real IDs [0][0]. 754s [p11_child[2169]] [do_card] (0x4000): Module List: 754s [p11_child[2169]] [do_card] (0x4000): common name: [softhsm2]. 754s [p11_child[2169]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2169]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3f0e0333] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 754s [p11_child[2169]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 754s [p11_child[2169]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3f0e0333][1057882931] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2169]] [do_card] (0x4000): Login NOT required. 754s [p11_child[2169]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 754s [p11_child[2169]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 754s [p11_child[2169]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 754s [p11_child[2169]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3f0e0333;slot-manufacturer=SoftHSM%20project;slot-id=1057882931;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=2f35c05bbf0e0333;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 754s [p11_child[2169]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 754s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21951.output 754s + echo '-----BEGIN CERTIFICATE-----' 754s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21951.output 754s + echo '-----END CERTIFICATE-----' 754s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21951.pem 754s Certificate: 754s Data: 754s Version: 3 (0x2) 754s Serial Number: 4 (0x4) 754s Signature Algorithm: sha256WithRSAEncryption 754s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 754s Validity 754s Not Before: Mar 12 22:16:19 2024 GMT 754s Not After : Mar 12 22:16:19 2025 GMT 754s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 754s Subject Public Key Info: 754s Public Key Algorithm: rsaEncryption 754s Public-Key: (1024 bit) 754s Modulus: 754s 00:b5:99:f6:10:09:02:9d:f8:03:a3:1d:71:58:89: 754s d4:30:e8:d4:7f:7d:c9:f8:d3:d3:d2:43:b8:0a:31: 754s b6:95:d1:7f:51:f2:2a:37:95:5f:10:74:80:46:b0: 754s 5e:85:71:50:3f:f7:88:7a:30:8c:49:c5:14:92:e3: 754s 35:0b:3d:f2:6a:56:63:8b:92:53:f4:c7:52:55:12: 754s 52:aa:9f:c9:88:28:ab:b3:0b:1b:e2:56:18:9e:56: 754s e9:52:38:c4:75:d8:b5:28:6e:3a:3a:5a:97:e6:d6: 754s 43:8e:06:cf:fe:5c:64:4d:fe:6c:06:8a:e7:3a:99: 754s 50:ad:62:00:98:22:21:d7:6f 754s Exponent: 65537 (0x10001) 754s X509v3 extensions: 754s X509v3 Authority Key Identifier: 754s C0:33:F3:F0:D8:62:D1:C5:4C:E3:8E:F6:EA:40:5A:4D:D9:9F:91:88 754s X509v3 Basic Constraints: 754s CA:FALSE 754s Netscape Cert Type: 754s SSL Client, S/MIME 754s Netscape Comment: 754s Test Organization Intermediate CA trusted Certificate 754s X509v3 Subject Key Identifier: 754s F4:1D:D1:28:A1:F4:BE:22:20:34:53:20:E1:CA:AF:ED:84:2D:8F:0F 754s X509v3 Key Usage: critical 754s Digital Signature, Non Repudiation, Key Encipherment 754s X509v3 Extended Key Usage: 754s TLS Web Client Authentication, E-mail Protection 754s X509v3 Subject Alternative Name: 754s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 754s Signature Algorithm: sha256WithRSAEncryption 754s Signature Value: 754s b2:9f:8b:a5:c8:a6:1f:7e:9a:d3:9a:ed:28:fe:cb:29:01:9c: 754s 29:25:c0:8b:52:07:a4:72:31:1a:c6:b3:c0:eb:48:a4:19:eb: 754s 80:d5:be:9d:0e:c8:12:f8:aa:d8:75:2e:39:31:37:8e:e0:7f: 754s 88:29:07:2d:55:22:24:fe:6d:3c:ad:a8:20:9c:88:ce:cf:f0: 754s f7:9f:50:b3:37:1d:72:0f:47:0b:fd:a7:d2:16:c0:a3:35:63: 754s 95:c0:d9:fe:64:86:be:59:08:8d:82:df:27:48:1a:19:95:09: 754s e3:7a:21:6d:9e:e0:ca:a0:4c:8a:9e:a2:29:5a:b2:21:97:2e: 754s b4:9e 754s + local found_md5 expected_md5 754s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s + expected_md5=Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F 754s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21951.pem 754s + found_md5=Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F 754s + '[' Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F '!=' Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F ']' 754s + output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-21951-auth.output 754s ++ basename /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21951-auth.output .output 754s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-21951-auth.pem 754s + echo -n 053350 754s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 754s [p11_child[2177]] [main] (0x0400): p11_child started. 754s [p11_child[2177]] [main] (0x2000): Running in [auth] mode. 754s [p11_child[2177]] [main] (0x2000): Running with effective IDs: [0][0]. 754s [p11_child[2177]] [main] (0x2000): Running with real IDs [0][0]. 754s [p11_child[2177]] [do_card] (0x4000): Module List: 754s [p11_child[2177]] [do_card] (0x4000): common name: [softhsm2]. 754s [p11_child[2177]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2177]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3f0e0333] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 754s [p11_child[2177]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 754s [p11_child[2177]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3f0e0333][1057882931] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2177]] [do_card] (0x4000): Login required. 754s [p11_child[2177]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 754s [p11_child[2177]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 754s [p11_child[2177]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 754s [p11_child[2177]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3f0e0333;slot-manufacturer=SoftHSM%20project;slot-id=1057882931;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=2f35c05bbf0e0333;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 754s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 754s [p11_child[2177]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 754s [p11_child[2177]] [do_card] (0x4000): Certificate verified and validated. 754s [p11_child[2177]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 754s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21951-auth.output 754s + echo '-----BEGIN CERTIFICATE-----' 754s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21951-auth.output 754s + echo '-----END CERTIFICATE-----' 754s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21951-auth.pem 754s Certificate: 754s Data: 754s Version: 3 (0x2) 754s Serial Number: 4 (0x4) 754s Signature Algorithm: sha256WithRSAEncryption 754s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 754s Validity 754s Not Before: Mar 12 22:16:19 2024 GMT 754s Not After : Mar 12 22:16:19 2025 GMT 754s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 754s Subject Public Key Info: 754s Public Key Algorithm: rsaEncryption 754s Public-Key: (1024 bit) 754s Modulus: 754s 00:b5:99:f6:10:09:02:9d:f8:03:a3:1d:71:58:89: 754s d4:30:e8:d4:7f:7d:c9:f8:d3:d3:d2:43:b8:0a:31: 754s b6:95:d1:7f:51:f2:2a:37:95:5f:10:74:80:46:b0: 754s 5e:85:71:50:3f:f7:88:7a:30:8c:49:c5:14:92:e3: 754s 35:0b:3d:f2:6a:56:63:8b:92:53:f4:c7:52:55:12: 754s 52:aa:9f:c9:88:28:ab:b3:0b:1b:e2:56:18:9e:56: 754s e9:52:38:c4:75:d8:b5:28:6e:3a:3a:5a:97:e6:d6: 754s 43:8e:06:cf:fe:5c:64:4d:fe:6c:06:8a:e7:3a:99: 754s 50:ad:62:00:98:22:21:d7:6f 754s Exponent: 65537 (0x10001) 754s X509v3 extensions: 754s X509v3 Authority Key Identifier: 754s C0:33:F3:F0:D8:62:D1:C5:4C:E3:8E:F6:EA:40:5A:4D:D9:9F:91:88 754s X509v3 Basic Constraints: 754s CA:FALSE 754s Netscape Cert Type: 754s SSL Client, S/MIME 754s Netscape Comment: 754s Test Organization Intermediate CA trusted Certificate 754s X509v3 Subject Key Identifier: 754s F4:1D:D1:28:A1:F4:BE:22:20:34:53:20:E1:CA:AF:ED:84:2D:8F:0F 754s X509v3 Key Usage: critical 754s Digital Signature, Non Repudiation, Key Encipherment 754s X509v3 Extended Key Usage: 754s TLS Web Client Authentication, E-mail Protection 754s X509v3 Subject Alternative Name: 754s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 754s Signature Algorithm: sha256WithRSAEncryption 754s Signature Value: 754s b2:9f:8b:a5:c8:a6:1f:7e:9a:d3:9a:ed:28:fe:cb:29:01:9c: 754s 29:25:c0:8b:52:07:a4:72:31:1a:c6:b3:c0:eb:48:a4:19:eb: 754s 80:d5:be:9d:0e:c8:12:f8:aa:d8:75:2e:39:31:37:8e:e0:7f: 754s 88:29:07:2d:55:22:24:fe:6d:3c:ad:a8:20:9c:88:ce:cf:f0: 754s f7:9f:50:b3:37:1d:72:0f:47:0b:fd:a7:d2:16:c0:a3:35:63: 754s 95:c0:d9:fe:64:86:be:59:08:8d:82:df:27:48:1a:19:95:09: 754s e3:7a:21:6d:9e:e0:ca:a0:4c:8a:9e:a2:29:5a:b2:21:97:2e: 754s b4:9e 754s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-21951-auth.pem 754s + found_md5=Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F 754s + '[' Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F '!=' Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F ']' 754s + valid_certificate /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem partial_chain 754s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem partial_chain 754s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 754s + local verify_option=partial_chain 754s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-7504 754s + local key_cn 754s + local key_name 754s + local tokens_dir 754s + local output_cert_file 754s + token_name= 754s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem .pem 754s + key_name=test-intermediate-CA-trusted-certificate-0001 754s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 754s ++ sed -n 's/ *commonName *= //p' 754s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 754s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 754s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 754s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 754s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 754s Test Organization Interme Token 754s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001 754s + token_name='Test Organization Interme Token' 754s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 754s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 754s + echo 'Test Organization Interme Token' 754s + '[' -n partial_chain ']' 754s + local verify_arg=--verify=partial_chain 754s + local output_base_name=SSSD-child-27132 754s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-27132.output 754s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-27132.pem 754s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 754s [p11_child[2187]] [main] (0x0400): p11_child started. 754s [p11_child[2187]] [main] (0x2000): Running in [pre-auth] mode. 754s [p11_child[2187]] [main] (0x2000): Running with effective IDs: [0][0]. 754s [p11_child[2187]] [main] (0x2000): Running with real IDs [0][0]. 754s [p11_child[2187]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 754s [p11_child[2187]] [do_card] (0x4000): Module List: 754s [p11_child[2187]] [do_card] (0x4000): common name: [softhsm2]. 754s [p11_child[2187]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2187]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3f0e0333] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 754s [p11_child[2187]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 754s [p11_child[2187]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3f0e0333][1057882931] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 754s [p11_child[2187]] [do_card] (0x4000): Login NOT required. 754s [p11_child[2187]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 754s [p11_child[2187]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 754s [p11_child[2187]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 754s [p11_child[2187]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3f0e0333;slot-manufacturer=SoftHSM%20project;slot-id=1057882931;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=2f35c05bbf0e0333;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 754s [p11_child[2187]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 755s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-27132.output 755s + echo '-----BEGIN CERTIFICATE-----' 755s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-27132.output 755s + echo '-----END CERTIFICATE-----' 755s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-27132.pem 755s Certificate: 755s Data: 755s Version: 3 (0x2) 755s Serial Number: 4 (0x4) 755s Signature Algorithm: sha256WithRSAEncryption 755s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 755s Validity 755s Not Before: Mar 12 22:16:19 2024 GMT 755s Not After : Mar 12 22:16:19 2025 GMT 755s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 755s Subject Public Key Info: 755s Public Key Algorithm: rsaEncryption 755s Public-Key: (1024 bit) 755s Modulus: 755s 00:b5:99:f6:10:09:02:9d:f8:03:a3:1d:71:58:89: 755s d4:30:e8:d4:7f:7d:c9:f8:d3:d3:d2:43:b8:0a:31: 755s b6:95:d1:7f:51:f2:2a:37:95:5f:10:74:80:46:b0: 755s 5e:85:71:50:3f:f7:88:7a:30:8c:49:c5:14:92:e3: 755s 35:0b:3d:f2:6a:56:63:8b:92:53:f4:c7:52:55:12: 755s 52:aa:9f:c9:88:28:ab:b3:0b:1b:e2:56:18:9e:56: 755s e9:52:38:c4:75:d8:b5:28:6e:3a:3a:5a:97:e6:d6: 755s 43:8e:06:cf:fe:5c:64:4d:fe:6c:06:8a:e7:3a:99: 755s 50:ad:62:00:98:22:21:d7:6f 755s Exponent: 65537 (0x10001) 755s X509v3 extensions: 755s X509v3 Authority Key Identifier: 755s C0:33:F3:F0:D8:62:D1:C5:4C:E3:8E:F6:EA:40:5A:4D:D9:9F:91:88 755s X509v3 Basic Constraints: 755s CA:FALSE 755s Netscape Cert Type: 755s SSL Client, S/MIME 755s Netscape Comment: 755s Test Organization Intermediate CA trusted Certificate 755s X509v3 Subject Key Identifier: 755s F4:1D:D1:28:A1:F4:BE:22:20:34:53:20:E1:CA:AF:ED:84:2D:8F:0F 755s X509v3 Key Usage: critical 755s Digital Signature, Non Repudiation, Key Encipherment 755s X509v3 Extended Key Usage: 755s TLS Web Client Authentication, E-mail Protection 755s X509v3 Subject Alternative Name: 755s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 755s Signature Algorithm: sha256WithRSAEncryption 755s Signature Value: 755s b2:9f:8b:a5:c8:a6:1f:7e:9a:d3:9a:ed:28:fe:cb:29:01:9c: 755s 29:25:c0:8b:52:07:a4:72:31:1a:c6:b3:c0:eb:48:a4:19:eb: 755s 80:d5:be:9d:0e:c8:12:f8:aa:d8:75:2e:39:31:37:8e:e0:7f: 755s 88:29:07:2d:55:22:24:fe:6d:3c:ad:a8:20:9c:88:ce:cf:f0: 755s f7:9f:50:b3:37:1d:72:0f:47:0b:fd:a7:d2:16:c0:a3:35:63: 755s 95:c0:d9:fe:64:86:be:59:08:8d:82:df:27:48:1a:19:95:09: 755s e3:7a:21:6d:9e:e0:ca:a0:4c:8a:9e:a2:29:5a:b2:21:97:2e: 755s b4:9e 755s + local found_md5 expected_md5 755s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 755s + expected_md5=Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F 755s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-27132.pem 755s + found_md5=Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F 755s + '[' Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F '!=' Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F ']' 755s + output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-27132-auth.output 755s ++ basename /tmp/sssd-softhsm2-kWVoB5/SSSD-child-27132-auth.output .output 755s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-27132-auth.pem 755s + echo -n 053350 755s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 755s [p11_child[2195]] [main] (0x0400): p11_child started. 755s [p11_child[2195]] [main] (0x2000): Running in [auth] mode. 755s [p11_child[2195]] [main] (0x2000): Running with effective IDs: [0][0]. 755s [p11_child[2195]] [main] (0x2000): Running with real IDs [0][0]. 755s [p11_child[2195]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 755s [p11_child[2195]] [do_card] (0x4000): Module List: 755s [p11_child[2195]] [do_card] (0x4000): common name: [softhsm2]. 755s [p11_child[2195]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 755s [p11_child[2195]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3f0e0333] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 755s [p11_child[2195]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 755s [p11_child[2195]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3f0e0333][1057882931] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 755s [p11_child[2195]] [do_card] (0x4000): Login required. 755s [p11_child[2195]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 755s [p11_child[2195]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 755s [p11_child[2195]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 755s [p11_child[2195]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3f0e0333;slot-manufacturer=SoftHSM%20project;slot-id=1057882931;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=2f35c05bbf0e0333;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 755s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 755s [p11_child[2195]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 755s [p11_child[2195]] [do_card] (0x4000): Certificate verified and validated. 755s [p11_child[2195]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 755s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-27132-auth.output 755s + echo '-----BEGIN CERTIFICATE-----' 755s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-27132-auth.output 755s + echo '-----END CERTIFICATE-----' 755s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-27132-auth.pem 755s Certificate: 755s Data: 755s Version: 3 (0x2) 755s Serial Number: 4 (0x4) 755s Signature Algorithm: sha256WithRSAEncryption 755s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 755s Validity 755s Not Before: Mar 12 22:16:19 2024 GMT 755s Not After : Mar 12 22:16:19 2025 GMT 755s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 755s Subject Public Key Info: 755s Public Key Algorithm: rsaEncryption 755s Public-Key: (1024 bit) 755s Modulus: 755s 00:b5:99:f6:10:09:02:9d:f8:03:a3:1d:71:58:89: 755s d4:30:e8:d4:7f:7d:c9:f8:d3:d3:d2:43:b8:0a:31: 755s b6:95:d1:7f:51:f2:2a:37:95:5f:10:74:80:46:b0: 755s 5e:85:71:50:3f:f7:88:7a:30:8c:49:c5:14:92:e3: 755s 35:0b:3d:f2:6a:56:63:8b:92:53:f4:c7:52:55:12: 755s 52:aa:9f:c9:88:28:ab:b3:0b:1b:e2:56:18:9e:56: 755s e9:52:38:c4:75:d8:b5:28:6e:3a:3a:5a:97:e6:d6: 755s 43:8e:06:cf:fe:5c:64:4d:fe:6c:06:8a:e7:3a:99: 755s 50:ad:62:00:98:22:21:d7:6f 755s Exponent: 65537 (0x10001) 755s X509v3 extensions: 755s X509v3 Authority Key Identifier: 755s C0:33:F3:F0:D8:62:D1:C5:4C:E3:8E:F6:EA:40:5A:4D:D9:9F:91:88 755s X509v3 Basic Constraints: 755s CA:FALSE 755s Netscape Cert Type: 755s SSL Client, S/MIME 755s Netscape Comment: 755s Test Organization Intermediate CA trusted Certificate 755s X509v3 Subject Key Identifier: 755s F4:1D:D1:28:A1:F4:BE:22:20:34:53:20:E1:CA:AF:ED:84:2D:8F:0F 755s X509v3 Key Usage: critical 755s Digital Signature, Non Repudiation, Key Encipherment 755s X509v3 Extended Key Usage: 755s TLS Web Client Authentication, E-mail Protection 755s X509v3 Subject Alternative Name: 755s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 755s Signature Algorithm: sha256WithRSAEncryption 755s Signature Value: 755s b2:9f:8b:a5:c8:a6:1f:7e:9a:d3:9a:ed:28:fe:cb:29:01:9c: 755s 29:25:c0:8b:52:07:a4:72:31:1a:c6:b3:c0:eb:48:a4:19:eb: 755s 80:d5:be:9d:0e:c8:12:f8:aa:d8:75:2e:39:31:37:8e:e0:7f: 755s 88:29:07:2d:55:22:24:fe:6d:3c:ad:a8:20:9c:88:ce:cf:f0: 755s f7:9f:50:b3:37:1d:72:0f:47:0b:fd:a7:d2:16:c0:a3:35:63: 755s 95:c0:d9:fe:64:86:be:59:08:8d:82:df:27:48:1a:19:95:09: 755s e3:7a:21:6d:9e:e0:ca:a0:4c:8a:9e:a2:29:5a:b2:21:97:2e: 755s b4:9e 755s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-27132-auth.pem 755s + found_md5=Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F 755s + '[' Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F '!=' Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F ']' 755s + invalid_certificate /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem 755s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem 755s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 755s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-7504 755s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem 755s + local verify_option= 755s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 755s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 755s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-7504 755s + local key_cn 755s + local key_name 755s + local tokens_dir 755s + local output_cert_file 755s + token_name= 755s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem .pem 755s + key_name=test-intermediate-CA-trusted-certificate-0001 755s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 755s ++ sed -n 's/ *commonName *= //p' 755s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 755s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 755s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 755s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 755s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 755s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001 755s + token_name='Test Organization Interme Token' 755s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 755s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 755s + echo 'Test Organization Interme Token' 755s Test Organization Interme Token 755s + '[' -n '' ']' 755s + local output_base_name=SSSD-child-22190 755s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-22190.output 755s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-22190.pem 755s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem 755s [p11_child[2205]] [main] (0x0400): p11_child started. 755s [p11_child[2205]] [main] (0x2000): Running in [pre-auth] mode. 755s [p11_child[2205]] [main] (0x2000): Running with effective IDs: [0][0]. 755s [p11_child[2205]] [main] (0x2000): Running with real IDs [0][0]. 755s [p11_child[2205]] [do_card] (0x4000): Module List: 755s [p11_child[2205]] [do_card] (0x4000): common name: [softhsm2]. 755s [p11_child[2205]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 755s [p11_child[2205]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3f0e0333] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 755s [p11_child[2205]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 755s [p11_child[2205]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3f0e0333][1057882931] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 755s [p11_child[2205]] [do_card] (0x4000): Login NOT required. 755s [p11_child[2205]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 755s [p11_child[2205]] [do_verification] (0x0040): X509_verify_cert failed [0]. 755s [p11_child[2205]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 755s [p11_child[2205]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 755s [p11_child[2205]] [do_card] (0x4000): No certificate found. 755s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-22190.output 755s + return 2 755s + valid_certificate /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem partial_chain 755s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem partial_chain 755s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 755s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-7504 755s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem 755s + local verify_option=partial_chain 755s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-7504 755s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 755s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-7504 755s + local key_cn 755s + local key_name 755s + local tokens_dir 755s + local output_cert_file 755s + token_name= 755s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem .pem 755s + key_name=test-intermediate-CA-trusted-certificate-0001 755s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 755s ++ sed -n 's/ *commonName *= //p' 755s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 755s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 755s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 755s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 755s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 755s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001 755s Test Organization Interme Token 755s + token_name='Test Organization Interme Token' 755s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 755s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 755s + echo 'Test Organization Interme Token' 755s + '[' -n partial_chain ']' 755s + local verify_arg=--verify=partial_chain 755s + local output_base_name=SSSD-child-2624 755s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-2624.output 755s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-2624.pem 755s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem 755s [p11_child[2212]] [main] (0x0400): p11_child started. 755s [p11_child[2212]] [main] (0x2000): Running in [pre-auth] mode. 755s [p11_child[2212]] [main] (0x2000): Running with effective IDs: [0][0]. 755s [p11_child[2212]] [main] (0x2000): Running with real IDs [0][0]. 755s [p11_child[2212]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 755s [p11_child[2212]] [do_card] (0x4000): Module List: 755s [p11_child[2212]] [do_card] (0x4000): common name: [softhsm2]. 755s [p11_child[2212]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 755s [p11_child[2212]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3f0e0333] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 755s [p11_child[2212]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 755s [p11_child[2212]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3f0e0333][1057882931] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 755s [p11_child[2212]] [do_card] (0x4000): Login NOT required. 755s [p11_child[2212]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 755s [p11_child[2212]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 755s [p11_child[2212]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 755s [p11_child[2212]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3f0e0333;slot-manufacturer=SoftHSM%20project;slot-id=1057882931;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=2f35c05bbf0e0333;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 755s [p11_child[2212]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 755s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-2624.output 755s + echo '-----BEGIN CERTIFICATE-----' 755s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-2624.output 755s + echo '-----END CERTIFICATE-----' 755s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-2624.pem 755s Certificate: 755s Data: 755s Version: 3 (0x2) 755s Serial Number: 4 (0x4) 755s Signature Algorithm: sha256WithRSAEncryption 755s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 755s Validity 755s Not Before: Mar 12 22:16:19 2024 GMT 755s Not After : Mar 12 22:16:19 2025 GMT 755s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 755s Subject Public Key Info: 755s Public Key Algorithm: rsaEncryption 755s Public-Key: (1024 bit) 755s Modulus: 755s 00:b5:99:f6:10:09:02:9d:f8:03:a3:1d:71:58:89: 755s d4:30:e8:d4:7f:7d:c9:f8:d3:d3:d2:43:b8:0a:31: 755s b6:95:d1:7f:51:f2:2a:37:95:5f:10:74:80:46:b0: 755s 5e:85:71:50:3f:f7:88:7a:30:8c:49:c5:14:92:e3: 755s 35:0b:3d:f2:6a:56:63:8b:92:53:f4:c7:52:55:12: 755s 52:aa:9f:c9:88:28:ab:b3:0b:1b:e2:56:18:9e:56: 755s e9:52:38:c4:75:d8:b5:28:6e:3a:3a:5a:97:e6:d6: 755s 43:8e:06:cf:fe:5c:64:4d:fe:6c:06:8a:e7:3a:99: 755s 50:ad:62:00:98:22:21:d7:6f 755s Exponent: 65537 (0x10001) 755s X509v3 extensions: 755s X509v3 Authority Key Identifier: 755s C0:33:F3:F0:D8:62:D1:C5:4C:E3:8E:F6:EA:40:5A:4D:D9:9F:91:88 755s X509v3 Basic Constraints: 755s CA:FALSE 755s Netscape Cert Type: 755s SSL Client, S/MIME 755s Netscape Comment: 755s Test Organization Intermediate CA trusted Certificate 755s X509v3 Subject Key Identifier: 755s F4:1D:D1:28:A1:F4:BE:22:20:34:53:20:E1:CA:AF:ED:84:2D:8F:0F 755s X509v3 Key Usage: critical 755s Digital Signature, Non Repudiation, Key Encipherment 755s X509v3 Extended Key Usage: 755s TLS Web Client Authentication, E-mail Protection 755s X509v3 Subject Alternative Name: 755s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 755s Signature Algorithm: sha256WithRSAEncryption 755s Signature Value: 755s b2:9f:8b:a5:c8:a6:1f:7e:9a:d3:9a:ed:28:fe:cb:29:01:9c: 755s 29:25:c0:8b:52:07:a4:72:31:1a:c6:b3:c0:eb:48:a4:19:eb: 755s 80:d5:be:9d:0e:c8:12:f8:aa:d8:75:2e:39:31:37:8e:e0:7f: 755s 88:29:07:2d:55:22:24:fe:6d:3c:ad:a8:20:9c:88:ce:cf:f0: 755s f7:9f:50:b3:37:1d:72:0f:47:0b:fd:a7:d2:16:c0:a3:35:63: 755s 95:c0:d9:fe:64:86:be:59:08:8d:82:df:27:48:1a:19:95:09: 755s e3:7a:21:6d:9e:e0:ca:a0:4c:8a:9e:a2:29:5a:b2:21:97:2e: 755s b4:9e 755s + local found_md5 expected_md5 755s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA-trusted-certificate-0001.pem 755s + expected_md5=Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F 755s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-2624.pem 755s + found_md5=Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F 755s + '[' Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F '!=' Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F ']' 755s + output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-2624-auth.output 755s ++ basename /tmp/sssd-softhsm2-kWVoB5/SSSD-child-2624-auth.output .output 755s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-2624-auth.pem 755s + echo -n 053350 755s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 755s [p11_child[2220]] [main] (0x0400): p11_child started. 755s [p11_child[2220]] [main] (0x2000): Running in [auth] mode. 755s [p11_child[2220]] [main] (0x2000): Running with effective IDs: [0][0]. 755s [p11_child[2220]] [main] (0x2000): Running with real IDs [0][0]. 755s [p11_child[2220]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 755s [p11_child[2220]] [do_card] (0x4000): Module List: 755s [p11_child[2220]] [do_card] (0x4000): common name: [softhsm2]. 755s [p11_child[2220]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 755s [p11_child[2220]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3f0e0333] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 755s [p11_child[2220]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 755s [p11_child[2220]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x3f0e0333][1057882931] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 755s [p11_child[2220]] [do_card] (0x4000): Login required. 755s [p11_child[2220]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 755s [p11_child[2220]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 755s [p11_child[2220]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 755s [p11_child[2220]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3f0e0333;slot-manufacturer=SoftHSM%20project;slot-id=1057882931;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=2f35c05bbf0e0333;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 755s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 755s [p11_child[2220]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 755s [p11_child[2220]] [do_card] (0x4000): Certificate verified and validated. 755s [p11_child[2220]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 755s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-2624-auth.output 755s + echo '-----BEGIN CERTIFICATE-----' 755s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-2624-auth.output 755s + echo '-----END CERTIFICATE-----' 755s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-2624-auth.pem 755s Certificate: 755s Data: 755s Version: 3 (0x2) 755s Serial Number: 4 (0x4) 755s Signature Algorithm: sha256WithRSAEncryption 755s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 755s Validity 755s Not Before: Mar 12 22:16:19 2024 GMT 755s Not After : Mar 12 22:16:19 2025 GMT 755s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 755s Subject Public Key Info: 755s Public Key Algorithm: rsaEncryption 755s Public-Key: (1024 bit) 755s Modulus: 755s 00:b5:99:f6:10:09:02:9d:f8:03:a3:1d:71:58:89: 755s d4:30:e8:d4:7f:7d:c9:f8:d3:d3:d2:43:b8:0a:31: 755s b6:95:d1:7f:51:f2:2a:37:95:5f:10:74:80:46:b0: 755s 5e:85:71:50:3f:f7:88:7a:30:8c:49:c5:14:92:e3: 755s 35:0b:3d:f2:6a:56:63:8b:92:53:f4:c7:52:55:12: 755s 52:aa:9f:c9:88:28:ab:b3:0b:1b:e2:56:18:9e:56: 755s e9:52:38:c4:75:d8:b5:28:6e:3a:3a:5a:97:e6:d6: 755s 43:8e:06:cf:fe:5c:64:4d:fe:6c:06:8a:e7:3a:99: 755s 50:ad:62:00:98:22:21:d7:6f 755s Exponent: 65537 (0x10001) 755s X509v3 extensions: 755s X509v3 Authority Key Identifier: 755s C0:33:F3:F0:D8:62:D1:C5:4C:E3:8E:F6:EA:40:5A:4D:D9:9F:91:88 755s X509v3 Basic Constraints: 755s CA:FALSE 755s Netscape Cert Type: 755s SSL Client, S/MIME 755s Netscape Comment: 755s Test Organization Intermediate CA trusted Certificate 755s X509v3 Subject Key Identifier: 755s F4:1D:D1:28:A1:F4:BE:22:20:34:53:20:E1:CA:AF:ED:84:2D:8F:0F 755s X509v3 Key Usage: critical 755s Digital Signature, Non Repudiation, Key Encipherment 755s X509v3 Extended Key Usage: 755s TLS Web Client Authentication, E-mail Protection 755s X509v3 Subject Alternative Name: 755s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 755s Signature Algorithm: sha256WithRSAEncryption 755s Signature Value: 755s b2:9f:8b:a5:c8:a6:1f:7e:9a:d3:9a:ed:28:fe:cb:29:01:9c: 755s 29:25:c0:8b:52:07:a4:72:31:1a:c6:b3:c0:eb:48:a4:19:eb: 755s 80:d5:be:9d:0e:c8:12:f8:aa:d8:75:2e:39:31:37:8e:e0:7f: 755s 88:29:07:2d:55:22:24:fe:6d:3c:ad:a8:20:9c:88:ce:cf:f0: 755s f7:9f:50:b3:37:1d:72:0f:47:0b:fd:a7:d2:16:c0:a3:35:63: 755s 95:c0:d9:fe:64:86:be:59:08:8d:82:df:27:48:1a:19:95:09: 755s e3:7a:21:6d:9e:e0:ca:a0:4c:8a:9e:a2:29:5a:b2:21:97:2e: 755s b4:9e 755s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-2624-auth.pem 755s + found_md5=Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F 755s + '[' Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F '!=' Modulus=B599F61009029DF803A31D715889D430E8D47F7DC9F8D3D3D243B80A31B695D17F51F22A37955F10748046B05E8571503FF7887A308C49C51492E3350B3DF26A56638B9253F4C752551252AA9FC98828ABB30B1BE256189E56E95238C475D8B5286E3A3A5A97E6D6438E06CFFE5C644DFE6C068AE73A9950AD6200982221D76F ']' 755s + invalid_certificate /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 755s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 755s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 755s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26575 755s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 755s + local verify_option= 755s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 755s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 755s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26575 755s + local key_cn 755s + local key_name 755s + local tokens_dir 755s + local output_cert_file 755s + token_name= 755s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 755s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 755s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 755s ++ sed -n 's/ *commonName *= //p' 755s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 755s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 755s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 755s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 755s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 755s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 755s + token_name='Test Organization Sub Int Token' 755s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 755s + local key_file 755s + local decrypted_key 755s + mkdir -p /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 755s + key_file=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 755s + decrypted_key=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 755s + cat 755s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 053350 --so-pin 053350 --free 755s Slot 0 has a free/uninitialized token. 755s The token has been initialized and is reassigned to slot 2145638729 755s + softhsm2-util --show-slots 755s Available slots: 755s Slot 2145638729 755s Slot info: 755s Description: SoftHSM slot ID 0x7fe3d949 755s Manufacturer ID: SoftHSM project 755s Hardware version: 2.6 755s Firmware version: 2.6 755s Token present: yes 755s Token info: 755s Manufacturer ID: SoftHSM project 755s Model: SoftHSM v2 755s Hardware version: 2.6 755s Firmware version: 2.6 755s Serial number: 567d5260ffe3d949 755s Initialized: yes 755s User PIN init.: yes 755s Label: Test Organization Sub Int Token 755s Slot 1 755s Slot info: 755s Description: SoftHSM slot ID 0x1 755s Manufacturer ID: SoftHSM project 755s Hardware version: 2.6 755s Firmware version: 2.6 755s Token present: yes 755s Token info: 755s Manufacturer ID: SoftHSM project 755s Model: SoftHSM v2 755s Hardware version: 2.6 755s Firmware version: 2.6 755s Serial number: 755s Initialized: no 755s User PIN init.: no 755s Label: 755s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 755s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-26575 -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 755s writing RSA key 755s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 755s + rm /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 755s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 755s Object 0: 755s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=567d5260ffe3d949;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 755s Type: X.509 Certificate (RSA-1024) 755s Expires: Wed Mar 12 22:16:19 2025 755s Label: Test Organization Sub Intermediate Trusted Certificate 0001 755s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 755s 755s Test Organization Sub Int Token 755s + echo 'Test Organization Sub Int Token' 755s + '[' -n '' ']' 755s + local output_base_name=SSSD-child-14315 755s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-14315.output 755s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-14315.pem 755s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 755s [p11_child[2239]] [main] (0x0400): p11_child started. 755s [p11_child[2239]] [main] (0x2000): Running in [pre-auth] mode. 755s [p11_child[2239]] [main] (0x2000): Running with effective IDs: [0][0]. 755s [p11_child[2239]] [main] (0x2000): Running with real IDs [0][0]. 755s [p11_child[2239]] [do_card] (0x4000): Module List: 755s [p11_child[2239]] [do_card] (0x4000): common name: [softhsm2]. 755s [p11_child[2239]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 755s [p11_child[2239]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7fe3d949] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 755s [p11_child[2239]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 755s [p11_child[2239]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7fe3d949][2145638729] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 755s [p11_child[2239]] [do_card] (0x4000): Login NOT required. 755s [p11_child[2239]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 755s [p11_child[2239]] [do_verification] (0x0040): X509_verify_cert failed [0]. 755s [p11_child[2239]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 755s [p11_child[2239]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 755s [p11_child[2239]] [do_card] (0x4000): No certificate found. 