0s autopkgtest [20:08:08]: starting date and time: 2024-03-24 20:08:08+0000 0s autopkgtest [20:08:08]: git checkout: 4a1cd702 l/adt_testbed: don't blame the testbed for unsolvable build deps 0s autopkgtest [20:08:08]: host juju-7f2275-prod-proposed-migration-environment-3; command line: /home/ubuntu/autopkgtest/runner/autopkgtest --output-dir /tmp/autopkgtest-work.8xzq0qva/out --timeout-copy=6000 --setup-commands /home/ubuntu/autopkgtest-cloud/worker-config-production/setup-canonical.sh --setup-commands /home/ubuntu/autopkgtest/setup-commands/setup-testbed --apt-pocket=proposed=src:samba,src:cups,src:db5.3,src:gnutls28,src:gpgme1.0,src:libarchive,src:libtirpc,src:nettle,src:openssl,src:python3.12,src:readline,src:sssd,src:tevent --apt-upgrade sssd --timeout-short=300 --timeout-copy=20000 --timeout-build=20000 '--env=ADT_TEST_TRIGGERS=samba/2:4.19.5+dfsg-4ubuntu7 cups/2.4.7-1.2ubuntu1 db5.3/5.3.28+dfsg2-6 gnutls28/3.8.3-1.1ubuntu2 gpgme1.0/1.18.0-4.1ubuntu3 libarchive/3.7.2-1.1ubuntu2 libtirpc/1.3.4+ds-1.1 nettle/3.9.1-2.2 openssl/3.0.13-0ubuntu2 python3.12/3.12.2-4build3 readline/8.2-4 sssd/2.9.4-1.1ubuntu3 tevent/0.16.1-2' -- ssh -s /home/ubuntu/autopkgtest/ssh-setup/nova -- --flavor autopkgtest --security-groups autopkgtest-juju-7f2275-prod-proposed-migration-environment-3@bos03-arm64-10.secgroup --name adt-noble-arm64-sssd-20240324-200808-juju-7f2275-prod-proposed-migration-environment-3 --image adt/ubuntu-noble-arm64-server --keyname testbed-juju-7f2275-prod-proposed-migration-environment-3 --net-id=net_prod-proposed-migration -e TERM=linux -e ''"'"'http_proxy=http://squid.internal:3128'"'"'' -e ''"'"'https_proxy=http://squid.internal:3128'"'"'' -e ''"'"'no_proxy=127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com'"'"'' --mirror=http://ftpmaster.internal/ubuntu/ 88s autopkgtest [20:09:36]: testbed dpkg architecture: arm64 88s autopkgtest [20:09:36]: testbed apt version: 2.7.12 88s autopkgtest [20:09:36]: @@@@@@@@@@@@@@@@@@@@ test bed setup 89s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 89s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [6540 B] 89s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [57.3 kB] 89s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [3981 kB] 89s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [495 kB] 89s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 Packages [708 kB] 89s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 c-n-f Metadata [3144 B] 89s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted arm64 Packages [33.7 kB] 89s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted arm64 c-n-f Metadata [116 B] 89s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe arm64 Packages [4355 kB] 89s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe arm64 c-n-f Metadata [8528 B] 89s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse arm64 Packages [70.1 kB] 89s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse arm64 c-n-f Metadata [116 B] 92s Fetched 9836 kB in 2s (4835 kB/s) 92s Reading package lists... 95s Reading package lists... 95s Building dependency tree... 95s Reading state information... 95s Calculating upgrade... 96s The following packages will be REMOVED: 96s libreadline8 libssl3 96s The following NEW packages will be installed: 96s libreadline8t64 libssl3t64 96s The following packages have been kept back: 96s libpython3.12-minimal libpython3.12-stdlib python3.12 python3.12-minimal 96s The following packages will be upgraded: 96s libtirpc-common openssl readline-common 96s 3 upgraded, 2 newly installed, 2 to remove and 4 not upgraded. 96s Need to get 2995 kB of archives. 96s After this operation, 207 kB of additional disk space will be used. 96s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 readline-common all 8.2-4 [56.4 kB] 96s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libreadline8t64 arm64 8.2-4 [153 kB] 96s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 openssl arm64 3.0.13-0ubuntu2 [985 kB] 97s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libssl3t64 arm64 3.0.13-0ubuntu2 [1793 kB] 97s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libtirpc-common all 1.3.4+ds-1.1 [8018 B] 97s Fetched 2995 kB in 1s (4096 kB/s) 97s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74819 files and directories currently installed.) 97s Preparing to unpack .../readline-common_8.2-4_all.deb ... 97s Unpacking readline-common (8.2-4) over (8.2-3) ... 97s dpkg: libreadline8:arm64: dependency problems, but removing anyway as you requested: 97s parted depends on libreadline8 (>= 6.0). 97s libpython3.12-stdlib:arm64 depends on libreadline8 (>= 7.0~beta). 97s gpgsm depends on libreadline8 (>= 6.0). 97s gpgconf depends on libreadline8 (>= 6.0). 97s gpg depends on libreadline8 (>= 6.0). 97s gawk depends on libreadline8 (>= 6.0). 97s fdisk depends on libreadline8 (>= 6.0). 97s 97s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74819 files and directories currently installed.) 97s Removing libreadline8:arm64 (8.2-3) ... 97s Selecting previously unselected package libreadline8t64:arm64. 97s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74807 files and directories currently installed.) 97s Preparing to unpack .../libreadline8t64_8.2-4_arm64.deb ... 98s Adding 'diversion of /lib/aarch64-linux-gnu/libhistory.so.8 to /lib/aarch64-linux-gnu/libhistory.so.8.usr-is-merged by libreadline8t64' 98s Adding 'diversion of /lib/aarch64-linux-gnu/libhistory.so.8.2 to /lib/aarch64-linux-gnu/libhistory.so.8.2.usr-is-merged by libreadline8t64' 98s Adding 'diversion of /lib/aarch64-linux-gnu/libreadline.so.8 to /lib/aarch64-linux-gnu/libreadline.so.8.usr-is-merged by libreadline8t64' 98s Adding 'diversion of /lib/aarch64-linux-gnu/libreadline.so.8.2 to /lib/aarch64-linux-gnu/libreadline.so.8.2.usr-is-merged by libreadline8t64' 98s Unpacking libreadline8t64:arm64 (8.2-4) ... 98s Preparing to unpack .../openssl_3.0.13-0ubuntu2_arm64.deb ... 98s Unpacking openssl (3.0.13-0ubuntu2) over (3.0.10-1ubuntu4) ... 98s dpkg: libssl3:arm64: dependency problems, but removing anyway as you requested: 98s wget depends on libssl3 (>= 3.0.0). 98s u-boot-tools depends on libssl3 (>= 3.0.0). 98s tnftp depends on libssl3 (>= 3.0.0). 98s tcpdump depends on libssl3 (>= 3.0.0). 98s systemd-resolved depends on libssl3 (>= 3.0.0). 98s systemd depends on libssl3 (>= 3.0.0). 98s sudo depends on libssl3 (>= 3.0.0). 98s sbsigntool depends on libssl3 (>= 3.0.0). 98s rsync depends on libssl3 (>= 3.0.0). 98s python3-cryptography depends on libssl3 (>= 3.0.0). 98s openssh-server depends on libssl3 (>= 3.0.10). 98s openssh-client depends on libssl3 (>= 3.0.10). 98s mtd-utils depends on libssl3 (>= 3.0.0). 98s mokutil depends on libssl3 (>= 3.0.0). 98s linux-headers-6.8.0-11-generic depends on libssl3 (>= 3.0.0). 98s libsystemd-shared:arm64 depends on libssl3 (>= 3.0.0). 98s libssh-4:arm64 depends on libssl3 (>= 3.0.0). 98s libsasl2-modules:arm64 depends on libssl3 (>= 3.0.0). 98s libsasl2-2:arm64 depends on libssl3 (>= 3.0.0). 98s libpython3.12-minimal:arm64 depends on libssl3 (>= 3.0.0). 98s libnvme1 depends on libssl3 (>= 3.0.0). 98s libkrb5-3:arm64 depends on libssl3 (>= 3.0.0). 98s libkmod2:arm64 depends on libssl3 (>= 3.0.0). 98s libfido2-1:arm64 depends on libssl3 (>= 3.0.0). 98s libcurl4:arm64 depends on libssl3 (>= 3.0.0). 98s libcryptsetup12:arm64 depends on libssl3 (>= 3.0.0). 98s kmod depends on libssl3 (>= 3.0.0). 98s dhcpcd-base depends on libssl3 (>= 3.0.0). 98s bind9-libs:arm64 depends on libssl3 (>= 3.0.0). 98s 98s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74827 files and directories currently installed.) 98s Removing libssl3:arm64 (3.0.10-1ubuntu4) ... 98s Selecting previously unselected package libssl3t64:arm64. 98s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74816 files and directories currently installed.) 98s Preparing to unpack .../libssl3t64_3.0.13-0ubuntu2_arm64.deb ... 98s Unpacking libssl3t64:arm64 (3.0.13-0ubuntu2) ... 98s Preparing to unpack .../libtirpc-common_1.3.4+ds-1.1_all.deb ... 98s Unpacking libtirpc-common (1.3.4+ds-1.1) over (1.3.4+ds-1build1) ... 98s Setting up libssl3t64:arm64 (3.0.13-0ubuntu2) ... 98s Setting up libtirpc-common (1.3.4+ds-1.1) ... 98s Setting up openssl (3.0.13-0ubuntu2) ... 98s Setting up readline-common (8.2-4) ... 98s Setting up libreadline8t64:arm64 (8.2-4) ... 98s Processing triggers for libc-bin (2.39-0ubuntu6) ... 98s Processing triggers for man-db (2.12.0-3) ... 99s Processing triggers for install-info (7.1-3) ... 99s Reading package lists... 99s Building dependency tree... 99s Reading state information... 100s 0 upgraded, 0 newly installed, 0 to remove and 4 not upgraded. 101s sh: Attempting to set up Debian/Ubuntu apt sources automatically 101s sh: Distribution appears to be Ubuntu 102s Reading package lists... 102s Building dependency tree... 102s Reading state information... 102s eatmydata is already the newest version (131-1). 102s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 103s Reading package lists... 103s Building dependency tree... 103s Reading state information... 103s dbus is already the newest version (1.14.10-4ubuntu1). 103s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 104s Reading package lists... 104s Building dependency tree... 104s Reading state information... 104s rng-tools-debian is already the newest version (2.4). 104s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 104s Reading package lists... 105s Building dependency tree... 105s Reading state information... 105s The following packages will be REMOVED: 105s cloud-init* python3-configobj* python3-debconf* 106s 0 upgraded, 0 newly installed, 3 to remove and 0 not upgraded. 106s After this operation, 3256 kB disk space will be freed. 106s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74829 files and directories currently installed.) 106s Removing cloud-init (24.1.2-0ubuntu1) ... 106s Removing python3-configobj (5.0.8-3) ... 106s Removing python3-debconf (1.5.86) ... 106s Processing triggers for man-db (2.12.0-3) ... 107s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74440 files and directories currently installed.) 107s Purging configuration files for cloud-init (24.1.2-0ubuntu1) ... 107s dpkg: warning: while removing cloud-init, directory '/etc/cloud/cloud.cfg.d' not empty so not removed 107s Processing triggers for rsyslog (8.2312.0-3ubuntu3) ... 107s invoke-rc.d: policy-rc.d denied execution of try-restart. 108s Reading package lists... 108s Building dependency tree... 108s Reading state information... 108s linux-generic is already the newest version (6.8.0-11.11+1). 108s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 109s Hit:1 http://ftpmaster.internal/ubuntu noble InRelease 109s Hit:2 http://ftpmaster.internal/ubuntu noble-updates InRelease 109s Hit:3 http://ftpmaster.internal/ubuntu noble-security InRelease 111s Reading package lists... 111s Reading package lists... 112s Building dependency tree... 112s Reading state information... 112s Calculating upgrade... 112s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 112s Reading package lists... 113s Building dependency tree... 113s Reading state information... 113s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 113s autopkgtest [20:10:01]: rebooting testbed after setup commands that affected boot 141s autopkgtest [20:10:29]: testbed running kernel: Linux 6.8.0-11-generic #11-Ubuntu SMP PREEMPT_DYNAMIC Wed Feb 14 02:53:31 UTC 2024 143s autopkgtest [20:10:31]: @@@@@@@@@@@@@@@@@@@@ apt-source sssd 161s Get:1 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (dsc) [5269 B] 161s Get:2 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (tar) [7983 kB] 161s Get:3 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (asc) [833 B] 161s Get:4 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (diff) [48.4 kB] 163s gpgv: Signature made Mon Feb 26 21:56:54 2024 UTC 163s gpgv: using RSA key E92FD0B36B14F1F4D8E0EB2F106DA1C8C3CBBF14 163s gpgv: Can't check signature: No public key 163s dpkg-source: warning: cannot verify inline signature for ./sssd_2.9.4-1ubuntu1.dsc: no acceptable signature found 164s autopkgtest [20:10:52]: testing package sssd version 2.9.4-1ubuntu1 165s autopkgtest [20:10:53]: build not needed 167s autopkgtest [20:10:55]: test ldap-user-group-ldap-auth: preparing testbed 169s Reading package lists... 169s Building dependency tree... 169s Reading state information... 170s Starting pkgProblemResolver with broken count: 0 170s Starting 2 pkgProblemResolver with broken count: 0 170s Done 170s The following additional packages will be installed: 170s expect ldap-utils libavahi-client3 libavahi-common-data libavahi-common3 170s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 170s libevent-2.1-7 libini-config5 libipa-hbac-dev libipa-hbac0 libjose0 libkrad0 170s libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo libodbc2 170s libpam-pwquality libpam-sss libpath-utils1 libpwquality-common libpwquality1 170s libref-array1 libsmbclient libsss-certmap-dev libsss-certmap0 170s libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev libsss-nss-idmap0 170s libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0 libverto-libevent1 170s libverto1 libwbclient0 python3-libipa-hbac python3-libsss-nss-idmap 170s python3-sss samba-libs slapd sssd sssd-ad sssd-ad-common sssd-common 170s sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap 170s sssd-passkey sssd-proxy sssd-tools tcl-expect tcl8.6 170s Suggested packages: 170s tk8.6 libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal 170s odbc-postgresql tdsodbc adcli libsasl2-modules-ldap tcl-tclreadline 170s Recommended packages: 170s cracklib-runtime libsasl2-modules-gssapi-mit 170s | libsasl2-modules-gssapi-heimdal 170s The following NEW packages will be installed: 170s autopkgtest-satdep expect ldap-utils libavahi-client3 libavahi-common-data 170s libavahi-common3 libbasicobjects0 libc-ares2 libcollection4 libcrack2 170s libdhash1 libevent-2.1-7 libini-config5 libipa-hbac-dev libipa-hbac0 170s libjose0 libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo 170s libodbc2 libpam-pwquality libpam-sss libpath-utils1 libpwquality-common 170s libpwquality1 libref-array1 libsmbclient libsss-certmap-dev libsss-certmap0 170s libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev libsss-nss-idmap0 170s libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0 libverto-libevent1 170s libverto1 libwbclient0 python3-libipa-hbac python3-libsss-nss-idmap 170s python3-sss samba-libs slapd sssd sssd-ad sssd-ad-common sssd-common 170s sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap 170s sssd-passkey sssd-proxy sssd-tools tcl-expect tcl8.6 171s 0 upgraded, 65 newly installed, 0 to remove and 0 not upgraded. 171s Need to get 12.6 MB/12.6 MB of archives. 171s After this operation, 59.9 MB of additional disk space will be used. 171s Get:1 /tmp/autopkgtest.kUbq3h/1-autopkgtest-satdep.deb autopkgtest-satdep arm64 0 [864 B] 171s Get:2 http://ftpmaster.internal/ubuntu noble/main arm64 libltdl7 arm64 2.4.7-7 [40.3 kB] 171s Get:3 http://ftpmaster.internal/ubuntu noble/main arm64 libodbc2 arm64 2.3.12-1 [144 kB] 171s Get:4 http://ftpmaster.internal/ubuntu noble/main arm64 slapd arm64 2.6.7+dfsg-1~exp1ubuntu1 [1515 kB] 171s Get:5 http://ftpmaster.internal/ubuntu noble/main arm64 libtcl8.6 arm64 8.6.13+dfsg-2 [980 kB] 171s Get:6 http://ftpmaster.internal/ubuntu noble/main arm64 tcl8.6 arm64 8.6.13+dfsg-2 [14.6 kB] 171s Get:7 http://ftpmaster.internal/ubuntu noble/universe arm64 tcl-expect arm64 5.45.4-2build1 [103 kB] 171s Get:8 http://ftpmaster.internal/ubuntu noble/universe arm64 expect arm64 5.45.4-2build1 [137 kB] 171s Get:9 http://ftpmaster.internal/ubuntu noble/main arm64 ldap-utils arm64 2.6.7+dfsg-1~exp1ubuntu1 [149 kB] 171s Get:10 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-common-data arm64 0.8-13ubuntu2 [29.5 kB] 171s Get:11 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-common3 arm64 0.8-13ubuntu2 [23.2 kB] 171s Get:12 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-client3 arm64 0.8-13ubuntu2 [27.3 kB] 171s Get:13 http://ftpmaster.internal/ubuntu noble/main arm64 libcrack2 arm64 2.9.6-5.1 [28.7 kB] 171s Get:14 http://ftpmaster.internal/ubuntu noble/main arm64 libevent-2.1-7 arm64 2.1.12-stable-9 [138 kB] 171s Get:15 http://ftpmaster.internal/ubuntu noble/universe arm64 libjose0 arm64 11-3 [44.1 kB] 171s Get:16 http://ftpmaster.internal/ubuntu noble/main arm64 libverto-libevent1 arm64 0.3.1-1ubuntu5 [5848 B] 171s Get:17 http://ftpmaster.internal/ubuntu noble/main arm64 libverto1 arm64 0.3.1-1ubuntu5 [10.2 kB] 171s Get:18 http://ftpmaster.internal/ubuntu noble/main arm64 libkrad0 arm64 1.20.1-5build1 [22.1 kB] 171s Get:19 http://ftpmaster.internal/ubuntu noble/main arm64 libtalloc2 arm64 2.4.2-1 [26.6 kB] 171s Get:20 http://ftpmaster.internal/ubuntu noble/main arm64 libtdb1 arm64 1.4.10-1 [48.4 kB] 171s Get:21 http://ftpmaster.internal/ubuntu noble/main arm64 libtevent0 arm64 0.16.1-1 [41.8 kB] 171s Get:22 http://ftpmaster.internal/ubuntu noble/main arm64 libldb2 arm64 2:2.8.0+samba4.19.5+dfsg-1ubuntu1 [187 kB] 171s Get:23 http://ftpmaster.internal/ubuntu noble/main arm64 libnfsidmap1 arm64 1:2.6.3-3ubuntu1 [47.1 kB] 171s Get:24 http://ftpmaster.internal/ubuntu noble/universe arm64 libnss-sudo all 1.9.15p5-3ubuntu1 [14.9 kB] 171s Get:25 http://ftpmaster.internal/ubuntu noble/main arm64 libpwquality-common all 1.4.5-3 [7658 B] 171s Get:26 http://ftpmaster.internal/ubuntu noble/main arm64 libpwquality1 arm64 1.4.5-3 [13.2 kB] 171s Get:27 http://ftpmaster.internal/ubuntu noble/main arm64 libpam-pwquality arm64 1.4.5-3 [11.6 kB] 171s Get:28 http://ftpmaster.internal/ubuntu noble/main arm64 libwbclient0 arm64 2:4.19.5+dfsg-1ubuntu1 [70.6 kB] 171s Get:29 http://ftpmaster.internal/ubuntu noble/main arm64 samba-libs arm64 2:4.19.5+dfsg-1ubuntu1 [6061 kB] 172s Get:30 http://ftpmaster.internal/ubuntu noble/main arm64 libnss-sss arm64 2.9.4-1ubuntu1 [31.7 kB] 172s Get:31 http://ftpmaster.internal/ubuntu noble/main arm64 libpam-sss arm64 2.9.4-1ubuntu1 [48.8 kB] 172s Get:32 http://ftpmaster.internal/ubuntu noble/main arm64 python3-sss arm64 2.9.4-1ubuntu1 [46.5 kB] 172s Get:33 http://ftpmaster.internal/ubuntu noble/main arm64 libc-ares2 arm64 1.27.0-1 [74.1 kB] 172s Get:34 http://ftpmaster.internal/ubuntu noble/main arm64 libdhash1 arm64 0.6.2-2 [8540 B] 172s Get:35 http://ftpmaster.internal/ubuntu noble/main arm64 libbasicobjects0 arm64 0.6.2-2 [5586 B] 172s Get:36 http://ftpmaster.internal/ubuntu noble/main arm64 libcollection4 arm64 0.6.2-2 [23.0 kB] 172s Get:37 http://ftpmaster.internal/ubuntu noble/main arm64 libpath-utils1 arm64 0.6.2-2 [8722 B] 172s Get:38 http://ftpmaster.internal/ubuntu noble/main arm64 libref-array1 arm64 0.6.2-2 [7042 B] 172s Get:39 http://ftpmaster.internal/ubuntu noble/main arm64 libini-config5 arm64 0.6.2-2 [43.7 kB] 172s Get:40 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-certmap0 arm64 2.9.4-1ubuntu1 [45.8 kB] 172s Get:41 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-idmap0 arm64 2.9.4-1ubuntu1 [21.8 kB] 172s Get:42 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-nss-idmap0 arm64 2.9.4-1ubuntu1 [30.3 kB] 172s Get:43 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-common arm64 2.9.4-1ubuntu1 [1147 kB] 172s Get:44 http://ftpmaster.internal/ubuntu noble/universe arm64 sssd-idp arm64 2.9.4-1ubuntu1 [27.9 kB] 172s Get:45 http://ftpmaster.internal/ubuntu noble/universe arm64 sssd-passkey arm64 2.9.4-1ubuntu1 [32.7 kB] 172s Get:46 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ad-common arm64 2.9.4-1ubuntu1 [75.4 kB] 172s Get:47 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-krb5-common arm64 2.9.4-1ubuntu1 [87.9 kB] 172s Get:48 http://ftpmaster.internal/ubuntu noble/main arm64 libsmbclient arm64 2:4.19.5+dfsg-1ubuntu1 [62.2 kB] 172s Get:49 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ad arm64 2.9.4-1ubuntu1 [134 kB] 172s Get:50 http://ftpmaster.internal/ubuntu noble/main arm64 libipa-hbac0 arm64 2.9.4-1ubuntu1 [16.7 kB] 172s Get:51 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ipa arm64 2.9.4-1ubuntu1 [220 kB] 172s Get:52 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-krb5 arm64 2.9.4-1ubuntu1 [14.3 kB] 172s Get:53 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ldap arm64 2.9.4-1ubuntu1 [31.3 kB] 172s Get:54 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-proxy arm64 2.9.4-1ubuntu1 [44.6 kB] 172s Get:55 http://ftpmaster.internal/ubuntu noble/main arm64 sssd arm64 2.9.4-1ubuntu1 [4120 B] 172s Get:56 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-dbus arm64 2.9.4-1ubuntu1 [103 kB] 172s Get:57 http://ftpmaster.internal/ubuntu noble/universe arm64 sssd-kcm arm64 2.9.4-1ubuntu1 [139 kB] 172s Get:58 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-tools arm64 2.9.4-1ubuntu1 [97.5 kB] 172s Get:59 http://ftpmaster.internal/ubuntu noble/main arm64 libipa-hbac-dev arm64 2.9.4-1ubuntu1 [6660 B] 172s Get:60 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-certmap-dev arm64 2.9.4-1ubuntu1 [5722 B] 172s Get:61 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-idmap-dev arm64 2.9.4-1ubuntu1 [8380 B] 172s Get:62 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-nss-idmap-dev arm64 2.9.4-1ubuntu1 [6714 B] 172s Get:63 http://ftpmaster.internal/ubuntu noble/universe arm64 libsss-sudo arm64 2.9.4-1ubuntu1 [20.4 kB] 172s Get:64 http://ftpmaster.internal/ubuntu noble/universe arm64 python3-libipa-hbac arm64 2.9.4-1ubuntu1 [16.6 kB] 172s Get:65 http://ftpmaster.internal/ubuntu noble/universe arm64 python3-libsss-nss-idmap arm64 2.9.4-1ubuntu1 [9160 B] 173s Preconfiguring packages ... 173s Fetched 12.6 MB in 2s (8374 kB/s) 173s Selecting previously unselected package libltdl7:arm64. 173s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74385 files and directories currently installed.) 173s Preparing to unpack .../00-libltdl7_2.4.7-7_arm64.deb ... 173s Unpacking libltdl7:arm64 (2.4.7-7) ... 173s Selecting previously unselected package libodbc2:arm64. 173s Preparing to unpack .../01-libodbc2_2.3.12-1_arm64.deb ... 173s Unpacking libodbc2:arm64 (2.3.12-1) ... 173s Selecting previously unselected package slapd. 173s Preparing to unpack .../02-slapd_2.6.7+dfsg-1~exp1ubuntu1_arm64.deb ... 173s Unpacking slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 173s Selecting previously unselected package libtcl8.6:arm64. 173s Preparing to unpack .../03-libtcl8.6_8.6.13+dfsg-2_arm64.deb ... 173s Unpacking libtcl8.6:arm64 (8.6.13+dfsg-2) ... 173s Selecting previously unselected package tcl8.6. 173s Preparing to unpack .../04-tcl8.6_8.6.13+dfsg-2_arm64.deb ... 173s Unpacking tcl8.6 (8.6.13+dfsg-2) ... 173s Selecting previously unselected package tcl-expect:arm64. 173s Preparing to unpack .../05-tcl-expect_5.45.4-2build1_arm64.deb ... 173s Unpacking tcl-expect:arm64 (5.45.4-2build1) ... 173s Selecting previously unselected package expect. 173s Preparing to unpack .../06-expect_5.45.4-2build1_arm64.deb ... 173s Unpacking expect (5.45.4-2build1) ... 173s Selecting previously unselected package ldap-utils. 173s Preparing to unpack .../07-ldap-utils_2.6.7+dfsg-1~exp1ubuntu1_arm64.deb ... 173s Unpacking ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 173s Selecting previously unselected package libavahi-common-data:arm64. 173s Preparing to unpack .../08-libavahi-common-data_0.8-13ubuntu2_arm64.deb ... 173s Unpacking libavahi-common-data:arm64 (0.8-13ubuntu2) ... 173s Selecting previously unselected package libavahi-common3:arm64. 173s Preparing to unpack .../09-libavahi-common3_0.8-13ubuntu2_arm64.deb ... 173s Unpacking libavahi-common3:arm64 (0.8-13ubuntu2) ... 173s Selecting previously unselected package libavahi-client3:arm64. 173s Preparing to unpack .../10-libavahi-client3_0.8-13ubuntu2_arm64.deb ... 173s Unpacking libavahi-client3:arm64 (0.8-13ubuntu2) ... 173s Selecting previously unselected package libcrack2:arm64. 173s Preparing to unpack .../11-libcrack2_2.9.6-5.1_arm64.deb ... 173s Unpacking libcrack2:arm64 (2.9.6-5.1) ... 173s Selecting previously unselected package libevent-2.1-7:arm64. 173s Preparing to unpack .../12-libevent-2.1-7_2.1.12-stable-9_arm64.deb ... 173s Unpacking libevent-2.1-7:arm64 (2.1.12-stable-9) ... 173s Selecting previously unselected package libjose0:arm64. 174s Preparing to unpack .../13-libjose0_11-3_arm64.deb ... 174s Unpacking libjose0:arm64 (11-3) ... 174s Selecting previously unselected package libverto-libevent1:arm64. 174s Preparing to unpack .../14-libverto-libevent1_0.3.1-1ubuntu5_arm64.deb ... 174s Unpacking libverto-libevent1:arm64 (0.3.1-1ubuntu5) ... 174s Selecting previously unselected package libverto1:arm64. 174s Preparing to unpack .../15-libverto1_0.3.1-1ubuntu5_arm64.deb ... 174s Unpacking libverto1:arm64 (0.3.1-1ubuntu5) ... 174s Selecting previously unselected package libkrad0:arm64. 174s Preparing to unpack .../16-libkrad0_1.20.1-5build1_arm64.deb ... 174s Unpacking libkrad0:arm64 (1.20.1-5build1) ... 174s Selecting previously unselected package libtalloc2:arm64. 174s Preparing to unpack .../17-libtalloc2_2.4.2-1_arm64.deb ... 174s Unpacking libtalloc2:arm64 (2.4.2-1) ... 174s Selecting previously unselected package libtdb1:arm64. 174s Preparing to unpack .../18-libtdb1_1.4.10-1_arm64.deb ... 174s Unpacking libtdb1:arm64 (1.4.10-1) ... 174s Selecting previously unselected package libtevent0:arm64. 174s Preparing to unpack .../19-libtevent0_0.16.1-1_arm64.deb ... 174s Unpacking libtevent0:arm64 (0.16.1-1) ... 174s Selecting previously unselected package libldb2:arm64. 174s Preparing to unpack .../20-libldb2_2%3a2.8.0+samba4.19.5+dfsg-1ubuntu1_arm64.deb ... 174s Unpacking libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 174s Selecting previously unselected package libnfsidmap1:arm64. 174s Preparing to unpack .../21-libnfsidmap1_1%3a2.6.3-3ubuntu1_arm64.deb ... 174s Unpacking libnfsidmap1:arm64 (1:2.6.3-3ubuntu1) ... 174s Selecting previously unselected package libnss-sudo. 174s Preparing to unpack .../22-libnss-sudo_1.9.15p5-3ubuntu1_all.deb ... 174s Unpacking libnss-sudo (1.9.15p5-3ubuntu1) ... 174s Selecting previously unselected package libpwquality-common. 174s Preparing to unpack .../23-libpwquality-common_1.4.5-3_all.deb ... 174s Unpacking libpwquality-common (1.4.5-3) ... 174s Selecting previously unselected package libpwquality1:arm64. 174s Preparing to unpack .../24-libpwquality1_1.4.5-3_arm64.deb ... 174s Unpacking libpwquality1:arm64 (1.4.5-3) ... 174s Selecting previously unselected package libpam-pwquality:arm64. 174s Preparing to unpack .../25-libpam-pwquality_1.4.5-3_arm64.deb ... 174s Unpacking libpam-pwquality:arm64 (1.4.5-3) ... 174s Selecting previously unselected package libwbclient0:arm64. 174s Preparing to unpack .../26-libwbclient0_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 174s Unpacking libwbclient0:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 174s Selecting previously unselected package samba-libs:arm64. 174s Preparing to unpack .../27-samba-libs_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 174s Unpacking samba-libs:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 174s Selecting previously unselected package libnss-sss:arm64. 174s Preparing to unpack .../28-libnss-sss_2.9.4-1ubuntu1_arm64.deb ... 174s Unpacking libnss-sss:arm64 (2.9.4-1ubuntu1) ... 174s Selecting previously unselected package libpam-sss:arm64. 174s Preparing to unpack .../29-libpam-sss_2.9.4-1ubuntu1_arm64.deb ... 174s Unpacking libpam-sss:arm64 (2.9.4-1ubuntu1) ... 174s Selecting previously unselected package python3-sss. 174s Preparing to unpack .../30-python3-sss_2.9.4-1ubuntu1_arm64.deb ... 174s Unpacking python3-sss (2.9.4-1ubuntu1) ... 174s Selecting previously unselected package libc-ares2:arm64. 174s Preparing to unpack .../31-libc-ares2_1.27.0-1_arm64.deb ... 174s Unpacking libc-ares2:arm64 (1.27.0-1) ... 174s Selecting previously unselected package libdhash1:arm64. 174s Preparing to unpack .../32-libdhash1_0.6.2-2_arm64.deb ... 174s Unpacking libdhash1:arm64 (0.6.2-2) ... 174s Selecting previously unselected package libbasicobjects0:arm64. 174s Preparing to unpack .../33-libbasicobjects0_0.6.2-2_arm64.deb ... 174s Unpacking libbasicobjects0:arm64 (0.6.2-2) ... 175s Selecting previously unselected package libcollection4:arm64. 175s Preparing to unpack .../34-libcollection4_0.6.2-2_arm64.deb ... 175s Unpacking libcollection4:arm64 (0.6.2-2) ... 175s Selecting previously unselected package libpath-utils1:arm64. 175s Preparing to unpack .../35-libpath-utils1_0.6.2-2_arm64.deb ... 175s Unpacking libpath-utils1:arm64 (0.6.2-2) ... 175s Selecting previously unselected package libref-array1:arm64. 175s Preparing to unpack .../36-libref-array1_0.6.2-2_arm64.deb ... 175s Unpacking libref-array1:arm64 (0.6.2-2) ... 175s Selecting previously unselected package libini-config5:arm64. 175s Preparing to unpack .../37-libini-config5_0.6.2-2_arm64.deb ... 175s Unpacking libini-config5:arm64 (0.6.2-2) ... 175s Selecting previously unselected package libsss-certmap0. 175s Preparing to unpack .../38-libsss-certmap0_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking libsss-certmap0 (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package libsss-idmap0. 175s Preparing to unpack .../39-libsss-idmap0_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking libsss-idmap0 (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package libsss-nss-idmap0. 175s Preparing to unpack .../40-libsss-nss-idmap0_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package sssd-common. 175s Preparing to unpack .../41-sssd-common_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking sssd-common (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package sssd-idp. 175s Preparing to unpack .../42-sssd-idp_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking sssd-idp (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package sssd-passkey. 175s Preparing to unpack .../43-sssd-passkey_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking sssd-passkey (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package sssd-ad-common. 175s Preparing to unpack .../44-sssd-ad-common_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking sssd-ad-common (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package sssd-krb5-common. 175s Preparing to unpack .../45-sssd-krb5-common_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking sssd-krb5-common (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package libsmbclient:arm64. 175s Preparing to unpack .../46-libsmbclient_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 175s Unpacking libsmbclient:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 175s Selecting previously unselected package sssd-ad. 175s Preparing to unpack .../47-sssd-ad_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking sssd-ad (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package libipa-hbac0. 175s Preparing to unpack .../48-libipa-hbac0_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking libipa-hbac0 (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package sssd-ipa. 175s Preparing to unpack .../49-sssd-ipa_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking sssd-ipa (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package sssd-krb5. 