756s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-14315.output 756s + return 2 756s + invalid_certificate /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem partial_chain 756s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 /tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem partial_chain 756s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 756s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26575 756s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 756s + local verify_option=partial_chain 756s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 756s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 756s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26575 756s + local key_cn 756s + local key_name 756s + local tokens_dir 756s + local output_cert_file 756s + token_name= 756s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 756s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 756s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 756s ++ sed -n 's/ *commonName *= //p' 756s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 756s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 756s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 756s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 756s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 756s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 756s + token_name='Test Organization Sub Int Token' 756s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 756s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 756s + echo 'Test Organization Sub Int Token' 756s Test Organization Sub Int Token 756s + '[' -n partial_chain ']' 756s + local verify_arg=--verify=partial_chain 756s + local output_base_name=SSSD-child-19234 756s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-19234.output 756s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-19234.pem 756s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-root-CA.pem 756s [p11_child[2246]] [main] (0x0400): p11_child started. 756s [p11_child[2246]] [main] (0x2000): Running in [pre-auth] mode. 756s [p11_child[2246]] [main] (0x2000): Running with effective IDs: [0][0]. 756s [p11_child[2246]] [main] (0x2000): Running with real IDs [0][0]. 756s [p11_child[2246]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 756s [p11_child[2246]] [do_card] (0x4000): Module List: 756s [p11_child[2246]] [do_card] (0x4000): common name: [softhsm2]. 756s [p11_child[2246]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 756s [p11_child[2246]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7fe3d949] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 756s [p11_child[2246]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 756s [p11_child[2246]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7fe3d949][2145638729] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 756s [p11_child[2246]] [do_card] (0x4000): Login NOT required. 756s [p11_child[2246]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 756s [p11_child[2246]] [do_verification] (0x0040): X509_verify_cert failed [0]. 756s [p11_child[2246]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 756s [p11_child[2246]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 756s [p11_child[2246]] [do_card] (0x4000): No certificate found. 756s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-19234.output 757s + return 2 757s + valid_certificate /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 757s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 757s Test Organization Sub Int Token 757s Certificate: 757s Data: 757s Version: 3 (0x2) 757s Serial Number: 5 (0x5) 757s Signature Algorithm: sha256WithRSAEncryption 757s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 757s Validity 757s Not Before: Mar 12 22:16:19 2024 GMT 757s Not After : Mar 12 22:16:19 2025 GMT 757s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 757s Subject Public Key Info: 757s Public Key Algorithm: rsaEncryption 757s Public-Key: (1024 bit) 757s Modulus: 757s 00:b0:c2:34:34:10:a3:cd:f0:04:f8:84:3d:f5:91: 757s 57:cd:49:d1:9b:d7:11:a0:fd:a8:48:6c:4a:39:50: 757s 89:a5:49:b5:84:c0:ed:0c:c6:b9:f3:a2:34:11:ff: 757s a8:ce:d4:9f:22:93:2f:48:61:4a:ca:36:fb:cd:5e: 757s 93:22:47:e8:b5:6c:b3:9b:61:a0:7c:5f:15:d8:fc: 757s f3:de:6a:c1:9f:b2:25:58:4c:27:3f:dc:df:01:04: 757s e8:dc:e7:54:25:7f:c0:95:f6:ce:72:a2:ea:04:22: 757s 11:95:af:68:ff:35:86:54:cb:28:99:de:3d:9b:6c: 757s d0:1f:5a:03:fc:7a:27:53:89 757s Exponent: 65537 (0x10001) 757s X509v3 extensions: 757s X509v3 Authority Key Identifier: 757s 27:24:50:BC:2A:8E:37:54:26:61:D2:0D:95:1C:2A:7B:39:E7:E8:32 757s X509v3 Basic Constraints: 757s CA:FALSE 757s Netscape Cert Type: 757s SSL Client, S/MIME 757s Netscape Comment: 757s Test Organization Sub Intermediate CA trusted Certificate 757s X509v3 Subject Key Identifier: 757s 49:37:F0:FB:2F:85:1A:D4:29:7A:A5:54:26:E8:62:AF:3F:07:05:C8 757s X509v3 Key Usage: critical 757s Digital Signature, Non Repudiation, Key Encipherment 757s X509v3 Extended Key Usage: 757s TLS Web Client Authentication, E-mail Protection 757s X509v3 Subject Alternative Name: 757s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 757s Signature Algorithm: sha256WithRSAEncryption 757s Signature Value: 757s 13:0a:34:fa:8e:bb:04:3f:cb:0e:14:0c:1d:5c:b1:4b:ed:bd: 757s e3:93:65:56:87:80:de:db:03:f5:3d:e7:8e:b5:b5:31:21:05: 757s 5e:fd:34:f0:43:c1:66:83:35:c5:1a:d2:f6:59:9c:a5:66:c9: 757s 92:bf:71:f5:e1:61:0f:86:cb:1e:cd:f1:4a:79:7b:7d:0e:51: 757s 76:d9:fd:41:70:f8:5a:74:74:96:ea:b3:83:a5:86:16:ba:87: 757s 06:b7:6e:78:73:91:e0:f3:84:2c:e5:bc:24:2b:3c:0f:a9:dd: 757s c2:53:3a:39:46:f3:4f:41:a2:51:62:b4:db:f9:90:af:f6:b6: 757s 96:b6 757s Certificate: 757s Data: 757s Version: 3 (0x2) 757s Serial Number: 5 (0x5) 757s Signature Algorithm: sha256WithRSAEncryption 757s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 757s Validity 757s Not Before: Mar 12 22:16:19 2024 GMT 757s Not After : Mar 12 22:16:19 2025 GMT 757s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 757s Subject Public Key Info: 757s Public Key Algorithm: rsaEncryption 757s Public-Key: (1024 bit) 757s Modulus: 757s 00:b0:c2:34:34:10:a3:cd:f0:04:f8:84:3d:f5:91: 757s 57:cd:49:d1:9b:d7:11:a0:fd:a8:48:6c:4a:39:50: 757s 89:a5:49:b5:84:c0:ed:0c:c6:b9:f3:a2:34:11:ff: 757s a8:ce:d4:9f:22:93:2f:48:61:4a:ca:36:fb:cd:5e: 757s 93:22:47:e8:b5:6c:b3:9b:61:a0:7c:5f:15:d8:fc: 757s f3:de:6a:c1:9f:b2:25:58:4c:27:3f:dc:df:01:04: 757s e8:dc:e7:54:25:7f:c0:95:f6:ce:72:a2:ea:04:22: 757s 11:95:af:68:ff:35:86:54:cb:28:99:de:3d:9b:6c: 757s d0:1f:5a:03:fc:7a:27:53:89 757s Exponent: 65537 (0x10001) 757s X509v3 extensions: 757s X509v3 Authority Key Identifier: 757s 27:24:50:BC:2A:8E:37:54:26:61:D2:0D:95:1C:2A:7B:39:E7:E8:32 757s X509v3 Basic Constraints: 757s CA:FALSE 757s Netscape Cert Type: 757s SSL Client, S/MIME 757s Netscape Comment: 757s Test Organization Sub Intermediate CA trusted Certificate 757s X509v3 Subject Key Identifier: 757s 49:37:F0:FB:2F:85:1A:D4:29:7A:A5:54:26:E8:62:AF:3F:07:05:C8 757s X509v3 Key Usage: critical 757s Digital Signature, Non Repudiation, Key Encipherment 757s X509v3 Extended Key Usage: 757s TLS Web Client Authentication, E-mail Protection 757s X509v3 Subject Alternative Name: 757s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 757s Signature Algorithm: sha256WithRSAEncryption 757s Signature Value: 757s 13:0a:34:fa:8e:bb:04:3f:cb:0e:14:0c:1d:5c:b1:4b:ed:bd: 757s e3:93:65:56:87:80:de:db:03:f5:3d:e7:8e:b5:b5:31:21:05: 757s 5e:fd:34:f0:43:c1:66:83:35:c5:1a:d2:f6:59:9c:a5:66:c9: 757s 92:bf:71:f5:e1:61:0f:86:cb:1e:cd:f1:4a:79:7b:7d:0e:51: 757s 76:d9:fd:41:70:f8:5a:74:74:96:ea:b3:83:a5:86:16:ba:87: 757s 06:b7:6e:78:73:91:e0:f3:84:2c:e5:bc:24:2b:3c:0f:a9:dd: 757s c2:53:3a:39:46:f3:4f:41:a2:51:62:b4:db:f9:90:af:f6:b6: 757s 96:b6 757s Test Organization Sub Int Token 757s Certificate: 757s Data: 757s Version: 3 (0x2) 757s Serial Number: 5 (0x5) 757s Signature Algorithm: sha256WithRSAEncryption 757s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 757s Validity 757s Not Before: Mar 12 22:16:19 2024 GMT 757s Not After : Mar 12 22:16:19 2025 GMT 757s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 757s Subject Public Key Info: 757s Public Key Algorithm: rsaEncryption 757s Public-Key: (1024 bit) 757s Modulus: 757s 00:b0:c2:34:34:10:a3:cd:f0:04:f8:84:3d:f5:91: 757s 57:cd:49:d1:9b:d7:11:a0:fd:a8:48:6c:4a:39:50: 757s 89:a5:49:b5:84:c0:ed:0c:c6:b9:f3:a2:34:11:ff: 757s a8:ce:d4:9f:22:93:2f:48:61:4a:ca:36:fb:cd:5e: 757s 93:22:47:e8:b5:6c:b3:9b:61:a0:7c:5f:15:d8:fc: 757s f3:de:6a:c1:9f:b2:25:58:4c:27:3f:dc:df:01:04: 757s e8:dc:e7:54:25:7f:c0:95:f6:ce:72:a2:ea:04:22: 757s 11:95:af:68:ff:35:86:54:cb:28:99:de:3d:9b:6c: 757s d0:1f:5a:03:fc:7a:27:53:89 757s Exponent: 65537 (0x10001) 757s X509v3 extensions: 757s X509v3 Authority Key Identifier: 757s 27:24:50:BC:2A:8E:37:54:26:61:D2:0D:95:1C:2A:7B:39:E7:E8:32 757s X509v3 Basic Constraints: 757s CA:FALSE 757s Netscape Cert Type: 757s SSL Client, S/MIME 757s Netscape Comment: 757s Test Organization Sub Intermediate CA trusted Certificate 757s X509v3 Subject Key Identifier: 757s 49:37:F0:FB:2F:85:1A:D4:29:7A:A5:54:26:E8:62:AF:3F:07:05:C8 757s X509v3 Key Usage: critical 757s Digital Signature, Non Repudiation, Key Encipherment 757s X509v3 Extended Key Usage: 757s TLS Web Client Authentication, E-mail Protection 757s X509v3 Subject Alternative Name: 757s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 757s Signature Algorithm: sha256WithRSAEncryption 757s Signature Value: 757s 13:0a:34:fa:8e:bb:04:3f:cb:0e:14:0c:1d:5c:b1:4b:ed:bd: 757s e3:93:65:56:87:80:de:db:03:f5:3d:e7:8e:b5:b5:31:21:05: 757s 5e:fd:34:f0:43:c1:66:83:35:c5:1a:d2:f6:59:9c:a5:66:c9: 757s 92:bf:71:f5:e1:61:0f:86:cb:1e:cd:f1:4a:79:7b:7d:0e:51: 757s 76:d9:fd:41:70:f8:5a:74:74:96:ea:b3:83:a5:86:16:ba:87: 757s 06:b7:6e:78:73:91:e0:f3:84:2c:e5:bc:24:2b:3c:0f:a9:dd: 757s c2:53:3a:39:46:f3:4f:41:a2:51:62:b4:db:f9:90:af:f6:b6: 757s 96:b6 757s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 757s + local verify_option= 757s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local key_cn 757s + local key_name 757s + local tokens_dir 757s + local output_cert_file 757s + token_name= 757s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 757s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 757s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s ++ sed -n 's/ *commonName *= //p' 757s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 757s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 757s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 757s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 757s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 757s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 757s + token_name='Test Organization Sub Int Token' 757s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 757s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 757s + echo 'Test Organization Sub Int Token' 757s + '[' -n '' ']' 757s + local output_base_name=SSSD-child-8870 757s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-8870.output 757s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-8870.pem 757s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 757s [p11_child[2253]] [main] (0x0400): p11_child started. 757s [p11_child[2253]] [main] (0x2000): Running in [pre-auth] mode. 757s [p11_child[2253]] [main] (0x2000): Running with effective IDs: [0][0]. 757s [p11_child[2253]] [main] (0x2000): Running with real IDs [0][0]. 757s [p11_child[2253]] [do_card] (0x4000): Module List: 757s [p11_child[2253]] [do_card] (0x4000): common name: [softhsm2]. 757s [p11_child[2253]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2253]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7fe3d949] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 757s [p11_child[2253]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 757s [p11_child[2253]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7fe3d949][2145638729] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2253]] [do_card] (0x4000): Login NOT required. 757s [p11_child[2253]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 757s [p11_child[2253]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 757s [p11_child[2253]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 757s [p11_child[2253]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7fe3d949;slot-manufacturer=SoftHSM%20project;slot-id=2145638729;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=567d5260ffe3d949;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 757s [p11_child[2253]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 757s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-8870.output 757s + echo '-----BEGIN CERTIFICATE-----' 757s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-8870.output 757s + echo '-----END CERTIFICATE-----' 757s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-8870.pem 757s + local found_md5 expected_md5 757s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s + expected_md5=Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 757s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-8870.pem 757s + found_md5=Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 757s + '[' Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 '!=' Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 ']' 757s + output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-8870-auth.output 757s ++ basename /tmp/sssd-softhsm2-kWVoB5/SSSD-child-8870-auth.output .output 757s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-8870-auth.pem 757s + echo -n 053350 757s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 757s [p11_child[2261]] [main] (0x0400): p11_child started. 757s [p11_child[2261]] [main] (0x2000): Running in [auth] mode. 757s [p11_child[2261]] [main] (0x2000): Running with effective IDs: [0][0]. 757s [p11_child[2261]] [main] (0x2000): Running with real IDs [0][0]. 757s [p11_child[2261]] [do_card] (0x4000): Module List: 757s [p11_child[2261]] [do_card] (0x4000): common name: [softhsm2]. 757s [p11_child[2261]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2261]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7fe3d949] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 757s [p11_child[2261]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 757s [p11_child[2261]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7fe3d949][2145638729] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2261]] [do_card] (0x4000): Login required. 757s [p11_child[2261]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 757s [p11_child[2261]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 757s [p11_child[2261]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 757s [p11_child[2261]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7fe3d949;slot-manufacturer=SoftHSM%20project;slot-id=2145638729;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=567d5260ffe3d949;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 757s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 757s [p11_child[2261]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 757s [p11_child[2261]] [do_card] (0x4000): Certificate verified and validated. 757s [p11_child[2261]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 757s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-8870-auth.output 757s + echo '-----BEGIN CERTIFICATE-----' 757s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-8870-auth.output 757s + echo '-----END CERTIFICATE-----' 757s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-8870-auth.pem 757s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-8870-auth.pem 757s + found_md5=Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 757s + '[' Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 '!=' Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 ']' 757s + valid_certificate /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem partial_chain 757s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 /tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem partial_chain 757s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 757s + local verify_option=partial_chain 757s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local key_cn 757s + local key_name 757s + local tokens_dir 757s + local output_cert_file 757s + token_name= 757s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 757s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 757s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s ++ sed -n 's/ *commonName *= //p' 757s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 757s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 757s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 757s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 757s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 757s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 757s + token_name='Test Organization Sub Int Token' 757s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 757s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 757s + echo 'Test Organization Sub Int Token' 757s + '[' -n partial_chain ']' 757s + local verify_arg=--verify=partial_chain 757s + local output_base_name=SSSD-child-13582 757s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-13582.output 757s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-13582.pem 757s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem 757s [p11_child[2271]] [main] (0x0400): p11_child started. 757s [p11_child[2271]] [main] (0x2000): Running in [pre-auth] mode. 757s [p11_child[2271]] [main] (0x2000): Running with effective IDs: [0][0]. 757s [p11_child[2271]] [main] (0x2000): Running with real IDs [0][0]. 757s [p11_child[2271]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 757s [p11_child[2271]] [do_card] (0x4000): Module List: 757s [p11_child[2271]] [do_card] (0x4000): common name: [softhsm2]. 757s [p11_child[2271]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2271]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7fe3d949] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 757s [p11_child[2271]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 757s [p11_child[2271]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7fe3d949][2145638729] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2271]] [do_card] (0x4000): Login NOT required. 757s [p11_child[2271]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 757s [p11_child[2271]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 757s [p11_child[2271]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 757s [p11_child[2271]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7fe3d949;slot-manufacturer=SoftHSM%20project;slot-id=2145638729;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=567d5260ffe3d949;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 757s [p11_child[2271]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 757s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-13582.output 757s + echo '-----BEGIN CERTIFICATE-----' 757s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-13582.output 757s + echo '-----END CERTIFICATE-----' 757s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-13582.pem 757s + local found_md5 expected_md5 757s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s + expected_md5=Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 757s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-13582.pem 757s + found_md5=Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 757s + '[' Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 '!=' Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 ']' 757s + output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-13582-auth.output 757s ++ basename /tmp/sssd-softhsm2-kWVoB5/SSSD-child-13582-auth.output .output 757s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-13582-auth.pem 757s + echo -n 053350 757s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 757s [p11_child[2279]] [main] (0x0400): p11_child started. 757s [p11_child[2279]] [main] (0x2000): Running in [auth] mode. 757s [p11_child[2279]] [main] (0x2000): Running with effective IDs: [0][0]. 757s [p11_child[2279]] [main] (0x2000): Running with real IDs [0][0]. 757s [p11_child[2279]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 757s [p11_child[2279]] [do_card] (0x4000): Module List: 757s [p11_child[2279]] [do_card] (0x4000): common name: [softhsm2]. 757s [p11_child[2279]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2279]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7fe3d949] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 757s [p11_child[2279]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 757s [p11_child[2279]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7fe3d949][2145638729] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2279]] [do_card] (0x4000): Login required. 757s [p11_child[2279]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 757s [p11_child[2279]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 757s [p11_child[2279]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 757s [p11_child[2279]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7fe3d949;slot-manufacturer=SoftHSM%20project;slot-id=2145638729;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=567d5260ffe3d949;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 757s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 757s [p11_child[2279]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 757s [p11_child[2279]] [do_card] (0x4000): Certificate verified and validated. 757s [p11_child[2279]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 757s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-13582-auth.output 757s + echo '-----BEGIN CERTIFICATE-----' 757s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-13582-auth.output 757s + echo '-----END CERTIFICATE-----' 757s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-13582-auth.pem 757s Certificate: 757s Data: 757s Version: 3 (0x2) 757s Serial Number: 5 (0x5) 757s Signature Algorithm: sha256WithRSAEncryption 757s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 757s Validity 757s Not Before: Mar 12 22:16:19 2024 GMT 757s Not After : Mar 12 22:16:19 2025 GMT 757s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 757s Subject Public Key Info: 757s Public Key Algorithm: rsaEncryption 757s Public-Key: (1024 bit) 757s Modulus: 757s 00:b0:c2:34:34:10:a3:cd:f0:04:f8:84:3d:f5:91: 757s 57:cd:49:d1:9b:d7:11:a0:fd:a8:48:6c:4a:39:50: 757s 89:a5:49:b5:84:c0:ed:0c:c6:b9:f3:a2:34:11:ff: 757s a8:ce:d4:9f:22:93:2f:48:61:4a:ca:36:fb:cd:5e: 757s 93:22:47:e8:b5:6c:b3:9b:61:a0:7c:5f:15:d8:fc: 757s f3:de:6a:c1:9f:b2:25:58:4c:27:3f:dc:df:01:04: 757s e8:dc:e7:54:25:7f:c0:95:f6:ce:72:a2:ea:04:22: 757s 11:95:af:68:ff:35:86:54:cb:28:99:de:3d:9b:6c: 757s d0:1f:5a:03:fc:7a:27:53:89 757s Exponent: 65537 (0x10001) 757s X509v3 extensions: 757s X509v3 Authority Key Identifier: 757s 27:24:50:BC:2A:8E:37:54:26:61:D2:0D:95:1C:2A:7B:39:E7:E8:32 757s X509v3 Basic Constraints: 757s CA:FALSE 757s Netscape Cert Type: 757s SSL Client, S/MIME 757s Netscape Comment: 757s Test Organization Sub Intermediate CA trusted Certificate 757s X509v3 Subject Key Identifier: 757s 49:37:F0:FB:2F:85:1A:D4:29:7A:A5:54:26:E8:62:AF:3F:07:05:C8 757s X509v3 Key Usage: critical 757s Digital Signature, Non Repudiation, Key Encipherment 757s X509v3 Extended Key Usage: 757s TLS Web Client Authentication, E-mail Protection 757s X509v3 Subject Alternative Name: 757s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 757s Signature Algorithm: sha256WithRSAEncryption 757s Signature Value: 757s 13:0a:34:fa:8e:bb:04:3f:cb:0e:14:0c:1d:5c:b1:4b:ed:bd: 757s e3:93:65:56:87:80:de:db:03:f5:3d:e7:8e:b5:b5:31:21:05: 757s 5e:fd:34:f0:43:c1:66:83:35:c5:1a:d2:f6:59:9c:a5:66:c9: 757s 92:bf:71:f5:e1:61:0f:86:cb:1e:cd:f1:4a:79:7b:7d:0e:51: 757s 76:d9:fd:41:70:f8:5a:74:74:96:ea:b3:83:a5:86:16:ba:87: 757s 06:b7:6e:78:73:91:e0:f3:84:2c:e5:bc:24:2b:3c:0f:a9:dd: 757s c2:53:3a:39:46:f3:4f:41:a2:51:62:b4:db:f9:90:af:f6:b6: 757s 96:b6 757s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-13582-auth.pem 757s + found_md5=Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 757s + '[' Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 '!=' Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 ']' 757s + invalid_certificate /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem 757s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem 757s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem 757s + local verify_option= 757s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local key_cn 757s + local key_name 757s + local tokens_dir 757s + local output_cert_file 757s + token_name= 757s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 757s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 757s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s ++ sed -n 's/ *commonName *= //p' 757s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 757s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 757s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 757s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 757s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 757s Test Organization Sub Int Token 757s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 757s + token_name='Test Organization Sub Int Token' 757s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 757s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 757s + echo 'Test Organization Sub Int Token' 757s + '[' -n '' ']' 757s + local output_base_name=SSSD-child-6187 757s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-6187.output 757s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-6187.pem 757s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem 757s [p11_child[2289]] [main] (0x0400): p11_child started. 757s [p11_child[2289]] [main] (0x2000): Running in [pre-auth] mode. 757s [p11_child[2289]] [main] (0x2000): Running with effective IDs: [0][0]. 757s [p11_child[2289]] [main] (0x2000): Running with real IDs [0][0]. 757s [p11_child[2289]] [do_card] (0x4000): Module List: 757s [p11_child[2289]] [do_card] (0x4000): common name: [softhsm2]. 757s [p11_child[2289]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2289]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7fe3d949] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 757s [p11_child[2289]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 757s [p11_child[2289]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7fe3d949][2145638729] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2289]] [do_card] (0x4000): Login NOT required. 757s [p11_child[2289]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 757s [p11_child[2289]] [do_verification] (0x0040): X509_verify_cert failed [0]. 757s [p11_child[2289]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 757s [p11_child[2289]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 757s [p11_child[2289]] [do_card] (0x4000): No certificate found. 757s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-6187.output 757s + return 2 757s + invalid_certificate /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 /tmp/sssd-softhsm2-kWVoB5/test-root-intermediate-chain-CA.pem partial_chain 757s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 /tmp/sssd-softhsm2-kWVoB5/test-root-intermediate-chain-CA.pem partial_chain 757s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-root-intermediate-chain-CA.pem 757s + local verify_option=partial_chain 757s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local key_cn 757s + local key_name 757s + local tokens_dir 757s + local output_cert_file 757s + token_name= 757s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 757s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 757s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s ++ sed -n 's/ *commonName *= //p' 757s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 757s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 757s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 757s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 757s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 757s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 757s + token_name='Test Organization Sub Int Token' 757s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 757s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 757s + echo 'Test Organization Sub Int Token' 757s Test Organization Sub Int Token 757s + '[' -n partial_chain ']' 757s + local verify_arg=--verify=partial_chain 757s + local output_base_name=SSSD-child-18536 757s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-18536.output 757s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-18536.pem 757s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-root-intermediate-chain-CA.pem 757s [p11_child[2296]] [main] (0x0400): p11_child started. 757s [p11_child[2296]] [main] (0x2000): Running in [pre-auth] mode. 757s [p11_child[2296]] [main] (0x2000): Running with effective IDs: [0][0]. 757s [p11_child[2296]] [main] (0x2000): Running with real IDs [0][0]. 757s [p11_child[2296]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 757s [p11_child[2296]] [do_card] (0x4000): Module List: 757s [p11_child[2296]] [do_card] (0x4000): common name: [softhsm2]. 757s [p11_child[2296]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2296]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7fe3d949] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 757s [p11_child[2296]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 757s [p11_child[2296]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7fe3d949][2145638729] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2296]] [do_card] (0x4000): Login NOT required. 757s [p11_child[2296]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 757s [p11_child[2296]] [do_verification] (0x0040): X509_verify_cert failed [0]. 757s [p11_child[2296]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 757s [p11_child[2296]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 757s [p11_child[2296]] [do_card] (0x4000): No certificate found. 757s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-18536.output 757s + return 2 757s + valid_certificate /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem partial_chain 757s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem partial_chain 757s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem 757s + local verify_option=partial_chain 757s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local key_cn 757s + local key_name 757s + local tokens_dir 757s + local output_cert_file 757s + token_name= 757s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 757s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 757s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s ++ sed -n 's/ *commonName *= //p' 757s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 757s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 757s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 757s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 757s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 757s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 757s Test Organization Sub Int Token 757s + token_name='Test Organization Sub Int Token' 757s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 757s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 757s + echo 'Test Organization Sub Int Token' 757s + '[' -n partial_chain ']' 757s + local verify_arg=--verify=partial_chain 757s + local output_base_name=SSSD-child-9733 757s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-9733.output 757s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-9733.pem 757s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem 757s [p11_child[2303]] [main] (0x0400): p11_child started. 757s [p11_child[2303]] [main] (0x2000): Running in [pre-auth] mode. 757s [p11_child[2303]] [main] (0x2000): Running with effective IDs: [0][0]. 757s [p11_child[2303]] [main] (0x2000): Running with real IDs [0][0]. 757s [p11_child[2303]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 757s [p11_child[2303]] [do_card] (0x4000): Module List: 757s [p11_child[2303]] [do_card] (0x4000): common name: [softhsm2]. 757s [p11_child[2303]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2303]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7fe3d949] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 757s [p11_child[2303]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 757s [p11_child[2303]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7fe3d949][2145638729] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2303]] [do_card] (0x4000): Login NOT required. 757s [p11_child[2303]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 757s [p11_child[2303]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 757s [p11_child[2303]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 757s [p11_child[2303]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7fe3d949;slot-manufacturer=SoftHSM%20project;slot-id=2145638729;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=567d5260ffe3d949;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 757s [p11_child[2303]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 757s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-9733.output 757s + echo '-----BEGIN CERTIFICATE-----' 757s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-9733.output 757s + echo '-----END CERTIFICATE-----' 757s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-9733.pem 757s Certificate: 757s Data: 757s Version: 3 (0x2) 757s Serial Number: 5 (0x5) 757s Signature Algorithm: sha256WithRSAEncryption 757s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 757s Validity 757s Not Before: Mar 12 22:16:19 2024 GMT 757s Not After : Mar 12 22:16:19 2025 GMT 757s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 757s Subject Public Key Info: 757s Public Key Algorithm: rsaEncryption 757s Public-Key: (1024 bit) 757s Modulus: 757s 00:b0:c2:34:34:10:a3:cd:f0:04:f8:84:3d:f5:91: 757s 57:cd:49:d1:9b:d7:11:a0:fd:a8:48:6c:4a:39:50: 757s 89:a5:49:b5:84:c0:ed:0c:c6:b9:f3:a2:34:11:ff: 757s a8:ce:d4:9f:22:93:2f:48:61:4a:ca:36:fb:cd:5e: 757s 93:22:47:e8:b5:6c:b3:9b:61:a0:7c:5f:15:d8:fc: 757s f3:de:6a:c1:9f:b2:25:58:4c:27:3f:dc:df:01:04: 757s e8:dc:e7:54:25:7f:c0:95:f6:ce:72:a2:ea:04:22: 757s 11:95:af:68:ff:35:86:54:cb:28:99:de:3d:9b:6c: 757s d0:1f:5a:03:fc:7a:27:53:89 757s Exponent: 65537 (0x10001) 757s X509v3 extensions: 757s X509v3 Authority Key Identifier: 757s 27:24:50:BC:2A:8E:37:54:26:61:D2:0D:95:1C:2A:7B:39:E7:E8:32 757s X509v3 Basic Constraints: 757s CA:FALSE 757s Netscape Cert Type: 757s SSL Client, S/MIME 757s Netscape Comment: 757s Test Organization Sub Intermediate CA trusted Certificate 757s X509v3 Subject Key Identifier: 757s 49:37:F0:FB:2F:85:1A:D4:29:7A:A5:54:26:E8:62:AF:3F:07:05:C8 757s X509v3 Key Usage: critical 757s Digital Signature, Non Repudiation, Key Encipherment 757s X509v3 Extended Key Usage: 757s TLS Web Client Authentication, E-mail Protection 757s X509v3 Subject Alternative Name: 757s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 757s Signature Algorithm: sha256WithRSAEncryption 757s Signature Value: 757s 13:0a:34:fa:8e:bb:04:3f:cb:0e:14:0c:1d:5c:b1:4b:ed:bd: 757s e3:93:65:56:87:80:de:db:03:f5:3d:e7:8e:b5:b5:31:21:05: 757s 5e:fd:34:f0:43:c1:66:83:35:c5:1a:d2:f6:59:9c:a5:66:c9: 757s 92:bf:71:f5:e1:61:0f:86:cb:1e:cd:f1:4a:79:7b:7d:0e:51: 757s 76:d9:fd:41:70:f8:5a:74:74:96:ea:b3:83:a5:86:16:ba:87: 757s 06:b7:6e:78:73:91:e0:f3:84:2c:e5:bc:24:2b:3c:0f:a9:dd: 757s c2:53:3a:39:46:f3:4f:41:a2:51:62:b4:db:f9:90:af:f6:b6: 757s 96:b6 757s + local found_md5 expected_md5 757s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s + expected_md5=Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 757s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-9733.pem 757s + found_md5=Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 757s + '[' Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 '!=' Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 ']' 757s + output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-9733-auth.output 757s ++ basename /tmp/sssd-softhsm2-kWVoB5/SSSD-child-9733-auth.output .output 757s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-9733-auth.pem 757s + echo -n 053350 757s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 757s [p11_child[2311]] [main] (0x0400): p11_child started. 757s [p11_child[2311]] [main] (0x2000): Running in [auth] mode. 757s [p11_child[2311]] [main] (0x2000): Running with effective IDs: [0][0]. 757s [p11_child[2311]] [main] (0x2000): Running with real IDs [0][0]. 757s [p11_child[2311]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 757s [p11_child[2311]] [do_card] (0x4000): Module List: 757s [p11_child[2311]] [do_card] (0x4000): common name: [softhsm2]. 757s [p11_child[2311]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2311]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7fe3d949] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 757s [p11_child[2311]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 757s [p11_child[2311]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7fe3d949][2145638729] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2311]] [do_card] (0x4000): Login required. 757s [p11_child[2311]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 757s [p11_child[2311]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 757s [p11_child[2311]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 757s [p11_child[2311]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7fe3d949;slot-manufacturer=SoftHSM%20project;slot-id=2145638729;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=567d5260ffe3d949;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 757s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 757s [p11_child[2311]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 757s [p11_child[2311]] [do_card] (0x4000): Certificate verified and validated. 