175s Preparing to unpack .../50-sssd-krb5_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking sssd-krb5 (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package sssd-ldap. 175s Preparing to unpack .../51-sssd-ldap_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking sssd-ldap (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package sssd-proxy. 175s Preparing to unpack .../52-sssd-proxy_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking sssd-proxy (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package sssd. 175s Preparing to unpack .../53-sssd_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking sssd (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package sssd-dbus. 175s Preparing to unpack .../54-sssd-dbus_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking sssd-dbus (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package sssd-kcm. 175s Preparing to unpack .../55-sssd-kcm_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking sssd-kcm (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package sssd-tools. 175s Preparing to unpack .../56-sssd-tools_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking sssd-tools (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package libipa-hbac-dev. 175s Preparing to unpack .../57-libipa-hbac-dev_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking libipa-hbac-dev (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package libsss-certmap-dev. 175s Preparing to unpack .../58-libsss-certmap-dev_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking libsss-certmap-dev (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package libsss-idmap-dev. 175s Preparing to unpack .../59-libsss-idmap-dev_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking libsss-idmap-dev (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package libsss-nss-idmap-dev. 175s Preparing to unpack .../60-libsss-nss-idmap-dev_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking libsss-nss-idmap-dev (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package libsss-sudo. 175s Preparing to unpack .../61-libsss-sudo_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking libsss-sudo (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package python3-libipa-hbac. 175s Preparing to unpack .../62-python3-libipa-hbac_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking python3-libipa-hbac (2.9.4-1ubuntu1) ... 175s Selecting previously unselected package python3-libsss-nss-idmap. 175s Preparing to unpack .../63-python3-libsss-nss-idmap_2.9.4-1ubuntu1_arm64.deb ... 175s Unpacking python3-libsss-nss-idmap (2.9.4-1ubuntu1) ... 176s Selecting previously unselected package autopkgtest-satdep. 176s Preparing to unpack .../64-1-autopkgtest-satdep.deb ... 176s Unpacking autopkgtest-satdep (0) ... 176s Setting up libpwquality-common (1.4.5-3) ... 176s Setting up libpath-utils1:arm64 (0.6.2-2) ... 176s Setting up libnfsidmap1:arm64 (1:2.6.3-3ubuntu1) ... 176s Setting up libsss-idmap0 (2.9.4-1ubuntu1) ... 176s Setting up libbasicobjects0:arm64 (0.6.2-2) ... 176s Setting up libsss-idmap-dev (2.9.4-1ubuntu1) ... 176s Setting up libtdb1:arm64 (1.4.10-1) ... 176s Setting up libc-ares2:arm64 (1.27.0-1) ... 176s Setting up ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 176s Setting up libjose0:arm64 (11-3) ... 176s Setting up libwbclient0:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 176s Setting up libtalloc2:arm64 (2.4.2-1) ... 176s Setting up libdhash1:arm64 (0.6.2-2) ... 176s Setting up libtevent0:arm64 (0.16.1-1) ... 176s Setting up libavahi-common-data:arm64 (0.8-13ubuntu2) ... 176s Setting up libevent-2.1-7:arm64 (2.1.12-stable-9) ... 176s Setting up libtcl8.6:arm64 (8.6.13+dfsg-2) ... 176s Setting up libltdl7:arm64 (2.4.7-7) ... 176s Setting up libcrack2:arm64 (2.9.6-5.1) ... 176s Setting up libcollection4:arm64 (0.6.2-2) ... 176s Setting up libodbc2:arm64 (2.3.12-1) ... 176s Setting up libipa-hbac0 (2.9.4-1ubuntu1) ... 176s Setting up python3-libipa-hbac (2.9.4-1ubuntu1) ... 176s Setting up libref-array1:arm64 (0.6.2-2) ... 176s Setting up libnss-sudo (1.9.15p5-3ubuntu1) ... 176s Setting up libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 176s Setting up libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 176s Setting up libnss-sss:arm64 (2.9.4-1ubuntu1) ... 176s Setting up slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 176s Creating new user openldap... done. 176s Creating initial configuration... done. 176s Creating LDAP directory... done. 177s Setting up tcl8.6 (8.6.13+dfsg-2) ... 177s Setting up libsss-sudo (2.9.4-1ubuntu1) ... 177s Setting up libsss-nss-idmap-dev (2.9.4-1ubuntu1) ... 177s Setting up libipa-hbac-dev (2.9.4-1ubuntu1) ... 177s Setting up libini-config5:arm64 (0.6.2-2) ... 177s Setting up libavahi-common3:arm64 (0.8-13ubuntu2) ... 177s Setting up tcl-expect:arm64 (5.45.4-2build1) ... 177s Setting up python3-sss (2.9.4-1ubuntu1) ... 177s Setting up libsss-certmap0 (2.9.4-1ubuntu1) ... 177s Setting up libpwquality1:arm64 (1.4.5-3) ... 177s Setting up python3-libsss-nss-idmap (2.9.4-1ubuntu1) ... 177s Setting up libavahi-client3:arm64 (0.8-13ubuntu2) ... 177s Setting up expect (5.45.4-2build1) ... 177s Setting up libpam-pwquality:arm64 (1.4.5-3) ... 177s Setting up samba-libs:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 177s Setting up libsss-certmap-dev (2.9.4-1ubuntu1) ... 177s Setting up libsmbclient:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 177s Setting up libpam-sss:arm64 (2.9.4-1ubuntu1) ... 177s Setting up sssd-common (2.9.4-1ubuntu1) ... 177s Creating SSSD system user & group... 177s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 177s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 177s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 178s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 178s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 178s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 178s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 179s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 179s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 179s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 179s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 180s sssd-autofs.service is a disabled or a static unit, not starting it. 180s sssd-nss.service is a disabled or a static unit, not starting it. 180s sssd-pam.service is a disabled or a static unit, not starting it. 180s sssd-ssh.service is a disabled or a static unit, not starting it. 180s sssd-sudo.service is a disabled or a static unit, not starting it. 180s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 180s Setting up sssd-proxy (2.9.4-1ubuntu1) ... 180s Setting up sssd-kcm (2.9.4-1ubuntu1) ... 180s Created symlink /etc/systemd/system/sockets.target.wants/sssd-kcm.socket → /usr/lib/systemd/system/sssd-kcm.socket. 181s sssd-kcm.service is a disabled or a static unit, not starting it. 181s Setting up sssd-dbus (2.9.4-1ubuntu1) ... 181s sssd-ifp.service is a disabled or a static unit, not starting it. 181s Setting up sssd-ad-common (2.9.4-1ubuntu1) ... 181s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 182s sssd-pac.service is a disabled or a static unit, not starting it. 182s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 182s Setting up sssd-krb5-common (2.9.4-1ubuntu1) ... 182s Setting up sssd-krb5 (2.9.4-1ubuntu1) ... 182s Setting up sssd-ldap (2.9.4-1ubuntu1) ... 182s Setting up sssd-ad (2.9.4-1ubuntu1) ... 182s Setting up sssd-tools (2.9.4-1ubuntu1) ... 182s Setting up sssd-ipa (2.9.4-1ubuntu1) ... 182s Setting up sssd (2.9.4-1ubuntu1) ... 182s Setting up libverto-libevent1:arm64 (0.3.1-1ubuntu5) ... 182s Setting up libverto1:arm64 (0.3.1-1ubuntu5) ... 182s Setting up libkrad0:arm64 (1.20.1-5build1) ... 182s Setting up sssd-passkey (2.9.4-1ubuntu1) ... 182s Setting up sssd-idp (2.9.4-1ubuntu1) ... 182s Setting up autopkgtest-satdep (0) ... 182s Processing triggers for libc-bin (2.39-0ubuntu6) ... 182s Processing triggers for ufw (0.36.2-5) ... 182s Processing triggers for man-db (2.12.0-3) ... 183s Processing triggers for dbus (1.14.10-4ubuntu1) ... 193s (Reading database ... 75670 files and directories currently installed.) 193s Removing autopkgtest-satdep (0) ... 194s autopkgtest [20:11:22]: test ldap-user-group-ldap-auth: [----------------------- 194s + . debian/tests/util 194s + . debian/tests/common-tests 194s + mydomain=example.com 194s + myhostname=ldap.example.com 194s + mysuffix=dc=example,dc=com 194s + admin_dn=cn=admin,dc=example,dc=com 194s + admin_pw=secret 194s + ldap_user=testuser1 194s + ldap_user_pw=testuser1secret 194s + ldap_group=ldapusers 194s + adjust_hostname ldap.example.com 194s + local myhostname=ldap.example.com 194s + echo ldap.example.com 194s + hostname ldap.example.com 194s + grep -qE ldap.example.com /etc/hosts 194s + echo 127.0.1.10 ldap.example.com 194s + reconfigure_slapd 194s + debconf-set-selections 194s + rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb 194s + dpkg-reconfigure -fnoninteractive -pcritical slapd 194s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 194s Moving old database directory to /var/backups: 194s - directory unknown... done. 194s Creating initial configuration... done. 194s Creating LDAP directory... done. 195s + generate_certs ldap.example.com 195s + local cn=ldap.example.com 195s + local cert=/etc/ldap/server.pem 195s + local key=/etc/ldap/server.key 195s + local cnf=/etc/ldap/openssl.cnf 195s + cat 195s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 195s ...............................................................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 195s ...........................................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 195s ----- 195s + chmod 0640 /etc/ldap/server.key 195s + chgrp openldap /etc/ldap/server.key 195s + [ ! -f /etc/ldap/server.pem ] 195s + [ ! -f /etc/ldap/server.key ] 195s + enable_ldap_ssl 195s + cat 195s + cat 195s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 195s modifying entry "cn=config" 195s 195s + populate_ldap_rfc2307 195s + cat 195s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 195s adding new entry "ou=People,dc=example,dc=com" 195s 195s adding new entry "ou=Group,dc=example,dc=com" 195s 195s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 195s 195s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 195s 195s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 195s 195s + configure_sssd_ldap_rfc2307 195s + cat 195s + chmod 0600 /etc/sssd/sssd.conf 195s + systemctl restart sssd 196s + enable_pam_mkhomedir 196s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 196s + echo session optional pam_mkhomedir.so 196s + run_common_tests 196s + echo Assert local user databases do not have our LDAP test data 196s + check_local_user testuser1 196s + local local_user=testuser1 196s + grep -q ^testuser1 /etc/passwd 196s Assert local user databases do not have our LDAP test data 196s + check_local_group testuser1 196s + local local_group=testuser1 196s + grep -q ^testuser1 /etc/group 196s + check_local_group ldapusers 196s + local local_group=ldapusers 196s + grep -q ^ldapusers /etc/group 196s The LDAP user is known to the system via getent 196s + echo The LDAP user is known to the system via getent 196s + check_getent_user testuser1 196s + local getent_user=testuser1 196s + local output 196s + getent passwd testuser1 196s The LDAP user's private group is known to the system via getent 196s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 196s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 196s + echo The LDAP user's private group is known to the system via getent 196s + check_getent_group testuser1 196s + local getent_group=testuser1 196s + local output 196s + getent group testuser1 196s The LDAP group ldapusers is known to the system via getent 196s + output=testuser1:*:10001:testuser1 196s + [ -z testuser1:*:10001:testuser1 ] 196s + echo The LDAP group ldapusers is known to the system via getent 196s + check_getent_group ldapusers 196s + local getent_group=ldapusers 196s + local output 196s + getent group ldapusers 196s The id(1) command can resolve the group membership of the LDAP user 196s + output=ldapusers:*:10100:testuser1 196s + [ -z ldapusers:*:10100:testuser1 ] 196s + echo The id(1) command can resolve the group membership of the LDAP user 196s + id -Gn testuser1 196s + output=testuser1 ldapusers 196s + [ testuser1 ldapusers != testuser1 ldapusers ] 196s + echo The LDAP user can login on a terminal 196s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1secret 196s The LDAP user can login on a terminal 196s spawn login 196s ldap.example.com login: testuser1 196s Password: 196s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic aarch64) 196s 196s * Documentation: https://help.ubuntu.com 196s * Management: https://landscape.canonical.com 196s * Support: https://ubuntu.com/pro 196s 196s 196s The programs included with the Ubuntu system are free software; 196s the exact distribution terms for each program are described in the 196s individual files in /usr/share/doc/*/copyright. 196s 196s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 196s applicable law. 196s 196s 196s The programs included with the Ubuntu system are free software; 196s the exact distribution terms for each program are described in the 196s individual files in /usr/share/doc/*/copyright. 196s 196s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 196s applicable law. 196s 196s Creating directory '/home/testuser1'. 196s [?2004htestuser1@ldap:~$ id -un 196s [?2004l testuser1 196s [?2004htestuser1@ldap:~$ autopkgtest [20:11:24]: test ldap-user-group-ldap-auth: -----------------------] 197s autopkgtest [20:11:25]: test ldap-user-group-ldap-auth: - - - - - - - - - - results - - - - - - - - - - 197s ldap-user-group-ldap-auth PASS 197s autopkgtest [20:11:25]: test ldap-user-group-krb5-auth: preparing testbed 208s Reading package lists... 209s Building dependency tree... 209s Reading state information... 209s Starting pkgProblemResolver with broken count: 0 209s Starting 2 pkgProblemResolver with broken count: 0 209s Done 210s The following additional packages will be installed: 210s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4 210s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 210s Suggested packages: 210s krb5-kdc-ldap krb5-kpropd krb5-k5tls krb5-doc 210s The following NEW packages will be installed: 210s autopkgtest-satdep krb5-admin-server krb5-config krb5-kdc krb5-user 210s libgssrpc4 libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 210s 0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded. 210s Need to get 594 kB/595 kB of archives. 210s After this operation, 2907 kB of additional disk space will be used. 210s Get:1 /tmp/autopkgtest.kUbq3h/2-autopkgtest-satdep.deb autopkgtest-satdep arm64 0 [884 B] 210s Get:2 http://ftpmaster.internal/ubuntu noble/main arm64 krb5-config all 2.7 [22.0 kB] 210s Get:3 http://ftpmaster.internal/ubuntu noble/main arm64 libgssrpc4 arm64 1.20.1-5build1 [57.4 kB] 210s Get:4 http://ftpmaster.internal/ubuntu noble/main arm64 libkadm5clnt-mit12 arm64 1.20.1-5build1 [39.9 kB] 210s Get:5 http://ftpmaster.internal/ubuntu noble/main arm64 libkdb5-10 arm64 1.20.1-5build1 [39.8 kB] 210s Get:6 http://ftpmaster.internal/ubuntu noble/main arm64 libkadm5srv-mit12 arm64 1.20.1-5build1 [53.2 kB] 210s Get:7 http://ftpmaster.internal/ubuntu noble/universe arm64 krb5-user arm64 1.20.1-5build1 [108 kB] 210s Get:8 http://ftpmaster.internal/ubuntu noble/universe arm64 krb5-kdc arm64 1.20.1-5build1 [180 kB] 210s Get:9 http://ftpmaster.internal/ubuntu noble/universe arm64 krb5-admin-server arm64 1.20.1-5build1 [94.6 kB] 210s Preconfiguring packages ... 211s Fetched 594 kB in 1s (1076 kB/s) 211s Selecting previously unselected package krb5-config. 211s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75670 files and directories currently installed.) 211s Preparing to unpack .../0-krb5-config_2.7_all.deb ... 211s Unpacking krb5-config (2.7) ... 211s Selecting previously unselected package libgssrpc4:arm64. 211s Preparing to unpack .../1-libgssrpc4_1.20.1-5build1_arm64.deb ... 211s Unpacking libgssrpc4:arm64 (1.20.1-5build1) ... 211s Selecting previously unselected package libkadm5clnt-mit12:arm64. 211s Preparing to unpack .../2-libkadm5clnt-mit12_1.20.1-5build1_arm64.deb ... 211s Unpacking libkadm5clnt-mit12:arm64 (1.20.1-5build1) ... 211s Selecting previously unselected package libkdb5-10:arm64. 211s Preparing to unpack .../3-libkdb5-10_1.20.1-5build1_arm64.deb ... 211s Unpacking libkdb5-10:arm64 (1.20.1-5build1) ... 211s Selecting previously unselected package libkadm5srv-mit12:arm64. 211s Preparing to unpack .../4-libkadm5srv-mit12_1.20.1-5build1_arm64.deb ... 211s Unpacking libkadm5srv-mit12:arm64 (1.20.1-5build1) ... 211s Selecting previously unselected package krb5-user. 211s Preparing to unpack .../5-krb5-user_1.20.1-5build1_arm64.deb ... 211s Unpacking krb5-user (1.20.1-5build1) ... 211s Selecting previously unselected package krb5-kdc. 211s Preparing to unpack .../6-krb5-kdc_1.20.1-5build1_arm64.deb ... 211s Unpacking krb5-kdc (1.20.1-5build1) ... 211s Selecting previously unselected package krb5-admin-server. 211s Preparing to unpack .../7-krb5-admin-server_1.20.1-5build1_arm64.deb ... 211s Unpacking krb5-admin-server (1.20.1-5build1) ... 211s Selecting previously unselected package autopkgtest-satdep. 211s Preparing to unpack .../8-2-autopkgtest-satdep.deb ... 211s Unpacking autopkgtest-satdep (0) ... 211s Setting up libgssrpc4:arm64 (1.20.1-5build1) ... 211s Setting up krb5-config (2.7) ... 211s Setting up libkadm5clnt-mit12:arm64 (1.20.1-5build1) ... 211s Setting up libkdb5-10:arm64 (1.20.1-5build1) ... 211s Setting up libkadm5srv-mit12:arm64 (1.20.1-5build1) ... 211s Setting up krb5-user (1.20.1-5build1) ... 211s update-alternatives: using /usr/bin/kinit.mit to provide /usr/bin/kinit (kinit) in auto mode 211s update-alternatives: using /usr/bin/klist.mit to provide /usr/bin/klist (klist) in auto mode 211s update-alternatives: using /usr/bin/kswitch.mit to provide /usr/bin/kswitch (kswitch) in auto mode 211s update-alternatives: using /usr/bin/ksu.mit to provide /usr/bin/ksu (ksu) in auto mode 211s update-alternatives: using /usr/bin/kpasswd.mit to provide /usr/bin/kpasswd (kpasswd) in auto mode 211s update-alternatives: using /usr/bin/kdestroy.mit to provide /usr/bin/kdestroy (kdestroy) in auto mode 211s update-alternatives: using /usr/bin/kadmin.mit to provide /usr/bin/kadmin (kadmin) in auto mode 211s update-alternatives: using /usr/bin/ktutil.mit to provide /usr/bin/ktutil (ktutil) in auto mode 211s Setting up krb5-kdc (1.20.1-5build1) ... 212s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-kdc.service → /usr/lib/systemd/system/krb5-kdc.service. 212s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 212s Setting up krb5-admin-server (1.20.1-5build1) ... 213s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-admin-server.service → /usr/lib/systemd/system/krb5-admin-server.service. 213s Setting up autopkgtest-satdep (0) ... 213s Processing triggers for man-db (2.12.0-3) ... 214s Processing triggers for libc-bin (2.39-0ubuntu6) ... 221s (Reading database ... 75763 files and directories currently installed.) 221s Removing autopkgtest-satdep (0) ... 222s autopkgtest [20:11:50]: test ldap-user-group-krb5-auth: [----------------------- 222s + . debian/tests/util 222s + . debian/tests/common-tests 222s + mydomain=example.com 222s + myhostname=ldap.example.com 222s + mysuffix=dc=example,dc=com 222s + myrealm=EXAMPLE.COM 222s + admin_dn=cn=admin,dc=example,dc=com 222s + admin_pw=secret 222s + ldap_user=testuser1 222s + ldap_user_pw=testuser1secret 222s + kerberos_principal_pw=testuser1kerberos 222s + ldap_group=ldapusers 222s + adjust_hostname ldap.example.com 222s + local myhostname=ldap.example.com 222s + echo ldap.example.com 222s + hostname ldap.example.com 222s + grep -qE ldap.example.com /etc/hosts 222s + reconfigure_slapd 222s + debconf-set-selections 222s + rm -rf /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1 /var/backups/unknown-2.6.7+dfsg-1~exp1ubuntu1-20240324-201122.ldapdb 222s + dpkg-reconfigure -fnoninteractive -pcritical slapd 222s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 222s Moving old database directory to /var/backups: 222s - directory unknown... done. 222s Creating initial configuration... done. 222s Creating LDAP directory... done. 223s + generate_certs ldap.example.com 223s + local cn=ldap.example.com 223s + local cert=/etc/ldap/server.pem 223s + local key=/etc/ldap/server.key 223s + local cnf=/etc/ldap/openssl.cnf 223s + cat 223s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 223s ..........++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 223s .................................................................................................................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 223s ----- 223s + chmod 0640 /etc/ldap/server.key 223s + chgrp openldap /etc/ldap/server.key 223s + [ ! -f /etc/ldap/server.pem ] 223s + [ ! -f /etc/ldap/server.key ] 223s + enable_ldap_ssl 223s + cat 223s + cat 223s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 223s + populate_ldap_rfc2307 223s modifying entry "cn=config" 223s 223s + cat 223s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 223s adding new entry "ou=People,dc=example,dc=com" 223s 223s adding new entry "ou=Group,dc=example,dc=com" 223s 223s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 223s 223s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 223s 223s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 223s 223s + create_realm EXAMPLE.COM ldap.example.com 223s + local realm_name=EXAMPLE.COM 223s + local kerberos_server=ldap.example.com 223s + rm -rf /var/lib/krb5kdc/* 223s + rm -rf /etc/krb5kdc/kdc.conf 223s + rm -f /etc/krb5.keytab 223s + cat 223s + cat 223s + echo # */admin * 223s + kdb5_util create -s -P secretpassword 223s Initializing database '/var/lib/krb5kdc/principal' for realm 'EXAMPLE.COM', 223s master key name 'K/M@EXAMPLE.COM' 223s + systemctl restart krb5-kdc.service krb5-admin-server.service 223s + create_krb_principal testuser1 testuser1kerberos 223s + local principal=testuser1 223s + local password=testuser1kerberos 223s + kadmin.local -q addprinc -pw testuser1kerberos testuser1 223s No policy specified for testuser1@EXAMPLE.COM; defaulting to no policy 223s Authenticating as principal root/admin@EXAMPLE.COM with password. 223s Principal "testuser1@EXAMPLE.COM" created. 223s + configure_sssd_ldap_rfc2307_krb5_auth 223s + cat 223s + chmod 0600 /etc/sssd/sssd.conf 223s + systemctl restart sssd 224s + enable_pam_mkhomedir 224s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 224s + run_common_tests 224s + echo Assert local user databases do not have our LDAP test data 224s + check_local_user testuser1 224s + local local_user=testuser1 224s + grep -q ^testuser1 /etc/passwd 224s Assert local user databases do not have our LDAP test data 224s + check_local_group testuser1 224s + local local_group=testuser1 224s + grep -q ^testuser1 /etc/group 224s + check_local_group ldapusers 224s + local local_group=ldapusers 224s + grep -q ^ldapusers /etc/group 224s + echo The LDAP user is known to the system via getent 224s + check_getent_user testuser1 224s + local getent_user=testuser1 224s + local output 224s The LDAP user is known to the system via getent 224s + getent passwd testuser1 224s The LDAP user's private group is known to the system via getent 224s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 224s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 224s + echo The LDAP user's private group is known to the system via getent 224s + check_getent_group testuser1 224s + local getent_group=testuser1 224s + local output 224s + getent group testuser1 224s + output=testuser1:*:10001:testuser1 224s + [ -z testuser1:*:10001:testuser1 ] 224s + echo The LDAP group ldapusers is known to the system via getent 224s + check_getent_group ldapusers 224s + local getent_group=ldapusers 224s + local output 224s The LDAP group ldapusers is known to the system via getent 224s + getent group ldapusers 224s The id(1) command can resolve the group membership of the LDAP user 224s + output=ldapusers:*:10100:testuser1 224s + [ -z ldapusers:*:10100:testuser1 ] 224s + echo The id(1) command can resolve the group membership of the LDAP user 224s + id -Gn testuser1 224s + output=testuser1 ldapusers 224s The Kerberos principal can login on a terminal 224s + [ testuser1 ldapusers != testuser1 ldapusers ] 224s + echo The Kerberos principal can login on a terminal 224s + kdestroy 224s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1kerberos testuser1@EXAMPLE.COM 224s spawn login 224s ldap.example.com login: testuser1 224s Password: 224s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic aarch64) 224s 224s * Documentation: https://help.ubuntu.com 224s * Management: https://landscape.canonical.com 224s * Support: https://ubuntu.com/pro 224s 224s 224s The programs included with the Ubuntu system are free software; 224s the exact distribution terms for each program are described in the 224s individual files in /usr/share/doc/*/copyright. 224s 224s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 224s applicable law. 224s 224s Last login: Sun Mar 24 20:11:24 UTC 2024 on pts/0 224s [?2004htestuser1@ldap:~$ id -un 224s [?2004l testuser1 224s [?2004htestuser1@ldap:~$ klist 224s [?2004l Ticket cache: FILE:/tmp/krb5cc_10001_V9Xndw 224s Default principal: testuser1@EXAMPLE.COM 224s 224s Valid starting Expires Service principal 224s 03/24/24 20:11:52 03/25/24 06:11:52 krbtgt/EXAMPLE.COM@EXAMPLE.COM 224s renew until 03/25/24 20:11:52 224s autopkgtest [20:11:52]: test ldap-user-group-krb5-auth: -----------------------] 225s autopkgtest [20:11:53]: test ldap-user-group-krb5-auth: - - - - - - - - - - results - - - - - - - - - - 225s ldap-user-group-krb5-auth PASS 225s autopkgtest [20:11:53]: test sssd-softhism2-certificates-tests.sh: preparing testbed 627s Creating nova instance adt-noble-arm64-sssd-20240324-200808-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-arm64-server-20240324.img (UUID 943dd583-2042-4622-b4ce-bdf10ad153ac)... 627s Creating nova instance adt-noble-arm64-sssd-20240324-200808-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-arm64-server-20240324.img (UUID 943dd583-2042-4622-b4ce-bdf10ad153ac)... 627s nova boot failed (attempt #1): 627s DEBUG (extension:189) found extension EntryPoint.parse('v1password = swiftclient.authv1:PasswordLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('noauth = cinderclient.contrib.noauth:CinderNoAuthLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('admin_token = keystoneauth1.loading._plugins.admin_token:AdminToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('none = keystoneauth1.loading._plugins.noauth:NoAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('password = keystoneauth1.loading._plugins.identity.generic:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('token = keystoneauth1.loading._plugins.identity.generic:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2password = keystoneauth1.loading._plugins.identity.v2:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2token = keystoneauth1.loading._plugins.identity.v2:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3adfspassword = keystoneauth1.extras._saml2._loading:ADFSPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3applicationcredential = keystoneauth1.loading._plugins.identity.v3:ApplicationCredential') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3fedkerb = keystoneauth1.extras.kerberos._loading:MappedKerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3kerberos = keystoneauth1.extras.kerberos._loading:Kerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3multifactor = keystoneauth1.loading._plugins.identity.v3:MultiFactor') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oauth1 = keystoneauth1.extras.oauth1._loading:V3OAuth1') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcaccesstoken = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAccessToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcauthcode = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAuthorizationCode') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcclientcredentials = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectClientCredentials') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcpassword = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3password = keystoneauth1.loading._plugins.identity.v3:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3samlpassword = keystoneauth1.extras._saml2._loading:Saml2Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3token = keystoneauth1.loading._plugins.identity.v3:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3tokenlessauth = keystoneauth1.loading._plugins.identity.v3:TokenlessAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3totp = keystoneauth1.loading._plugins.identity.v3:TOTP') 627s DEBUG (session:517) REQ: curl -g -i -X GET https://keystone.ps6.canonical.com:5000/v3 -H "Accept: application/json" -H "User-Agent: nova keystoneauth1/4.0.0 python-requests/2.22.0 CPython/3.8.10" 627s DEBUG (connectionpool:962) Starting new HTTPS connection (1): keystone.ps6.canonical.com:5000 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "GET /v3 HTTP/1.1" 200 267 627s DEBUG (session:548) RESP: [200] Connection: Keep-Alive Content-Length: 267 Content-Type: application/json Date: Sun, 24 Mar 2024 20:12:26 GMT Keep-Alive: timeout=75, max=1000 Server: Apache/2.4.52 (Ubuntu) Vary: X-Auth-Token x-openstack-request-id: req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (session:580) RESP BODY: {"version": {"id": "v3.14", "status": "stable", "updated": "2020-04-07T00:00:00Z", "links": [{"rel": "self", "href": "https://keystone.ps6.canonical.com:5000/v3/"}], "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}]}} 627s DEBUG (session:946) GET call to https://keystone.ps6.canonical.com:5000/v3 used request id req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (base:182) Making authentication request to https://keystone.ps6.canonical.com:5000/v3/auth/tokens 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "POST /v3/auth/tokens HTTP/1.1" 201 12445 627s DEBUG (base:187) {"token": {"methods": ["password"], "user": {"domain": {"id": "default", "name": "Default"}, "id": "369f50a481564a2c9433776a4ebd224d", "name": "prod-proposed-migration-arm64", "password_expires_at": null}, "audit_ids": ["hEG8-5_gQciKK9UmtJBcHw"], "expires_at": "2024-03-25T20:12:26.000000Z", "issued_at": "2024-03-24T20:12:26.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "bd8b3df3f03d43a0a9303b7c0434fdab", "name": "prod-proposed-migration-arm64_project"}, "is_domain": false, "roles": [{"id": "86bf3043974746c2bf52c2a9f362f986", "name": "reader"}, {"id": "15cf997650e345b7b21c02b5cdb7d84a", "name": "member"}], "is_admin_project": false, "catalog": [{"endpoints": [{"id": "213cdf38198c4581bd5b7d6d0836923b", "interface": "internal", "region_id": "prodstack6", "url": "https://radosgw-internal.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "67061eee26944a1a8009f9d07be19738", "interface": "public", "region_id": "prodstack6", "url": "https://radosgw.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "fc88c52c749a47d08a24a2c7efbde01b", "interface": "admin", "region_id": "prodstack6", "url": "https://radosgw-admin.ps6.canonical.com:443/", "region": "prodstack6"}], "id": "06e4714942634054bf9aa11715312b4e", "type": "s3", "name": "s3"}, {"endpoints": [{"id": "8aa44c94b63746bd9b37f1008ad55fa8", "interface": "admin", "region_id": "prodstack6", "url": "https://aodh-admin.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "92cf08a80a0242ebbca8ec893cf332b1", "interface": "public", "region_id": "prodstack6", "url": "https://aodh.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "d8139c6e11ae4edcb78981c12bd53212", "interface": "internal", "region_id": "prodstack6", "url": "https://aodh-internal.ps6.canonical.com:8042", "region": "prodstack6"}], "id": "2fb939b0b969435c8f0c5fa4edb4de94", "type": "alarming", "name": "aodh"}, {"endpoints": [{"id": "a49fcc80e658411885f88cdd8432a571", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "b23866fddba8415885b06c064c34b94b", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "f84ae55197f94b8392a678f35c82ca26", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8000/v1", "region": "prodstack6"}], "id": "3d4b59f7dab644b2b527e8e96b697545", "type": "cloudformation", "name": "heat-cfn"}, {"endpoints": [{"id": "2e0143334c6241169f45f1c11970c6bc", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "5e19c32243c04a3faf1e5f9ab900c260", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "b3fc5c88ec8543a691fec75726b86967", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}], "id": "43b926205044476b8093b18d8ce0a9e4", "type": "orchestration", "name": "heat"}, {"endpoints": [{"id": "a47569b96e5b4146a312e4673504557c", "interface": "public", "region_id": "prodstack6", "url": "https://glance.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "bba35c4ab04f4114a2a34e65568537bd", "interface": "internal", "region_id": "prodstack6", "url": "https://glance-internal.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "ef769f1117c74a62a279131486c89628", "interface": "admin", "region_id": "prodstack6", "url": "https://glance-admin.ps6.canonical.com:9292", "region": "prodstack6"}], "id": "49de724549524bd78Creating nova instance adt-noble-arm64-sssd-20240324-200808-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-arm64-server-20240324.img (UUID 943dd583-2042-4622-b4ce-bdf10ad153ac)... 627s nova boot failed (attempt #1): 627s DEBUG (extension:189) found extension EntryPoint.parse('v1password = swiftclient.authv1:PasswordLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('noauth = cinderclient.contrib.noauth:CinderNoAuthLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('admin_token = keystoneauth1.loading._plugins.admin_token:AdminToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('none = keystoneauth1.loading._plugins.noauth:NoAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('password = keystoneauth1.loading._plugins.identity.generic:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('token = keystoneauth1.loading._plugins.identity.generic:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2password = keystoneauth1.loading._plugins.identity.v2:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2token = keystoneauth1.loading._plugins.identity.v2:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3adfspassword = keystoneauth1.extras._saml2._loading:ADFSPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3applicationcredential = keystoneauth1.loading._plugins.identity.v3:ApplicationCredential') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3fedkerb = keystoneauth1.extras.kerberos._loading:MappedKerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3kerberos = keystoneauth1.extras.kerberos._loading:Kerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3multifactor = keystoneauth1.loading._plugins.identity.v3:MultiFactor') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oauth1 = keystoneauth1.extras.oauth1._loading:V3OAuth1') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcaccesstoken = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAccessToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcauthcode = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAuthorizationCode') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcclientcredentials = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectClientCredentials') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcpassword = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3password = keystoneauth1.loading._plugins.identity.v3:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3samlpassword = keystoneauth1.extras._saml2._loading:Saml2Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3token = keystoneauth1.loading._plugins.identity.v3:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3tokenlessauth = keystoneauth1.loading._plugins.identity.v3:TokenlessAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3totp = keystoneauth1.loading._plugins.identity.v3:TOTP') 627s DEBUG (session:517) REQ: curl -g -i -X GET https://keystone.ps6.canonical.com:5000/v3 -H "Accept: application/json" -H "User-Agent: nova keystoneauth1/4.0.0 python-requests/2.22.0 CPython/3.8.10" 627s DEBUG (connectionpool:962) Starting new HTTPS connection (1): keystone.ps6.canonical.com:5000 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "GET /v3 HTTP/1.1" 200 267 627s DEBUG (session:548) RESP: [200] Connection: Keep-Alive Content-Length: 267 Content-Type: application/json Date: Sun, 24 Mar 2024 20:12:26 GMT Keep-Alive: timeout=75, max=1000 Server: Apache/2.4.52 (Ubuntu) Vary: X-Auth-Token x-openstack-request-id: req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (session:580) RESP BODY: {"version": {"id": "v3.14", "status": "stable", "updated": "2020-04-07T00:00:00Z", "links": [{"rel": "self", "href": "https://keystone.ps6.canonical.com:5000/v3/"}], "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}]}} 627s DEBUG (session:946) GET call to https://keystone.ps6.canonical.com:5000/v3 used request id req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (base:182) Making authentication request to https://keystone.ps6.canonical.com:5000/v3/auth/tokens 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "POST /v3/auth/tokens HTTP/1.1" 201 12445 627s DEBUG (base:187) {"token": {"methods": ["password"], "user": {"domain": {"id": "default", "name": "Default"}, "id": "369f50a481564a2c9433776a4ebd224d", "name": "prod-proposed-migration-arm64", "password_expires_at": null}, "audit_ids": ["hEG8-5_gQciKK9UmtJBcHw"], "expires_at": "2024-03-25T20:12:26.000000Z", "issued_at": "2024-03-24T20:12:26.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "bd8b3df3f03d43a0a9303b7c0434fdab", "name": "prod-proposed-migration-arm64_project"}, "is_domain": false, "roles": [{"id": "86bf3043974746c2bf52c2a9f362f986", "name": "reader"}, {"id": "15cf997650e345b7b21c02b5cdb7d84a", "name": "member"}], "is_admin_project": false, "catalog": [{"endpoints": [{"id": "213cdf38198c4581bd5b7d6d0836923b", "interface": "internal", "region_id": "prodstack6", "url": "https://radosgw-internal.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "67061eee26944a1a8009f9d07be19738", "interface": "public", "region_id": "prodstack6", "url": "https://radosgw.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "fc88c52c749a47d08a24a2c7efbde01b", "interface": "admin", "region_id": "prodstack6", "url": "https://radosgw-admin.ps6.canonical.com:443/", "region": "prodstack6"}], "id": "06e4714942634054bf9aa11715312b4e", "type": "s3", "name": "s3"}, {"endpoints": [{"id": "8aa44c94b63746bd9b37f1008ad55fa8", "interface": "admin", "region_id": "prodstack6", "url": "https://aodh-admin.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "92cf08a80a0242ebbca8ec893cf332b1", "interface": "public", "region_id": "prodstack6", "url": "https://aodh.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "d8139c6e11ae4edcb78981c12bd53212", "interface": "internal", "region_id": "prodstack6", "url": "https://aodh-internal.ps6.canonical.com:8042", "region": "prodstack6"}], "id": "2fb939b0b969435c8f0c5fa4edb4de94", "type": "alarming", "name": "aodh"}, {"endpoints": [{"id": "a49fcc80e658411885f88cdd8432a571", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "b23866fddba8415885b06c064c34b94b", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "f84ae55197f94b8392a678f35c82ca26", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8000/v1", "region": "prodstack6"}], "id": "3d4b59f7dab644b2b527e8e96b697545", "type": "cloudformation", "name": "heat-cfn"}, {"endpoints": [{"id": "2e0143334c6241169f45f1c11970c6bc", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "5e19c32243c04a3faf1e5f9ab900c260", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "b3fc5c88ec8543a691fec75726b86967", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}], "id": "43b926205044476b8093b18d8ce0a9e4", "type": "orchestration", "name": "heat"}, {"endpoints": [{"id": "a47569b96e5b4146a312e4673504557c", "interface": "public", "region_id": "prodstack6", "url": "https://glance.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "bba35c4ab04f4114a2a34e65568537bd", "interface": "internal", "region_id": "prodstack6", "url": "https://glance-internal.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "ef769f1117c74a62a279131486c89628", "interface": "admin", "region_id": "prodstack6", "url": "https://glance-adminCreating nova instance adt-noble-arm64-sssd-20240324-200808-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-arm64-server-20240324.img (UUID 943dd583-2042-4622-b4ce-bdf10ad153ac)... 627s nova boot failed (attempt #1): 627s DEBUG (extension:189) found extension EntryPoint.parse('v1password = swiftclient.authv1:PasswordLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('noauth = cinderclient.contrib.noauth:CinderNoAuthLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('admin_token = keystoneauth1.loading._plugins.admin_token:AdminToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('none = keystoneauth1.loading._plugins.noauth:NoAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('password = keystoneauth1.loading._plugins.identity.generic:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('token = keystoneauth1.loading._plugins.identity.generic:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2password = keystoneauth1.loading._plugins.identity.v2:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2token = keystoneauth1.loading._plugins.identity.v2:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3adfspassword = keystoneauth1.extras._saml2._loading:ADFSPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3applicationcredential = keystoneauth1.loading._plugins.identity.v3:ApplicationCredential') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3fedkerb = keystoneauth1.extras.kerberos._loading:MappedKerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3kerberos = keystoneauth1.extras.kerberos._loading:Kerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3multifactor = keystoneauth1.loading._plugins.identity.v3:MultiFactor') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oauth1 = keystoneauth1.extras.oauth1._loading:V3OAuth1') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcaccesstoken = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAccessToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcauthcode = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAuthorizationCode') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcclientcredentials = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectClientCredentials') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcpassword = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3password = keystoneauth1.loading._plugins.identity.v3:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3samlpassword = keystoneauth1.extras._saml2._loading:Saml2Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3token = keystoneauth1.loading._plugins.identity.v3:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3tokenlessauth = keystoneauth1.loading._plugins.identity.v3:TokenlessAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3totp = keystoneauth1.loading._plugins.identity.v3:TOTP') 627s DEBUG (session:517) REQ: curl -g -i -X GET https://keystone.ps6.canonical.com:5000/v3 -H "Accept: application/json" -H "User-Agent: nova keystoneauth1/4.0.0 python-requests/2.22.0 CPython/3.8.10" 627s DEBUG (connectionpool:962) Starting new HTTPS connection (1): keystone.ps6.canonical.com:5000 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "GET /v3 HTTP/1.1" 200 267 627s DEBUG (session:548) RESP: [200] Connection: Keep-Alive Content-Length: 267 Content-Type: application/json Date: Sun, 24 Mar 2024 20:12:26 GMT Keep-Alive: timeout=75, max=1000 Server: Apache/2.4.52 (Ubuntu) Vary: X-Auth-Token x-openstack-request-id: req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (session:580) RESP BODY: {"version": {"id": "v3.14", "status": "stable", "updated": "2020-04-07T00:00:00Z", "links": [{"rel": "self", "href": "https://keystone.ps6.canonical.com:5000/v3/"}], "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}]}} 627s DEBUG (session:946) GET call to https://keystone.ps6.canonical.com:5000/v3 used request id req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (base:182) Making authentication request to https://keystone.ps6.canonical.com:5000/v3/auth/tokens 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "POST /v3/auth/tokens HTTP/1.1" 201 12445 627s DEBUG (base:187) {"token": {"methods": ["password"], "user": {"domain": {"id": "default", "name": "Default"}, "id": "369f50a481564a2c9433776a4ebd224d", "name": "prod-proposed-migration-arm64", "password_expires_at": null}, "audit_ids": ["hEG8-5_gQciKK9UmtJBcHw"], "expires_at": "2024-03-25T20:12:26.000000Z", "issued_at": "2024-03-24T20:12:26.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "bd8b3df3f03d43a0a9303b7c0434fdab", "name": "prod-proposed-migration-arm64_project"}, "is_domain": false, "roles": [{"id": "86bf3043974746c2bf52c2a9f362f986", "name": "reader"}, {"id": "15cf997650e345b7b21c02b5cdb7d84a", "name": "member"}], "is_admin_project": false, "catalog": [{"endpoints": [{"id": "213cdf38198c4581bd5b7d6d0836923b", "interface": "internal", "region_id": "prodstack6", "url": "https://radosgw-internal.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "67061eee26944a1a8009f9d07be19738", "interface": "public", "region_id": "prodstack6", "url": "https://radosgw.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "fc88c52c749a47d08a24a2c7efbde01b", "interface": "admin", "region_id": "prodstack6", "url": "https://radosgw-admin.ps6.canonical.com:443/", "region": "prodstack6"}], "id": "06e4714942634054bf9aa11715312b4e", "type": "s3", "name": "s3"}, {"endpoints": [{"id": "8aa44c94b63746bd9b37f1008ad55fa8", "interface": "admin", "region_id": "prodstack6", "url": "https://aodh-admin.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "92cf08a80a0242ebbca8ec893cf332b1", "interface": "public", "region_id": "prodstack6", "url": "https://aodh.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "d8139c6e11ae4edcb78981c12bd53212", "interface": "internal", "region_id": "prodstack6", "url": "https://aodh-internal.ps6.canonical.com:8042", "region": "prodstack6"}], "id": "2fb939b0b969435c8f0c5fa4edb4de94", "type": "alarming", "name": "aodh"}, {"endpoints": [{"id": "a49fcc80e658411885f88cdd8432a571", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "b23866fddba8415885b06c064c34b94b", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "f84ae55197f94b8392a678f35c82ca26", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8000/v1", "region": "prodstack6"}], "id": "3d4b59f7dab644b2b527e8e96b697545", "type": "cloudformation", "name": "heat-cfn"}, {"endpoints": [{"id": "2e0143334c6241169f45f1c11970c6bc", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "5e19c32243c04a3faf1e5f9ab900c260", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "b3fc5c88ec8543a691fec75726b86967", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}], "id": "43b926205044476b8093b18d8ce0a9e4", "type": "orchestration", "name": "heat"}, {"endpoints": [{"id": "a47569b96e5b4146a312e4673504557c", "interface": "public", "region_id": "prodstack6", "url": "https://glance.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "bba35c4ab04f4114a2a34e65568537bd", "interface": "internal", "region_id": "prodstack6", "url": "https://glance-internal.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "ef769f1117c74a62a279131486c89628", "interface": "admin", "region_id": "prodstack6", "url": "https://glance-adminCreating nova instance adt-noble-arm64-sssd-20240324-200808-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-arm64-server-20240324.img (UUID 943dd583-2042-4622-b4ce-bdf10ad153ac)... 627s nova boot failed (attempt #1): 627s DEBUG (extension:189) found extension EntryPoint.parse('v1password = swiftclient.authv1:PasswordLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('noauth = cinderclient.contrib.noauth:CinderNoAuthLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('admin_token = keystoneauth1.loading._plugins.admin_token:AdminToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('none = keystoneauth1.loading._plugins.noauth:NoAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('password = keystoneauth1.loading._plugins.identity.generic:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('token = keystoneauth1.loading._plugins.identity.generic:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2password = keystoneauth1.loading._plugins.identity.v2:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2token = keystoneauth1.loading._plugins.identity.v2:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3adfspassword = keystoneauth1.extras._saml2._loading:ADFSPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3applicationcredential = keystoneauth1.loading._plugins.identity.v3:ApplicationCredential') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3fedkerb = keystoneauth1.extras.kerberos._loading:MappedKerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3kerberos = keystoneauth1.extras.kerberos._loading:Kerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3multifactor = keystoneauth1.loading._plugins.identity.v3:MultiFactor') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oauth1 = keystoneauth1.extras.oauth1._loading:V3OAuth1') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcaccesstoken = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAccessToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcauthcode = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAuthorizationCode') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcclientcredentials = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectClientCredentials') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcpassword = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3password = keystoneauth1.loading._plugins.identity.v3:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3samlpassword = keystoneauth1.extras._saml2._loading:Saml2Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3token = keystoneauth1.loading._plugins.identity.v3:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3tokenlessauth = keystoneauth1.loading._plugins.identity.v3:TokenlessAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3totp = keystoneauth1.loading._plugins.identity.v3:TOTP') 627s DEBUG (session:517) REQ: curl -g -i -X GET https://keystone.ps6.canonical.com:5000/v3 -H "Accept: application/json" -H "User-Agent: nova keystoneauth1/4.0.0 python-requests/2.22.0 CPython/3.8.10" 627s DEBUG (connectionpool:962) Starting new HTTPS connection (1): keystone.ps6.canonical.com:5000 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "GET /v3 HTTP/1.1" 200 267 627s DEBUG (session:548) RESP: [200] Connection: Keep-Alive Content-Length: 267 Content-Type: application/json Date: Sun, 24 Mar 2024 20:12:26 GMT Keep-Alive: timeout=75, max=1000 Server: Apache/2.4.52 (Ubuntu) Vary: X-Auth-Token x-openstack-request-id: req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (session:580) RESP BODY: {"version": {"id": "v3.14", "status": "stable", "updated": "2020-04-07T00:00:00Z", "links": [{"rel": "self", "href": "https://keystone.ps6.canonical.com:5000/v3/"}], "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}]}} 627s DEBUG (session:946) GET call to https://keystone.ps6.canonical.com:5000/v3 used request id req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (base:182) Making authentication request to https://keystone.ps6.canonical.com:5000/v3/auth/tokens 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "POST /v3/auth/tokens HTTP/1.1" 201 12445 627s DEBUG (base:187) {"token": {"methods": ["password"], "user": {"domain": {"id": "default", "name": "Default"}, "id": "369f50a481564a2c9433776a4ebd224d", "name": "prod-proposed-migration-arm64", "password_expires_at": null}, "audit_ids": ["hEG8-5_gQciKK9UmtJBcHw"], "expires_at": "2024-03-25T20:12:26.000000Z", "issued_at": "2024-03-24T20:12:26.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "bd8b3df3f03d43a0a9303b7c0434fdab", "name": "prod-proposed-migration-arm64_project"}, "is_domain": false, "roles": [{"id": "86bf3043974746c2bf52c2a9f362f986", "name": "reader"}, {"id": "15cf997650e345b7b21c02b5cdb7d84a", "name": "member"}], "is_admin_project": false, "catalog": [{"endpoints": [{"id": "213cdf38198c4581bd5b7d6d0836923b", "interface": "internal", "region_id": "prodstack6", "url": "https://radosgw-internal.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "67061eee26944a1a8009f9d07be19738", "interface": "public", "region_id": "prodstack6", "url": "https://radosgw.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "fc88c52c749a47d08a24a2c7efbde01b", "interface": "admin", "region_id": "prodstack6", "url": "https://radosgw-admin.ps6.canonical.com:443/", "region": "prodstack6"}], "id": "06e4714942634054bf9aa11715312b4e", "type": "s3", "name": "s3"}, {"endpoints": [{"id": "8aa44c94b63746bd9b37f1008ad55fa8", "interface": "admin", "region_id": "prodstack6", "url": "https://aodh-admin.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "92cf08a80a0242ebbca8ec893cf332b1", "interface": "public", "region_id": "prodstack6", "url": "https://aodh.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "d8139c6e11ae4edcb78981c12bd53212", "interface": "internal", "region_id": "prodstack6", "url": "https://aodh-internal.ps6.canonical.com:8042", "region": "prodstack6"}], "id": "2fb939b0b969435c8f0c5fa4edb4de94", "type": "alarming", "name": "aodh"}, {"endpoints": [{"id": "a49fcc80e658411885f88cdd8432a571", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "b23866fddba8415885b06c064c34b94b", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "f84ae55197f94b8392a678f35c82ca26", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8000/v1", "region": "prodstack6"}], "id": "3d4b59f7dab644b2b527e8e96b697545", "type": "cloudformation", "name": "heat-cfn"}, {"endpoints": [{"id": "2e0143334c6241169f45f1c11970c6bc", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "5e19c32243c04a3faf1e5f9ab900c260", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "b3fc5c88ec8543a691fec75726b86967", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}], "id": "43b926205044476b8093b18d8ce0a9e4", "type": "orchestration", "name": "heat"}, {"endpoints": [{"id": "a47569b96e5b4146a312e4673504557c", "interface": "public", "region_id": "prodstack6", "url": "https://glance.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "bba35c4ab04f4114a2a34e65568537bd", "interface": "internal", "region_id": "prodstack6", "url": "https://glance-internal.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "ef769f1117c74a62a279131486c89628", "interface": "admin", "region_id": "prodstack6", "url": "https://glance-adminCreating nova instance adt-noble-arm64-sssd-20240324-200808-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-arm64-server-20240324.img (UUID 943dd583-2042-4622-b4ce-bdf10ad153ac)... 627s nova boot failed (attempt #1): 627s DEBUG (extension:189) found extension EntryPoint.parse('v1password = swiftclient.authv1:PasswordLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('noauth = cinderclient.contrib.noauth:CinderNoAuthLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('admin_token = keystoneauth1.loading._plugins.admin_token:AdminToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('none = keystoneauth1.loading._plugins.noauth:NoAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('password = keystoneauth1.loading._plugins.identity.generic:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('token = keystoneauth1.loading._plugins.identity.generic:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2password = keystoneauth1.loading._plugins.identity.v2:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2token = keystoneauth1.loading._plugins.identity.v2:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3adfspassword = keystoneauth1.extras._saml2._loading:ADFSPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3applicationcredential = keystoneauth1.loading._plugins.identity.v3:ApplicationCredential') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3fedkerb = keystoneauth1.extras.kerberos._loading:MappedKerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3kerberos = keystoneauth1.extras.kerberos._loading:Kerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3multifactor = keystoneauth1.loading._plugins.identity.v3:MultiFactor') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oauth1 = keystoneauth1.extras.oauth1._loading:V3OAuth1') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcaccesstoken = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAccessToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcauthcode = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAuthorizationCode') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcclientcredentials = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectClientCredentials') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcpassword = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3password = keystoneauth1.loading._plugins.identity.v3:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3samlpassword = keystoneauth1.extras._saml2._loading:Saml2Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3token = keystoneauth1.loading._plugins.identity.v3:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3tokenlessauth = keystoneauth1.loading._plugins.identity.v3:TokenlessAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3totp = keystoneauth1.loading._plugins.identity.v3:TOTP') 627s DEBUG (session:517) REQ: curl -g -i -X GET https://keystone.ps6.canonical.com:5000/v3 -H "Accept: application/json" -H "User-Agent: nova keystoneauth1/4.0.0 python-requests/2.22.0 CPython/3.8.10" 627s DEBUG (connectionpool:962) Starting new HTTPS connection (1): keystone.ps6.canonical.com:5000 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "GET /v3 HTTP/1.1" 200 267 627s DEBUG (session:548) RESP: [200] Connection: Keep-Alive Content-Length: 267 Content-Type: application/json Date: Sun, 24 Mar 2024 20:12:26 GMT Keep-Alive: timeout=75, max=1000 Server: Apache/2.4.52 (Ubuntu) Vary: X-Auth-Token x-openstack-request-id: req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (session:580) RESP BODY: {"version": {"id": "v3.14", "status": "stable", "updated": "2020-04-07T00:00:00Z", "links": [{"rel": "self", "href": "https://keystone.ps6.canonical.com:5000/v3/"}], "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}]}} 627s DEBUG (session:946) GET call to https://keystone.ps6.canonical.com:5000/v3 used request id req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (base:182) Making authentication request to https://keystone.ps6.canonical.com:5000/v3/auth/tokens 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "POST /v3/auth/tokens HTTP/1.1" 201 12445 627s DEBUG (base:187) {"token": {"methods": ["password"], "user": {"domain": {"id": "default", "name": "Default"}, "id": "369f50a481564a2c9433776a4ebd224d", "name": "prod-proposed-migration-arm64", "password_expires_at": null}, "audit_ids": ["hEG8-5_gQciKK9UmtJBcHw"], "expires_at": "2024-03-25T20:12:26.000000Z", "issued_at": "2024-03-24T20:12:26.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "bd8b3df3f03d43a0a9303b7c0434fdab", "name": "prod-proposed-migration-arm64_project"}, "is_domain": false, "roles": [{"id": "86bf3043974746c2bf52c2a9f362f986", "name": "reader"}, {"id": "15cf997650e345b7b21c02b5cdb7d84a", "name": "member"}], "is_admin_project": false, "catalog": [{"endpoints": [{"id": "213cdf38198c4581bd5b7d6d0836923b", "interface": "internal", "region_id": "prodstack6", "url": "https://radosgw-internal.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "67061eee26944a1a8009f9d07be19738", "interface": "public", "region_id": "prodstack6", "url": "https://radosgw.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "fc88c52c749a47d08a24a2c7efbde01b", "interface": "admin", "region_id": "prodstack6", "url": "https://radosgw-admin.ps6.canonical.com:443/", "region": "prodstack6"}], "id": "06e4714942634054bf9aa11715312b4e", "type": "s3", "name": "s3"}, {"endpoints": [{"id": "8aa44c94b63746bd9b37f1008ad55fa8", "interface": "admin", "region_id": "prodstack6", "url": "https://aodh-admin.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "92cf08a80a0242ebbca8ec893cf332b1", "interface": "public", "region_id": "prodstack6", "url": "https://aodh.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "d8139c6e11ae4edcb78981c12bd53212", "interface": "internal", "region_id": "prodstack6", "url": "https://aodh-internal.ps6.canonical.com:8042", "region": "prodstack6"}], "id": "2fb939b0b969435c8f0c5fa4edb4de94", "type": "alarming", "name": "aodh"}, {"endpoints": [{"id": "a49fcc80e658411885f88cdd8432a571", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "b23866fddba8415885b06c064c34b94b", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "f84ae55197f94b8392a678f35c82ca26", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8000/v1", "region": "prodstack6"}], "id": "3d4b59f7dab644b2b527e8e96b697545", "type": "cloudformation", "name": "heat-cfn"}, {"endpoints": [{"id": "2e0143334c6241169f45f1c11970c6bc", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "5e19c32243c04a3faf1e5f9ab900c260", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "b3fc5c88ec8543a691fec75726b86967", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}], "id": "43b926205044476b8093b18d8ce0a9e4", "type": "orchestration", "name": "heat"}, {"endpoints": [{"id": "a47569b96e5b4146a312e4673504557c", "interface": "public", "region_id": "prodstack6", "url": "https://glance.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "bba35c4ab04f4114a2a34e65568537bd", "interface": "internal", "region_id": "prodstack6", "url": "https://glance-internal.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "ef769f1117c74a62a279131486c89628", "interface": "admin", "region_id": "prodstack6", "url": "https://glance-adminCreating nova instance adt-noble-arm64-sssd-20240324-200808-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-arm64-server-20240324.img (UUID 943dd583-2042-4622-b4ce-bdf10ad153ac)... 