757s [p11_child[2311]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 757s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-9733-auth.output 757s + echo '-----BEGIN CERTIFICATE-----' 757s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-9733-auth.output 757s + echo '-----END CERTIFICATE-----' 757s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-9733-auth.pem 757s Certificate: 757s Data: 757s Version: 3 (0x2) 757s Serial Number: 5 (0x5) 757s Signature Algorithm: sha256WithRSAEncryption 757s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 757s Validity 757s Not Before: Mar 12 22:16:19 2024 GMT 757s Not After : Mar 12 22:16:19 2025 GMT 757s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 757s Subject Public Key Info: 757s Public Key Algorithm: rsaEncryption 757s Public-Key: (1024 bit) 757s Modulus: 757s 00:b0:c2:34:34:10:a3:cd:f0:04:f8:84:3d:f5:91: 757s 57:cd:49:d1:9b:d7:11:a0:fd:a8:48:6c:4a:39:50: 757s 89:a5:49:b5:84:c0:ed:0c:c6:b9:f3:a2:34:11:ff: 757s a8:ce:d4:9f:22:93:2f:48:61:4a:ca:36:fb:cd:5e: 757s 93:22:47:e8:b5:6c:b3:9b:61:a0:7c:5f:15:d8:fc: 757s f3:de:6a:c1:9f:b2:25:58:4c:27:3f:dc:df:01:04: 757s e8:dc:e7:54:25:7f:c0:95:f6:ce:72:a2:ea:04:22: 757s 11:95:af:68:ff:35:86:54:cb:28:99:de:3d:9b:6c: 757s d0:1f:5a:03:fc:7a:27:53:89 757s Exponent: 65537 (0x10001) 757s X509v3 extensions: 757s X509v3 Authority Key Identifier: 757s 27:24:50:BC:2A:8E:37:54:26:61:D2:0D:95:1C:2A:7B:39:E7:E8:32 757s X509v3 Basic Constraints: 757s CA:FALSE 757s Netscape Cert Type: 757s SSL Client, S/MIME 757s Netscape Comment: 757s Test Organization Sub Intermediate CA trusted Certificate 757s X509v3 Subject Key Identifier: 757s 49:37:F0:FB:2F:85:1A:D4:29:7A:A5:54:26:E8:62:AF:3F:07:05:C8 757s X509v3 Key Usage: critical 757s Digital Signature, Non Repudiation, Key Encipherment 757s X509v3 Extended Key Usage: 757s TLS Web Client Authentication, E-mail Protection 757s X509v3 Subject Alternative Name: 757s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 757s Signature Algorithm: sha256WithRSAEncryption 757s Signature Value: 757s 13:0a:34:fa:8e:bb:04:3f:cb:0e:14:0c:1d:5c:b1:4b:ed:bd: 757s e3:93:65:56:87:80:de:db:03:f5:3d:e7:8e:b5:b5:31:21:05: 757s 5e:fd:34:f0:43:c1:66:83:35:c5:1a:d2:f6:59:9c:a5:66:c9: 757s 92:bf:71:f5:e1:61:0f:86:cb:1e:cd:f1:4a:79:7b:7d:0e:51: 757s 76:d9:fd:41:70:f8:5a:74:74:96:ea:b3:83:a5:86:16:ba:87: 757s 06:b7:6e:78:73:91:e0:f3:84:2c:e5:bc:24:2b:3c:0f:a9:dd: 757s c2:53:3a:39:46:f3:4f:41:a2:51:62:b4:db:f9:90:af:f6:b6: 757s 96:b6 757s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-9733-auth.pem 757s + found_md5=Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 757s + '[' Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 '!=' Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 ']' 757s + valid_certificate /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 /tmp/sssd-softhsm2-kWVoB5/test-intermediate-sub-chain-CA.pem partial_chain 757s + check_certificate /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 /tmp/sssd-softhsm2-kWVoB5/test-intermediate-sub-chain-CA.pem partial_chain 757s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local key_ring=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-sub-chain-CA.pem 757s + local verify_option=partial_chain 757s + prepare_softhsm2_card /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local certificate=/tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-26575 757s + local key_cn 757s + local key_name 757s + local tokens_dir 757s + local output_cert_file 757s + token_name= 757s ++ basename /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 757s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 757s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s ++ sed -n 's/ *commonName *= //p' 757s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 757s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 757s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 757s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 757s ++ basename /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 757s + tokens_dir=/tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 757s + token_name='Test Organization Sub Int Token' 757s + '[' '!' -e /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 757s + '[' '!' -d /tmp/sssd-softhsm2-kWVoB5/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 757s + echo 'Test Organization Sub Int Token' 757s + '[' -n partial_chain ']' 757s + local verify_arg=--verify=partial_chain 757s + local output_base_name=SSSD-child-29096 757s + local output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-29096.output 757s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-29096.pem 757s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-sub-chain-CA.pem 757s Test Organization Sub Int Token 757s [p11_child[2321]] [main] (0x0400): p11_child started. 757s [p11_child[2321]] [main] (0x2000): Running in [pre-auth] mode. 757s [p11_child[2321]] [main] (0x2000): Running with effective IDs: [0][0]. 757s [p11_child[2321]] [main] (0x2000): Running with real IDs [0][0]. 757s [p11_child[2321]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 757s [p11_child[2321]] [do_card] (0x4000): Module List: 757s [p11_child[2321]] [do_card] (0x4000): common name: [softhsm2]. 757s [p11_child[2321]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2321]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7fe3d949] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 757s [p11_child[2321]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 757s [p11_child[2321]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7fe3d949][2145638729] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2321]] [do_card] (0x4000): Login NOT required. 757s [p11_child[2321]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 757s [p11_child[2321]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 757s [p11_child[2321]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 757s [p11_child[2321]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7fe3d949;slot-manufacturer=SoftHSM%20project;slot-id=2145638729;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=567d5260ffe3d949;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 757s [p11_child[2321]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 757s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-29096.output 757s + echo '-----BEGIN CERTIFICATE-----' 757s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-29096.output 757s + echo '-----END CERTIFICATE-----' 757s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-29096.pem 757s Certificate: 757s Data: 757s Version: 3 (0x2) 757s Serial Number: 5 (0x5) 757s Signature Algorithm: sha256WithRSAEncryption 757s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 757s Validity 757s Not Before: Mar 12 22:16:19 2024 GMT 757s Not After : Mar 12 22:16:19 2025 GMT 757s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 757s Subject Public Key Info: 757s Public Key Algorithm: rsaEncryption 757s Public-Key: (1024 bit) 757s Modulus: 757s 00:b0:c2:34:34:10:a3:cd:f0:04:f8:84:3d:f5:91: 757s 57:cd:49:d1:9b:d7:11:a0:fd:a8:48:6c:4a:39:50: 757s 89:a5:49:b5:84:c0:ed:0c:c6:b9:f3:a2:34:11:ff: 757s a8:ce:d4:9f:22:93:2f:48:61:4a:ca:36:fb:cd:5e: 757s 93:22:47:e8:b5:6c:b3:9b:61:a0:7c:5f:15:d8:fc: 757s f3:de:6a:c1:9f:b2:25:58:4c:27:3f:dc:df:01:04: 757s e8:dc:e7:54:25:7f:c0:95:f6:ce:72:a2:ea:04:22: 757s 11:95:af:68:ff:35:86:54:cb:28:99:de:3d:9b:6c: 757s d0:1f:5a:03:fc:7a:27:53:89 757s Exponent: 65537 (0x10001) 757s X509v3 extensions: 757s X509v3 Authority Key Identifier: 757s 27:24:50:BC:2A:8E:37:54:26:61:D2:0D:95:1C:2A:7B:39:E7:E8:32 757s X509v3 Basic Constraints: 757s CA:FALSE 757s Netscape Cert Type: 757s SSL Client, S/MIME 757s Netscape Comment: 757s Test Organization Sub Intermediate CA trusted Certificate 757s X509v3 Subject Key Identifier: 757s 49:37:F0:FB:2F:85:1A:D4:29:7A:A5:54:26:E8:62:AF:3F:07:05:C8 757s X509v3 Key Usage: critical 757s Digital Signature, Non Repudiation, Key Encipherment 757s X509v3 Extended Key Usage: 757s TLS Web Client Authentication, E-mail Protection 757s X509v3 Subject Alternative Name: 757s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 757s Signature Algorithm: sha256WithRSAEncryption 757s Signature Value: 757s 13:0a:34:fa:8e:bb:04:3f:cb:0e:14:0c:1d:5c:b1:4b:ed:bd: 757s e3:93:65:56:87:80:de:db:03:f5:3d:e7:8e:b5:b5:31:21:05: 757s 5e:fd:34:f0:43:c1:66:83:35:c5:1a:d2:f6:59:9c:a5:66:c9: 757s 92:bf:71:f5:e1:61:0f:86:cb:1e:cd:f1:4a:79:7b:7d:0e:51: 757s 76:d9:fd:41:70:f8:5a:74:74:96:ea:b3:83:a5:86:16:ba:87: 757s 06:b7:6e:78:73:91:e0:f3:84:2c:e5:bc:24:2b:3c:0f:a9:dd: 757s c2:53:3a:39:46:f3:4f:41:a2:51:62:b4:db:f9:90:af:f6:b6: 757s 96:b6 757s + local found_md5 expected_md5 757s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/test-sub-intermediate-CA-trusted-certificate-0001.pem 757s + expected_md5=Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 757s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-29096.pem 757s + found_md5=Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 757s + '[' Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 '!=' Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 ']' 757s + output_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-29096-auth.output 757s ++ basename /tmp/sssd-softhsm2-kWVoB5/SSSD-child-29096-auth.output .output 757s + output_cert_file=/tmp/sssd-softhsm2-kWVoB5/SSSD-child-29096-auth.pem 757s + echo -n 053350 757s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kWVoB5/test-intermediate-sub-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 757s [p11_child[2329]] [main] (0x0400): p11_child started. 757s [p11_child[2329]] [main] (0x2000): Running in [auth] mode. 757s [p11_child[2329]] [main] (0x2000): Running with effective IDs: [0][0]. 757s [p11_child[2329]] [main] (0x2000): Running with real IDs [0][0]. 757s [p11_child[2329]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 757s [p11_child[2329]] [do_card] (0x4000): Module List: 757s [p11_child[2329]] [do_card] (0x4000): common name: [softhsm2]. 757s [p11_child[2329]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2329]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7fe3d949] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 757s [p11_child[2329]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 757s [p11_child[2329]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7fe3d949][2145638729] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 757s [p11_child[2329]] [do_card] (0x4000): Login required. 757s [p11_child[2329]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 757s [p11_child[2329]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 757s [p11_child[2329]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 757s [p11_child[2329]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7fe3d949;slot-manufacturer=SoftHSM%20project;slot-id=2145638729;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=567d5260ffe3d949;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 757s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 757s [p11_child[2329]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 757s [p11_child[2329]] [do_card] (0x4000): Certificate verified and validated. 757s [p11_child[2329]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 757s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-29096-auth.output 757s + echo '-----BEGIN CERTIFICATE-----' 757s + tail -n1 /tmp/sssd-softhsm2-kWVoB5/SSSD-child-29096-auth.output 757s + echo '-----END CERTIFICATE-----' 757s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-29096-auth.pem 757s Certificate: 757s Data: 757s Version: 3 (0x2) 757s Serial Number: 5 (0x5) 757s Signature Algorithm: sha256WithRSAEncryption 757s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 757s Validity 757s Not Before: Mar 12 22:16:19 2024 GMT 757s Not After : Mar 12 22:16:19 2025 GMT 757s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 757s Subject Public Key Info: 757s Public Key Algorithm: rsaEncryption 757s Public-Key: (1024 bit) 757s Modulus: 757s 00:b0:c2:34:34:10:a3:cd:f0:04:f8:84:3d:f5:91: 757s 57:cd:49:d1:9b:d7:11:a0:fd:a8:48:6c:4a:39:50: 757s 89:a5:49:b5:84:c0:ed:0c:c6:b9:f3:a2:34:11:ff: 757s a8:ce:d4:9f:22:93:2f:48:61:4a:ca:36:fb:cd:5e: 757s 93:22:47:e8:b5:6c:b3:9b:61:a0:7c:5f:15:d8:fc: 757s f3:de:6a:c1:9f:b2:25:58:4c:27:3f:dc:df:01:04: 757s e8:dc:e7:54:25:7f:c0:95:f6:ce:72:a2:ea:04:22: 757s 11:95:af:68:ff:35:86:54:cb:28:99:de:3d:9b:6c: 757s d0:1f:5a:03:fc:7a:27:53:89 757s Exponent: 65537 (0x10001) 757s X509v3 extensions: 757s X509v3 Authority Key Identifier: 757s 27:24:50:BC:2A:8E:37:54:26:61:D2:0D:95:1C:2A:7B:39:E7:E8:32 757s X509v3 Basic Constraints: 757s CA:FALSE 757s Netscape Cert Type: 757s SSL Client, S/MIME 757s Netscape Comment: 757s Test Organization Sub Intermediate CA trusted Certificate 757s X509v3 Subject Key Identifier: 757s 49:37:F0:FB:2F:85:1A:D4:29:7A:A5:54:26:E8:62:AF:3F:07:05:C8 757s X509v3 Key Usage: critical 757s Digital Signature, Non Repudiation, Key Encipherment 757s X509v3 Extended Key Usage: 757s TLS Web Client Authentication, E-mail Protection 757s X509v3 Subject Alternative Name: 757s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 757s Signature Algorithm: sha256WithRSAEncryption 757s Signature Value: 757s 13:0a:34:fa:8e:bb:04:3f:cb:0e:14:0c:1d:5c:b1:4b:ed:bd: 757s e3:93:65:56:87:80:de:db:03:f5:3d:e7:8e:b5:b5:31:21:05: 757s 5e:fd:34:f0:43:c1:66:83:35:c5:1a:d2:f6:59:9c:a5:66:c9: 757s 92:bf:71:f5:e1:61:0f:86:cb:1e:cd:f1:4a:79:7b:7d:0e:51: 757s 76:d9:fd:41:70:f8:5a:74:74:96:ea:b3:83:a5:86:16:ba:87: 757s 06:b7:6e:78:73:91:e0:f3:84:2c:e5:bc:24:2b:3c:0f:a9:dd: 757s c2:53:3a:39:46:f3:4f:41:a2:51:62:b4:db:f9:90:af:f6:b6: 757s 96:b6 757s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kWVoB5/SSSD-child-29096-auth.pem 757s + found_md5=Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 757s + '[' Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 '!=' Modulus=B0C2343410A3CDF004F8843DF59157CD49D19BD711A0FDA8486C4A395089A549B584C0ED0CC6B9F3A23411FFA8CED49F22932F48614ACA36FBCD5E932247E8B56CB39B61A07C5F15D8FCF3DE6AC19FB225584C273FDCDF0104E8DCE754257FC095F6CE72A2EA04221195AF68FF358654CB2899DE3D9B6CD01F5A03FC7A275389 ']' 757s + set +x 757s 757s Test completed, Root CA and intermediate issued certificates verified! 758s autopkgtest [22:16:28]: test sssd-softhism2-certificates-tests.sh: -----------------------] 759s autopkgtest [22:16:29]: test sssd-softhism2-certificates-tests.sh: - - - - - - - - - - results - - - - - - - - - - 759s sssd-softhism2-certificates-tests.sh PASS 759s autopkgtest [22:16:29]: test sssd-smart-card-pam-auth-configs: preparing testbed 761s Reading package lists... 761s Building dependency tree... 761s Reading state information... 762s Correcting dependencies...Starting pkgProblemResolver with broken count: 0 762s Starting 2 pkgProblemResolver with broken count: 0 762s Done 762s Done 762s Starting pkgProblemResolver with broken count: 0 762s Starting 2 pkgProblemResolver with broken count: 0 762s Done 763s The following additional packages will be installed: 763s pamtester 763s The following NEW packages will be installed: 763s pamtester 763s 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. 763s 1 not fully installed or removed. 763s Need to get 12.3 kB of archives. 763s After this operation, 36.9 kB of additional disk space will be used. 763s Get:1 http://ftpmaster.internal/ubuntu noble/universe arm64 pamtester arm64 0.1.2-4 [12.3 kB] 764s Fetched 12.3 kB in 0s (56.1 kB/s) 764s Selecting previously unselected package pamtester. 764s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74913 files and directories currently installed.) 764s Preparing to unpack .../pamtester_0.1.2-4_arm64.deb ... 764s Unpacking pamtester (0.1.2-4) ... 765s Setting up pamtester (0.1.2-4) ... 765s Setting up autopkgtest-satdep (0) ... 765s Processing triggers for man-db (2.12.0-3) ... 769s (Reading database ... 74919 files and directories currently installed.) 769s Removing autopkgtest-satdep (0) ... 770s autopkgtest [22:16:40]: test sssd-smart-card-pam-auth-configs: env OFFLINE_MODE=1 bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 770s autopkgtest [22:16:40]: test sssd-smart-card-pam-auth-configs: [----------------------- 770s + '[' -z ubuntu ']' 770s + export DEBIAN_FRONTEND=noninteractive 770s + DEBIAN_FRONTEND=noninteractive 770s + required_tools=(pamtester softhsm2-util sssd) 770s + [[ ! -v OFFLINE_MODE ]] 770s + for cmd in "${required_tools[@]}" 770s + command -v pamtester 770s + for cmd in "${required_tools[@]}" 770s + command -v softhsm2-util 770s + for cmd in "${required_tools[@]}" 770s + command -v sssd 770s + PIN=123456 770s ++ mktemp -d -t sssd-softhsm2-certs-XXXXXX 770s + tmpdir=/tmp/sssd-softhsm2-certs-sSJWjz 770s + backupsdir= 770s + alternative_pam_configs=(sss-smart-card-optional sss-smart-card-required) 770s + declare -a restore_paths 770s + declare -a delete_paths 770s + trap handle_exit EXIT 770s ++ dirname debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 770s + tester=debian/tests/sssd-softhism2-certificates-tests.sh 770s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 770s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 770s + export PIN TEST_TMPDIR=/tmp/sssd-softhsm2-certs-sSJWjz GENERATE_SMART_CARDS=1 KEEP_TEMPORARY_FILES=1 NO_SSSD_TESTS=1 770s + TEST_TMPDIR=/tmp/sssd-softhsm2-certs-sSJWjz 770s + GENERATE_SMART_CARDS=1 770s + KEEP_TEMPORARY_FILES=1 770s + NO_SSSD_TESTS=1 770s + bash debian/tests/sssd-softhism2-certificates-tests.sh 770s + '[' -z ubuntu ']' 770s + required_tools=(p11tool openssl softhsm2-util) 770s + for cmd in "${required_tools[@]}" 770s + command -v p11tool 770s + for cmd in "${required_tools[@]}" 770s + command -v openssl 770s + for cmd in "${required_tools[@]}" 770s + command -v softhsm2-util 770s + PIN=123456 770s +++ find /usr/lib/softhsm/libsofthsm2.so 770s +++ head -n 1 770s ++ realpath /usr/lib/softhsm/libsofthsm2.so 770s + SOFTHSM2_MODULE=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 770s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 770s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 770s + '[' '!' -v NO_SSSD_TESTS ']' 770s + '[' '!' -e /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so ']' 770s + tmpdir=/tmp/sssd-softhsm2-certs-sSJWjz 770s + keys_size=1024 770s + [[ ! -v KEEP_TEMPORARY_FILES ]] 770s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 770s + echo -n 01 770s + touch /tmp/sssd-softhsm2-certs-sSJWjz/index.txt 770s + mkdir -p /tmp/sssd-softhsm2-certs-sSJWjz/new_certs 770s + cat 770s + root_ca_key_pass=pass:random-root-CA-password-1653 770s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-key.pem -passout pass:random-root-CA-password-1653 1024 770s + openssl req -passin pass:random-root-CA-password-1653 -batch -config /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA.pem 770s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA.pem 770s + cat 770s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-6179 770s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-6179 1024 770s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-6179 -config /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-1653 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-certificate-request.pem 770s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-certificate-request.pem 770s Certificate Request: 770s Data: 770s Version: 1 (0x0) 770s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 770s Subject Public Key Info: 770s Public Key Algorithm: rsaEncryption 770s Public-Key: (1024 bit) 770s Modulus: 770s 00:bc:6a:a6:bd:25:60:3f:c4:ab:f2:c3:7a:d1:95: 770s 01:81:5c:b1:98:d8:7b:c7:96:a5:bf:84:fd:a3:ed: 770s f6:f7:71:ad:3e:fd:4e:7c:9e:b4:cc:b0:62:9f:c3: 770s 66:31:21:ae:cc:a5:61:2a:ab:7a:4b:e6:50:32:0e: 770s a6:97:d1:a2:fe:3e:59:55:f0:36:b3:49:18:43:22: 770s d6:f0:6f:9e:e0:92:7e:ef:18:c5:4c:0b:84:56:33: 