627s nova boot failed (attempt #1): 627s DEBUG (extension:189) found extension EntryPoint.parse('v1password = swiftclient.authv1:PasswordLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('noauth = cinderclient.contrib.noauth:CinderNoAuthLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('admin_token = keystoneauth1.loading._plugins.admin_token:AdminToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('none = keystoneauth1.loading._plugins.noauth:NoAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('password = keystoneauth1.loading._plugins.identity.generic:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('token = keystoneauth1.loading._plugins.identity.generic:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2password = keystoneauth1.loading._plugins.identity.v2:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2token = keystoneauth1.loading._plugins.identity.v2:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3adfspassword = keystoneauth1.extras._saml2._loading:ADFSPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3applicationcredential = keystoneauth1.loading._plugins.identity.v3:ApplicationCredential') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3fedkerb = keystoneauth1.extras.kerberos._loading:MappedKerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3kerberos = keystoneauth1.extras.kerberos._loading:Kerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3multifactor = keystoneauth1.loading._plugins.identity.v3:MultiFactor') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oauth1 = keystoneauth1.extras.oauth1._loading:V3OAuth1') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcaccesstoken = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAccessToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcauthcode = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAuthorizationCode') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcclientcredentials = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectClientCredentials') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcpassword = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3password = keystoneauth1.loading._plugins.identity.v3:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3samlpassword = keystoneauth1.extras._saml2._loading:Saml2Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3token = keystoneauth1.loading._plugins.identity.v3:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3tokenlessauth = keystoneauth1.loading._plugins.identity.v3:TokenlessAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3totp = keystoneauth1.loading._plugins.identity.v3:TOTP') 627s DEBUG (session:517) REQ: curl -g -i -X GET https://keystone.ps6.canonical.com:5000/v3 -H "Accept: application/json" -H "User-Agent: nova keystoneauth1/4.0.0 python-requests/2.22.0 CPython/3.8.10" 627s DEBUG (connectionpool:962) Starting new HTTPS connection (1): keystone.ps6.canonical.com:5000 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "GET /v3 HTTP/1.1" 200 267 627s DEBUG (session:548) RESP: [200] Connection: Keep-Alive Content-Length: 267 Content-Type: application/json Date: Sun, 24 Mar 2024 20:12:26 GMT Keep-Alive: timeout=75, max=1000 Server: Apache/2.4.52 (Ubuntu) Vary: X-Auth-Token x-openstack-request-id: req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (session:580) RESP BODY: {"version": {"id": "v3.14", "status": "stable", "updated": "2020-04-07T00:00:00Z", "links": [{"rel": "self", "href": "https://keystone.ps6.canonical.com:5000/v3/"}], "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}]}} 627s DEBUG (session:946) GET call to https://keystone.ps6.canonical.com:5000/v3 used request id req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (base:182) Making authentication request to https://keystone.ps6.canonical.com:5000/v3/auth/tokens 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "POST /v3/auth/tokens HTTP/1.1" 201 12445 627s DEBUG (base:187) {"token": {"methods": ["password"], "user": {"domain": {"id": "default", "name": "Default"}, "id": "369f50a481564a2c9433776a4ebd224d", "name": "prod-proposed-migration-arm64", "password_expires_at": null}, "audit_ids": ["hEG8-5_gQciKK9UmtJBcHw"], "expires_at": "2024-03-25T20:12:26.000000Z", "issued_at": "2024-03-24T20:12:26.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "bd8b3df3f03d43a0a9303b7c0434fdab", "name": "prod-proposed-migration-arm64_project"}, "is_domain": false, "roles": [{"id": "86bf3043974746c2bf52c2a9f362f986", "name": "reader"}, {"id": "15cf997650e345b7b21c02b5cdb7d84a", "name": "member"}], "is_admin_project": false, "catalog": [{"endpoints": [{"id": "213cdf38198c4581bd5b7d6d0836923b", "interface": "internal", "region_id": "prodstack6", "url": "https://radosgw-internal.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "67061eee26944a1a8009f9d07be19738", "interface": "public", "region_id": "prodstack6", "url": "https://radosgw.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "fc88c52c749a47d08a24a2c7efbde01b", "interface": "admin", "region_id": "prodstack6", "url": "https://radosgw-admin.ps6.canonical.com:443/", "region": "prodstack6"}], "id": "06e4714942634054bf9aa11715312b4e", "type": "s3", "name": "s3"}, {"endpoints": [{"id": "8aa44c94b63746bd9b37f1008ad55fa8", "interface": "admin", "region_id": "prodstack6", "url": "https://aodh-admin.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "92cf08a80a0242ebbca8ec893cf332b1", "interface": "public", "region_id": "prodstack6", "url": "https://aodh.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "d8139c6e11ae4edcb78981c12bd53212", "interface": "internal", "region_id": "prodstack6", "url": "https://aodh-internal.ps6.canonical.com:8042", "region": "prodstack6"}], "id": "2fb939b0b969435c8f0c5fa4edb4de94", "type": "alarming", "name": "aodh"}, {"endpoints": [{"id": "a49fcc80e658411885f88cdd8432a571", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "b23866fddba8415885b06c064c34b94b", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "f84ae55197f94b8392a678f35c82ca26", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8000/v1", "region": "prodstack6"}], "id": "3d4b59f7dab644b2b527e8e96b697545", "type": "cloudformation", "name": "heat-cfn"}, {"endpoints": [{"id": "2e0143334c6241169f45f1c11970c6bc", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "5e19c32243c04a3faf1e5f9ab900c260", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "b3fc5c88ec8543a691fec75726b86967", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}], "id": "43b926205044476b8093b18d8ce0a9e4", "type": "orchestration", "name": "heat"}, {"endpoints": [{"id": "a47569b96e5b4146a312e4673504557c", "interface": "public", "region_id": "prodstack6", "url": "https://glance.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "bba35c4ab04f4114a2a34e65568537bd", "interface": "internal", "region_id": "prodstack6", "url": "https://glance-internal.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "ef769f1117c74a62a279131486c89628", "interface": "admin", "region_id": "prodstack6", "url": "https://glance-adminCreating nova instance adt-noble-arm64-sssd-20240324-200808-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-arm64-server-20240324.img (UUID 943dd583-2042-4622-b4ce-bdf10ad153ac)... 627s nova boot failed (attempt #1): 627s DEBUG (extension:189) found extension EntryPoint.parse('v1password = swiftclient.authv1:PasswordLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('noauth = cinderclient.contrib.noauth:CinderNoAuthLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('admin_token = keystoneauth1.loading._plugins.admin_token:AdminToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('none = keystoneauth1.loading._plugins.noauth:NoAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('password = keystoneauth1.loading._plugins.identity.generic:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('token = keystoneauth1.loading._plugins.identity.generic:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2password = keystoneauth1.loading._plugins.identity.v2:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2token = keystoneauth1.loading._plugins.identity.v2:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3adfspassword = keystoneauth1.extras._saml2._loading:ADFSPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3applicationcredential = keystoneauth1.loading._plugins.identity.v3:ApplicationCredential') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3fedkerb = keystoneauth1.extras.kerberos._loading:MappedKerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3kerberos = keystoneauth1.extras.kerberos._loading:Kerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3multifactor = keystoneauth1.loading._plugins.identity.v3:MultiFactor') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oauth1 = keystoneauth1.extras.oauth1._loading:V3OAuth1') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcaccesstoken = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAccessToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcauthcode = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAuthorizationCode') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcclientcredentials = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectClientCredentials') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcpassword = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3password = keystoneauth1.loading._plugins.identity.v3:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3samlpassword = keystoneauth1.extras._saml2._loading:Saml2Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3token = keystoneauth1.loading._plugins.identity.v3:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3tokenlessauth = keystoneauth1.loading._plugins.identity.v3:TokenlessAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3totp = keystoneauth1.loading._plugins.identity.v3:TOTP') 627s DEBUG (session:517) REQ: curl -g -i -X GET https://keystone.ps6.canonical.com:5000/v3 -H "Accept: application/json" -H "User-Agent: nova keystoneauth1/4.0.0 python-requests/2.22.0 CPython/3.8.10" 627s DEBUG (connectionpool:962) Starting new HTTPS connection (1): keystone.ps6.canonical.com:5000 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "GET /v3 HTTP/1.1" 200 267 627s DEBUG (session:548) RESP: [200] Connection: Keep-Alive Content-Length: 267 Content-Type: application/json Date: Sun, 24 Mar 2024 20:12:26 GMT Keep-Alive: timeout=75, max=1000 Server: Apache/2.4.52 (Ubuntu) Vary: X-Auth-Token x-openstack-request-id: req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (session:580) RESP BODY: {"version": {"id": "v3.14", "status": "stable", "updated": "2020-04-07T00:00:00Z", "links": [{"rel": "self", "href": "https://keystone.ps6.canonical.com:5000/v3/"}], "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}]}} 627s DEBUG (session:946) GET call to https://keystone.ps6.canonical.com:5000/v3 used request id req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (base:182) Making authentication request to https://keystone.ps6.canonical.com:5000/v3/auth/tokens 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "POST /v3/auth/tokens HTTP/1.1" 201 12445 627s DEBUG (base:187) {"token": {"methods": ["password"], "user": {"domain": {"id": "default", "name": "Default"}, "id": "369f50a481564a2c9433776a4ebd224d", "name": "prod-proposed-migration-arm64", "password_expires_at": null}, "audit_ids": ["hEG8-5_gQciKK9UmtJBcHw"], "expires_at": "2024-03-25T20:12:26.000000Z", "issued_at": "2024-03-24T20:12:26.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "bd8b3df3f03d43a0a9303b7c0434fdab", "name": "prod-proposed-migration-arm64_project"}, "is_domain": false, "roles": [{"id": "86bf3043974746c2bf52c2a9f362f986", "name": "reader"}, {"id": "15cf997650e345b7b21c02b5cdb7d84a", "name": "member"}], "is_admin_project": false, "catalog": [{"endpoints": [{"id": "213cdf38198c4581bd5b7d6d0836923b", "interface": "internal", "region_id": "prodstack6", "url": "https://radosgw-internal.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "67061eee26944a1a8009f9d07be19738", "interface": "public", "region_id": "prodstack6", "url": "https://radosgw.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "fc88c52c749a47d08a24a2c7efbde01b", "interface": "admin", "region_id": "prodstack6", "url": "https://radosgw-admin.ps6.canonical.com:443/", "region": "prodstack6"}], "id": "06e4714942634054bf9aa11715312b4e", "type": "s3", "name": "s3"}, {"endpoints": [{"id": "8aa44c94b63746bd9b37f1008ad55fa8", "interface": "admin", "region_id": "prodstack6", "url": "https://aodh-admin.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "92cf08a80a0242ebbca8ec893cf332b1", "interface": "public", "region_id": "prodstack6", "url": "https://aodh.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "d8139c6e11ae4edcb78981c12bd53212", "interface": "internal", "region_id": "prodstack6", "url": "https://aodh-internal.ps6.canonical.com:8042", "region": "prodstack6"}], "id": "2fb939b0b969435c8f0c5fa4edb4de94", "type": "alarming", "name": "aodh"}, {"endpoints": [{"id": "a49fcc80e658411885f88cdd8432a571", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "b23866fddba8415885b06c064c34b94b", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "f84ae55197f94b8392a678f35c82ca26", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8000/v1", "region": "prodstack6"}], "id": "3d4b59f7dab644b2b527e8e96b697545", "type": "cloudformation", "name": "heat-cfn"}, {"endpoints": [{"id": "2e0143334c6241169f45f1c11970c6bc", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "5e19c32243c04a3faf1e5f9ab900c260", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "b3fc5c88ec8543a691fec75726b86967", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}], "id": "43b926205044476b8093b18d8ce0a9e4", "type": "orchestration", "name": "heat"}, {"endpoints": [{"id": "a47569b96e5b4146a312e4673504557c", "interface": "public", "region_id": "prodstack6", "url": "https://glance.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "bba35c4ab04f4114a2a34e65568537bd", "interface": "internal", "region_id": "prodstack6", "url": "https://glance-internal.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "ef769f1117c74a62a279131486c89628", "interface": "admin", "region_id": "prodstack6", "url": "https://glance-adminCreating nova instance adt-noble-arm64-sssd-20240324-200808-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-arm64-server-20240324.img (UUID 943dd583-2042-4622-b4ce-bdf10ad153ac)... 627s nova boot failed (attempt #1): 627s DEBUG (extension:189) found extension EntryPoint.parse('v1password = swiftclient.authv1:PasswordLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('noauth = cinderclient.contrib.noauth:CinderNoAuthLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('admin_token = keystoneauth1.loading._plugins.admin_token:AdminToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('none = keystoneauth1.loading._plugins.noauth:NoAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('password = keystoneauth1.loading._plugins.identity.generic:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('token = keystoneauth1.loading._plugins.identity.generic:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2password = keystoneauth1.loading._plugins.identity.v2:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2token = keystoneauth1.loading._plugins.identity.v2:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3adfspassword = keystoneauth1.extras._saml2._loading:ADFSPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3applicationcredential = keystoneauth1.loading._plugins.identity.v3:ApplicationCredential') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3fedkerb = keystoneauth1.extras.kerberos._loading:MappedKerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3kerberos = keystoneauth1.extras.kerberos._loading:Kerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3multifactor = keystoneauth1.loading._plugins.identity.v3:MultiFactor') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oauth1 = keystoneauth1.extras.oauth1._loading:V3OAuth1') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcaccesstoken = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAccessToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcauthcode = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAuthorizationCode') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcclientcredentials = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectClientCredentials') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcpassword = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3password = keystoneauth1.loading._plugins.identity.v3:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3samlpassword = keystoneauth1.extras._saml2._loading:Saml2Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3token = keystoneauth1.loading._plugins.identity.v3:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3tokenlessauth = keystoneauth1.loading._plugins.identity.v3:TokenlessAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3totp = keystoneauth1.loading._plugins.identity.v3:TOTP') 627s DEBUG (session:517) REQ: curl -g -i -X GET https://keystone.ps6.canonical.com:5000/v3 -H "Accept: application/json" -H "User-Agent: nova keystoneauth1/4.0.0 python-requests/2.22.0 CPython/3.8.10" 627s DEBUG (connectionpool:962) Starting new HTTPS connection (1): keystone.ps6.canonical.com:5000 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "GET /v3 HTTP/1.1" 200 267 627s DEBUG (session:548) RESP: [200] Connection: Keep-Alive Content-Length: 267 Content-Type: application/json Date: Sun, 24 Mar 2024 20:12:26 GMT Keep-Alive: timeout=75, max=1000 Server: Apache/2.4.52 (Ubuntu) Vary: X-Auth-Token x-openstack-request-id: req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (session:580) RESP BODY: {"version": {"id": "v3.14", "status": "stable", "updated": "2020-04-07T00:00:00Z", "links": [{"rel": "self", "href": "https://keystone.ps6.canonical.com:5000/v3/"}], "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}]}} 627s DEBUG (session:946) GET call to https://keystone.ps6.canonical.com:5000/v3 used request id req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (base:182) Making authentication request to https://keystone.ps6.canonical.com:5000/v3/auth/tokens 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "POST /v3/auth/tokens HTTP/1.1" 201 12445 627s DEBUG (base:187) {"token": {"methods": ["password"], "user": {"domain": {"id": "default", "name": "Default"}, "id": "369f50a481564a2c9433776a4ebd224d", "name": "prod-proposed-migration-arm64", "password_expires_at": null}, "audit_ids": ["hEG8-5_gQciKK9UmtJBcHw"], "expires_at": "2024-03-25T20:12:26.000000Z", "issued_at": "2024-03-24T20:12:26.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "bd8b3df3f03d43a0a9303b7c0434fdab", "name": "prod-proposed-migration-arm64_project"}, "is_domain": false, "roles": [{"id": "86bf3043974746c2bf52c2a9f362f986", "name": "reader"}, {"id": "15cf997650e345b7b21c02b5cdb7d84a", "name": "member"}], "is_admin_project": false, "catalog": [{"endpoints": [{"id": "213cdf38198c4581bd5b7d6d0836923b", "interface": "internal", "region_id": "prodstack6", "url": "https://radosgw-internal.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "67061eee26944a1a8009f9d07be19738", "interface": "public", "region_id": "prodstack6", "url": "https://radosgw.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "fc88c52c749a47d08a24a2c7efbde01b", "interface": "admin", "region_id": "prodstack6", "url": "https://radosgw-admin.ps6.canonical.com:443/", "region": "prodstack6"}], "id": "06e4714942634054bf9aa11715312b4e", "type": "s3", "name": "s3"}, {"endpoints": [{"id": "8aa44c94b63746bd9b37f1008ad55fa8", "interface": "admin", "region_id": "prodstack6", "url": "https://aodh-admin.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "92cf08a80a0242ebbca8ec893cf332b1", "interface": "public", "region_id": "prodstack6", "url": "https://aodh.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "d8139c6e11ae4edcb78981c12bd53212", "interface": "internal", "region_id": "prodstack6", "url": "https://aodh-internal.ps6.canonical.com:8042", "region": "prodstack6"}], "id": "2fb939b0b969435c8f0c5fa4edb4de94", "type": "alarming", "name": "aodh"}, {"endpoints": [{"id": "a49fcc80e658411885f88cdd8432a571", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "b23866fddba8415885b06c064c34b94b", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "f84ae55197f94b8392a678f35c82ca26", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8000/v1", "region": "prodstack6"}], "id": "3d4b59f7dab644b2b527e8e96b697545", "type": "cloudformation", "name": "heat-cfn"}, {"endpoints": [{"id": "2e0143334c6241169f45f1c11970c6bc", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "5e19c32243c04a3faf1e5f9ab900c260", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "b3fc5c88ec8543a691fec75726b86967", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}], "id": "43b926205044476b8093b18d8ce0a9e4", "type": "orchestration", "name": "heat"}, {"endpoints": [{"id": "a47569b96e5b4146a312e4673504557c", "interface": "public", "region_id": "prodstack6", "url": "https://glance.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "bba35c4ab04f4114a2a34e65568537bd", "interface": "internal", "region_id": "prodstack6", "url": "https://glance-internal.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "ef769f1117c74a62a279131486c89628", "interface": "admin", "region_id": "prodstack6", "url": "https://glance-adminCreating nova instance adt-noble-arm64-sssd-20240324-200808-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-arm64-server-20240324.img (UUID 943dd583-2042-4622-b4ce-bdf10ad153ac)... 627s nova boot failed (attempt #1): 627s DEBUG (extension:189) found extension EntryPoint.parse('v1password = swiftclient.authv1:PasswordLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('noauth = cinderclient.contrib.noauth:CinderNoAuthLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('admin_token = keystoneauth1.loading._plugins.admin_token:AdminToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('none = keystoneauth1.loading._plugins.noauth:NoAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('password = keystoneauth1.loading._plugins.identity.generic:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('token = keystoneauth1.loading._plugins.identity.generic:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2password = keystoneauth1.loading._plugins.identity.v2:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2token = keystoneauth1.loading._plugins.identity.v2:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3adfspassword = keystoneauth1.extras._saml2._loading:ADFSPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3applicationcredential = keystoneauth1.loading._plugins.identity.v3:ApplicationCredential') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3fedkerb = keystoneauth1.extras.kerberos._loading:MappedKerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3kerberos = keystoneauth1.extras.kerberos._loading:Kerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3multifactor = keystoneauth1.loading._plugins.identity.v3:MultiFactor') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oauth1 = keystoneauth1.extras.oauth1._loading:V3OAuth1') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcaccesstoken = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAccessToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcauthcode = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAuthorizationCode') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcclientcredentials = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectClientCredentials') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcpassword = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3password = keystoneauth1.loading._plugins.identity.v3:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3samlpassword = keystoneauth1.extras._saml2._loading:Saml2Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3token = keystoneauth1.loading._plugins.identity.v3:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3tokenlessauth = keystoneauth1.loading._plugins.identity.v3:TokenlessAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3totp = keystoneauth1.loading._plugins.identity.v3:TOTP') 627s DEBUG (session:517) REQ: curl -g -i -X GET https://keystone.ps6.canonical.com:5000/v3 -H "Accept: application/json" -H "User-Agent: nova keystoneauth1/4.0.0 python-requests/2.22.0 CPython/3.8.10" 627s DEBUG (connectionpool:962) Starting new HTTPS connection (1): keystone.ps6.canonical.com:5000 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "GET /v3 HTTP/1.1" 200 267 627s DEBUG (session:548) RESP: [200] Connection: Keep-Alive Content-Length: 267 Content-Type: application/json Date: Sun, 24 Mar 2024 20:12:26 GMT Keep-Alive: timeout=75, max=1000 Server: Apache/2.4.52 (Ubuntu) Vary: X-Auth-Token x-openstack-request-id: req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (session:580) RESP BODY: {"version": {"id": "v3.14", "status": "stable", "updated": "2020-04-07T00:00:00Z", "links": [{"rel": "self", "href": "https://keystone.ps6.canonical.com:5000/v3/"}], "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}]}} 627s DEBUG (session:946) GET call to https://keystone.ps6.canonical.com:5000/v3 used request id req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (base:182) Making authentication request to https://keystone.ps6.canonical.com:5000/v3/auth/tokens 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "POST /v3/auth/tokens HTTP/1.1" 201 12445 627s DEBUG (base:187) {"token": {"methods": ["password"], "user": {"domain": {"id": "default", "name": "Default"}, "id": "369f50a481564a2c9433776a4ebd224d", "name": "prod-proposed-migration-arm64", "password_expires_at": null}, "audit_ids": ["hEG8-5_gQciKK9UmtJBcHw"], "expires_at": "2024-03-25T20:12:26.000000Z", "issued_at": "2024-03-24T20:12:26.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "bd8b3df3f03d43a0a9303b7c0434fdab", "name": "prod-proposed-migration-arm64_project"}, "is_domain": false, "roles": [{"id": "86bf3043974746c2bf52c2a9f362f986", "name": "reader"}, {"id": "15cf997650e345b7b21c02b5cdb7d84a", "name": "member"}], "is_admin_project": false, "catalog": [{"endpoints": [{"id": "213cdf38198c4581bd5b7d6d0836923b", "interface": "internal", "region_id": "prodstack6", "url": "https://radosgw-internal.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "67061eee26944a1a8009f9d07be19738", "interface": "public", "region_id": "prodstack6", "url": "https://radosgw.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "fc88c52c749a47d08a24a2c7efbde01b", "interface": "admin", "region_id": "prodstack6", "url": "https://radosgw-admin.ps6.canonical.com:443/", "region": "prodstack6"}], "id": "06e4714942634054bf9aa11715312b4e", "type": "s3", "name": "s3"}, {"endpoints": [{"id": "8aa44c94b63746bd9b37f1008ad55fa8", "interface": "admin", "region_id": "prodstack6", "url": "https://aodh-admin.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "92cf08a80a0242ebbca8ec893cf332b1", "interface": "public", "region_id": "prodstack6", "url": "https://aodh.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "d8139c6e11ae4edcb78981c12bd53212", "interface": "internal", "region_id": "prodstack6", "url": "https://aodh-internal.ps6.canonical.com:8042", "region": "prodstack6"}], "id": "2fb939b0b969435c8f0c5fa4edb4de94", "type": "alarming", "name": "aodh"}, {"endpoints": [{"id": "a49fcc80e658411885f88cdd8432a571", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "b23866fddba8415885b06c064c34b94b", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "f84ae55197f94b8392a678f35c82ca26", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8000/v1", "region": "prodstack6"}], "id": "3d4b59f7dab644b2b527e8e96b697545", "type": "cloudformation", "name": "heat-cfn"}, {"endpoints": [{"id": "2e0143334c6241169f45f1c11970c6bc", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "5e19c32243c04a3faf1e5f9ab900c260", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "b3fc5c88ec8543a691fec75726b86967", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}], "id": "43b926205044476b8093b18d8ce0a9e4", "type": "orchestration", "name": "heat"}, {"endpoints": [{"id": "a47569b96e5b4146a312e4673504557c", "interface": "public", "region_id": "prodstack6", "url": "https://glance.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "bba35c4ab04f4114a2a34e65568537bd", "interface": "internal", "region_id": "prodstack6", "url": "https://glance-internal.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "ef769f1117c74a62a279131486c89628", "interface": "admin", "region_id": "prodstack6", "url": "https://glance-adminCreating nova instance adt-noble-arm64-sssd-20240324-200808-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-arm64-server-20240324.img (UUID 943dd583-2042-4622-b4ce-bdf10ad153ac)... 627s nova boot failed (attempt #1): 627s DEBUG (extension:189) found extension EntryPoint.parse('v1password = swiftclient.authv1:PasswordLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('noauth = cinderclient.contrib.noauth:CinderNoAuthLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('admin_token = keystoneauth1.loading._plugins.admin_token:AdminToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('none = keystoneauth1.loading._plugins.noauth:NoAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('password = keystoneauth1.loading._plugins.identity.generic:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('token = keystoneauth1.loading._plugins.identity.generic:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2password = keystoneauth1.loading._plugins.identity.v2:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2token = keystoneauth1.loading._plugins.identity.v2:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3adfspassword = keystoneauth1.extras._saml2._loading:ADFSPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3applicationcredential = keystoneauth1.loading._plugins.identity.v3:ApplicationCredential') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3fedkerb = keystoneauth1.extras.kerberos._loading:MappedKerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3kerberos = keystoneauth1.extras.kerberos._loading:Kerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3multifactor = keystoneauth1.loading._plugins.identity.v3:MultiFactor') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oauth1 = keystoneauth1.extras.oauth1._loading:V3OAuth1') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcaccesstoken = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAccessToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcauthcode = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAuthorizationCode') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcclientcredentials = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectClientCredentials') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcpassword = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3password = keystoneauth1.loading._plugins.identity.v3:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3samlpassword = keystoneauth1.extras._saml2._loading:Saml2Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3token = keystoneauth1.loading._plugins.identity.v3:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3tokenlessauth = keystoneauth1.loading._plugins.identity.v3:TokenlessAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3totp = keystoneauth1.loading._plugins.identity.v3:TOTP') 627s DEBUG (session:517) REQ: curl -g -i -X GET https://keystone.ps6.canonical.com:5000/v3 -H "Accept: application/json" -H "User-Agent: nova keystoneauth1/4.0.0 python-requests/2.22.0 CPython/3.8.10" 627s DEBUG (connectionpool:962) Starting new HTTPS connection (1): keystone.ps6.canonical.com:5000 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "GET /v3 HTTP/1.1" 200 267 627s DEBUG (session:548) RESP: [200] Connection: Keep-Alive Content-Length: 267 Content-Type: application/json Date: Sun, 24 Mar 2024 20:12:26 GMT Keep-Alive: timeout=75, max=1000 Server: Apache/2.4.52 (Ubuntu) Vary: X-Auth-Token x-openstack-request-id: req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (session:580) RESP BODY: {"version": {"id": "v3.14", "status": "stable", "updated": "2020-04-07T00:00:00Z", "links": [{"rel": "self", "href": "https://keystone.ps6.canonical.com:5000/v3/"}], "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}]}} 627s DEBUG (session:946) GET call to https://keystone.ps6.canonical.com:5000/v3 used request id req-b93068e7-b2ac-413b-82f6-b51c7574a510 627s DEBUG (base:182) Making authentication request to https://keystone.ps6.canonical.com:5000/v3/auth/tokens 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "POST /v3/auth/tokens HTTP/1.1" 201 12445 627s DEBUG (base:187) {"token": {"methods": ["password"], "user": {"domain": {"id": "default", "name": "Default"}, "id": "369f50a481564a2c9433776a4ebd224d", "name": "prod-proposed-migration-arm64", "password_expires_at": null}, "audit_ids": ["hEG8-5_gQciKK9UmtJBcHw"], "expires_at": "2024-03-25T20:12:26.000000Z", "issued_at": "2024-03-24T20:12:26.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "bd8b3df3f03d43a0a9303b7c0434fdab", "name": "prod-proposed-migration-arm64_project"}, "is_domain": false, "roles": [{"id": "86bf3043974746c2bf52c2a9f362f986", "name": "reader"}, {"id": "15cf997650e345b7b21c02b5cdb7d84a", "name": "member"}], "is_admin_project": false, "catalog": [{"endpoints": [{"id": "213cdf38198c4581bd5b7d6d0836923b", "interface": "internal", "region_id": "prodstack6", "url": "https://radosgw-internal.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "67061eee26944a1a8009f9d07be19738", "interface": "public", "region_id": "prodstack6", "url": "https://radosgw.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "fc88c52c749a47d08a24a2c7efbde01b", "interface": "admin", "region_id": "prodstack6", "url": "https://radosgw-admin.ps6.canonical.com:443/", "region": "prodstack6"}], "id": "06e4714942634054bf9aa11715312b4e", "type": "s3", "name": "s3"}, {"endpoints": [{"id": "8aa44c94b63746bd9b37f1008ad55fa8", "interface": "admin", "region_id": "prodstack6", "url": "https://aodh-admin.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "92cf08a80a0242ebbca8ec893cf332b1", "interface": "public", "region_id": "prodstack6", "url": "https://aodh.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "d8139c6e11ae4edcb78981c12bd53212", "interface": "internal", "region_id": "prodstack6", "url": "https://aodh-internal.ps6.canonical.com:8042", "region": "prodstack6"}], "id": "2fb939b0b969435c8f0c5fa4edb4de94", "type": "alarming", "name": "aodh"}, {"endpoints": [{"id": "a49fcc80e658411885f88cdd8432a571", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "b23866fddba8415885b06c064c34b94b", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "f84ae55197f94b8392a678f35c82ca26", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8000/v1", "region": "prodstack6"}], "id": "3d4b59f7dab644b2b527e8e96b697545", "type": "cloudformation", "name": "heat-cfn"}, {"endpoints": [{"id": "2e0143334c6241169f45f1c11970c6bc", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "5e19c32243c04a3faf1e5f9ab900c260", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "b3fc5c88ec8543a691fec75726b86967", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}], "id": "43b926205044476b8093b18d8ce0a9e4", "type": "orchestration", "name": "heat"}, {"endpoints": [{"id": "a47569b96e5b4146a312e4673504557c", "interface": "public", "region_id": "prodstack6", "url": "https://glance.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "bba35c4ab04f4114a2a34e65568537bd", "interface": "internal", "region_id": "prodstack6", "url": "https://glance-internal.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "ef769f1117c74a62a279131486c89628", "interface": "admin", "region_id": "prodstack6", "url": "https://glance-adminCreating nova instance adt-noble-arm64-sssd-20240324-200808-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-arm64-server-20240324.img (UUID 943dd583-2042-4622-b4ce-bdf10ad153ac)... 627s nova boot failed (attempt #1): 627s DEBUG (extension:189) found extension EntryPoint.parse('v1password = swiftclient.authv1:PasswordLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('noauth = cinderclient.contrib.noauth:CinderNoAuthLoader') 627s DEBUG (extension:189) found extension EntryPoint.parse('admin_token = keystoneauth1.loading._plugins.admin_token:AdminToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('none = keystoneauth1.loading._plugins.noauth:NoAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('password = keystoneauth1.loading._plugins.identity.generic:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('token = keystoneauth1.loading._plugins.identity.generic:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2password = keystoneauth1.loading._plugins.identity.v2:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v2token = keystoneauth1.loading._plugins.identity.v2:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3adfspassword = keystoneauth1.extras._saml2._loading:ADFSPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3applicationcredential = keystoneauth1.loading._plugins.identity.v3:ApplicationCredential') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3fedkerb = keystoneauth1.extras.kerberos._loading:MappedKerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3kerberos = keystoneauth1.extras.kerberos._loading:Kerberos') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3multifactor = keystoneauth1.loading._plugins.identity.v3:MultiFactor') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oauth1 = keystoneauth1.extras.oauth1._loading:V3OAuth1') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcaccesstoken = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAccessToken') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcauthcode = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAuthorizationCode') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcclientcredentials = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectClientCredentials') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3oidcpassword = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectPassword') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3password = keystoneauth1.loading._plugins.identity.v3:Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3samlpassword = keystoneauth1.extras._saml2._loading:Saml2Password') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3token = keystoneauth1.loading._plugins.identity.v3:Token') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3tokenlessauth = keystoneauth1.loading._plugins.identity.v3:TokenlessAuth') 627s DEBUG (extension:189) found extension EntryPoint.parse('v3totp = keystoneauth1.loading._plugins.identity.v3:TOTP') 627s DEBUG (session:517) REQ: curl -g -i -X GET https://keystone.ps6.canonical.com:5000/v3 -H "Accept: application/json" -H "User-Agent: nova keystoneauth1/4.0.0 python-requests/2.22.0 CPython/3.8.10" 627s DEBUG (connectionpool:962) Starting new HTTPS connection (1): keystone.ps6.canonical.com:5000 627s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "GET /v3 HTTP/1.1" 200 267 627s DEBUG (session:548) RESP: [200] Connection: Keep-Alive Content-Length: 267 Content-Type: application/json Date: Sun, 24 Mar 2024 20:12:26 GMT Keep-Alive: timeout=75, max=1000 Server: Apache/2.4.52 (Ubuntu) Vary: X-Auth-Token x-openstack-request-id: req-b93068e7-b2ac-413b-82f6-b51c7574a510 630s DEBUG (session:580) RESP BODY: {"version": {"id": "v3.14", "status": "stable", "updated": "2020-04-07T00:00:00Z", "links": [{"rel": "self", "href": "https://keystone.ps6.canonical.com:5000/v3/"}], "media-types": [{"base": "application/json", "type": "application/vnd.openautopkgtest [20:18:38]: testbed dpkg architecture: arm64 631s autopkgtest [20:18:39]: testbed apt version: 2.7.12 631s autopkgtest [20:18:39]: @@@@@@@@@@@@@@@@@@@@ test bed setup 631s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 631s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [57.3 kB] 631s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [6540 B] 631s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [495 kB] 631s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [3981 kB] 632s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 Packages [708 kB] 632s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 c-n-f Metadata [3144 B] 632s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted arm64 Packages [33.7 kB] 632s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted arm64 c-n-f Metadata [116 B] 632s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe arm64 Packages [4355 kB] 632s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe arm64 c-n-f Metadata [8528 B] 632s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse arm64 Packages [70.1 kB] 632s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse arm64 c-n-f Metadata [116 B] 634s Fetched 9836 kB in 2s (5812 kB/s) 634s Reading package lists... 637s Reading package lists... 637s Building dependency tree... 637s Reading state information... 638s Calculating upgrade... 638s The following packages will be REMOVED: 638s libreadline8 libssl3 638s The following NEW packages will be installed: 638s libreadline8t64 libssl3t64 638s The following packages have been kept back: 638s libpython3.12-minimal libpython3.12-stdlib python3.12 python3.12-minimal 638s The following packages will be upgraded: 638s libtirpc-common openssl readline-common 638s 3 upgraded, 2 newly installed, 2 to remove and 4 not upgraded. 638s Need to get 2995 kB of archives. 638s After this operation, 207 kB of additional disk space will be used. 638s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 readline-common all 8.2-4 [56.4 kB] 638s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libreadline8t64 arm64 8.2-4 [153 kB] 638s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 openssl arm64 3.0.13-0ubuntu2 [985 kB] 639s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libssl3t64 arm64 3.0.13-0ubuntu2 [1793 kB] 639s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libtirpc-common all 1.3.4+ds-1.1 [8018 B] 640s Fetched 2995 kB in 1s (3877 kB/s) 640s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74819 files and directories currently installed.) 640s Preparing to unpack .../readline-common_8.2-4_all.deb ... 640s Unpacking readline-common (8.2-4) over (8.2-3) ... 640s dpkg: libreadline8:arm64: dependency problems, but removing anyway as you requested: 640s parted depends on libreadline8 (>= 6.0). 640s libpython3.12-stdlib:arm64 depends on libreadline8 (>= 7.0~beta). 640s gpgsm depends on libreadline8 (>= 6.0). 640s gpgconf depends on libreadline8 (>= 6.0). 640s gpg depends on libreadline8 (>= 6.0). 640s gawk depends on libreadline8 (>= 6.0). 640s fdisk depends on libreadline8 (>= 6.0). 640s 640s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74819 files and directories currently installed.) 640s Removing libreadline8:arm64 (8.2-3) ... 640s Selecting previously unselected package libreadline8t64:arm64. 640s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74807 files and directories currently installed.) 640s Preparing to unpack .../libreadline8t64_8.2-4_arm64.deb ... 640s Adding 'diversion of /lib/aarch64-linux-gnu/libhistory.so.8 to /lib/aarch64-linux-gnu/libhistory.so.8.usr-is-merged by libreadline8t64' 640s Adding 'diversion of /lib/aarch64-linux-gnu/libhistory.so.8.2 to /lib/aarch64-linux-gnu/libhistory.so.8.2.usr-is-merged by libreadline8t64' 640s Adding 'diversion of /lib/aarch64-linux-gnu/libreadline.so.8 to /lib/aarch64-linux-gnu/libreadline.so.8.usr-is-merged by libreadline8t64' 640s Adding 'diversion of /lib/aarch64-linux-gnu/libreadline.so.8.2 to /lib/aarch64-linux-gnu/libreadline.so.8.2.usr-is-merged by libreadline8t64' 640s Unpacking libreadline8t64:arm64 (8.2-4) ... 640s Preparing to unpack .../openssl_3.0.13-0ubuntu2_arm64.deb ... 640s Unpacking openssl (3.0.13-0ubuntu2) over (3.0.10-1ubuntu4) ... 640s dpkg: libssl3:arm64: dependency problems, but removing anyway as you requested: 640s wget depends on libssl3 (>= 3.0.0). 640s u-boot-tools depends on libssl3 (>= 3.0.0). 640s tnftp depends on libssl3 (>= 3.0.0). 640s tcpdump depends on libssl3 (>= 3.0.0). 640s systemd-resolved depends on libssl3 (>= 3.0.0). 640s systemd depends on libssl3 (>= 3.0.0). 640s sudo depends on libssl3 (>= 3.0.0). 640s sbsigntool depends on libssl3 (>= 3.0.0). 640s rsync depends on libssl3 (>= 3.0.0). 640s python3-cryptography depends on libssl3 (>= 3.0.0). 640s openssh-server depends on libssl3 (>= 3.0.10). 640s openssh-client depends on libssl3 (>= 3.0.10). 640s mtd-utils depends on libssl3 (>= 3.0.0). 640s mokutil depends on libssl3 (>= 3.0.0). 640s linux-headers-6.8.0-11-generic depends on libssl3 (>= 3.0.0). 640s libsystemd-shared:arm64 depends on libssl3 (>= 3.0.0). 640s libssh-4:arm64 depends on libssl3 (>= 3.0.0). 640s libsasl2-modules:arm64 depends on libssl3 (>= 3.0.0). 640s libsasl2-2:arm64 depends on libssl3 (>= 3.0.0). 640s libpython3.12-minimal:arm64 depends on libssl3 (>= 3.0.0). 640s libnvme1 depends on libssl3 (>= 3.0.0). 640s libkrb5-3:arm64 depends on libssl3 (>= 3.0.0). 640s libkmod2:arm64 depends on libssl3 (>= 3.0.0). 640s libfido2-1:arm64 depends on libssl3 (>= 3.0.0). 640s libcurl4:arm64 depends on libssl3 (>= 3.0.0). 640s libcryptsetup12:arm64 depends on libssl3 (>= 3.0.0). 640s kmod depends on libssl3 (>= 3.0.0). 640s dhcpcd-base depends on libssl3 (>= 3.0.0). 640s bind9-libs:arm64 depends on libssl3 (>= 3.0.0). 640s 640s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74827 files and directories currently installed.) 640s Removing libssl3:arm64 (3.0.10-1ubuntu4) ... 641s Selecting previously unselected package libssl3t64:arm64. 641s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74816 files and directories currently installed.) 641s Preparing to unpack .../libssl3t64_3.0.13-0ubuntu2_arm64.deb ... 641s Unpacking libssl3t64:arm64 (3.0.13-0ubuntu2) ... 641s Preparing to unpack .../libtirpc-common_1.3.4+ds-1.1_all.deb ... 641s Unpacking libtirpc-common (1.3.4+ds-1.1) over (1.3.4+ds-1build1) ... 641s Setting up libssl3t64:arm64 (3.0.13-0ubuntu2) ... 641s Setting up libtirpc-common (1.3.4+ds-1.1) ... 641s Setting up openssl (3.0.13-0ubuntu2) ... 641s Setting up readline-common (8.2-4) ... 641s Setting up libreadline8t64:arm64 (8.2-4) ... 641s Processing triggers for libc-bin (2.39-0ubuntu6) ... 641s Processing triggers for man-db (2.12.0-3) ... 641s Processing triggers for install-info (7.1-3) ... 642s Reading package lists... 642s Building dependency tree... 642s Reading state information... 643s 0 upgraded, 0 newly installed, 0 to remove and 4 not upgraded. 643s sh: Attempting to set up Debian/Ubuntu apt sources automatically 643s sh: Distribution appears to be Ubuntu 644s Reading package lists... 644s Building dependency tree... 644s Reading state information... 645s eatmydata is already the newest version (131-1). 645s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 645s Reading package lists... 645s Building dependency tree... 645s Reading state information... 646s dbus is already the newest version (1.14.10-4ubuntu1). 646s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 646s Reading package lists... 646s Building dependency tree... 646s Reading state information... 646s rng-tools-debian is already the newest version (2.4). 646s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 647s Reading package lists... 647s Building dependency tree... 647s Reading state information... 647s The following packages will be REMOVED: 647s cloud-init* python3-configobj* python3-debconf* 648s 0 upgraded, 0 newly installed, 3 to remove and 0 not upgraded. 648s After this operation, 3256 kB disk space will be freed. 648s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74829 files and directories currently installed.) 648s Removing cloud-init (24.1.2-0ubuntu1) ... 648s Removing python3-configobj (5.0.8-3) ... 648s Removing python3-debconf (1.5.86) ... 648s Processing triggers for man-db (2.12.0-3) ... 649s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74440 files and directories currently installed.) 649s Purging configuration files for cloud-init (24.1.2-0ubuntu1) ... 649s dpkg: warning: while removing cloud-init, directory '/etc/cloud/cloud.cfg.d' not empty so not removed 649s Processing triggers for rsyslog (8.2312.0-3ubuntu3) ... 649s invoke-rc.d: policy-rc.d denied execution of try-restart. 650s Reading package lists... 650s Building dependency tree... 650s Reading state information... 650s linux-generic is already the newest version (6.8.0-11.11+1). 650s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 651s Hit:1 http://ftpmaster.internal/ubuntu noble InRelease 651s Hit:2 http://ftpmaster.internal/ubuntu noble-updates InRelease 651s Hit:3 http://ftpmaster.internal/ubuntu noble-security InRelease 653s Reading package lists... 653s Reading package lists... 653s Building dependency tree... 653s Reading state information... 654s Calculating upgrade... 654s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 654s Reading package lists... 654s Building dependency tree... 654s Reading state information... 655s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 655s autopkgtest [20:19:03]: rebooting testbed after setup commands that affected boot 687s Reading package lists... 688s Building dependency tree... 688s Reading state information... 688s Starting pkgProblemResolver with broken count: 0 688s Starting 2 pkgProblemResolver with broken count: 0 688s Done 688s The following additional packages will be installed: 688s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 688s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 688s libevent-2.1-7 libgnutls-dane0 libini-config5 libipa-hbac0 libldb2 688s libnfsidmap1 libnss-sss libpam-pwquality libpam-sss libpath-utils1 688s libpwquality-common libpwquality1 libref-array1 libsmbclient libsofthsm2 688s libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 688s libtevent0 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 688s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 688s sssd-krb5-common sssd-ldap sssd-proxy 688s Suggested packages: 688s dns-root-data adcli libsss-sudo sssd-tools libsasl2-modules-ldap 688s Recommended packages: 688s cracklib-runtime libsasl2-modules-gssapi-mit 688s | libsasl2-modules-gssapi-heimdal ldap-utils 689s The following NEW packages will be installed: 689s autopkgtest-satdep gnutls-bin libavahi-client3 libavahi-common-data 689s libavahi-common3 libbasicobjects0 libc-ares2 libcollection4 libcrack2 689s libdhash1 libevent-2.1-7 libgnutls-dane0 libini-config5 libipa-hbac0 libldb2 689s libnfsidmap1 libnss-sss libpam-pwquality libpam-sss libpath-utils1 689s libpwquality-common libpwquality1 libref-array1 libsmbclient libsofthsm2 689s libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 689s libtevent0 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 689s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 689s sssd-krb5-common sssd-ldap sssd-proxy 689s 0 upgraded, 46 newly installed, 0 to remove and 0 not upgraded. 689s Need to get 10.1 MB/10.1 MB of archives. 689s After this operation, 48.6 MB of additional disk space will be used. 689s Get:1 /tmp/autopkgtest.kUbq3h/3-autopkgtest-satdep.deb autopkgtest-satdep arm64 0 [740 B] 689s Get:2 http://ftpmaster.internal/ubuntu noble/main arm64 libevent-2.1-7 arm64 2.1.12-stable-9 [138 kB] 689s Get:3 http://ftpmaster.internal/ubuntu noble/main arm64 libunbound8 arm64 1.19.1-1ubuntu1 [423 kB] 689s Get:4 http://ftpmaster.internal/ubuntu noble/main arm64 libgnutls-dane0 arm64 3.8.3-1ubuntu1 [23.3 kB] 689s Get:5 http://ftpmaster.internal/ubuntu noble/universe arm64 gnutls-bin arm64 3.8.3-1ubuntu1 [267 kB] 689s Get:6 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-common-data arm64 0.8-13ubuntu2 [29.5 kB] 689s Get:7 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-common3 arm64 0.8-13ubuntu2 [23.2 kB] 689s Get:8 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-client3 arm64 0.8-13ubuntu2 [27.3 kB] 689s Get:9 http://ftpmaster.internal/ubuntu noble/main arm64 libcrack2 arm64 2.9.6-5.1 [28.7 kB] 689s Get:10 http://ftpmaster.internal/ubuntu noble/main arm64 libtalloc2 arm64 2.4.2-1 [26.6 kB] 689s Get:11 http://ftpmaster.internal/ubuntu noble/main arm64 libtdb1 arm64 1.4.10-1 [48.4 kB] 689s Get:12 http://ftpmaster.internal/ubuntu noble/main arm64 libtevent0 arm64 0.16.1-1 [41.8 kB] 689s Get:13 http://ftpmaster.internal/ubuntu noble/main arm64 libldb2 arm64 2:2.8.0+samba4.19.5+dfsg-1ubuntu1 [187 kB] 689s Get:14 http://ftpmaster.internal/ubuntu noble/main arm64 libnfsidmap1 arm64 1:2.6.3-3ubuntu1 [47.1 kB] 689s Get:15 http://ftpmaster.internal/ubuntu noble/main arm64 libpwquality-common all 1.4.5-3 [7658 B] 689s Get:16 http://ftpmaster.internal/ubuntu noble/main arm64 libpwquality1 arm64 1.4.5-3 [13.2 kB] 689s Get:17 http://ftpmaster.internal/ubuntu noble/main arm64 libpam-pwquality arm64 1.4.5-3 [11.6 kB] 689s Get:18 http://ftpmaster.internal/ubuntu noble/main arm64 libwbclient0 arm64 2:4.19.5+dfsg-1ubuntu1 [70.6 kB] 689s Get:19 http://ftpmaster.internal/ubuntu noble/main arm64 samba-libs arm64 2:4.19.5+dfsg-1ubuntu1 [6061 kB] 690s Get:20 http://ftpmaster.internal/ubuntu noble/universe arm64 softhsm2-common arm64 2.6.1-2.2 [5806 B] 690s Get:21 http://ftpmaster.internal/ubuntu noble/universe arm64 libsofthsm2 arm64 2.6.1-2.2 [246 kB] 690s Get:22 http://ftpmaster.internal/ubuntu noble/universe arm64 softhsm2 arm64 2.6.1-2.2 [167 kB] 690s Get:23 http://ftpmaster.internal/ubuntu noble/main arm64 python3-sss arm64 2.9.4-1ubuntu1 [46.5 kB] 690s Get:24 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-idmap0 arm64 2.9.4-1ubuntu1 [21.8 kB] 690s Get:25 http://ftpmaster.internal/ubuntu noble/main arm64 libnss-sss arm64 2.9.4-1ubuntu1 [31.7 kB] 690s Get:26 http://ftpmaster.internal/ubuntu noble/main arm64 libpam-sss arm64 2.9.4-1ubuntu1 [48.8 kB] 690s Get:27 http://ftpmaster.internal/ubuntu noble/main arm64 libc-ares2 arm64 1.27.0-1 [74.1 kB] 690s Get:28 http://ftpmaster.internal/ubuntu noble/main arm64 libdhash1 arm64 0.6.2-2 [8540 B] 690s Get:29 http://ftpmaster.internal/ubuntu noble/main arm64 libbasicobjects0 arm64 0.6.2-2 [5586 B] 690s Get:30 http://ftpmaster.internal/ubuntu noble/main arm64 libcollection4 arm64 0.6.2-2 [23.0 kB] 690s Get:31 http://ftpmaster.internal/ubuntu noble/main arm64 libpath-utils1 arm64 0.6.2-2 [8722 B] 690s Get:32 http://ftpmaster.internal/ubuntu noble/main arm64 libref-array1 arm64 0.6.2-2 [7042 B] 690s Get:33 http://ftpmaster.internal/ubuntu noble/main arm64 libini-config5 arm64 0.6.2-2 [43.7 kB] 690s Get:34 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-certmap0 arm64 2.9.4-1ubuntu1 [45.8 kB] 690s Get:35 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-nss-idmap0 arm64 2.9.4-1ubuntu1 [30.3 kB] 690s Get:36 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-common arm64 2.9.4-1ubuntu1 [1147 kB] 690s Get:37 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ad-common arm64 2.9.4-1ubuntu1 [75.4 kB] 690s Get:38 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-krb5-common arm64 2.9.4-1ubuntu1 [87.9 kB] 690s Get:39 http://ftpmaster.internal/ubuntu noble/main arm64 libsmbclient arm64 2:4.19.5+dfsg-1ubuntu1 [62.2 kB] 690s Get:40 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ad arm64 2.9.4-1ubuntu1 [134 kB] 690s Get:41 http://ftpmaster.internal/ubuntu noble/main arm64 libipa-hbac0 arm64 2.9.4-1ubuntu1 [16.7 kB] 690s Get:42 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ipa arm64 2.9.4-1ubuntu1 [220 kB] 690s Get:43 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-krb5 arm64 2.9.4-1ubuntu1 [14.3 kB] 690s Get:44 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ldap arm64 2.9.4-1ubuntu1 [31.3 kB] 690s Get:45 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-proxy arm64 2.9.4-1ubuntu1 [44.6 kB] 690s Get:46 http://ftpmaster.internal/ubuntu noble/main arm64 sssd arm64 2.9.4-1ubuntu1 [4120 B] 690s Fetched 10.1 MB in 1s (8516 kB/s) 690s Selecting previously unselected package libevent-2.1-7:arm64. 691s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74385 files and directories currently installed.) 691s Preparing to unpack .../00-libevent-2.1-7_2.1.12-stable-9_arm64.deb ... 691s Unpacking libevent-2.1-7:arm64 (2.1.12-stable-9) ... 691s Selecting previously unselected package libunbound8:arm64. 691s Preparing to unpack .../01-libunbound8_1.19.1-1ubuntu1_arm64.deb ... 691s Unpacking libunbound8:arm64 (1.19.1-1ubuntu1) ... 691s Selecting previously unselected package libgnutls-dane0:arm64. 691s Preparing to unpack .../02-libgnutls-dane0_3.8.3-1ubuntu1_arm64.deb ... 691s Unpacking libgnutls-dane0:arm64 (3.8.3-1ubuntu1) ... 691s Selecting previously unselected package gnutls-bin. 691s Preparing to unpack .../03-gnutls-bin_3.8.3-1ubuntu1_arm64.deb ... 691s Unpacking gnutls-bin (3.8.3-1ubuntu1) ... 691s Selecting previously unselected package libavahi-common-data:arm64. 691s Preparing to unpack .../04-libavahi-common-data_0.8-13ubuntu2_arm64.deb ... 691s Unpacking libavahi-common-data:arm64 (0.8-13ubuntu2) ... 691s Selecting previously unselected package libavahi-common3:arm64. 691s Preparing to unpack .../05-libavahi-common3_0.8-13ubuntu2_arm64.deb ... 691s Unpacking libavahi-common3:arm64 (0.8-13ubuntu2) ... 691s Selecting previously unselected package libavahi-client3:arm64. 691s Preparing to unpack .../06-libavahi-client3_0.8-13ubuntu2_arm64.deb ... 691s Unpacking libavahi-client3:arm64 (0.8-13ubuntu2) ... 691s Selecting previously unselected package libcrack2:arm64. 691s Preparing to unpack .../07-libcrack2_2.9.6-5.1_arm64.deb ... 691s Unpacking libcrack2:arm64 (2.9.6-5.1) ... 691s Selecting previously unselected package libtalloc2:arm64. 691s Preparing to unpack .../08-libtalloc2_2.4.2-1_arm64.deb ... 691s Unpacking libtalloc2:arm64 (2.4.2-1) ... 691s Selecting previously unselected package libtdb1:arm64. 691s Preparing to unpack .../09-libtdb1_1.4.10-1_arm64.deb ... 691s Unpacking libtdb1:arm64 (1.4.10-1) ... 691s Selecting previously unselected package libtevent0:arm64. 691s Preparing to unpack .../10-libtevent0_0.16.1-1_arm64.deb ... 691s Unpacking libtevent0:arm64 (0.16.1-1) ... 691s Selecting previously unselected package libldb2:arm64. 691s Preparing to unpack .../11-libldb2_2%3a2.8.0+samba4.19.5+dfsg-1ubuntu1_arm64.deb ... 691s Unpacking libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 691s Selecting previously unselected package libnfsidmap1:arm64. 691s Preparing to unpack .../12-libnfsidmap1_1%3a2.6.3-3ubuntu1_arm64.deb ... 691s Unpacking libnfsidmap1:arm64 (1:2.6.3-3ubuntu1) ... 691s Selecting previously unselected package libpwquality-common. 691s Preparing to unpack .../13-libpwquality-common_1.4.5-3_all.deb ... 691s Unpacking libpwquality-common (1.4.5-3) ... 691s Selecting previously unselected package libpwquality1:arm64. 691s Preparing to unpack .../14-libpwquality1_1.4.5-3_arm64.deb ... 691s Unpacking libpwquality1:arm64 (1.4.5-3) ... 691s Selecting previously unselected package libpam-pwquality:arm64. 691s Preparing to unpack .../15-libpam-pwquality_1.4.5-3_arm64.deb ... 691s Unpacking libpam-pwquality:arm64 (1.4.5-3) ... 691s Selecting previously unselected package libwbclient0:arm64. 691s Preparing to unpack .../16-libwbclient0_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 691s Unpacking libwbclient0:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 691s Selecting previously unselected package samba-libs:arm64. 691s Preparing to unpack .../17-samba-libs_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 691s Unpacking samba-libs:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 691s Selecting previously unselected package softhsm2-common. 691s Preparing to unpack .../18-softhsm2-common_2.6.1-2.2_arm64.deb ... 691s Unpacking softhsm2-common (2.6.1-2.2) ... 691s Selecting previously unselected package libsofthsm2. 691s Preparing to unpack .../19-libsofthsm2_2.6.1-2.2_arm64.deb ... 691s Unpacking libsofthsm2 (2.6.1-2.2) ... 691s Selecting previously unselected package softhsm2. 692s Preparing to unpack .../20-softhsm2_2.6.1-2.2_arm64.deb ... 692s Unpacking softhsm2 (2.6.1-2.2) ... 692s Selecting previously unselected package python3-sss. 692s Preparing to unpack .../21-python3-sss_2.9.4-1ubuntu1_arm64.deb ... 692s Unpacking python3-sss (2.9.4-1ubuntu1) ... 692s Selecting previously unselected package libsss-idmap0. 692s Preparing to unpack .../22-libsss-idmap0_2.9.4-1ubuntu1_arm64.deb ... 692s Unpacking libsss-idmap0 (2.9.4-1ubuntu1) ... 692s Selecting previously unselected package libnss-sss:arm64. 692s Preparing to unpack .../23-libnss-sss_2.9.4-1ubuntu1_arm64.deb ... 692s Unpacking libnss-sss:arm64 (2.9.4-1ubuntu1) ... 692s Selecting previously unselected package libpam-sss:arm64. 692s Preparing to unpack .../24-libpam-sss_2.9.4-1ubuntu1_arm64.deb ... 692s Unpacking libpam-sss:arm64 (2.9.4-1ubuntu1) ... 692s Selecting previously unselected package libc-ares2:arm64. 692s Preparing to unpack .../25-libc-ares2_1.27.0-1_arm64.deb ... 692s Unpacking libc-ares2:arm64 (1.27.0-1) ... 692s Selecting previously unselected package libdhash1:arm64. 692s Preparing to unpack .../26-libdhash1_0.6.2-2_arm64.deb ... 692s Unpacking libdhash1:arm64 (0.6.2-2) ... 692s Selecting previously unselected package libbasicobjects0:arm64. 692s Preparing to unpack .../27-libbasicobjects0_0.6.2-2_arm64.deb ... 692s Unpacking libbasicobjects0:arm64 (0.6.2-2) ... 692s Selecting previously unselected package libcollection4:arm64. 692s Preparing to unpack .../28-libcollection4_0.6.2-2_arm64.deb ... 692s Unpacking libcollection4:arm64 (0.6.2-2) ... 692s Selecting previously unselected package libpath-utils1:arm64. 692s Preparing to unpack .../29-libpath-utils1_0.6.2-2_arm64.deb ... 692s Unpacking libpath-utils1:arm64 (0.6.2-2) ... 692s Selecting previously unselected package libref-array1:arm64. 692s Preparing to unpack .../30-libref-array1_0.6.2-2_arm64.deb ... 692s Unpacking libref-array1:arm64 (0.6.2-2) ... 692s Selecting previously unselected package libini-config5:arm64. 692s Preparing to unpack .../31-libini-config5_0.6.2-2_arm64.deb ... 692s Unpacking libini-config5:arm64 (0.6.2-2) ... 692s Selecting previously unselected package libsss-certmap0. 692s Preparing to unpack .../32-libsss-certmap0_2.9.4-1ubuntu1_arm64.deb ... 692s Unpacking libsss-certmap0 (2.9.4-1ubuntu1) ... 692s Selecting previously unselected package libsss-nss-idmap0. 692s Preparing to unpack .../33-libsss-nss-idmap0_2.9.4-1ubuntu1_arm64.deb ... 692s Unpacking libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 692s Selecting previously unselected package sssd-common. 