770s 5d:b6:2e:ee:aa:d9:fd:96:2f:1c:c7:c3:2b:90:5e: 770s 4b:0a:df:aa:5a:93:17:4d:53:8f:06:82:96:c5:f5: 770s 26:35:59:91:c6:21:c5:eb:bd 770s Exponent: 65537 (0x10001) 770s Attributes: 770s (none) 770s Requested Extensions: 770s Signature Algorithm: sha256WithRSAEncryption 770s Signature Value: 770s 3b:8f:71:d5:b0:39:64:1b:62:76:11:f5:cc:75:70:e1:58:8f: 770s c7:ca:5a:5f:6f:a2:1f:f6:41:41:39:c0:2f:cc:58:cb:c7:19: 770s eb:d8:8b:fd:5a:09:0a:14:3e:f0:d9:aa:2a:5f:f0:de:51:be: 770s f5:9a:78:32:cb:39:68:7d:e2:33:cf:74:b5:e2:5b:30:85:a6: 770s 98:0b:0c:e2:68:4d:3c:2c:16:5a:cf:7b:19:bb:15:cc:05:07: 770s 11:dd:04:5f:76:05:49:a5:b7:14:ee:bd:95:fe:74:f3:e0:b2: 770s 25:4b:e8:5d:d1:31:a3:e9:50:3c:ec:1c:c8:31:05:71:53:db: 770s 9a:a3 770s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA.config -passin pass:random-root-CA-password-1653 -keyfile /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem 770s Using configuration from /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA.config 770s Check that the request matches the signature 770s Signature ok 770s Certificate Details: 770s Serial Number: 1 (0x1) 770s Validity 770s Not Before: Mar 12 22:16:40 2024 GMT 770s Not After : Mar 12 22:16:40 2025 GMT 770s Subject: 770s organizationName = Test Organization 770s organizationalUnitName = Test Organization Unit 770s commonName = Test Organization Intermediate CA 770s X509v3 extensions: 770s X509v3 Subject Key Identifier: 770s 41:8D:47:83:7C:CD:F7:C6:D6:EA:23:17:F8:03:88:07:D6:9E:AD:7C 770s X509v3 Authority Key Identifier: 770s keyid:4E:22:F1:FF:16:DE:10:A4:6A:D6:6C:4E:62:95:BC:5A:39:67:22:23 770s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 770s serial:00 770s X509v3 Basic Constraints: 770s CA:TRUE 770s X509v3 Key Usage: critical 770s Digital Signature, Certificate Sign, CRL Sign 770s Certificate is to be certified until Mar 12 22:16:40 2025 GMT (365 days) 770s 770s Write out database with 1 new entries 770s Database updated 770s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem 770s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem 770s /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem: OK 770s + cat 770s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-22934 770s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-22934 1024 770s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-22934 -config /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-6179 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-certificate-request.pem 770s Certificate Request: 770s Data: 770s Version: 1 (0x0) 770s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 770s Subject Public Key Info: 770s Public Key Algorithm: rsaEncryption 770s Public-Key: (1024 bit) 770s Modulus: 770s 00:d5:da:2c:8d:e4:b9:0a:7a:e0:40:6d:a3:6d:30: 770s 82:26:5e:10:0b:be:34:ac:30:4b:a5:f0:60:79:42: 770s 1f:27:17:4d:56:58:5b:a8:3e:1d:85:5c:4d:18:2b: 770s bc:b3:cc:de:f7:11:60:45:93:41:7b:51:a4:73:1f: 770s 34:36:cf:06:ad:9e:aa:eb:11:d0:2b:30:55:7e:fa: 770s 57:a5:ac:a5:60:ac:3d:74:ce:df:9e:e4:19:c4:ce: 770s 3b:0d:ad:6a:22:a8:6a:67:80:ed:22:0f:8f:ff:88: 770s 33:d2:aa:a6:ef:f7:17:98:54:d2:cc:f2:41:4f:63: 770s 6e:1c:d7:4a:12:04:c5:e5:57 770s Exponent: 65537 (0x10001) 770s Attributes: 770s (none) 770s Requested Extensions: 770s Signature Algorithm: sha256WithRSAEncryption 770s Signature Value: 770s 31:e1:6f:52:ed:f9:6f:65:78:22:a8:0b:80:bc:42:a1:bf:32: 770s 3f:75:81:e2:36:b2:32:eb:da:b2:5b:80:93:34:3c:b8:6d:43: 770s b6:76:2c:55:25:a5:53:f4:85:4d:fd:01:75:98:5a:a9:13:2a: 770s 2b:5d:e3:f9:5b:27:dd:b9:ea:5a:f3:37:b4:37:20:88:08:86: 770s b7:99:fb:69:f8:f6:10:dd:73:1c:f5:65:69:b1:5c:5c:7b:61: 770s a4:2b:20:a4:1b:ee:04:65:6c:bb:18:de:67:18:2f:31:f1:3a: 770s 8d:00:7b:b0:3a:41:d4:0a:1c:c5:e8:1e:f6:c0:b7:44:18:f5: 770s e1:52 770s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-certificate-request.pem 770s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-6179 -keyfile /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.pem 770s Using configuration from /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.config 770s Check that the request matches the signature 770s Signature ok 770s Certificate Details: 770s Serial Number: 2 (0x2) 770s Validity 770s Not Before: Mar 12 22:16:40 2024 GMT 770s Not After : Mar 12 22:16:40 2025 GMT 770s Subject: 770s organizationName = Test Organization 770s organizationalUnitName = Test Organization Unit 770s commonName = Test Organization Sub Intermediate CA 770s X509v3 extensions: 770s X509v3 Subject Key Identifier: 770s D0:9B:95:55:D4:76:26:4B:EC:7E:19:0D:BF:01:EE:D1:64:AC:96:AB 770s X509v3 Authority Key Identifier: 770s keyid:41:8D:47:83:7C:CD:F7:C6:D6:EA:23:17:F8:03:88:07:D6:9E:AD:7C 770s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 770s serial:01 770s X509v3 Basic Constraints: 770s CA:TRUE 770s X509v3 Key Usage: critical 770s Digital Signature, Certificate Sign, CRL Sign 770s Certificate is to be certified until Mar 12 22:16:40 2025 GMT (365 days) 770s 770s Write out database with 1 new entries 770s Database updated 770s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.pem 770s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.pem 770s /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.pem: OK 770s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.pem 770s + local cmd=openssl 770s + shift 770s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.pem 770s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 770s error 20 at 0 depth lookup: unable to get local issuer certificate 770s error /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.pem: verification failed 770s + cat 770s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-6946 770s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-6946 1024 770s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-6946 -key /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001-request.pem 771s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001-request.pem 771s Certificate Request: 771s Data: 771s Version: 1 (0x0) 771s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 771s Subject Public Key Info: 771s Public Key Algorithm: rsaEncryption 771s Public-Key: (1024 bit) 771s Modulus: 771s 00:ce:f5:d9:07:a9:0d:0e:34:f3:97:a2:3a:9b:9c: 771s 27:36:45:49:cc:ba:77:16:33:bf:20:ea:1a:9b:4c: 771s c3:43:f0:1e:70:e6:ca:4a:5e:1d:39:f5:9b:9a:1c: 771s 1f:9f:31:bd:7e:87:1f:41:2f:f7:0d:9c:9d:fd:9a: 771s 48:9b:62:56:18:dd:60:c9:1d:51:e3:63:e0:d5:13: 771s 68:6b:72:a5:d7:dd:2c:99:ac:ad:a1:50:f5:3c:ff: 771s 4b:00:91:a6:41:00:ca:dd:37:d0:ae:50:86:4c:b1: 771s 43:59:89:4d:2f:2c:a9:21:90:18:ab:89:97:17:3d: 771s f8:73:98:af:27:9c:f4:aa:fb 771s Exponent: 65537 (0x10001) 771s Attributes: 771s Requested Extensions: 771s X509v3 Basic Constraints: 771s CA:FALSE 771s Netscape Cert Type: 771s SSL Client, S/MIME 771s Netscape Comment: 771s Test Organization Root CA trusted Certificate 771s X509v3 Subject Key Identifier: 771s 01:3F:80:99:7D:61:08:8D:C4:68:65:70:45:8D:F5:EF:75:9C:C6:48 771s X509v3 Key Usage: critical 771s Digital Signature, Non Repudiation, Key Encipherment 771s X509v3 Extended Key Usage: 771s TLS Web Client Authentication, E-mail Protection 771s X509v3 Subject Alternative Name: 771s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 771s Signature Algorithm: sha256WithRSAEncryption 771s Signature Value: 771s c5:99:1d:b0:af:6e:f6:01:93:30:1d:94:a4:44:16:88:52:bc: 771s 9d:c2:58:99:a3:c1:94:57:6e:c6:0e:55:30:42:4c:8f:6c:79: 771s bf:10:5f:5d:c2:51:0b:a0:3f:5f:f3:66:da:1d:fc:67:14:f7: 771s 90:d8:6a:cb:cf:60:7b:41:f4:9c:44:c5:f6:5d:6c:00:ad:6d: 771s a6:b1:3f:e3:44:30:d5:f3:b6:cc:8e:4c:3c:5a:f4:a5:b4:d0: 771s 33:9b:11:c8:d2:c1:5a:8b:bc:de:12:eb:f8:ee:86:8a:2b:07: 771s 60:42:6f:ed:5b:8e:8e:13:71:33:86:48:3a:61:d4:3b:3b:01: 771s 20:32 771s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA.config -passin pass:random-root-CA-password-1653 -keyfile /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001.pem 771s Using configuration from /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA.config 771s Check that the request matches the signature 771s Signature ok 771s Certificate Details: 771s Serial Number: 3 (0x3) 771s Validity 771s Not Before: Mar 12 22:16:41 2024 GMT 771s Not After : Mar 12 22:16:41 2025 GMT 771s Subject: 771s organizationName = Test Organization 771s organizationalUnitName = Test Organization Unit 771s commonName = Test Organization Root Trusted Certificate 0001 771s X509v3 extensions: 771s X509v3 Authority Key Identifier: 771s 4E:22:F1:FF:16:DE:10:A4:6A:D6:6C:4E:62:95:BC:5A:39:67:22:23 771s X509v3 Basic Constraints: 771s CA:FALSE 771s Netscape Cert Type: 771s SSL Client, S/MIME 771s Netscape Comment: 771s Test Organization Root CA trusted Certificate 771s X509v3 Subject Key Identifier: 771s 01:3F:80:99:7D:61:08:8D:C4:68:65:70:45:8D:F5:EF:75:9C:C6:48 771s X509v3 Key Usage: critical 771s Digital Signature, Non Repudiation, Key Encipherment 771s X509v3 Extended Key Usage: 771s TLS Web Client Authentication, E-mail Protection 771s X509v3 Subject Alternative Name: 771s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 771s Certificate is to be certified until Mar 12 22:16:41 2025 GMT (365 days) 771s 771s Write out database with 1 new entries 771s Database updated 771s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001.pem 771s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001.pem 771s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001.pem 771s + local cmd=openssl 771s + shift 771s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001.pem 771s /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001.pem: OK 771s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 771s error 20 at 0 depth lookup: unable to get local issuer certificate 771s error /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001.pem: verification failed 771s + cat 771s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-32379 771s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-32379 1024 771s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-32379 -key /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001-request.pem 771s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001-request.pem 771s Certificate Request: 771s Data: 771s Version: 1 (0x0) 771s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 771s Subject Public Key Info: 771s Public Key Algorithm: rsaEncryption 771s Public-Key: (1024 bit) 771s Modulus: 771s 00:c8:ee:68:0c:04:af:44:80:6c:d8:7c:75:b4:0f: 771s 3b:90:5a:4b:60:ef:f7:10:e7:0d:73:8c:69:a9:1a: 771s 30:2a:31:50:ac:26:01:66:1e:0f:fd:33:cb:c2:e3: 771s 48:c8:29:ea:7d:3f:c8:65:87:3f:1f:7a:80:0f:16: 771s 51:6b:d6:ce:1e:ae:d0:5b:23:15:88:31:bd:c1:8c: 771s 2a:02:8c:ad:63:88:e5:85:2b:c3:95:85:e9:4e:31: 771s bb:9d:d7:07:d4:df:e9:04:be:3d:15:ee:f4:a0:24: 771s 64:47:7e:9b:91:9f:58:18:5e:e2:68:9d:ed:d9:86: 771s a0:85:b3:4a:85:05:6a:4b:6d 771s Exponent: 65537 (0x10001) 771s Attributes: 771s Requested Extensions: 771s X509v3 Basic Constraints: 771s CA:FALSE 771s Netscape Cert Type: 771s SSL Client, S/MIME 771s Netscape Comment: 771s Test Organization Intermediate CA trusted Certificate 771s X509v3 Subject Key Identifier: 771s 1B:44:D1:CA:C6:5D:82:0D:A9:25:FC:EA:4D:93:B2:84:B1:77:D3:4A 771s X509v3 Key Usage: critical 771s Digital Signature, Non Repudiation, Key Encipherment 771s X509v3 Extended Key Usage: 771s TLS Web Client Authentication, E-mail Protection 771s X509v3 Subject Alternative Name: 771s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 771s Signature Algorithm: sha256WithRSAEncryption 771s Signature Value: 771s 63:a3:cc:c3:e4:ab:98:96:af:86:af:ea:26:bf:81:1c:8b:76: 771s 03:8f:b3:fd:81:03:82:7e:48:4f:71:9e:35:5e:23:ea:e1:91: 771s 3a:32:89:60:7e:8d:aa:35:a6:c0:d1:b8:8f:60:53:4e:74:04: 771s e1:53:00:b5:f1:8d:78:90:12:4e:80:0a:f9:4b:5c:bf:57:44: 771s ac:ca:da:43:e3:d8:36:26:f2:0f:5c:44:39:0c:ee:d6:24:26: 771s 83:42:ba:b0:fb:a6:7d:60:76:14:c4:25:43:da:11:ee:dd:04: 771s 38:9a:8f:0f:74:e7:4f:47:d1:d7:38:8d:49:cd:79:4a:10:4d: 771s e5:72 771s + openssl ca -passin pass:random-intermediate-CA-password-6179 -config /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001.pem 771s Using configuration from /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.config 771s Check that the request matches the signature 771s Signature ok 771s Certificate Details: 771s Serial Number: 4 (0x4) 771s Validity 771s Not Before: Mar 12 22:16:41 2024 GMT 771s Not After : Mar 12 22:16:41 2025 GMT 771s Subject: 771s organizationName = Test Organization 771s organizationalUnitName = Test Organization Unit 771s commonName = Test Organization Intermediate Trusted Certificate 0001 771s X509v3 extensions: 771s X509v3 Authority Key Identifier: 771s 41:8D:47:83:7C:CD:F7:C6:D6:EA:23:17:F8:03:88:07:D6:9E:AD:7C 771s X509v3 Basic Constraints: 771s CA:FALSE 771s Netscape Cert Type: 771s SSL Client, S/MIME 771s Netscape Comment: 771s Test Organization Intermediate CA trusted Certificate 771s X509v3 Subject Key Identifier: 771s 1B:44:D1:CA:C6:5D:82:0D:A9:25:FC:EA:4D:93:B2:84:B1:77:D3:4A 771s X509v3 Key Usage: critical 771s Digital Signature, Non Repudiation, Key Encipherment 771s X509v3 Extended Key Usage: 771s TLS Web Client Authentication, E-mail Protection 771s X509v3 Subject Alternative Name: 771s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 771s Certificate is to be certified until Mar 12 22:16:41 2025 GMT (365 days) 771s 771s Write out database with 1 new entries 771s Database updated 771s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001.pem 771s + echo 'This certificate should not be trusted fully' 771s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001.pem 771s + local cmd=openssl 771s + shift 771s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001.pem 771s This certificate should not be trusted fully 771s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 771s error 2 at 1 depth lookup: unable to get issuer certificate 771s error /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 771s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001.pem 771s /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001.pem: OK 771s + cat 771s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-735 771s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-735 1024 771s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-735 -key /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 771s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 771s Certificate Request: 771s Data: 771s Version: 1 (0x0) 771s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 771s Subject Public Key Info: 771s Public Key Algorithm: rsaEncryption 771s Public-Key: (1024 bit) 771s Modulus: 771s 00:aa:33:84:66:4b:cf:d5:d4:ea:8c:a7:c5:3a:08: 771s c7:33:e2:06:a5:fa:7f:3f:4b:65:4d:71:80:ce:7b: 771s ad:bf:d7:5b:ba:2c:2b:24:18:d2:ea:b9:27:bc:bd: 771s 84:b7:8a:9d:3f:22:52:25:37:1e:10:10:46:32:0e: 771s fc:d6:c7:be:22:c7:bd:13:fd:e3:1f:2f:2e:11:14: 771s eb:18:5d:03:ca:cb:cf:c8:27:8b:f9:6d:bd:bb:ae: 771s ea:b4:a5:d7:8a:c3:ae:3e:4c:aa:fa:5f:ce:6d:3f: 771s 2e:26:6f:cc:75:5d:8a:31:f9:c3:34:a8:08:8f:9d: 771s dd:91:94:c9:3b:40:9e:f3:67 771s Exponent: 65537 (0x10001) 771s Attributes: 771s Requested Extensions: 771s X509v3 Basic Constraints: 771s CA:FALSE 771s Netscape Cert Type: 771s SSL Client, S/MIME 771s Netscape Comment: 771s Test Organization Sub Intermediate CA trusted Certificate 771s X509v3 Subject Key Identifier: 771s 8E:B6:FE:6A:9D:AF:7F:D8:95:C1:B7:F9:12:47:B6:D7:29:AB:9E:C1 771s X509v3 Key Usage: critical 771s Digital Signature, Non Repudiation, Key Encipherment 771s X509v3 Extended Key Usage: 771s TLS Web Client Authentication, E-mail Protection 771s X509v3 Subject Alternative Name: 771s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 771s Signature Algorithm: sha256WithRSAEncryption 771s Signature Value: 771s 93:44:40:16:80:29:d7:fa:d8:f3:b9:b2:5c:1d:2f:37:ad:71: 771s f5:27:07:ce:ff:94:ff:7d:00:dd:f5:61:99:e0:60:7e:61:ba: 771s 42:1c:7d:8f:0c:cf:08:cc:ba:bf:2f:50:42:70:1f:51:6c:0c: 771s 24:bb:49:06:c7:3b:ec:d2:a7:fd:b4:41:a3:bd:b6:83:77:5d: 771s cf:47:e4:db:cb:c8:7f:79:54:95:08:cf:f3:96:3a:4d:fe:4d: 771s 03:c1:c8:ae:44:bb:c2:e3:5d:1c:5d:10:49:18:b0:af:9b:8c: 771s 19:87:3b:2c:25:24:23:af:54:80:18:79:53:46:65:1b:e4:4c: 771s 78:53 771s + openssl ca -passin pass:random-sub-intermediate-CA-password-22934 -config /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem 771s Using configuration from /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.config 771s Check that the request matches the signature 771s Signature ok 771s Certificate Details: 771s Serial Number: 5 (0x5) 771s Validity 771s Not Before: Mar 12 22:16:41 2024 GMT 771s Not After : Mar 12 22:16:41 2025 GMT 771s Subject: 771s organizationName = Test Organization 771s organizationalUnitName = Test Organization Unit 771s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 771s X509v3 extensions: 771s X509v3 Authority Key Identifier: 771s D0:9B:95:55:D4:76:26:4B:EC:7E:19:0D:BF:01:EE:D1:64:AC:96:AB 771s X509v3 Basic Constraints: 771s CA:FALSE 771s Netscape Cert Type: 771s SSL Client, S/MIME 771s Netscape Comment: 771s Test Organization Sub Intermediate CA trusted Certificate 771s X509v3 Subject Key Identifier: 771s 8E:B6:FE:6A:9D:AF:7F:D8:95:C1:B7:F9:12:47:B6:D7:29:AB:9E:C1 771s X509v3 Key Usage: critical 771s Digital Signature, Non Repudiation, Key Encipherment 771s X509v3 Extended Key Usage: 771s TLS Web Client Authentication, E-mail Protection 771s X509v3 Subject Alternative Name: 771s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 771s Certificate is to be certified until Mar 12 22:16:41 2025 GMT (365 days) 771s 771s Write out database with 1 new entries 771s Database updated 771s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem 771s This certificate should not be trusted fully 771s + echo 'This certificate should not be trusted fully' 771s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem 771s + local cmd=openssl 771s + shift 771s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem 771s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 771s error 2 at 1 depth lookup: unable to get issuer certificate 771s error /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 771s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem 771s + local cmd=openssl 771s + shift 771s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem 771s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 771s error 20 at 0 depth lookup: unable to get local issuer certificate 771s error /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 771s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem 771s /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 771s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem 771s + local cmd=openssl 771s + shift 771s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem 771s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 771s error 20 at 0 depth lookup: unable to get local issuer certificate 771s error /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 771s Building a the full-chain CA file... 771s + echo 'Building a the full-chain CA file...' 771s + cat /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.pem 771s + cat /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem 771s + cat /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.pem 771s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-certs-sSJWjz/test-full-chain-CA.pem 771s + openssl pkcs7 -print_certs -noout 771s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 771s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 771s 771s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 771s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 771s 771s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 771s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 771s 771s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem 771s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001.pem 771s /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA.pem: OK 771s /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001.pem: OK 771s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001.pem 771s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-root-intermediate-chain-CA.pem 771s /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001.pem: OK 771s /tmp/sssd-softhsm2-certs-sSJWjz/test-root-intermediate-chain-CA.pem: OK 771s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-sSJWjz/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem 771s /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 771s Certificates generation completed! 