692s Preparing to unpack .../34-sssd-common_2.9.4-1ubuntu1_arm64.deb ... 692s Unpacking sssd-common (2.9.4-1ubuntu1) ... 692s Selecting previously unselected package sssd-ad-common. 692s Preparing to unpack .../35-sssd-ad-common_2.9.4-1ubuntu1_arm64.deb ... 692s Unpacking sssd-ad-common (2.9.4-1ubuntu1) ... 692s Selecting previously unselected package sssd-krb5-common. 692s Preparing to unpack .../36-sssd-krb5-common_2.9.4-1ubuntu1_arm64.deb ... 692s Unpacking sssd-krb5-common (2.9.4-1ubuntu1) ... 692s Selecting previously unselected package libsmbclient:arm64. 692s Preparing to unpack .../37-libsmbclient_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 692s Unpacking libsmbclient:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 692s Selecting previously unselected package sssd-ad. 692s Preparing to unpack .../38-sssd-ad_2.9.4-1ubuntu1_arm64.deb ... 692s Unpacking sssd-ad (2.9.4-1ubuntu1) ... 692s Selecting previously unselected package libipa-hbac0. 692s Preparing to unpack .../39-libipa-hbac0_2.9.4-1ubuntu1_arm64.deb ... 692s Unpacking libipa-hbac0 (2.9.4-1ubuntu1) ... 692s Selecting previously unselected package sssd-ipa. 692s Preparing to unpack .../40-sssd-ipa_2.9.4-1ubuntu1_arm64.deb ... 692s Unpacking sssd-ipa (2.9.4-1ubuntu1) ... 692s Selecting previously unselected package sssd-krb5. 692s Preparing to unpack .../41-sssd-krb5_2.9.4-1ubuntu1_arm64.deb ... 692s Unpacking sssd-krb5 (2.9.4-1ubuntu1) ... 692s Selecting previously unselected package sssd-ldap. 692s Preparing to unpack .../42-sssd-ldap_2.9.4-1ubuntu1_arm64.deb ... 692s Unpacking sssd-ldap (2.9.4-1ubuntu1) ... 692s Selecting previously unselected package sssd-proxy. 692s Preparing to unpack .../43-sssd-proxy_2.9.4-1ubuntu1_arm64.deb ... 692s Unpacking sssd-proxy (2.9.4-1ubuntu1) ... 692s Selecting previously unselected package sssd. 692s Preparing to unpack .../44-sssd_2.9.4-1ubuntu1_arm64.deb ... 692s Unpacking sssd (2.9.4-1ubuntu1) ... 692s Selecting previously unselected package autopkgtest-satdep. 692s Preparing to unpack .../45-3-autopkgtest-satdep.deb ... 692s Unpacking autopkgtest-satdep (0) ... 692s Setting up libpwquality-common (1.4.5-3) ... 692s Setting up libpath-utils1:arm64 (0.6.2-2) ... 692s Setting up softhsm2-common (2.6.1-2.2) ... 693s 693s Creating config file /etc/softhsm/softhsm2.conf with new version 693s Setting up libnfsidmap1:arm64 (1:2.6.3-3ubuntu1) ... 693s Setting up libsss-idmap0 (2.9.4-1ubuntu1) ... 693s Setting up libbasicobjects0:arm64 (0.6.2-2) ... 693s Setting up libtdb1:arm64 (1.4.10-1) ... 693s Setting up libc-ares2:arm64 (1.27.0-1) ... 693s Setting up libwbclient0:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 693s Setting up libtalloc2:arm64 (2.4.2-1) ... 693s Setting up libdhash1:arm64 (0.6.2-2) ... 693s Setting up libtevent0:arm64 (0.16.1-1) ... 693s Setting up libavahi-common-data:arm64 (0.8-13ubuntu2) ... 693s Setting up libevent-2.1-7:arm64 (2.1.12-stable-9) ... 693s Setting up libcrack2:arm64 (2.9.6-5.1) ... 693s Setting up libcollection4:arm64 (0.6.2-2) ... 693s Setting up libipa-hbac0 (2.9.4-1ubuntu1) ... 693s Setting up libref-array1:arm64 (0.6.2-2) ... 693s Setting up libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 693s Setting up libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 693s Setting up libnss-sss:arm64 (2.9.4-1ubuntu1) ... 693s Setting up libsofthsm2 (2.6.1-2.2) ... 693s Setting up softhsm2 (2.6.1-2.2) ... 693s Setting up libini-config5:arm64 (0.6.2-2) ... 693s Setting up libavahi-common3:arm64 (0.8-13ubuntu2) ... 693s Setting up python3-sss (2.9.4-1ubuntu1) ... 693s Setting up libsss-certmap0 (2.9.4-1ubuntu1) ... 693s Setting up libunbound8:arm64 (1.19.1-1ubuntu1) ... 693s Setting up libpwquality1:arm64 (1.4.5-3) ... 693s Setting up libavahi-client3:arm64 (0.8-13ubuntu2) ... 693s Setting up libgnutls-dane0:arm64 (3.8.3-1ubuntu1) ... 693s Setting up libpam-pwquality:arm64 (1.4.5-3) ... 693s Setting up samba-libs:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 693s Setting up libsmbclient:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 693s Setting up libpam-sss:arm64 (2.9.4-1ubuntu1) ... 693s Setting up gnutls-bin (3.8.3-1ubuntu1) ... 693s Setting up sssd-common (2.9.4-1ubuntu1) ... 693s Creating SSSD system user & group... 693s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 693s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 693s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 693s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 694s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 694s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 694s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 694s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 695s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 695s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 695s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 696s sssd-autofs.service is a disabled or a static unit, not starting it. 696s sssd-nss.service is a disabled or a static unit, not starting it. 696s sssd-pam.service is a disabled or a static unit, not starting it. 696s sssd-ssh.service is a disabled or a static unit, not starting it. 696s sssd-sudo.service is a disabled or a static unit, not starting it. 696s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 696s Setting up sssd-proxy (2.9.4-1ubuntu1) ... 696s Setting up sssd-ad-common (2.9.4-1ubuntu1) ... 696s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 697s sssd-pac.service is a disabled or a static unit, not starting it. 697s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 697s Setting up sssd-krb5-common (2.9.4-1ubuntu1) ... 697s Setting up sssd-krb5 (2.9.4-1ubuntu1) ... 697s Setting up sssd-ldap (2.9.4-1ubuntu1) ... 697s Setting up sssd-ad (2.9.4-1ubuntu1) ... 697s Setting up sssd-ipa (2.9.4-1ubuntu1) ... 697s Setting up sssd (2.9.4-1ubuntu1) ... 697s Setting up autopkgtest-satdep (0) ... 697s Processing triggers for man-db (2.12.0-3) ... 698s Processing triggers for libc-bin (2.39-0ubuntu6) ... 702s (Reading database ... 74973 files and directories currently installed.) 702s Removing autopkgtest-satdep (0) ... 708s autopkgtest [20:19:56]: test sssd-softhism2-certificates-tests.sh: [----------------------- 708s + '[' -z ubuntu ']' 708s + required_tools=(p11tool openssl softhsm2-util) 708s + for cmd in "${required_tools[@]}" 708s + command -v p11tool 708s + for cmd in "${required_tools[@]}" 708s + command -v openssl 708s + for cmd in "${required_tools[@]}" 708s + command -v softhsm2-util 708s + PIN=053350 708s +++ head -n 1 708s +++ find /usr/lib/softhsm/libsofthsm2.so 708s ++ realpath /usr/lib/softhsm/libsofthsm2.so 708s + SOFTHSM2_MODULE=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 708s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 708s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 708s + '[' '!' -v NO_SSSD_TESTS ']' 708s + '[' '!' -x /usr/libexec/sssd/p11_child ']' 708s + ca_db_arg=ca_db 708s ++ /usr/libexec/sssd/p11_child --help 708s + p11_child_help='Usage: p11_child [OPTION...] 708s -d, --debug-level=INT Debug level 708s --debug-timestamps=INT Add debug timestamps 708s --debug-microseconds=INT Show timestamps with microseconds 708s --dumpable=INT Allow core dumps 708s --debug-fd=INT An open file descriptor for the debug 708s logs 708s --logger=stderr|files|journald Set logger 708s --auth Run in auth mode 708s --pre Run in pre-auth mode 708s --wait_for_card Wait until card is available 708s --verification Run in verification mode 708s --pin Expect PIN on stdin 708s --keypad Expect PIN on keypad 708s --verify=STRING Tune validation 708s --ca_db=STRING CA DB to use 708s --module_name=STRING Module name for authentication 708s --token_name=STRING Token name for authentication 708s --key_id=STRING Key ID for authentication 708s --label=STRING Label for authentication 708s --certificate=STRING certificate to verify, base64 encoded 708s --uri=STRING PKCS#11 URI to restrict selection 708s --chain-id=LONG Tevent chain ID used for logging 708s purposes 708s 708s Help options: 708s -?, --help Show this help message 708s --usage Display brief usage message' 708s + echo 'Usage: p11_child [OPTION...] 708s -d, --debug-level=INT Debug level 708s --debug-timestamps=INT Add debug timestamps 708s --debug-microseconds=INT Show timestamps with microseconds 708s --dumpable=INT Allow core dumps 708s --debug-fd=INT An open file descriptor for the debug 708s logs 708s --logger=stderr|files|journald Set logger 708s --auth Run in auth mode 708s --pre Run in pre-auth mode 708s --wait_for_card Wait until card is available 708s --verification Run in verification mode 708s --pin Expect PIN on stdin 708s --keypad Expect PIN on keypad 708s --verify=STRING Tune validation 708s --ca_db=STRING CA DB to use 708s --module_name=STRING Module name for authentication 708s --token_name=STRING Token name for authentication 708s --key_id=STRING Key ID for authentication 708s --label=STRING Label for authentication 708s --certificate=STRING certificate to verify, base64 encoded 708s --uri=STRING PKCS#11 URI to restrict selection 708s --chain-id=LONG Tevent chain ID used for logging 708s purposes 708s 708s Help options: 708s -?, --help Show this help message 708s --usage Display brief usage message' 708s + grep nssdb -qs 708s + echo 'Usage: p11_child [OPTION...] 708s -d, --debug-level=INT Debug level 708s --debug-timestamps=INT Add debug timestamps 708s --debug-microseconds=INT Show timestamps with microseconds 708s --dumpable=INT Allow core dumps 708s --debug-fd=INT An open file descriptor for the debug 708s logs 708s --logger=stderr|files|journald Set logger 708s --auth Run in auth mode 708s --pre Run in pre-auth mode 708s --wait_for_card Wait until card is available 708s --verification Run in verification mode 708s --pin Expect PIN on stdin 708s --keypad Expect PIN on keypad 708s --verify=STRING Tune validation 708s --ca_db=STRING CA DB to use 708s --module_name=STRING Module name for authentication 708s --token_name=STRING Token name for authentication 708s --key_id=STRING Key ID for authentication 708s --label=STRING Label for authentication 708s --certificate=STRING certificate to verify, base64 encoded 708s --uri=STRING PKCS#11 URI to restrict selection 708s --chain-id=LONG Tevent chain ID used for logging 708s purposes 708s 708s Help options: 708s -?, --help Show this help message 708s --usage Display brief usage message' 708s + grep -qs -- --ca_db 708s + '[' '!' -e /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so ']' 708s ++ mktemp -d -t sssd-softhsm2-XXXXXX 708s + tmpdir=/tmp/sssd-softhsm2-hap7gG 708s + keys_size=1024 708s + [[ ! -v KEEP_TEMPORARY_FILES ]] 708s + trap 'rm -rf "$tmpdir"' EXIT 708s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 708s + echo -n 01 708s + touch /tmp/sssd-softhsm2-hap7gG/index.txt 708s + mkdir -p /tmp/sssd-softhsm2-hap7gG/new_certs 708s + cat 708s + root_ca_key_pass=pass:random-root-CA-password-30222 708s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-hap7gG/test-root-CA-key.pem -passout pass:random-root-CA-password-30222 1024 708s + openssl req -passin pass:random-root-CA-password-30222 -batch -config /tmp/sssd-softhsm2-hap7gG/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-hap7gG/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 708s + openssl x509 -noout -in /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 708s + cat 708s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-32282 708s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-32282 1024 708s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-32282 -config /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.config -key /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-30222 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-certificate-request.pem 708s + openssl req -text -noout -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-certificate-request.pem 708s Certificate Request: 708s Data: 708s Version: 1 (0x0) 708s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 708s Subject Public Key Info: 708s Public Key Algorithm: rsaEncryption 708s Public-Key: (1024 bit) 708s Modulus: 708s 00:bd:0b:c0:a5:07:9e:3d:9b:6d:ea:61:7a:e7:03: 708s 22:58:0f:d2:f9:24:df:fd:4e:ef:03:bb:15:54:7e: 708s 93:5a:f7:d4:36:67:87:00:89:99:4d:d3:51:c1:20: 708s 8b:43:3e:45:be:20:e0:4f:92:3f:91:aa:cf:32:09: 708s c1:13:db:52:24:9a:a6:cf:d3:5f:03:91:15:d1:c8: 708s ec:cc:d5:b8:c2:2e:fc:b1:ae:1f:c4:5c:14:ac:25: 708s 92:75:05:a5:90:b1:7a:0c:5b:30:78:41:2e:a0:64: 708s f5:6e:bf:90:7b:a1:aa:00:1a:0a:ea:a2:52:56:60: 708s 6a:0a:78:18:a1:5b:45:0a:43 708s Exponent: 65537 (0x10001) 708s Attributes: 708s (none) 708s Requested Extensions: 708s Signature Algorithm: sha256WithRSAEncryption 708s Signature Value: 708s 64:0b:da:93:91:89:5e:05:d5:57:f0:f7:5c:ff:c0:64:c9:74: 708s f1:b0:0d:4a:5e:eb:3e:72:04:85:30:90:51:13:01:ac:e2:b9: 708s 75:2d:13:b4:96:a0:c1:35:ea:ec:4f:b1:fc:f3:7b:33:2d:9b: 708s 0f:93:e4:4a:6f:23:43:2f:5b:72:65:4d:72:ba:80:47:a8:ff: 708s 80:c4:e5:26:85:86:bb:1f:f4:95:20:2c:5f:28:f4:46:9f:e1: 708s 0c:f3:9e:0e:0d:58:50:91:26:00:40:07:8b:0c:4f:c8:52:96: 708s de:ef:af:3c:b1:a9:90:a1:0e:e6:73:bb:e4:fa:0f:f6:0b:88: 708s 78:76 708s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-hap7gG/test-root-CA.config -passin pass:random-root-CA-password-30222 -keyfile /tmp/sssd-softhsm2-hap7gG/test-root-CA-key.pem -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem 708s Using configuration from /tmp/sssd-softhsm2-hap7gG/test-root-CA.config 708s Check that the request matches the signature 708s Signature ok 708s Certificate Details: 708s Serial Number: 1 (0x1) 708s Validity 708s Not Before: Mar 24 20:19:56 2024 GMT 708s Not After : Mar 24 20:19:56 2025 GMT 708s Subject: 708s organizationName = Test Organization 708s organizationalUnitName = Test Organization Unit 708s commonName = Test Organization Intermediate CA 708s X509v3 extensions: 708s X509v3 Subject Key Identifier: 708s 97:5D:4F:01:EB:DA:50:96:F2:57:98:B1:98:EB:A8:DB:1E:9C:7A:BD 708s X509v3 Authority Key Identifier: 708s keyid:99:7C:EB:AE:43:3F:72:C6:6D:BE:80:7D:D2:E6:76:20:B3:31:5E:D4 708s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 708s serial:00 708s X509v3 Basic Constraints: 708s CA:TRUE 708s X509v3 Key Usage: critical 708s Digital Signature, Certificate Sign, CRL Sign 708s Certificate is to be certified until Mar 24 20:19:56 2025 GMT (365 days) 708s 708s Write out database with 1 new entries 708s Database updated 708s + openssl x509 -noout -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem 708s + openssl verify -CAfile /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem 708s /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem: OK 708s + cat 708s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-19189 708s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-19189 1024 708s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-19189 -config /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-32282 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-certificate-request.pem 708s + openssl req -text -noout -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-certificate-request.pem 708s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-32282 -keyfile /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem 708s Certificate Request: 708s Data: 708s Version: 1 (0x0) 708s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 708s Subject Public Key Info: 708s Public Key Algorithm: rsaEncryption 708s Public-Key: (1024 bit) 708s Modulus: 708s 00:ce:29:23:68:7f:77:f3:fb:c0:22:4b:21:17:09: 708s 52:09:68:2f:b2:fe:ad:36:9e:92:4e:a4:d3:15:9b: 708s 3f:0d:8f:c3:a0:10:9d:6f:7e:1c:3f:6b:ea:97:6e: 708s 48:ae:0e:09:e8:f2:8c:c2:e5:d9:07:2e:fc:06:74: 708s 29:4b:1f:62:c9:c4:c9:1e:71:1a:c0:23:87:03:2c: 708s 53:a0:0e:a5:67:2f:6f:39:ca:c2:14:40:35:48:d4: 708s 37:79:93:f5:c5:89:49:a0:d7:0c:1a:c4:7a:b9:2f: 708s b3:62:4a:55:19:90:61:3c:9a:58:45:a9:89:40:5c: 708s d4:93:71:0e:a0:83:58:f4:fb 708s Exponent: 65537 (0x10001) 708s Attributes: 708s (none) 708s Requested Extensions: 708s Signature Algorithm: sha256WithRSAEncryption 708s Signature Value: 708s a4:24:01:97:9b:2b:3d:01:fd:f2:4e:de:ff:cf:08:9d:06:6d: 708s 60:56:b4:58:26:ec:84:0e:6f:bd:52:13:22:2e:0e:6d:f7:e5: 708s 52:16:6f:9e:5a:a7:21:f1:52:b7:93:81:27:d1:92:06:24:a3: 708s 4c:36:74:ea:cc:91:a8:6f:cc:07:03:9d:6d:75:56:50:db:90: 708s 1a:7d:3c:09:f9:63:6a:d0:69:4d:c4:ba:1b:67:c5:e3:5a:f9: 708s d1:61:19:4a:7c:bd:c3:83:70:01:46:4b:ea:a3:c5:24:88:1a: 708s c2:dc:1a:b2:14:d8:42:86:fb:b4:1f:7a:53:6d:07:2d:c0:79: 708s d2:15 708s Using configuration from /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.config 708s Check that the request matches the signature 708s Signature ok 708s Certificate Details: 708s Serial Number: 2 (0x2) 708s Validity 708s Not Before: Mar 24 20:19:56 2024 GMT 708s Not After : Mar 24 20:19:56 2025 GMT 708s Subject: 708s organizationName = Test Organization 708s organizationalUnitName = Test Organization Unit 708s commonName = Test Organization Sub Intermediate CA 708s X509v3 extensions: 708s X509v3 Subject Key Identifier: 708s 8C:C3:81:B4:B6:0A:EE:07:EF:DA:6A:33:2E:86:58:0E:C5:44:21:24 708s X509v3 Authority Key Identifier: 708s keyid:97:5D:4F:01:EB:DA:50:96:F2:57:98:B1:98:EB:A8:DB:1E:9C:7A:BD 708s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 708s serial:01 708s X509v3 Basic Constraints: 708s CA:TRUE 708s X509v3 Key Usage: critical 708s Digital Signature, Certificate Sign, CRL Sign 708s Certificate is to be certified until Mar 24 20:19:56 2025 GMT (365 days) 708s 708s Write out database with 1 new entries 708s Database updated 708s + openssl x509 -noout -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem 708s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem 708s /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem: OK 708s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem 708s + local cmd=openssl 708s + shift 708s + openssl verify -CAfile /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem 708s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 708s error 20 at 0 depth lookup: unable to get local issuer certificate 708s error /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem: verification failed 708s + cat 708s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-10320 708s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-10320 1024 709s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-10320 -key /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001-request.pem 709s + openssl req -text -noout -in /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001-request.pem 709s Certificate Request: 709s Data: 709s Version: 1 (0x0) 709s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 709s Subject Public Key Info: 709s Public Key Algorithm: rsaEncryption 709s Public-Key: (1024 bit) 709s Modulus: 709s 00:c3:89:2e:20:61:b6:75:6c:44:33:fa:6f:1e:53: 709s df:d0:df:37:4d:ca:a8:67:d9:f2:5f:64:02:50:44: 709s 22:b8:e8:32:a2:41:ad:d0:3f:56:37:a2:47:0b:3c: 709s b1:94:52:d9:7e:55:5f:40:e4:76:30:92:34:1b:94: 709s 5c:d2:d2:c1:3e:d8:2f:89:13:13:ca:65:f3:ad:54: 709s 86:e4:08:09:a1:24:d8:a0:26:3a:90:75:a1:d9:19: 709s 1a:4b:b2:b9:2c:7c:38:91:f6:9c:68:ca:52:43:5c: 709s 1b:88:f4:27:ad:65:50:2b:a1:27:13:dc:db:e7:d9: 709s 0c:4d:81:70:84:7a:72:1b:fb 709s Exponent: 65537 (0x10001) 709s Attributes: 709s Requested Extensions: 709s X509v3 Basic Constraints: 709s CA:FALSE 709s Netscape Cert Type: 709s SSL Client, S/MIME 709s Netscape Comment: 709s Test Organization Root CA trusted Certificate 709s X509v3 Subject Key Identifier: 709s 15:96:B0:93:44:72:AD:57:E4:02:ED:DB:DA:69:81:00:81:59:52:09 709s X509v3 Key Usage: critical 709s Digital Signature, Non Repudiation, Key Encipherment 709s X509v3 Extended Key Usage: 709s TLS Web Client Authentication, E-mail Protection 709s X509v3 Subject Alternative Name: 709s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 709s Signature Algorithm: sha256WithRSAEncryption 709s Signature Value: 709s 48:2c:87:c1:ac:89:e4:af:48:d0:d6:9e:39:e0:8f:69:c9:a8: 709s 33:8d:84:c6:35:9e:28:df:d9:e9:85:42:44:30:39:42:f5:75: 709s 91:27:12:e5:fc:d4:5e:2c:c3:c1:f9:1a:bb:42:af:94:f5:c4: 709s 44:3f:8c:9a:25:68:7c:37:05:ec:c4:b1:3a:d7:0f:8c:7c:95: 709s 82:4f:44:6d:7a:db:7f:8e:77:39:4a:d1:74:52:12:6b:90:02: 709s 06:9b:5a:fe:4e:6e:3b:b7:33:75:f9:69:8f:ce:9a:87:9a:a2: 709s 0b:85:0d:bb:85:91:7d:50:0e:04:ca:6f:48:3b:5f:4a:6d:bb: 709s 71:e9 709s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-hap7gG/test-root-CA.config -passin pass:random-root-CA-password-30222 -keyfile /tmp/sssd-softhsm2-hap7gG/test-root-CA-key.pem -in /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 709s Using configuration from /tmp/sssd-softhsm2-hap7gG/test-root-CA.config 709s Check that the request matches the signature 709s Signature ok 709s Certificate Details: 709s Serial Number: 3 (0x3) 709s Validity 709s Not Before: Mar 24 20:19:57 2024 GMT 709s Not After : Mar 24 20:19:57 2025 GMT 709s Subject: 709s organizationName = Test Organization 709s organizationalUnitName = Test Organization Unit 709s commonName = Test Organization Root Trusted Certificate 0001 709s X509v3 extensions: 709s X509v3 Authority Key Identifier: 709s 99:7C:EB:AE:43:3F:72:C6:6D:BE:80:7D:D2:E6:76:20:B3:31:5E:D4 709s X509v3 Basic Constraints: 709s CA:FALSE 709s Netscape Cert Type: 709s SSL Client, S/MIME 709s Netscape Comment: 709s Test Organization Root CA trusted Certificate 709s X509v3 Subject Key Identifier: 709s 15:96:B0:93:44:72:AD:57:E4:02:ED:DB:DA:69:81:00:81:59:52:09 709s X509v3 Key Usage: critical 709s Digital Signature, Non Repudiation, Key Encipherment 709s X509v3 Extended Key Usage: 709s TLS Web Client Authentication, E-mail Protection 709s X509v3 Subject Alternative Name: 709s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 709s Certificate is to be certified until Mar 24 20:19:57 2025 GMT (365 days) 709s 709s Write out database with 1 new entries 709s Database updated 709s + openssl x509 -noout -in /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 709s + openssl verify -CAfile /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 709s /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem: OK 709s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 709s + local cmd=openssl 709s + shift 709s + openssl verify -CAfile /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 709s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 709s error 20 at 0 depth lookup: unable to get local issuer certificate 709s error /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem: verification failed 709s + cat 709s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-772 709s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-772 1024 709s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-772 -key /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001-request.pem 709s + openssl req -text -noout -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001-request.pem 709s Certificate Request: 709s Data: 709s Version: 1 (0x0) 709s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 709s Subject Public Key Info: 709s Public Key Algorithm: rsaEncryption 709s Public-Key: (1024 bit) 709s Modulus: 709s 00:ce:41:be:8d:91:48:83:57:77:c1:12:ca:05:4f: 709s 30:aa:b1:94:ba:b4:d5:fe:70:4f:00:b0:95:c3:43: 709s 41:ae:57:c5:fc:46:ea:64:3f:1d:08:9b:f1:cc:80: 709s 62:35:67:f8:03:37:55:fe:ca:a9:47:64:53:6a:7b: 709s 4e:e2:cc:e8:00:65:a7:b7:f7:ac:20:d9:9e:68:5c: 709s 55:61:e7:44:7d:35:d7:4d:6c:2d:e4:b7:e9:c8:bf: 709s 76:7f:d3:13:b2:e7:4d:43:25:79:b7:56:a0:46:e0: 709s 6f:df:14:c3:46:14:af:a8:36:c9:53:91:d7:4b:c1: 709s 30:2c:54:0a:43:e2:af:ec:07 709s Exponent: 65537 (0x10001) 709s Attributes: 709s Requested Extensions: 709s X509v3 Basic Constraints: 709s CA:FALSE 709s Netscape Cert Type: 709s SSL Client, S/MIME 709s Netscape Comment: 709s Test Organization Intermediate CA trusted Certificate 709s X509v3 Subject Key Identifier: 709s A2:FA:13:BE:0D:B8:DF:84:86:C5:69:D5:7B:79:7C:76:07:13:49:24 709s X509v3 Key Usage: critical 709s Digital Signature, Non Repudiation, Key Encipherment 709s X509v3 Extended Key Usage: 709s TLS Web Client Authentication, E-mail Protection 709s X509v3 Subject Alternative Name: 709s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 709s Signature Algorithm: sha256WithRSAEncryption 709s Signature Value: 709s 43:d4:07:e0:86:e1:20:e5:86:c0:89:e5:ff:3f:4d:f7:e2:ee: 709s 75:4b:fe:26:27:19:9d:a6:9c:fb:54:c4:64:c0:9e:96:11:39: 709s b8:3b:18:be:46:9e:fc:e1:0f:b6:1d:46:b7:fb:0e:1c:b3:c1: 709s 90:55:85:d9:41:3e:4d:7c:23:ab:05:98:90:2c:2e:4b:b5:38: 709s c9:3c:4f:1b:5c:88:e0:1b:67:72:a7:38:25:e6:a7:3f:b3:7d: 709s 23:a8:13:fe:98:8b:2c:4c:25:67:3b:92:b6:98:53:11:3c:95: 709s 11:80:bb:2b:b7:cf:b6:e4:ac:88:89:6b:eb:06:e0:e9:ae:90: 709s a7:58 709s + openssl ca -passin pass:random-intermediate-CA-password-32282 -config /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 709s Using configuration from /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.config 709s Check that the request matches the signature 709s Signature ok 709s Certificate Details: 709s Serial Number: 4 (0x4) 709s Validity 709s Not Before: Mar 24 20:19:57 2024 GMT 709s Not After : Mar 24 20:19:57 2025 GMT 709s Subject: 709s organizationName = Test Organization 709s organizationalUnitName = Test Organization Unit 709s commonName = Test Organization Intermediate Trusted Certificate 0001 709s X509v3 extensions: 709s X509v3 Authority Key Identifier: 709s 97:5D:4F:01:EB:DA:50:96:F2:57:98:B1:98:EB:A8:DB:1E:9C:7A:BD 709s X509v3 Basic Constraints: 709s CA:FALSE 709s Netscape Cert Type: 709s SSL Client, S/MIME 709s Netscape Comment: 709s Test Organization Intermediate CA trusted Certificate 709s X509v3 Subject Key Identifier: 709s A2:FA:13:BE:0D:B8:DF:84:86:C5:69:D5:7B:79:7C:76:07:13:49:24 709s X509v3 Key Usage: critical 709s Digital Signature, Non Repudiation, Key Encipherment 709s X509v3 Extended Key Usage: 709s TLS Web Client Authentication, E-mail Protection 709s X509v3 Subject Alternative Name: 709s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 709s Certificate is to be certified until Mar 24 20:19:57 2025 GMT (365 days) 709s 709s Write out database with 1 new entries 709s Database updated 709s + openssl x509 -noout -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 709s + echo 'This certificate should not be trusted fully' 709s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 709s + local cmd=openssl 709s + shift 709s + openssl verify -CAfile /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 709s This certificate should not be trusted fully 709s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 709s error 2 at 1 depth lookup: unable to get issuer certificate 709s error /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 709s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 709s /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem: OK 709s + cat 709s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20209 709s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-20209 1024 709s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-20209 -key /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 709s + openssl req -text -noout -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 709s Certificate Request: 709s Data: 709s Version: 1 (0x0) 709s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 709s Subject Public Key Info: 709s Public Key Algorithm: rsaEncryption 709s Public-Key: (1024 bit) 709s Modulus: 709s 00:db:a4:d6:0c:43:50:42:63:8e:ed:3f:8d:3b:74: 709s 34:e1:61:0e:b8:de:ed:30:9a:4f:66:a0:c1:fa:2b: 709s 67:53:11:05:7f:81:2c:e6:e2:10:5e:b7:23:29:3a: 709s fd:66:f9:3f:39:46:1a:a0:74:57:19:8d:0e:78:b0: 709s db:8d:15:8e:ad:81:3b:48:a0:51:79:c8:6e:ae:fc: 709s 8c:87:ae:7f:a6:5b:01:c4:c7:90:fe:72:0f:4a:62: 709s 66:01:19:f4:28:bb:de:6a:a4:18:8b:a4:5b:37:8d: 709s fa:13:80:59:16:5c:3e:2a:1b:0f:92:73:da:3b:61: 709s d3:f4:a0:26:23:54:54:e2:17 709s Exponent: 65537 (0x10001) 709s Attributes: 709s Requested Extensions: 709s X509v3 Basic Constraints: 709s CA:FALSE 709s Netscape Cert Type: 709s SSL Client, S/MIME 709s Netscape Comment: 709s Test Organization Sub Intermediate CA trusted Certificate 709s X509v3 Subject Key Identifier: 709s 87:69:03:D9:2B:D7:8B:4B:86:31:50:9B:E2:18:34:AC:57:1D:B9:B7 709s X509v3 Key Usage: critical 709s Digital Signature, Non Repudiation, Key Encipherment 709s X509v3 Extended Key Usage: 709s TLS Web Client Authentication, E-mail Protection 709s X509v3 Subject Alternative Name: 709s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 709s Signature Algorithm: sha256WithRSAEncryption 709s Signature Value: 709s 18:32:72:aa:27:f8:1b:a7:fb:ab:37:76:84:d2:eb:3b:82:d3: 709s 8d:0f:5b:35:fc:ca:0b:ee:ac:0a:0b:7d:c2:45:cc:e7:f7:44: 709s 86:5f:2a:20:2a:e6:97:e1:5e:48:1e:1e:ab:58:99:74:b4:70: 709s ba:4c:a9:78:02:7c:40:b5:ca:78:f7:f5:33:7c:04:b5:63:c0: 709s 1f:2e:ff:cf:de:40:a2:b9:8d:10:df:b0:dc:79:bb:1e:9e:5c: 709s 66:ca:ae:43:af:ee:1c:75:ee:fa:b1:62:1a:51:33:e2:48:37: 709s 0b:de:5f:e8:4e:13:17:1d:33:d3:d5:36:ac:28:5b:cc:6b:d0: 709s 5d:ea 709s + openssl ca -passin pass:random-sub-intermediate-CA-password-19189 -config /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 709s Using configuration from /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.config 709s Check that the request matches the signature 709s Signature ok 709s Certificate Details: 709s Serial Number: 5 (0x5) 709s Validity 709s Not Before: Mar 24 20:19:57 2024 GMT 709s Not After : Mar 24 20:19:57 2025 GMT 709s Subject: 709s organizationName = Test Organization 709s organizationalUnitName = Test Organization Unit 709s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 709s X509v3 extensions: 709s X509v3 Authority Key Identifier: 709s 8C:C3:81:B4:B6:0A:EE:07:EF:DA:6A:33:2E:86:58:0E:C5:44:21:24 709s X509v3 Basic Constraints: 709s CA:FALSE 709s Netscape Cert Type: 709s SSL Client, S/MIME 709s Netscape Comment: 709s Test Organization Sub Intermediate CA trusted Certificate 709s X509v3 Subject Key Identifier: 709s 87:69:03:D9:2B:D7:8B:4B:86:31:50:9B:E2:18:34:AC:57:1D:B9:B7 709s X509v3 Key Usage: critical 709s Digital Signature, Non Repudiation, Key Encipherment 709s X509v3 Extended Key Usage: 709s TLS Web Client Authentication, E-mail Protection 709s X509v3 Subject Alternative Name: 709s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 709s Certificate is to be certified until Mar 24 20:19:57 2025 GMT (365 days) 709s 709s Write out database with 1 new entries 709s Database updated 709s + openssl x509 -noout -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 709s This certificate should not be trusted fully 709s + echo 'This certificate should not be trusted fully' 709s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 709s + local cmd=openssl 709s + shift 709s + openssl verify -CAfile /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 709s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 709s error 2 at 1 depth lookup: unable to get issuer certificate 709s error /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 709s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 709s + local cmd=openssl 709s + shift 709s + openssl verify -CAfile /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 709s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 709s error 20 at 0 depth lookup: unable to get local issuer certificate 709s error /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 709s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 709s /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 709s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 709s + local cmd=openssl 709s + shift 709s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 709s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 709s error 20 at 0 depth lookup: unable to get local issuer certificate 709s error /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 709s + echo 'Building a the full-chain CA file...' 709s + cat /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem 709s Building a the full-chain CA file... 709s + cat /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem 709s + cat /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem 709s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 709s + openssl pkcs7 -print_certs -noout 709s + openssl verify -CAfile /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem 709s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 709s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 709s 709s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 709s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 709s 709s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 709s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 709s 709s + openssl verify -CAfile /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 709s /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem: OK 709s /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem: OK 709s + openssl verify -CAfile /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 709s + openssl verify -CAfile /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem /tmp/sssd-softhsm2-hap7gG/test-root-intermediate-chain-CA.pem 709s + openssl verify -CAfile /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 709s /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem: OK 709s /tmp/sssd-softhsm2-hap7gG/test-root-intermediate-chain-CA.pem: OK 709s + echo 'Certificates generation completed!' 709s + [[ -v NO_SSSD_TESTS ]] 709s + invalid_certificate /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 /dev/null 709s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 /dev/null 709s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 709s + local key_pass=pass:random-root-ca-trusted-cert-0001-10320 709s + local key_ring=/dev/null 709s + local verify_option= 709s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 709s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 709s + local key_pass=pass:random-root-ca-trusted-cert-0001-10320 709s + local key_cn 709s + local key_name 709s + local tokens_dir 709s + local output_cert_file 709s + token_name= 709s /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 709s Certificates generation completed! 709s ++ basename /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem .pem 709s + key_name=test-root-CA-trusted-certificate-0001 709s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 709s ++ sed -n 's/ *commonName *= //p' 709s + key_cn='Test Organization Root Trusted Certificate 0001' 709s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 709s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf 709s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf 709s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 709s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001 709s + token_name='Test Organization Root Tr Token' 709s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 709s + local key_file 709s + local decrypted_key 709s + mkdir -p /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001 709s + key_file=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001-key.pem 709s + decrypted_key=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001-key-decrypted.pem 709s + cat 709s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 053350 --so-pin 053350 --free 709s Slot 0 has a free/uninitialized token. 709s The token has been initialized and is reassigned to slot 686260362 709s + softhsm2-util --show-slots 709s Available slots: 709s Slot 686260362 709s Slot info: 709s Description: SoftHSM slot ID 0x28e7808a 709s Manufacturer ID: SoftHSM project 709s Hardware version: 2.6 709s Firmware version: 2.6 709s Token present: yes 709s Token info: 709s Manufacturer ID: SoftHSM project 709s Model: SoftHSM v2 709s Hardware version: 2.6 709s Firmware version: 2.6 709s Serial number: f216e15428e7808a 709s Initialized: yes 709s User PIN init.: yes 709s Label: Test Organization Root Tr Token 709s Slot 1 709s Slot info: 709s Description: SoftHSM slot ID 0x1 709s Manufacturer ID: SoftHSM project 709s Hardware version: 2.6 709s Firmware version: 2.6 709s Token present: yes 709s Token info: 709s Manufacturer ID: SoftHSM project 709s Model: SoftHSM v2 709s Hardware version: 2.6 709s Firmware version: 2.6 709s Serial number: 709s Initialized: no 709s User PIN init.: no 709s Label: 709s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 709s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-10320 -in /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001-key-decrypted.pem 709s writing RSA key 709s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 709s + rm /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001-key-decrypted.pem 709s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 709s Object 0: 709s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f216e15428e7808a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 709s Type: X.509 Certificate (RSA-1024) 709s Expires: Mon Mar 24 20:19:57 2025 709s Label: Test Organization Root Trusted Certificate 0001 709s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 709s 709s Test Organization Root Tr Token 709s + echo 'Test Organization Root Tr Token' 709s + '[' -n '' ']' 709s + local output_base_name=SSSD-child-11178 709s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-11178.output 709s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-11178.pem 709s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 709s [p11_child[2136]] [main] (0x0400): p11_child started. 709s [p11_child[2136]] [main] (0x2000): Running in [pre-auth] mode. 709s [p11_child[2136]] [main] (0x2000): Running with effective IDs: [0][0]. 709s [p11_child[2136]] [main] (0x2000): Running with real IDs [0][0]. 709s [p11_child[2136]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 709s [p11_child[2136]] [do_work] (0x0040): init_verification failed. 709s [p11_child[2136]] [main] (0x0020): p11_child failed (5) 709s + return 2 709s + valid_certificate /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 /dev/null no_verification 709s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 /dev/null no_verification 709s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 709s + local key_pass=pass:random-root-ca-trusted-cert-0001-10320 709s + local key_ring=/dev/null 709s + local verify_option=no_verification 709s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 709s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 709s + local key_pass=pass:random-root-ca-trusted-cert-0001-10320 709s + local key_cn 709s + local key_name 709s + local tokens_dir 709s + local output_cert_file 709s + token_name= 709s ++ basename /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem .pem 709s + key_name=test-root-CA-trusted-certificate-0001 709s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 709s ++ sed -n 's/ *commonName *= //p' 709s + key_cn='Test Organization Root Trusted Certificate 0001' 709s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 709s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf 709s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf 709s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 709s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001 709s Test Organization Root Tr Token 709s + token_name='Test Organization Root Tr Token' 709s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 709s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001 ']' 709s + echo 'Test Organization Root Tr Token' 709s + '[' -n no_verification ']' 709s + local verify_arg=--verify=no_verification 709s + local output_base_name=SSSD-child-1557 709s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-1557.output 709s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-1557.pem 709s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 709s [p11_child[2142]] [main] (0x0400): p11_child started. 709s [p11_child[2142]] [main] (0x2000): Running in [pre-auth] mode. 709s [p11_child[2142]] [main] (0x2000): Running with effective IDs: [0][0]. 709s [p11_child[2142]] [main] (0x2000): Running with real IDs [0][0]. 709s [p11_child[2142]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 709s [p11_child[2142]] [do_card] (0x4000): Module List: 709s [p11_child[2142]] [do_card] (0x4000): common name: [softhsm2]. 709s [p11_child[2142]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 709s [p11_child[2142]] [do_card] (0x4000): Description [SoftHSM slot ID 0x28e7808a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 709s [p11_child[2142]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 709s [p11_child[2142]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x28e7808a][686260362] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 709s [p11_child[2142]] [do_card] (0x4000): Login NOT required. 709s [p11_child[2142]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 709s [p11_child[2142]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 709s [p11_child[2142]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x28e7808a;slot-manufacturer=SoftHSM%20project;slot-id=686260362;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f216e15428e7808a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 709s [p11_child[2142]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 709s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-1557.output 709s + echo '-----BEGIN CERTIFICATE-----' 709s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-1557.output 709s + echo '-----END CERTIFICATE-----' 709s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-1557.pem 709s Certificate: 709s Data: 709s Version: 3 (0x2) 709s Serial Number: 3 (0x3) 709s Signature Algorithm: sha256WithRSAEncryption 709s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 709s Validity 709s Not Before: Mar 24 20:19:57 2024 GMT 709s Not After : Mar 24 20:19:57 2025 GMT 709s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 709s Subject Public Key Info: 709s Public Key Algorithm: rsaEncryption 709s Public-Key: (1024 bit) 709s Modulus: 709s 00:c3:89:2e:20:61:b6:75:6c:44:33:fa:6f:1e:53: 709s df:d0:df:37:4d:ca:a8:67:d9:f2:5f:64:02:50:44: 709s 22:b8:e8:32:a2:41:ad:d0:3f:56:37:a2:47:0b:3c: 709s b1:94:52:d9:7e:55:5f:40:e4:76:30:92:34:1b:94: 709s 5c:d2:d2:c1:3e:d8:2f:89:13:13:ca:65:f3:ad:54: 709s 86:e4:08:09:a1:24:d8:a0:26:3a:90:75:a1:d9:19: 709s 1a:4b:b2:b9:2c:7c:38:91:f6:9c:68:ca:52:43:5c: 709s 1b:88:f4:27:ad:65:50:2b:a1:27:13:dc:db:e7:d9: 709s 0c:4d:81:70:84:7a:72:1b:fb 709s Exponent: 65537 (0x10001) 709s X509v3 extensions: 709s X509v3 Authority Key Identifier: 709s 99:7C:EB:AE:43:3F:72:C6:6D:BE:80:7D:D2:E6:76:20:B3:31:5E:D4 709s X509v3 Basic Constraints: 709s CA:FALSE 709s Netscape Cert Type: 709s SSL Client, S/MIME 709s Netscape Comment: 709s Test Organization Root CA trusted Certificate 709s X509v3 Subject Key Identifier: 709s 15:96:B0:93:44:72:AD:57:E4:02:ED:DB:DA:69:81:00:81:59:52:09 709s X509v3 Key Usage: critical 709s Digital Signature, Non Repudiation, Key Encipherment 709s X509v3 Extended Key Usage: 709s TLS Web Client Authentication, E-mail Protection 709s X509v3 Subject Alternative Name: 709s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 709s Signature Algorithm: sha256WithRSAEncryption 709s Signature Value: 709s 79:11:2d:36:65:e9:58:0f:29:27:01:f2:95:74:65:1e:a3:17: 709s f1:68:68:60:75:58:50:5e:b7:05:4c:5c:76:f2:f7:65:ac:55: 709s f0:79:c2:73:12:52:44:6c:aa:0b:5e:b1:3c:9b:d8:56:f8:88: 709s 55:a2:fb:b0:5d:04:5d:dc:b7:6a:4d:44:7e:c7:e3:66:20:f7: 709s e6:31:1b:12:1d:bb:ab:92:fc:28:c9:9f:40:82:b5:e0:94:48: 709s da:54:32:6b:47:64:18:c7:df:dd:10:90:bf:9b:bd:b5:4b:ed: 709s 71:5d:c8:db:74:64:a7:31:73:17:76:8a:11:8e:1b:80:a0:60: 709s 6e:3e 709s + local found_md5 expected_md5 709s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 709s + expected_md5=Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB 709s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-1557.pem 709s + found_md5=Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB 709s + '[' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB '!=' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB ']' 709s + output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-1557-auth.output 709s ++ basename /tmp/sssd-softhsm2-hap7gG/SSSD-child-1557-auth.output .output 709s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-1557-auth.pem 709s + echo -n 053350 709s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 709s [p11_child[2150]] [main] (0x0400): p11_child started. 709s [p11_child[2150]] [main] (0x2000): Running in [auth] mode. 709s [p11_child[2150]] [main] (0x2000): Running with effective IDs: [0][0]. 709s [p11_child[2150]] [main] (0x2000): Running with real IDs [0][0]. 709s [p11_child[2150]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 709s [p11_child[2150]] [do_card] (0x4000): Module List: 709s [p11_child[2150]] [do_card] (0x4000): common name: [softhsm2]. 709s [p11_child[2150]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 709s [p11_child[2150]] [do_card] (0x4000): Description [SoftHSM slot ID 0x28e7808a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 709s [p11_child[2150]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 709s [p11_child[2150]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x28e7808a][686260362] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 709s [p11_child[2150]] [do_card] (0x4000): Login required. 709s [p11_child[2150]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 709s [p11_child[2150]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 709s [p11_child[2150]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x28e7808a;slot-manufacturer=SoftHSM%20project;slot-id=686260362;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f216e15428e7808a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 709s [p11_child[2150]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 709s [p11_child[2150]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 709s [p11_child[2150]] [do_card] (0x4000): Certificate verified and validated. 709s [p11_child[2150]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 709s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-1557-auth.output 709s + echo '-----BEGIN CERTIFICATE-----' 709s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-1557-auth.output 709s + echo '-----END CERTIFICATE-----' 709s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-1557-auth.pem 709s Certificate: 709s Data: 709s Version: 3 (0x2) 709s Serial Number: 3 (0x3) 709s Signature Algorithm: sha256WithRSAEncryption 709s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 709s Validity 709s Not Before: Mar 24 20:19:57 2024 GMT 709s Not After : Mar 24 20:19:57 2025 GMT 709s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 709s Subject Public Key Info: 709s Public Key Algorithm: rsaEncryption 709s Public-Key: (1024 bit) 709s Modulus: 709s 00:c3:89:2e:20:61:b6:75:6c:44:33:fa:6f:1e:53: 709s df:d0:df:37:4d:ca:a8:67:d9:f2:5f:64:02:50:44: 709s 22:b8:e8:32:a2:41:ad:d0:3f:56:37:a2:47:0b:3c: 709s b1:94:52:d9:7e:55:5f:40:e4:76:30:92:34:1b:94: 709s 5c:d2:d2:c1:3e:d8:2f:89:13:13:ca:65:f3:ad:54: 709s 86:e4:08:09:a1:24:d8:a0:26:3a:90:75:a1:d9:19: 709s 1a:4b:b2:b9:2c:7c:38:91:f6:9c:68:ca:52:43:5c: 709s 1b:88:f4:27:ad:65:50:2b:a1:27:13:dc:db:e7:d9: 709s 0c:4d:81:70:84:7a:72:1b:fb 709s Exponent: 65537 (0x10001) 709s X509v3 extensions: 709s X509v3 Authority Key Identifier: 709s 99:7C:EB:AE:43:3F:72:C6:6D:BE:80:7D:D2:E6:76:20:B3:31:5E:D4 709s X509v3 Basic Constraints: 709s CA:FALSE 709s Netscape Cert Type: 709s SSL Client, S/MIME 709s Netscape Comment: 709s Test Organization Root CA trusted Certificate 709s X509v3 Subject Key Identifier: 709s 15:96:B0:93:44:72:AD:57:E4:02:ED:DB:DA:69:81:00:81:59:52:09 709s X509v3 Key Usage: critical 709s Digital Signature, Non Repudiation, Key Encipherment 709s X509v3 Extended Key Usage: 709s TLS Web Client Authentication, E-mail Protection 709s X509v3 Subject Alternative Name: 709s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 709s Signature Algorithm: sha256WithRSAEncryption 709s Signature Value: 709s 79:11:2d:36:65:e9:58:0f:29:27:01:f2:95:74:65:1e:a3:17: 709s f1:68:68:60:75:58:50:5e:b7:05:4c:5c:76:f2:f7:65:ac:55: 709s f0:79:c2:73:12:52:44:6c:aa:0b:5e:b1:3c:9b:d8:56:f8:88: 709s 55:a2:fb:b0:5d:04:5d:dc:b7:6a:4d:44:7e:c7:e3:66:20:f7: 709s e6:31:1b:12:1d:bb:ab:92:fc:28:c9:9f:40:82:b5:e0:94:48: 709s da:54:32:6b:47:64:18:c7:df:dd:10:90:bf:9b:bd:b5:4b:ed: 709s 71:5d:c8:db:74:64:a7:31:73:17:76:8a:11:8e:1b:80:a0:60: 709s 6e:3e 709s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-1557-auth.pem 709s + found_md5=Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB 709s + '[' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB '!=' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB ']' 709s + valid_certificate /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 709s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 709s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 709s + local key_pass=pass:random-root-ca-trusted-cert-0001-10320 709s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 709s + local verify_option= 709s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 709s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 709s + local key_pass=pass:random-root-ca-trusted-cert-0001-10320 709s + local key_cn 709s + local key_name 709s + local tokens_dir 709s + local output_cert_file 709s + token_name= 709s ++ basename /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem .pem 709s + key_name=test-root-CA-trusted-certificate-0001 709s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 709s ++ sed -n 's/ *commonName *= //p' 709s + key_cn='Test Organization Root Trusted Certificate 0001' 709s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 709s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf 709s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf 709s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 709s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001 709s + token_name='Test Organization Root Tr Token' 709s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 709s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001 ']' 709s + echo 'Test Organization Root Tr Token' 709s + '[' -n '' ']' 709s + local output_base_name=SSSD-child-26274 709s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-26274.output 709s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-26274.pem 709s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 709s Test Organization Root Tr Token 709s [p11_child[2160]] [main] (0x0400): p11_child started. 709s [p11_child[2160]] [main] (0x2000): Running in [pre-auth] mode. 709s [p11_child[2160]] [main] (0x2000): Running with effective IDs: [0][0]. 709s [p11_child[2160]] [main] (0x2000): Running with real IDs [0][0]. 709s [p11_child[2160]] [do_card] (0x4000): Module List: 709s [p11_child[2160]] [do_card] (0x4000): common name: [softhsm2]. 709s [p11_child[2160]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 709s [p11_child[2160]] [do_card] (0x4000): Description [SoftHSM slot ID 0x28e7808a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 709s [p11_child[2160]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 709s [p11_child[2160]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x28e7808a][686260362] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 709s [p11_child[2160]] [do_card] (0x4000): Login NOT required. 709s [p11_child[2160]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 709s [p11_child[2160]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 709s [p11_child[2160]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 709s [p11_child[2160]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x28e7808a;slot-manufacturer=SoftHSM%20project;slot-id=686260362;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f216e15428e7808a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 709s [p11_child[2160]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 709s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-26274.output 709s + echo '-----BEGIN CERTIFICATE-----' 709s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-26274.output 709s + echo '-----END CERTIFICATE-----' 709s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-26274.pem 710s Certificate: 710s Data: 710s Version: 3 (0x2) 710s Serial Number: 3 (0x3) 710s Signature Algorithm: sha256WithRSAEncryption 710s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 710s Validity 710s Not Before: Mar 24 20:19:57 2024 GMT 710s Not After : Mar 24 20:19:57 2025 GMT 710s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 710s Subject Public Key Info: 710s Public Key Algorithm: rsaEncryption 710s Public-Key: (1024 bit) 710s Modulus: 710s 00:c3:89:2e:20:61:b6:75:6c:44:33:fa:6f:1e:53: 710s df:d0:df:37:4d:ca:a8:67:d9:f2:5f:64:02:50:44: 710s 22:b8:e8:32:a2:41:ad:d0:3f:56:37:a2:47:0b:3c: 710s b1:94:52:d9:7e:55:5f:40:e4:76:30:92:34:1b:94: 710s 5c:d2:d2:c1:3e:d8:2f:89:13:13:ca:65:f3:ad:54: 710s 86:e4:08:09:a1:24:d8:a0:26:3a:90:75:a1:d9:19: 710s 1a:4b:b2:b9:2c:7c:38:91:f6:9c:68:ca:52:43:5c: 710s 1b:88:f4:27:ad:65:50:2b:a1:27:13:dc:db:e7:d9: 710s 0c:4d:81:70:84:7a:72:1b:fb 710s Exponent: 65537 (0x10001) 710s X509v3 extensions: 710s X509v3 Authority Key Identifier: 710s 99:7C:EB:AE:43:3F:72:C6:6D:BE:80:7D:D2:E6:76:20:B3:31:5E:D4 710s X509v3 Basic Constraints: 710s CA:FALSE 710s Netscape Cert Type: 710s SSL Client, S/MIME 710s Netscape Comment: 710s Test Organization Root CA trusted Certificate 710s X509v3 Subject Key Identifier: 710s 15:96:B0:93:44:72:AD:57:E4:02:ED:DB:DA:69:81:00:81:59:52:09 710s X509v3 Key Usage: critical 710s Digital Signature, Non Repudiation, Key Encipherment 710s X509v3 Extended Key Usage: 710s TLS Web Client Authentication, E-mail Protection 710s X509v3 Subject Alternative Name: 710s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 710s Signature Algorithm: sha256WithRSAEncryption 710s Signature Value: 710s 79:11:2d:36:65:e9:58:0f:29:27:01:f2:95:74:65:1e:a3:17: 710s f1:68:68:60:75:58:50:5e:b7:05:4c:5c:76:f2:f7:65:ac:55: 710s f0:79:c2:73:12:52:44:6c:aa:0b:5e:b1:3c:9b:d8:56:f8:88: 710s 55:a2:fb:b0:5d:04:5d:dc:b7:6a:4d:44:7e:c7:e3:66:20:f7: 710s e6:31:1b:12:1d:bb:ab:92:fc:28:c9:9f:40:82:b5:e0:94:48: 710s da:54:32:6b:47:64:18:c7:df:dd:10:90:bf:9b:bd:b5:4b:ed: 710s 71:5d:c8:db:74:64:a7:31:73:17:76:8a:11:8e:1b:80:a0:60: 710s 6e:3e 710s + local found_md5 expected_md5 710s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s + expected_md5=Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB 710s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-26274.pem 710s + found_md5=Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB 710s + '[' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB '!=' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB ']' 710s + output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-26274-auth.output 710s ++ basename /tmp/sssd-softhsm2-hap7gG/SSSD-child-26274-auth.output .output 710s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-26274-auth.pem 710s + echo -n 053350 710s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-hap7gG/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 710s [p11_child[2168]] [main] (0x0400): p11_child started. 710s [p11_child[2168]] [main] (0x2000): Running in [auth] mode. 710s [p11_child[2168]] [main] (0x2000): Running with effective IDs: [0][0]. 710s [p11_child[2168]] [main] (0x2000): Running with real IDs [0][0]. 710s [p11_child[2168]] [do_card] (0x4000): Module List: 710s [p11_child[2168]] [do_card] (0x4000): common name: [softhsm2]. 710s [p11_child[2168]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 710s [p11_child[2168]] [do_card] (0x4000): Description [SoftHSM slot ID 0x28e7808a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 710s [p11_child[2168]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 710s [p11_child[2168]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x28e7808a][686260362] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 710s [p11_child[2168]] [do_card] (0x4000): Login required. 710s [p11_child[2168]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 710s [p11_child[2168]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 710s [p11_child[2168]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 710s [p11_child[2168]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x28e7808a;slot-manufacturer=SoftHSM%20project;slot-id=686260362;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f216e15428e7808a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 710s [p11_child[2168]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 710s [p11_child[2168]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 710s [p11_child[2168]] [do_card] (0x4000): Certificate verified and validated. 710s [p11_child[2168]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 710s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-26274-auth.output 710s + echo '-----BEGIN CERTIFICATE-----' 710s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-26274-auth.output 710s + echo '-----END CERTIFICATE-----' 710s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-26274-auth.pem 710s Certificate: 710s Data: 710s Version: 3 (0x2) 710s Serial Number: 3 (0x3) 710s Signature Algorithm: sha256WithRSAEncryption 710s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 710s Validity 710s Not Before: Mar 24 20:19:57 2024 GMT 710s Not After : Mar 24 20:19:57 2025 GMT 710s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 710s Subject Public Key Info: 710s Public Key Algorithm: rsaEncryption 710s Public-Key: (1024 bit) 710s Modulus: 710s 00:c3:89:2e:20:61:b6:75:6c:44:33:fa:6f:1e:53: 710s df:d0:df:37:4d:ca:a8:67:d9:f2:5f:64:02:50:44: 710s 22:b8:e8:32:a2:41:ad:d0:3f:56:37:a2:47:0b:3c: 710s b1:94:52:d9:7e:55:5f:40:e4:76:30:92:34:1b:94: 710s 5c:d2:d2:c1:3e:d8:2f:89:13:13:ca:65:f3:ad:54: 710s 86:e4:08:09:a1:24:d8:a0:26:3a:90:75:a1:d9:19: 710s 1a:4b:b2:b9:2c:7c:38:91:f6:9c:68:ca:52:43:5c: 710s 1b:88:f4:27:ad:65:50:2b:a1:27:13:dc:db:e7:d9: 710s 0c:4d:81:70:84:7a:72:1b:fb 710s Exponent: 65537 (0x10001) 710s X509v3 extensions: 710s X509v3 Authority Key Identifier: 710s 99:7C:EB:AE:43:3F:72:C6:6D:BE:80:7D:D2:E6:76:20:B3:31:5E:D4 710s X509v3 Basic Constraints: 710s CA:FALSE 710s Netscape Cert Type: 710s SSL Client, S/MIME 710s Netscape Comment: 710s Test Organization Root CA trusted Certificate 710s X509v3 Subject Key Identifier: 710s 15:96:B0:93:44:72:AD:57:E4:02:ED:DB:DA:69:81:00:81:59:52:09 710s X509v3 Key Usage: critical 710s Digital Signature, Non Repudiation, Key Encipherment 710s X509v3 Extended Key Usage: 710s TLS Web Client Authentication, E-mail Protection 710s X509v3 Subject Alternative Name: 710s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 710s Signature Algorithm: sha256WithRSAEncryption 710s Signature Value: 710s 79:11:2d:36:65:e9:58:0f:29:27:01:f2:95:74:65:1e:a3:17: 710s f1:68:68:60:75:58:50:5e:b7:05:4c:5c:76:f2:f7:65:ac:55: 710s f0:79:c2:73:12:52:44:6c:aa:0b:5e:b1:3c:9b:d8:56:f8:88: 710s 55:a2:fb:b0:5d:04:5d:dc:b7:6a:4d:44:7e:c7:e3:66:20:f7: 710s e6:31:1b:12:1d:bb:ab:92:fc:28:c9:9f:40:82:b5:e0:94:48: 710s da:54:32:6b:47:64:18:c7:df:dd:10:90:bf:9b:bd:b5:4b:ed: 710s 71:5d:c8:db:74:64:a7:31:73:17:76:8a:11:8e:1b:80:a0:60: 710s 6e:3e 710s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-26274-auth.pem 710s + found_md5=Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB 710s + '[' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB '!=' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB ']' 710s + valid_certificate /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem partial_chain 710s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem partial_chain 710s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s + local key_pass=pass:random-root-ca-trusted-cert-0001-10320 710s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 710s + local verify_option=partial_chain 710s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 710s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s + local key_pass=pass:random-root-ca-trusted-cert-0001-10320 710s + local key_cn 710s + local key_name 710s + local tokens_dir 710s + local output_cert_file 710s + token_name= 710s ++ basename /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem .pem 710s + key_name=test-root-CA-trusted-certificate-0001 710s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s ++ sed -n 's/ *commonName *= //p' 710s + key_cn='Test Organization Root Trusted Certificate 0001' 710s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 710s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf 710s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf 710s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 710s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001 710s + token_name='Test Organization Root Tr Token' 710s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 710s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001 ']' 710s + echo 'Test Organization Root Tr Token' 710s + '[' -n partial_chain ']' 710s + local verify_arg=--verify=partial_chain 710s Test Organization Root Tr Token 710s + local output_base_name=SSSD-child-915 710s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-915.output 710s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-915.pem 710s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 710s [p11_child[2178]] [main] (0x0400): p11_child started. 710s [p11_child[2178]] [main] (0x2000): Running in [pre-auth] mode. 710s [p11_child[2178]] [main] (0x2000): Running with effective IDs: [0][0]. 710s [p11_child[2178]] [main] (0x2000): Running with real IDs [0][0]. 710s [p11_child[2178]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 710s [p11_child[2178]] [do_card] (0x4000): Module List: 710s [p11_child[2178]] [do_card] (0x4000): common name: [softhsm2]. 710s [p11_child[2178]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 710s [p11_child[2178]] [do_card] (0x4000): Description [SoftHSM slot ID 0x28e7808a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 710s [p11_child[2178]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 710s [p11_child[2178]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x28e7808a][686260362] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 710s [p11_child[2178]] [do_card] (0x4000): Login NOT required. 