771s + echo 'Certificates generation completed!' 771s + [[ -v NO_SSSD_TESTS ]] 771s + [[ -v GENERATE_SMART_CARDS ]] 771s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6946 771s + local certificate=/tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001.pem 771s + local key_pass=pass:random-root-ca-trusted-cert-0001-6946 771s + local key_cn 771s + local key_name 771s + local tokens_dir 771s + local output_cert_file 771s + token_name= 771s ++ basename /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001.pem .pem 771s + key_name=test-root-CA-trusted-certificate-0001 771s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001.pem 771s ++ sed -n 's/ *commonName *= //p' 771s + key_cn='Test Organization Root Trusted Certificate 0001' 771s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 771s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-root-CA-trusted-certificate-0001.conf 771s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-root-CA-trusted-certificate-0001.conf 771s ++ basename /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 771s + tokens_dir=/tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-root-CA-trusted-certificate-0001 771s + token_name='Test Organization Root Tr Token' 771s + '[' '!' -e /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 771s + local key_file 771s + local decrypted_key 771s + mkdir -p /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-root-CA-trusted-certificate-0001 771s + key_file=/tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001-key.pem 771s + decrypted_key=/tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001-key-decrypted.pem 771s + cat 771s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 123456 --so-pin 123456 --free 771s Slot 0 has a free/uninitialized token. 771s The token has been initialized and is reassigned to slot 480769906 771s + softhsm2-util --show-slots 771s Available slots: 771s Slot 480769906 771s Slot info: 771s Description: SoftHSM slot ID 0x1ca7f772 771s Manufacturer ID: SoftHSM project 771s Hardware version: 2.6 771s Firmware version: 2.6 771s Token present: yes 771s Token info: 771s Manufacturer ID: SoftHSM project 771s Model: SoftHSM v2 771s Hardware version: 2.6 771s Firmware version: 2.6 771s Serial number: fb6a858a1ca7f772 771s Initialized: yes 771s User PIN init.: yes 771s Label: Test Organization Root Tr Token 771s Slot 1 771s Slot info: 771s Description: SoftHSM slot ID 0x1 771s Manufacturer ID: SoftHSM project 771s Hardware version: 2.6 771s Firmware version: 2.6 771s Token present: yes 771s Token info: 771s Manufacturer ID: SoftHSM project 771s Model: SoftHSM v2 771s Hardware version: 2.6 771s Firmware version: 2.6 771s Serial number: 771s Initialized: no 771s User PIN init.: no 771s Label: 771s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 771s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-6946 -in /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001-key-decrypted.pem 771s writing RSA key 771s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 771s + rm /tmp/sssd-softhsm2-certs-sSJWjz/test-root-CA-trusted-certificate-0001-key-decrypted.pem 771s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 771s Object 0: 771s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fb6a858a1ca7f772;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 771s Type: X.509 Certificate (RSA-1024) 771s Expires: Wed Mar 12 22:16:41 2025 771s Label: Test Organization Root Trusted Certificate 0001 771s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 771s 771s Test Organization Root Tr Token 771s + echo 'Test Organization Root Tr Token' 771s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32379 771s + local certificate=/tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001.pem 771s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32379 771s + local key_cn 771s + local key_name 771s + local tokens_dir 771s + local output_cert_file 771s + token_name= 771s ++ basename /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001.pem .pem 771s + key_name=test-intermediate-CA-trusted-certificate-0001 771s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001.pem 771s ++ sed -n 's/ *commonName *= //p' 771s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 771s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 771s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 771s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 771s ++ basename /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 771s + tokens_dir=/tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-intermediate-CA-trusted-certificate-0001 771s + token_name='Test Organization Interme Token' 771s + '[' '!' -e /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 771s + local key_file 771s + local decrypted_key 771s + mkdir -p /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-intermediate-CA-trusted-certificate-0001 771s + key_file=/tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001-key.pem 771s + decrypted_key=/tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 771s + cat 771s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 123456 --so-pin 123456 --free 771s Slot 0 has a free/uninitialized token. 771s The token has been initialized and is reassigned to slot 46308326 771s + softhsm2-util --show-slots 771s Available slots: 771s Slot 46308326 771s Slot info: 771s Description: SoftHSM slot ID 0x2c29be6 771s Manufacturer ID: SoftHSM project 771s Hardware version: 2.6 771s Firmware version: 2.6 771s Token present: yes 771s Token info: 771s Manufacturer ID: SoftHSM project 771s Model: SoftHSM v2 771s Hardware version: 2.6 771s Firmware version: 2.6 771s Serial number: 071c30e282c29be6 771s Initialized: yes 771s User PIN init.: yes 771s Label: Test Organization Interme Token 771s Slot 1 771s Slot info: 771s Description: SoftHSM slot ID 0x1 771s Manufacturer ID: SoftHSM project 771s Hardware version: 2.6 771s Firmware version: 2.6 771s Token present: yes 771s Token info: 771s Manufacturer ID: SoftHSM project 771s Model: SoftHSM v2 771s Hardware version: 2.6 771s Firmware version: 2.6 771s Serial number: 771s Initialized: no 771s User PIN init.: no 771s Label: 771s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 771s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-32379 -in /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 771s writing RSA key 771s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 771s + rm /tmp/sssd-softhsm2-certs-sSJWjz/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 771s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 771s Object 0: 771s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=071c30e282c29be6;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 771s Type: X.509 Certificate (RSA-1024) 771s Expires: Wed Mar 12 22:16:41 2025 771s Label: Test Organization Intermediate Trusted Certificate 0001 771s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 771s 771s + echo 'Test Organization Interme Token' 771s Test Organization Interme Token 771s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-735 771s + local certificate=/tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem 771s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-735 771s + local key_cn 771s + local key_name 771s + local tokens_dir 771s + local output_cert_file 771s + token_name= 771s ++ basename /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 771s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 771s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem 771s ++ sed -n 's/ *commonName *= //p' 771s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 771s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 771s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 771s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 771s ++ basename /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 771s + tokens_dir=/tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 771s + token_name='Test Organization Sub Int Token' 771s + '[' '!' -e /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 771s + local key_file 771s + local decrypted_key 771s + mkdir -p /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 771s + key_file=/tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 771s + decrypted_key=/tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 771s + cat 771s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 123456 --so-pin 123456 --free 771s Slot 0 has a free/uninitialized token. 771s The token has been initialized and is reassigned to slot 1110484706 771s + softhsm2-util --show-slots 771s Available slots: 771s Slot 1110484706 771s Slot info: 771s Description: SoftHSM slot ID 0x4230a6e2 771s Manufacturer ID: SoftHSM project 771s Hardware version: 2.6 771s Firmware version: 2.6 771s Token present: yes 771s Token info: 771s Manufacturer ID: SoftHSM project 771s Model: SoftHSM v2 771s Hardware version: 2.6 771s Firmware version: 2.6 771s Serial number: 8b99b9cac230a6e2 771s Initialized: yes 771s User PIN init.: yes 771s Label: Test Organization Sub Int Token 771s Slot 1 771s Slot info: 771s Description: SoftHSM slot ID 0x1 771s Manufacturer ID: SoftHSM project 771s Hardware version: 2.6 771s Firmware version: 2.6 771s Token present: yes 771s Token info: 771s Manufacturer ID: SoftHSM project 771s Model: SoftHSM v2 771s Hardware version: 2.6 771s Firmware version: 2.6 771s Serial number: 771s Initialized: no 771s User PIN init.: no 771s Label: 771s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 771s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-735 -in /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 771s writing RSA key 771s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 771s + rm /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 771s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 771s Object 0: 771s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8b99b9cac230a6e2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 771s Type: X.509 Certificate (RSA-1024) 771s Expires: Wed Mar 12 22:16:41 2025 771s Label: Test Organization Sub Intermediate Trusted Certificate 0001 771s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 771s 771s Test Organization Sub Int Token 771s + echo 'Test Organization Sub Int Token' 771s + echo 'Certificates generation completed!' 771s + exit 0 771s Certificates generation completed! 771s + find /tmp/sssd-softhsm2-certs-sSJWjz -type d -exec chmod 777 '{}' ';' 771s + find /tmp/sssd-softhsm2-certs-sSJWjz -type f -exec chmod 666 '{}' ';' 771s + backup_file /etc/sssd/sssd.conf 771s + '[' -z '' ']' 771s ++ mktemp -d -t sssd-softhsm2-backups-XXXXXX 771s + backupsdir=/tmp/sssd-softhsm2-backups-rxZqNV 771s + '[' -e /etc/sssd/sssd.conf ']' 771s + delete_paths+=("$1") 771s + rm -f /etc/sssd/sssd.conf 771s ++ runuser -u ubuntu -- sh -c 'echo ~' 772s + user_home=/home/ubuntu 772s + mkdir -p /home/ubuntu 772s + chown ubuntu:ubuntu /home/ubuntu 772s ++ runuser -u ubuntu -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}' 772s + user_config=/home/ubuntu/.config 772s + system_config=/etc 772s + softhsm2_conf_paths=("${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf" "root:$system_config/softhsm/softhsm2.conf") 772s + for path_pair in "${softhsm2_conf_paths[@]}" 772s + IFS=: 772s + read -r -a path 772s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 772s + backup_file /home/ubuntu/.config/softhsm2/softhsm2.conf 772s + '[' -z /tmp/sssd-softhsm2-backups-rxZqNV ']' 772s + '[' -e /home/ubuntu/.config/softhsm2/softhsm2.conf ']' 772s + delete_paths+=("$1") 772s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 772s + for path_pair in "${softhsm2_conf_paths[@]}" 772s + IFS=: 772s + read -r -a path 772s + path=/etc/softhsm/softhsm2.conf 772s + backup_file /etc/softhsm/softhsm2.conf 772s + '[' -z /tmp/sssd-softhsm2-backups-rxZqNV ']' 772s + '[' -e /etc/softhsm/softhsm2.conf ']' 772s ++ dirname /etc/softhsm/softhsm2.conf 772s + local back_dir=/tmp/sssd-softhsm2-backups-rxZqNV//etc/softhsm 772s ++ basename /etc/softhsm/softhsm2.conf 772s + local back_path=/tmp/sssd-softhsm2-backups-rxZqNV//etc/softhsm/softhsm2.conf 772s + '[' '!' -e /tmp/sssd-softhsm2-backups-rxZqNV//etc/softhsm/softhsm2.conf ']' 772s + mkdir -p /tmp/sssd-softhsm2-backups-rxZqNV//etc/softhsm 772s + cp -a /etc/softhsm/softhsm2.conf /tmp/sssd-softhsm2-backups-rxZqNV//etc/softhsm/softhsm2.conf 772s + restore_paths+=("$back_path") 772s + rm -f /etc/softhsm/softhsm2.conf 772s + test_authentication login /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-root-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-sSJWjz/test-full-chain-CA.pem 772s + pam_service=login 772s + certificate_config=/tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-root-CA-trusted-certificate-0001.conf 772s + ca_db=/tmp/sssd-softhsm2-certs-sSJWjz/test-full-chain-CA.pem 772s + verification_options= 772s + mkdir -p -m 700 /etc/sssd 772s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-sSJWjz/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 772s Using CA DB '/tmp/sssd-softhsm2-certs-sSJWjz/test-full-chain-CA.pem' with verification options: '' 772s + cat 772s + chmod 600 /etc/sssd/sssd.conf 772s + for path_pair in "${softhsm2_conf_paths[@]}" 772s + IFS=: 772s + read -r -a path 772s + user=ubuntu 772s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 772s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 772s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 772s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-root-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 772s + runuser -u ubuntu -- softhsm2-util --show-slots 772s + grep 'Test Organization' 772s Label: Test Organization Root Tr Token 772s + for path_pair in "${softhsm2_conf_paths[@]}" 772s + IFS=: 772s + read -r -a path 772s + user=root 772s + path=/etc/softhsm/softhsm2.conf 772s ++ dirname /etc/softhsm/softhsm2.conf 772s + runuser -u root -- mkdir -p /etc/softhsm 772s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-root-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 772s + runuser -u root -- softhsm2-util --show-slots 772s + grep 'Test Organization' 772s Label: Test Organization Root Tr Token 772s + systemctl restart sssd 772s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 772s + for alternative in "${alternative_pam_configs[@]}" 772s + pam-auth-update --enable sss-smart-card-optional 772s + cat /etc/pam.d/common-auth 772s # 772s # /etc/pam.d/common-auth - authentication settings common to all services 772s # 772s # This file is included from other service-specific PAM config files, 772s # and should contain a list of the authentication modules that define 772s # the central authentication scheme for use on the system 772s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 772s # traditional Unix authentication mechanisms. 772s # 772s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 772s # To take advantage of this, it is recommended that you configure any 772s # local modules either before or after the default block, and use 772s # pam-auth-update to manage selection of other modules. See 772s # pam-auth-update(8) for details. 772s 772s # here are the per-package modules (the "Primary" block) 772s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 772s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 772s auth [success=1 default=ignore] pam_sss.so use_first_pass 772s # here's the fallback if no module succeeds 772s auth requisite pam_deny.so 772s # prime the stack with a positive return value if there isn't one already; 772s # this avoids us returning an error just because nothing sets a success code 772s # since the modules above will each just jump around 772s auth required pam_permit.so 772s # and here are more per-package modules (the "Additional" block) 772s auth optional pam_cap.so 772s # end of pam-auth-update config 772s + echo -n -e 123456 772s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 772s pamtester: invoking pam_start(login, ubuntu, ...) 772s pamtester: performing operation - authenticate 773s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 773s + echo -n -e 123456 773s + runuser -u ubuntu -- pamtester -v login '' authenticate 773s pamtester: invoking pam_start(login, , ...) 773s pamtester: performing operation - authenticate 773s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 773s + echo -n -e wrong123456 773s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 773s pamtester: invoking pam_start(login, ubuntu, ...) 773s pamtester: performing operation - authenticate 775s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 775s + echo -n -e wrong123456 775s + runuser -u ubuntu -- pamtester -v login '' authenticate 775s pamtester: invoking pam_start(login, , ...) 775s pamtester: performing operation - authenticate 778s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 778s + echo -n -e 123456 778s + pamtester -v login root authenticate 778s pamtester: invoking pam_start(login, root, ...) 778s pamtester: performing operation - authenticate 781s Password: pamtester: Authentication failure 781s + for alternative in "${alternative_pam_configs[@]}" 781s + pam-auth-update --enable sss-smart-card-required 782s PAM configuration 782s ----------------- 782s 782s Incompatible PAM profiles selected. 782s 782s The following PAM profiles cannot be used together: 782s 782s SSS required smart card authentication, SSS optional smart card 782s authentication 782s 782s Please select a different set of modules to enable. 782s 782s + cat /etc/pam.d/common-auth 782s # 782s # /etc/pam.d/common-auth - authentication settings common to all services 782s # 782s # This file is included from other service-specific PAM config files, 782s # and should contain a list of the authentication modules that define 782s # the central authentication scheme for use on the system 782s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 782s # traditional Unix authentication mechanisms. 782s # 782s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 782s # To take advantage of this, it is recommended that you configure any 782s # local modules either before or after the default block, and use 782s # pam-auth-update to manage selection of other modules. See 782s # pam-auth-update(8) for details. 782s 782s # here are the per-package modules (the "Primary" block) 782s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 782s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 782s auth [success=1 default=ignore] pam_sss.so use_first_pass 782s # here's the fallback if no module succeeds 782s auth requisite pam_deny.so 782s # prime the stack with a positive return value if there isn't one already; 782s # this avoids us returning an error just because nothing sets a success code 782s # since the modules above will each just jump around 782s auth required pam_permit.so 782s # and here are more per-package modules (the "Additional" block) 782s auth optional pam_cap.so 782s # end of pam-auth-update config 782s + echo -n -e 123456 782s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 782s pamtester: invoking pam_start(login, ubuntu, ...) 782s pamtester: performing operation - authenticate 782s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 782s + echo -n -e 123456 782s + runuser -u ubuntu -- pamtester -v login '' authenticate 782s pamtester: invoking pam_start(login, , ...) 782s pamtester: performing operation - authenticate 782s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 782s + echo -n -e wrong123456 782s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 782s pamtester: invoking pam_start(login, ubuntu, ...) 782s pamtester: performing operation - authenticate 785s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 785s + echo -n -e wrong123456 785s + runuser -u ubuntu -- pamtester -v login '' authenticate 785s pamtester: invoking pam_start(login, , ...) 785s pamtester: performing operation - authenticate 788s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 788s + echo -n -e 123456 788s + pamtester -v login root authenticate 788s pamtester: invoking pam_start(login, root, ...) 788s pamtester: performing operation - authenticate 790s pamtester: Authentication service cannot retrieve authentication info 790s + test_authentication login /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-sSJWjz/test-full-chain-CA.pem 790s + pam_service=login 790s + certificate_config=/tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 790s + ca_db=/tmp/sssd-softhsm2-certs-sSJWjz/test-full-chain-CA.pem 790s + verification_options= 790s + mkdir -p -m 700 /etc/sssd 790s Using CA DB '/tmp/sssd-softhsm2-certs-sSJWjz/test-full-chain-CA.pem' with verification options: '' 790s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-sSJWjz/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 790s + cat 790s + chmod 600 /etc/sssd/sssd.conf 790s Label: Test Organization Sub Int Token 790s + for path_pair in "${softhsm2_conf_paths[@]}" 790s + IFS=: 790s + read -r -a path 790s + user=ubuntu 790s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 790s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 790s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 790s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 790s + runuser -u ubuntu -- softhsm2-util --show-slots 790s + grep 'Test Organization' 790s + for path_pair in "${softhsm2_conf_paths[@]}" 790s + IFS=: 790s + read -r -a path 790s + user=root 790s + path=/etc/softhsm/softhsm2.conf 790s ++ dirname /etc/softhsm/softhsm2.conf 790s + runuser -u root -- mkdir -p /etc/softhsm 790s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 790s + runuser -u root -- softhsm2-util --show-slots 790s + grep 'Test Organization' 790s Label: Test Organization Sub Int Token 790s + systemctl restart sssd 793s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 793s + for alternative in "${alternative_pam_configs[@]}" 793s + pam-auth-update --enable sss-smart-card-optional 793s + cat /etc/pam.d/common-auth 793s # 793s # /etc/pam.d/common-auth - authentication settings common to all services 793s # 793s # This file is included from other service-specific PAM config files, 793s # and should contain a list of the authentication modules that define 793s # the central authentication scheme for use on the system 793s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 793s # traditional Unix authentication mechanisms. 793s # 793s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 793s # To take advantage of this, it is recommended that you configure any 793s # local modules either before or after the default block, and use 793s # pam-auth-update to manage selection of other modules. See 793s # pam-auth-update(8) for details. 793s 793s # here are the per-package modules (the "Primary" block) 793s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 793s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 793s auth [success=1 default=ignore] pam_sss.so use_first_pass 793s # here's the fallback if no module succeeds 793s auth requisite pam_deny.so 793s # prime the stack with a positive return value if there isn't one already; 793s # this avoids us returning an error just because nothing sets a success code 793s # since the modules above will each just jump around 793s auth required pam_permit.so 793s # and here are more per-package modules (the "Additional" block) 793s auth optional pam_cap.so 793s # end of pam-auth-update config 793s + echo -n -e 123456 793s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 793s pamtester: invoking pam_start(login, ubuntu, ...) 793s pamtester: performing operation - authenticate 793s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 793s + echo -n -e 123456 793s + runuser -u ubuntu -- pamtester -v login '' authenticate 793s pamtester: invoking pam_start(login, , ...) 793s pamtester: performing operation - authenticate 793s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 793s + echo -n -e wrong123456 793s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 793s pamtester: invoking pam_start(login, ubuntu, ...) 793s pamtester: performing operation - authenticate 796s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 796s + echo -n -e wrong123456 796s + runuser -u ubuntu -- pamtester -v login '' authenticate 796s pamtester: invoking pam_start(login, , ...) 796s pamtester: performing operation - authenticate 799s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 799s + echo -n -e 123456 799s + pamtester -v login root authenticate 799s pamtester: invoking pam_start(login, root, ...) 799s pamtester: performing operation - authenticate 801s Password: pamtester: Authentication failure 801s + for alternative in "${alternative_pam_configs[@]}" 801s + pam-auth-update --enable sss-smart-card-required 801s PAM configuration 801s ----------------- 801s 801s Incompatible PAM profiles selected. 801s 801s The following PAM profiles cannot be used together: 801s 801s SSS required smart card authentication, SSS optional smart card 801s authentication 801s 801s Please select a different set of modules to enable. 801s 801s + cat /etc/pam.d/common-auth 801s # 801s # /etc/pam.d/common-auth - authentication settings common to all services 801s # 801s # This file is included from other service-specific PAM config files, 801s # and should contain a list of the authentication modules that define 801s # the central authentication scheme for use on the system 801s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 801s # traditional Unix authentication mechanisms. 801s # 801s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 801s # To take advantage of this, it is recommended that you configure any 801s # local modules either before or after the default block, and use 801s # pam-auth-update to manage selection of other modules. See 801s # pam-auth-update(8) for details. 801s 801s # here are the per-package modules (the "Primary" block) 801s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 801s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 801s auth [success=1 default=ignore] pam_sss.so use_first_pass 801s # here's the fallback if no module succeeds 801s auth requisite pam_deny.so 801s # prime the stack with a positive return value if there isn't one already; 801s # this avoids us returning an error just because nothing sets a success code 801s # since the modules above will each just jump around 801s auth required pam_permit.so 801s # and here are more per-package modules (the "Additional" block) 801s auth optional pam_cap.so 801s # end of pam-auth-update config 801s + echo -n -e 123456 801s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 801s pamtester: invoking pam_start(login, ubuntu, ...) 801s pamtester: performing operation - authenticate 801s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 801s + echo -n -e 123456 801s + runuser -u ubuntu -- pamtester -v login '' authenticate 801s pamtester: invoking pam_start(login, , ...) 801s pamtester: performing operation - authenticate 801s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 801s + echo -n -e wrong123456 801s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 801s pamtester: invoking pam_start(login, ubuntu, ...) 801s pamtester: performing operation - authenticate 805s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 805s + echo -n -e wrong123456 805s + runuser -u ubuntu -- pamtester -v login '' authenticate 805s pamtester: invoking pam_start(login, , ...) 805s pamtester: performing operation - authenticate 808s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 808s + echo -n -e 123456 808s + pamtester -v login root authenticate 808s pamtester: invoking pam_start(login, root, ...) 808s pamtester: performing operation - authenticate 812s pamtester: Authentication service cannot retrieve authentication info 812s + test_authentication login /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.pem partial_chain 812s + pam_service=login 812s + certificate_config=/tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 812s + ca_db=/tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.pem 812s + verification_options=partial_chain 812s + mkdir -p -m 700 /etc/sssd 812s Using CA DB '/tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.pem' with verification options: 'partial_chain' 812s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-sSJWjz/test-sub-intermediate-CA.pem'\'' with verification options: '\''partial_chain'\''' 812s + cat 812s + chmod 600 /etc/sssd/sssd.conf 812s + for path_pair in "${softhsm2_conf_paths[@]}" 812s + IFS=: 812s + read -r -a path 812s + user=ubuntu 812s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 812s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 812s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 812s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 812s + runuser -u ubuntu -- softhsm2-util --show-slots 812s + grep 'Test Organization' 812s Label: Test Organization Sub Int Token 812s + for path_pair in "${softhsm2_conf_paths[@]}" 812s + IFS=: 812s + read -r -a path 812s + user=root 812s + path=/etc/softhsm/softhsm2.conf 812s ++ dirname /etc/softhsm/softhsm2.conf 812s + runuser -u root -- mkdir -p /etc/softhsm 812s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-sSJWjz/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 812s + runuser -u root -- softhsm2-util --show-slots 812s + grep 'Test Organization' 812s Label: Test Organization Sub Int Token 812s + systemctl restart sssd 812s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 812s + for alternative in "${alternative_pam_configs[@]}" 812s + pam-auth-update --enable sss-smart-card-optional 812s + cat /etc/pam.d/common-auth 812s # 812s # /etc/pam.d/common-auth - authentication settings common to all services 812s # 812s # This file is included from other service-specific PAM config files, 812s # and should contain a list of the authentication modules that define 812s # the central authentication scheme for use on the system 812s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 812s # traditional Unix authentication mechanisms. 812s # 812s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 812s # To take advantage of this, it is recommended that you configure any 812s # local modules either before or after the default block, and use 812s # pam-auth-update to manage selection of other modules. See 812s # pam-auth-update(8) for details. 812s 812s # here are the per-package modules (the "Primary" block) 812s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 812s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 812s auth [success=1 default=ignore] pam_sss.so use_first_pass 812s # here's the fallback if no module succeeds 812s auth requisite pam_deny.so 812s # prime the stack with a positive return value if there isn't one already; 812s # this avoids us returning an error just because nothing sets a success code 812s # since the modules above will each just jump around 812s auth required pam_permit.so 812s # and here are more per-package modules (the "Additional" block) 812s auth optional pam_cap.so 812s # end of pam-auth-update config 812s + echo -n -e 123456 812s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 812s pamtester: invoking pam_start(login, ubuntu, ...) 812s pamtester: performing operation - authenticate 812s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 812s + echo -n -e 123456 812s + runuser -u ubuntu -- pamtester -v login '' authenticate 812s pamtester: invoking pam_start(login, , ...) 812s pamtester: performing operation - authenticate 813s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 813s + echo -n -e wrong123456 813s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 813s pamtester: invoking pam_start(login, ubuntu, ...) 813s pamtester: performing operation - authenticate 815s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 815s + echo -n -e wrong123456 815s + runuser -u ubuntu -- pamtester -v login '' authenticate 815s pamtester: invoking pam_start(login, , ...) 815s pamtester: performing operation - authenticate 818s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 818s + echo -n -e 123456 818s + pamtester -v login root authenticate 818s pamtester: invoking pam_start(login, root, ...) 818s pamtester: performing operation - authenticate 821s Password: pamtester: Authentication failure 821s + for alternative in "${alternative_pam_configs[@]}" 821s + pam-auth-update --enable sss-smart-card-required 821s PAM configuration 821s ----------------- 821s 821s Incompatible PAM profiles selected. 821s 821s The following PAM profiles cannot be used together: 821s 821s SSS required smart card authentication, SSS optional smart card 821s authentication 821s 821s Please select a different set of modules to enable. 821s 821s + cat /etc/pam.d/common-auth 821s # 821s # /etc/pam.d/common-auth - authentication settings common to all services 821s # 821s # This file is included from other service-specific PAM config files, 821s # and should contain a list of the authentication modules that define 821s # the central authentication scheme for use on the system 821s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 821s # traditional Unix authentication mechanisms. 821s # 821s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 821s # To take advantage of this, it is recommended that you configure any 821s # local modules either before or after the default block, and use 821s # pam-auth-update to manage selection of other modules. See 821s # pam-auth-update(8) for details. 821s 821s # here are the per-package modules (the "Primary" block) 821s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 821s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 821s auth [success=1 default=ignore] pam_sss.so use_first_pass 821s # here's the fallback if no module succeeds 821s auth requisite pam_deny.so 821s # prime the stack with a positive return value if there isn't one already; 821s # this avoids us returning an error just because nothing sets a success code 821s # since the modules above will each just jump around 821s auth required pam_permit.so 821s # and here are more per-package modules (the "Additional" block) 821s auth optional pam_cap.so 821s # end of pam-auth-update config 821s + echo -n -e 123456 821s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 821s pamtester: invoking pam_start(login, ubuntu, ...) 821s pamtester: performing operation - authenticate 821s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 821s + echo -n -e 123456 821s + runuser -u ubuntu -- pamtester -v login '' authenticate 821s pamtester: invoking pam_start(login, , ...) 821s pamtester: performing operation - authenticate 821s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 821s + echo -n -e wrong123456 821s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 821s pamtester: invoking pam_start(login, ubuntu, ...) 821s pamtester: performing operation - authenticate 824s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 824s + echo -n -e wrong123456 824s + runuser -u ubuntu -- pamtester -v login '' authenticate 824s pamtester: invoking pam_start(login, , ...) 824s pamtester: performing operation - authenticate 828s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 828s + echo -n -e 123456 828s + pamtester -v login root authenticate 828s pamtester: invoking pam_start(login, root, ...) 828s pamtester: performing operation - authenticate 831s pamtester: Authentication service cannot retrieve authentication info 831s + handle_exit 831s + exit_code=0 831s + restore_changes 831s + for path in "${restore_paths[@]}" 831s + local original_path 831s ++ realpath --strip --relative-base=/tmp/sssd-softhsm2-backups-rxZqNV /tmp/sssd-softhsm2-backups-rxZqNV//etc/softhsm/softhsm2.conf 831s + original_path=/etc/softhsm/softhsm2.conf 831s + rm /etc/softhsm/softhsm2.conf 831s + mv /tmp/sssd-softhsm2-backups-rxZqNV//etc/softhsm/softhsm2.conf /etc/softhsm/softhsm2.conf 831s + for path in "${delete_paths[@]}" 831s + rm -f /etc/sssd/sssd.conf 831s + for path in "${delete_paths[@]}" 831s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 831s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 831s + '[' -e /etc/sssd/sssd.conf ']' 831s + systemctl stop sssd 831s + '[' -e /etc/softhsm/softhsm2.conf ']' 831s + chmod 600 /etc/softhsm/softhsm2.conf 831s + rm -rf /tmp/sssd-softhsm2-certs-sSJWjz 831s + '[' 0 = 0 ']' 831s + rm -rf /tmp/sssd-softhsm2-backups-rxZqNV 831s + set +x 831s Script completed successfully! 831s autopkgtest [22:17:41]: test sssd-smart-card-pam-auth-configs: -----------------------] 832s sssd-smart-card-pam-auth-configs PASS 832s autopkgtest [22:17:42]: test sssd-smart-card-pam-auth-configs: - - - - - - - - - - results - - - - - - - - - - 832s autopkgtest [22:17:42]: @@@@@@@@@@@@@@@@@@@@ summary 832s ldap-user-group-ldap-auth PASS 832s ldap-user-group-krb5-auth PASS 832s sssd-softhism2-certificates-tests.sh PASS 832s sssd-smart-card-pam-auth-configs PASS 844s Creating nova instance adt-noble-arm64-sssd-20240312-220349-juju-7f2275-prod-proposed-migration-environment-2 from image adt/ubuntu-noble-arm64-server-20240312.img (UUID c534cdfe-c0b7-48c4-b4bf-7376b15156d5)... 844s Creating nova instance adt-noble-arm64-sssd-20240312-220349-juju-7f2275-prod-proposed-migration-environment-2 from image adt/ubuntu-noble-arm64-server-20240312.img (UUID c534cdfe-c0b7-48c4-b4bf-7376b15156d5)...