710s [p11_child[2178]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 710s [p11_child[2178]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 710s [p11_child[2178]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 710s [p11_child[2178]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x28e7808a;slot-manufacturer=SoftHSM%20project;slot-id=686260362;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f216e15428e7808a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 710s [p11_child[2178]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 710s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-915.output 710s + echo '-----BEGIN CERTIFICATE-----' 710s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-915.output 710s + echo '-----END CERTIFICATE-----' 710s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-915.pem 710s Certificate: 710s Data: 710s Version: 3 (0x2) 710s Serial Number: 3 (0x3) 710s Signature Algorithm: sha256WithRSAEncryption 710s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 710s Validity 710s Not Before: Mar 24 20:19:57 2024 GMT 710s Not After : Mar 24 20:19:57 2025 GMT 710s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 710s Subject Public Key Info: 710s Public Key Algorithm: rsaEncryption 710s Public-Key: (1024 bit) 710s Modulus: 710s 00:c3:89:2e:20:61:b6:75:6c:44:33:fa:6f:1e:53: 710s df:d0:df:37:4d:ca:a8:67:d9:f2:5f:64:02:50:44: 710s 22:b8:e8:32:a2:41:ad:d0:3f:56:37:a2:47:0b:3c: 710s b1:94:52:d9:7e:55:5f:40:e4:76:30:92:34:1b:94: 710s 5c:d2:d2:c1:3e:d8:2f:89:13:13:ca:65:f3:ad:54: 710s 86:e4:08:09:a1:24:d8:a0:26:3a:90:75:a1:d9:19: 710s 1a:4b:b2:b9:2c:7c:38:91:f6:9c:68:ca:52:43:5c: 710s 1b:88:f4:27:ad:65:50:2b:a1:27:13:dc:db:e7:d9: 710s 0c:4d:81:70:84:7a:72:1b:fb 710s Exponent: 65537 (0x10001) 710s X509v3 extensions: 710s X509v3 Authority Key Identifier: 710s 99:7C:EB:AE:43:3F:72:C6:6D:BE:80:7D:D2:E6:76:20:B3:31:5E:D4 710s X509v3 Basic Constraints: 710s CA:FALSE 710s Netscape Cert Type: 710s SSL Client, S/MIME 710s Netscape Comment: 710s Test Organization Root CA trusted Certificate 710s X509v3 Subject Key Identifier: 710s 15:96:B0:93:44:72:AD:57:E4:02:ED:DB:DA:69:81:00:81:59:52:09 710s X509v3 Key Usage: critical 710s Digital Signature, Non Repudiation, Key Encipherment 710s X509v3 Extended Key Usage: 710s TLS Web Client Authentication, E-mail Protection 710s X509v3 Subject Alternative Name: 710s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 710s Signature Algorithm: sha256WithRSAEncryption 710s Signature Value: 710s 79:11:2d:36:65:e9:58:0f:29:27:01:f2:95:74:65:1e:a3:17: 710s f1:68:68:60:75:58:50:5e:b7:05:4c:5c:76:f2:f7:65:ac:55: 710s f0:79:c2:73:12:52:44:6c:aa:0b:5e:b1:3c:9b:d8:56:f8:88: 710s 55:a2:fb:b0:5d:04:5d:dc:b7:6a:4d:44:7e:c7:e3:66:20:f7: 710s e6:31:1b:12:1d:bb:ab:92:fc:28:c9:9f:40:82:b5:e0:94:48: 710s da:54:32:6b:47:64:18:c7:df:dd:10:90:bf:9b:bd:b5:4b:ed: 710s 71:5d:c8:db:74:64:a7:31:73:17:76:8a:11:8e:1b:80:a0:60: 710s 6e:3e 710s + local found_md5 expected_md5 710s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s + expected_md5=Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB 710s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-915.pem 710s + found_md5=Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB 710s + '[' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB '!=' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB ']' 710s + output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-915-auth.output 710s ++ basename /tmp/sssd-softhsm2-hap7gG/SSSD-child-915-auth.output .output 710s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-915-auth.pem 710s + echo -n 053350 710s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-hap7gG/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 710s [p11_child[2186]] [main] (0x0400): p11_child started. 710s [p11_child[2186]] [main] (0x2000): Running in [auth] mode. 710s [p11_child[2186]] [main] (0x2000): Running with effective IDs: [0][0]. 710s [p11_child[2186]] [main] (0x2000): Running with real IDs [0][0]. 710s [p11_child[2186]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 710s [p11_child[2186]] [do_card] (0x4000): Module List: 710s [p11_child[2186]] [do_card] (0x4000): common name: [softhsm2]. 710s [p11_child[2186]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 710s [p11_child[2186]] [do_card] (0x4000): Description [SoftHSM slot ID 0x28e7808a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 710s [p11_child[2186]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 710s [p11_child[2186]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x28e7808a][686260362] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 710s [p11_child[2186]] [do_card] (0x4000): Login required. 710s [p11_child[2186]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 710s [p11_child[2186]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 710s [p11_child[2186]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 710s [p11_child[2186]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x28e7808a;slot-manufacturer=SoftHSM%20project;slot-id=686260362;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f216e15428e7808a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 710s [p11_child[2186]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 710s [p11_child[2186]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 710s [p11_child[2186]] [do_card] (0x4000): Certificate verified and validated. 710s [p11_child[2186]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 710s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-915-auth.output 710s + echo '-----BEGIN CERTIFICATE-----' 710s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-915-auth.output 710s + echo '-----END CERTIFICATE-----' 710s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-915-auth.pem 710s Certificate: 710s Data: 710s Version: 3 (0x2) 710s Serial Number: 3 (0x3) 710s Signature Algorithm: sha256WithRSAEncryption 710s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 710s Validity 710s Not Before: Mar 24 20:19:57 2024 GMT 710s Not After : Mar 24 20:19:57 2025 GMT 710s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 710s Subject Public Key Info: 710s Public Key Algorithm: rsaEncryption 710s Public-Key: (1024 bit) 710s Modulus: 710s 00:c3:89:2e:20:61:b6:75:6c:44:33:fa:6f:1e:53: 710s df:d0:df:37:4d:ca:a8:67:d9:f2:5f:64:02:50:44: 710s 22:b8:e8:32:a2:41:ad:d0:3f:56:37:a2:47:0b:3c: 710s b1:94:52:d9:7e:55:5f:40:e4:76:30:92:34:1b:94: 710s 5c:d2:d2:c1:3e:d8:2f:89:13:13:ca:65:f3:ad:54: 710s 86:e4:08:09:a1:24:d8:a0:26:3a:90:75:a1:d9:19: 710s 1a:4b:b2:b9:2c:7c:38:91:f6:9c:68:ca:52:43:5c: 710s 1b:88:f4:27:ad:65:50:2b:a1:27:13:dc:db:e7:d9: 710s 0c:4d:81:70:84:7a:72:1b:fb 710s Exponent: 65537 (0x10001) 710s X509v3 extensions: 710s X509v3 Authority Key Identifier: 710s 99:7C:EB:AE:43:3F:72:C6:6D:BE:80:7D:D2:E6:76:20:B3:31:5E:D4 710s X509v3 Basic Constraints: 710s CA:FALSE 710s Netscape Cert Type: 710s SSL Client, S/MIME 710s Netscape Comment: 710s Test Organization Root CA trusted Certificate 710s X509v3 Subject Key Identifier: 710s 15:96:B0:93:44:72:AD:57:E4:02:ED:DB:DA:69:81:00:81:59:52:09 710s X509v3 Key Usage: critical 710s Digital Signature, Non Repudiation, Key Encipherment 710s X509v3 Extended Key Usage: 710s TLS Web Client Authentication, E-mail Protection 710s X509v3 Subject Alternative Name: 710s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 710s Signature Algorithm: sha256WithRSAEncryption 710s Signature Value: 710s 79:11:2d:36:65:e9:58:0f:29:27:01:f2:95:74:65:1e:a3:17: 710s f1:68:68:60:75:58:50:5e:b7:05:4c:5c:76:f2:f7:65:ac:55: 710s f0:79:c2:73:12:52:44:6c:aa:0b:5e:b1:3c:9b:d8:56:f8:88: 710s 55:a2:fb:b0:5d:04:5d:dc:b7:6a:4d:44:7e:c7:e3:66:20:f7: 710s e6:31:1b:12:1d:bb:ab:92:fc:28:c9:9f:40:82:b5:e0:94:48: 710s da:54:32:6b:47:64:18:c7:df:dd:10:90:bf:9b:bd:b5:4b:ed: 710s 71:5d:c8:db:74:64:a7:31:73:17:76:8a:11:8e:1b:80:a0:60: 710s 6e:3e 710s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-915-auth.pem 710s + found_md5=Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB 710s + '[' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB '!=' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB ']' 710s + valid_certificate /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 710s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 710s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s + local key_pass=pass:random-root-ca-trusted-cert-0001-10320 710s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 710s + local verify_option= 710s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 710s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s + local key_pass=pass:random-root-ca-trusted-cert-0001-10320 710s + local key_cn 710s + local key_name 710s + local tokens_dir 710s + local output_cert_file 710s + token_name= 710s ++ basename /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem .pem 710s + key_name=test-root-CA-trusted-certificate-0001 710s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s ++ sed -n 's/ *commonName *= //p' 710s + key_cn='Test Organization Root Trusted Certificate 0001' 710s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 710s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf 710s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf 710s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 710s Test Organization Root Tr Token 710s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001 710s + token_name='Test Organization Root Tr Token' 710s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 710s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001 ']' 710s + echo 'Test Organization Root Tr Token' 710s + '[' -n '' ']' 710s + local output_base_name=SSSD-child-3379 710s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-3379.output 710s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-3379.pem 710s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 710s [p11_child[2196]] [main] (0x0400): p11_child started. 710s [p11_child[2196]] [main] (0x2000): Running in [pre-auth] mode. 710s [p11_child[2196]] [main] (0x2000): Running with effective IDs: [0][0]. 710s [p11_child[2196]] [main] (0x2000): Running with real IDs [0][0]. 710s [p11_child[2196]] [do_card] (0x4000): Module List: 710s [p11_child[2196]] [do_card] (0x4000): common name: [softhsm2]. 710s [p11_child[2196]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 710s [p11_child[2196]] [do_card] (0x4000): Description [SoftHSM slot ID 0x28e7808a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 710s [p11_child[2196]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 710s [p11_child[2196]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x28e7808a][686260362] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 710s [p11_child[2196]] [do_card] (0x4000): Login NOT required. 710s [p11_child[2196]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 710s [p11_child[2196]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 710s [p11_child[2196]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 710s [p11_child[2196]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x28e7808a;slot-manufacturer=SoftHSM%20project;slot-id=686260362;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f216e15428e7808a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 710s [p11_child[2196]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 710s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-3379.output 710s + echo '-----BEGIN CERTIFICATE-----' 710s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-3379.output 710s + echo '-----END CERTIFICATE-----' 710s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-3379.pem 710s Certificate: 710s Data: 710s Version: 3 (0x2) 710s Serial Number: 3 (0x3) 710s Signature Algorithm: sha256WithRSAEncryption 710s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 710s Validity 710s Not Before: Mar 24 20:19:57 2024 GMT 710s Not After : Mar 24 20:19:57 2025 GMT 710s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 710s Subject Public Key Info: 710s Public Key Algorithm: rsaEncryption 710s Public-Key: (1024 bit) 710s Modulus: 710s 00:c3:89:2e:20:61:b6:75:6c:44:33:fa:6f:1e:53: 710s df:d0:df:37:4d:ca:a8:67:d9:f2:5f:64:02:50:44: 710s 22:b8:e8:32:a2:41:ad:d0:3f:56:37:a2:47:0b:3c: 710s b1:94:52:d9:7e:55:5f:40:e4:76:30:92:34:1b:94: 710s 5c:d2:d2:c1:3e:d8:2f:89:13:13:ca:65:f3:ad:54: 710s 86:e4:08:09:a1:24:d8:a0:26:3a:90:75:a1:d9:19: 710s 1a:4b:b2:b9:2c:7c:38:91:f6:9c:68:ca:52:43:5c: 710s 1b:88:f4:27:ad:65:50:2b:a1:27:13:dc:db:e7:d9: 710s 0c:4d:81:70:84:7a:72:1b:fb 710s Exponent: 65537 (0x10001) 710s X509v3 extensions: 710s X509v3 Authority Key Identifier: 710s 99:7C:EB:AE:43:3F:72:C6:6D:BE:80:7D:D2:E6:76:20:B3:31:5E:D4 710s X509v3 Basic Constraints: 710s CA:FALSE 710s Netscape Cert Type: 710s SSL Client, S/MIME 710s Netscape Comment: 710s Test Organization Root CA trusted Certificate 710s X509v3 Subject Key Identifier: 710s 15:96:B0:93:44:72:AD:57:E4:02:ED:DB:DA:69:81:00:81:59:52:09 710s X509v3 Key Usage: critical 710s Digital Signature, Non Repudiation, Key Encipherment 710s X509v3 Extended Key Usage: 710s TLS Web Client Authentication, E-mail Protection 710s X509v3 Subject Alternative Name: 710s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 710s Signature Algorithm: sha256WithRSAEncryption 710s Signature Value: 710s 79:11:2d:36:65:e9:58:0f:29:27:01:f2:95:74:65:1e:a3:17: 710s f1:68:68:60:75:58:50:5e:b7:05:4c:5c:76:f2:f7:65:ac:55: 710s f0:79:c2:73:12:52:44:6c:aa:0b:5e:b1:3c:9b:d8:56:f8:88: 710s 55:a2:fb:b0:5d:04:5d:dc:b7:6a:4d:44:7e:c7:e3:66:20:f7: 710s e6:31:1b:12:1d:bb:ab:92:fc:28:c9:9f:40:82:b5:e0:94:48: 710s da:54:32:6b:47:64:18:c7:df:dd:10:90:bf:9b:bd:b5:4b:ed: 710s 71:5d:c8:db:74:64:a7:31:73:17:76:8a:11:8e:1b:80:a0:60: 710s 6e:3e 710s + local found_md5 expected_md5 710s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s + expected_md5=Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB 710s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-3379.pem 710s + found_md5=Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB 710s + '[' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB '!=' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB ']' 710s + output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-3379-auth.output 710s ++ basename /tmp/sssd-softhsm2-hap7gG/SSSD-child-3379-auth.output .output 710s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-3379-auth.pem 710s + echo -n 053350 710s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 710s [p11_child[2204]] [main] (0x0400): p11_child started. 710s [p11_child[2204]] [main] (0x2000): Running in [auth] mode. 710s [p11_child[2204]] [main] (0x2000): Running with effective IDs: [0][0]. 710s [p11_child[2204]] [main] (0x2000): Running with real IDs [0][0]. 710s [p11_child[2204]] [do_card] (0x4000): Module List: 710s [p11_child[2204]] [do_card] (0x4000): common name: [softhsm2]. 710s [p11_child[2204]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 710s [p11_child[2204]] [do_card] (0x4000): Description [SoftHSM slot ID 0x28e7808a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 710s [p11_child[2204]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 710s [p11_child[2204]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x28e7808a][686260362] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 710s [p11_child[2204]] [do_card] (0x4000): Login required. 710s [p11_child[2204]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 710s [p11_child[2204]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 710s [p11_child[2204]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 710s [p11_child[2204]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x28e7808a;slot-manufacturer=SoftHSM%20project;slot-id=686260362;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f216e15428e7808a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 710s [p11_child[2204]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 710s [p11_child[2204]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 710s [p11_child[2204]] [do_card] (0x4000): Certificate verified and validated. 710s [p11_child[2204]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 710s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-3379-auth.output 710s + echo '-----BEGIN CERTIFICATE-----' 710s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-3379-auth.output 710s + echo '-----END CERTIFICATE-----' 710s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-3379-auth.pem 710s Certificate: 710s Data: 710s Version: 3 (0x2) 710s Serial Number: 3 (0x3) 710s Signature Algorithm: sha256WithRSAEncryption 710s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 710s Validity 710s Not Before: Mar 24 20:19:57 2024 GMT 710s Not After : Mar 24 20:19:57 2025 GMT 710s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 710s Subject Public Key Info: 710s Public Key Algorithm: rsaEncryption 710s Public-Key: (1024 bit) 710s Modulus: 710s 00:c3:89:2e:20:61:b6:75:6c:44:33:fa:6f:1e:53: 710s df:d0:df:37:4d:ca:a8:67:d9:f2:5f:64:02:50:44: 710s 22:b8:e8:32:a2:41:ad:d0:3f:56:37:a2:47:0b:3c: 710s b1:94:52:d9:7e:55:5f:40:e4:76:30:92:34:1b:94: 710s 5c:d2:d2:c1:3e:d8:2f:89:13:13:ca:65:f3:ad:54: 710s 86:e4:08:09:a1:24:d8:a0:26:3a:90:75:a1:d9:19: 710s 1a:4b:b2:b9:2c:7c:38:91:f6:9c:68:ca:52:43:5c: 710s 1b:88:f4:27:ad:65:50:2b:a1:27:13:dc:db:e7:d9: 710s 0c:4d:81:70:84:7a:72:1b:fb 710s Exponent: 65537 (0x10001) 710s X509v3 extensions: 710s X509v3 Authority Key Identifier: 710s 99:7C:EB:AE:43:3F:72:C6:6D:BE:80:7D:D2:E6:76:20:B3:31:5E:D4 710s X509v3 Basic Constraints: 710s CA:FALSE 710s Netscape Cert Type: 710s SSL Client, S/MIME 710s Netscape Comment: 710s Test Organization Root CA trusted Certificate 710s X509v3 Subject Key Identifier: 710s 15:96:B0:93:44:72:AD:57:E4:02:ED:DB:DA:69:81:00:81:59:52:09 710s X509v3 Key Usage: critical 710s Digital Signature, Non Repudiation, Key Encipherment 710s X509v3 Extended Key Usage: 710s TLS Web Client Authentication, E-mail Protection 710s X509v3 Subject Alternative Name: 710s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 710s Signature Algorithm: sha256WithRSAEncryption 710s Signature Value: 710s 79:11:2d:36:65:e9:58:0f:29:27:01:f2:95:74:65:1e:a3:17: 710s f1:68:68:60:75:58:50:5e:b7:05:4c:5c:76:f2:f7:65:ac:55: 710s f0:79:c2:73:12:52:44:6c:aa:0b:5e:b1:3c:9b:d8:56:f8:88: 710s 55:a2:fb:b0:5d:04:5d:dc:b7:6a:4d:44:7e:c7:e3:66:20:f7: 710s e6:31:1b:12:1d:bb:ab:92:fc:28:c9:9f:40:82:b5:e0:94:48: 710s da:54:32:6b:47:64:18:c7:df:dd:10:90:bf:9b:bd:b5:4b:ed: 710s 71:5d:c8:db:74:64:a7:31:73:17:76:8a:11:8e:1b:80:a0:60: 710s 6e:3e 710s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-3379-auth.pem 710s + found_md5=Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB 710s + '[' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB '!=' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB ']' 710s + valid_certificate /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem partial_chain 710s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem partial_chain 710s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s + local key_pass=pass:random-root-ca-trusted-cert-0001-10320 710s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 710s + local verify_option=partial_chain 710s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 710s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s + local key_pass=pass:random-root-ca-trusted-cert-0001-10320 710s + local key_cn 710s + local key_name 710s + local tokens_dir 710s + local output_cert_file 710s + token_name= 710s ++ basename /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem .pem 710s + key_name=test-root-CA-trusted-certificate-0001 710s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s ++ sed -n 's/ *commonName *= //p' 710s + key_cn='Test Organization Root Trusted Certificate 0001' 710s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 710s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf 710s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf 710s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 710s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001 710s + token_name='Test Organization Root Tr Token' 710s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 710s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001 ']' 710s + echo 'Test Organization Root Tr Token' 710s Test Organization Root Tr Token 710s + '[' -n partial_chain ']' 710s + local verify_arg=--verify=partial_chain 710s + local output_base_name=SSSD-child-26024 710s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-26024.output 710s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-26024.pem 710s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 710s [p11_child[2214]] [main] (0x0400): p11_child started. 710s [p11_child[2214]] [main] (0x2000): Running in [pre-auth] mode. 710s [p11_child[2214]] [main] (0x2000): Running with effective IDs: [0][0]. 710s [p11_child[2214]] [main] (0x2000): Running with real IDs [0][0]. 710s [p11_child[2214]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 710s [p11_child[2214]] [do_card] (0x4000): Module List: 710s [p11_child[2214]] [do_card] (0x4000): common name: [softhsm2]. 710s [p11_child[2214]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 710s [p11_child[2214]] [do_card] (0x4000): Description [SoftHSM slot ID 0x28e7808a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 710s [p11_child[2214]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 710s [p11_child[2214]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x28e7808a][686260362] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 710s [p11_child[2214]] [do_card] (0x4000): Login NOT required. 710s [p11_child[2214]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 710s [p11_child[2214]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 710s [p11_child[2214]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 710s [p11_child[2214]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x28e7808a;slot-manufacturer=SoftHSM%20project;slot-id=686260362;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f216e15428e7808a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 710s [p11_child[2214]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 710s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-26024.output 710s + echo '-----BEGIN CERTIFICATE-----' 710s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-26024.output 710s + echo '-----END CERTIFICATE-----' 710s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-26024.pem 710s Certificate: 710s Data: 710s Version: 3 (0x2) 710s Serial Number: 3 (0x3) 710s Signature Algorithm: sha256WithRSAEncryption 710s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 710s Validity 710s Not Before: Mar 24 20:19:57 2024 GMT 710s Not After : Mar 24 20:19:57 2025 GMT 710s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 710s Subject Public Key Info: 710s Public Key Algorithm: rsaEncryption 710s Public-Key: (1024 bit) 710s Modulus: 710s 00:c3:89:2e:20:61:b6:75:6c:44:33:fa:6f:1e:53: 710s df:d0:df:37:4d:ca:a8:67:d9:f2:5f:64:02:50:44: 710s 22:b8:e8:32:a2:41:ad:d0:3f:56:37:a2:47:0b:3c: 710s b1:94:52:d9:7e:55:5f:40:e4:76:30:92:34:1b:94: 710s 5c:d2:d2:c1:3e:d8:2f:89:13:13:ca:65:f3:ad:54: 710s 86:e4:08:09:a1:24:d8:a0:26:3a:90:75:a1:d9:19: 710s 1a:4b:b2:b9:2c:7c:38:91:f6:9c:68:ca:52:43:5c: 710s 1b:88:f4:27:ad:65:50:2b:a1:27:13:dc:db:e7:d9: 710s 0c:4d:81:70:84:7a:72:1b:fb 710s Exponent: 65537 (0x10001) 710s X509v3 extensions: 710s X509v3 Authority Key Identifier: 710s 99:7C:EB:AE:43:3F:72:C6:6D:BE:80:7D:D2:E6:76:20:B3:31:5E:D4 710s X509v3 Basic Constraints: 710s CA:FALSE 710s Netscape Cert Type: 710s SSL Client, S/MIME 710s Netscape Comment: 710s Test Organization Root CA trusted Certificate 710s X509v3 Subject Key Identifier: 710s 15:96:B0:93:44:72:AD:57:E4:02:ED:DB:DA:69:81:00:81:59:52:09 710s X509v3 Key Usage: critical 710s Digital Signature, Non Repudiation, Key Encipherment 710s X509v3 Extended Key Usage: 710s TLS Web Client Authentication, E-mail Protection 710s X509v3 Subject Alternative Name: 710s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 710s Signature Algorithm: sha256WithRSAEncryption 710s Signature Value: 710s 79:11:2d:36:65:e9:58:0f:29:27:01:f2:95:74:65:1e:a3:17: 710s f1:68:68:60:75:58:50:5e:b7:05:4c:5c:76:f2:f7:65:ac:55: 710s f0:79:c2:73:12:52:44:6c:aa:0b:5e:b1:3c:9b:d8:56:f8:88: 710s 55:a2:fb:b0:5d:04:5d:dc:b7:6a:4d:44:7e:c7:e3:66:20:f7: 710s e6:31:1b:12:1d:bb:ab:92:fc:28:c9:9f:40:82:b5:e0:94:48: 710s da:54:32:6b:47:64:18:c7:df:dd:10:90:bf:9b:bd:b5:4b:ed: 710s 71:5d:c8:db:74:64:a7:31:73:17:76:8a:11:8e:1b:80:a0:60: 710s 6e:3e 710s + local found_md5 expected_md5 710s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s + expected_md5=Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB 710s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-26024.pem 710s + found_md5=Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB 710s + '[' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB '!=' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB ']' 710s + output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-26024-auth.output 710s ++ basename /tmp/sssd-softhsm2-hap7gG/SSSD-child-26024-auth.output .output 710s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-26024-auth.pem 710s + echo -n 053350 710s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 710s [p11_child[2222]] [main] (0x0400): p11_child started. 710s [p11_child[2222]] [main] (0x2000): Running in [auth] mode. 710s [p11_child[2222]] [main] (0x2000): Running with effective IDs: [0][0]. 710s [p11_child[2222]] [main] (0x2000): Running with real IDs [0][0]. 710s [p11_child[2222]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 710s [p11_child[2222]] [do_card] (0x4000): Module List: 710s [p11_child[2222]] [do_card] (0x4000): common name: [softhsm2]. 710s [p11_child[2222]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 710s [p11_child[2222]] [do_card] (0x4000): Description [SoftHSM slot ID 0x28e7808a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 710s [p11_child[2222]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 710s [p11_child[2222]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x28e7808a][686260362] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 710s [p11_child[2222]] [do_card] (0x4000): Login required. 710s [p11_child[2222]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 710s [p11_child[2222]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 710s [p11_child[2222]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 710s [p11_child[2222]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x28e7808a;slot-manufacturer=SoftHSM%20project;slot-id=686260362;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f216e15428e7808a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 710s [p11_child[2222]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 710s [p11_child[2222]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 710s [p11_child[2222]] [do_card] (0x4000): Certificate verified and validated. 710s [p11_child[2222]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 710s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-26024-auth.output 710s + echo '-----BEGIN CERTIFICATE-----' 710s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-26024-auth.output 710s + echo '-----END CERTIFICATE-----' 710s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-26024-auth.pem 710s Certificate: 710s Data: 710s Version: 3 (0x2) 710s Serial Number: 3 (0x3) 710s Signature Algorithm: sha256WithRSAEncryption 710s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 710s Validity 710s Not Before: Mar 24 20:19:57 2024 GMT 710s Not After : Mar 24 20:19:57 2025 GMT 710s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 710s Subject Public Key Info: 710s Public Key Algorithm: rsaEncryption 710s Public-Key: (1024 bit) 710s Modulus: 710s 00:c3:89:2e:20:61:b6:75:6c:44:33:fa:6f:1e:53: 710s df:d0:df:37:4d:ca:a8:67:d9:f2:5f:64:02:50:44: 710s 22:b8:e8:32:a2:41:ad:d0:3f:56:37:a2:47:0b:3c: 710s b1:94:52:d9:7e:55:5f:40:e4:76:30:92:34:1b:94: 710s 5c:d2:d2:c1:3e:d8:2f:89:13:13:ca:65:f3:ad:54: 710s 86:e4:08:09:a1:24:d8:a0:26:3a:90:75:a1:d9:19: 710s 1a:4b:b2:b9:2c:7c:38:91:f6:9c:68:ca:52:43:5c: 710s 1b:88:f4:27:ad:65:50:2b:a1:27:13:dc:db:e7:d9: 710s 0c:4d:81:70:84:7a:72:1b:fb 710s Exponent: 65537 (0x10001) 710s X509v3 extensions: 710s X509v3 Authority Key Identifier: 710s 99:7C:EB:AE:43:3F:72:C6:6D:BE:80:7D:D2:E6:76:20:B3:31:5E:D4 710s X509v3 Basic Constraints: 710s CA:FALSE 710s Netscape Cert Type: 710s SSL Client, S/MIME 710s Netscape Comment: 710s Test Organization Root CA trusted Certificate 710s X509v3 Subject Key Identifier: 710s 15:96:B0:93:44:72:AD:57:E4:02:ED:DB:DA:69:81:00:81:59:52:09 710s X509v3 Key Usage: critical 710s Digital Signature, Non Repudiation, Key Encipherment 710s X509v3 Extended Key Usage: 710s TLS Web Client Authentication, E-mail Protection 710s X509v3 Subject Alternative Name: 710s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 710s Signature Algorithm: sha256WithRSAEncryption 710s Signature Value: 710s 79:11:2d:36:65:e9:58:0f:29:27:01:f2:95:74:65:1e:a3:17: 710s f1:68:68:60:75:58:50:5e:b7:05:4c:5c:76:f2:f7:65:ac:55: 710s f0:79:c2:73:12:52:44:6c:aa:0b:5e:b1:3c:9b:d8:56:f8:88: 710s 55:a2:fb:b0:5d:04:5d:dc:b7:6a:4d:44:7e:c7:e3:66:20:f7: 710s e6:31:1b:12:1d:bb:ab:92:fc:28:c9:9f:40:82:b5:e0:94:48: 710s da:54:32:6b:47:64:18:c7:df:dd:10:90:bf:9b:bd:b5:4b:ed: 710s 71:5d:c8:db:74:64:a7:31:73:17:76:8a:11:8e:1b:80:a0:60: 710s 6e:3e 710s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-26024-auth.pem 710s + found_md5=Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB 710s + '[' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB '!=' Modulus=C3892E2061B6756C4433FA6F1E53DFD0DF374DCAA867D9F25F6402504422B8E832A241ADD03F5637A2470B3CB19452D97E555F40E4763092341B945CD2D2C13ED82F891313CA65F3AD5486E40809A124D8A0263A9075A1D9191A4BB2B92C7C3891F69C68CA52435C1B88F427AD65502BA12713DCDBE7D90C4D8170847A721BFB ']' 710s + invalid_certificate /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem 710s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem 710s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s + local key_pass=pass:random-root-ca-trusted-cert-0001-10320 710s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem 710s + local verify_option= 710s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 710s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s + local key_pass=pass:random-root-ca-trusted-cert-0001-10320 710s + local key_cn 710s + local key_name 710s + local tokens_dir 710s + local output_cert_file 710s + token_name= 710s ++ basename /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem .pem 710s + key_name=test-root-CA-trusted-certificate-0001 710s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s ++ sed -n 's/ *commonName *= //p' 710s + key_cn='Test Organization Root Trusted Certificate 0001' 710s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 710s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf 710s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf 710s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 710s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001 710s + token_name='Test Organization Root Tr Token' 710s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 710s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001 ']' 710s + echo 'Test Organization Root Tr Token' 710s Test Organization Root Tr Token 710s + '[' -n '' ']' 710s + local output_base_name=SSSD-child-28 710s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-28.output 710s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-28.pem 710s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem 710s [p11_child[2232]] [main] (0x0400): p11_child started. 710s [p11_child[2232]] [main] (0x2000): Running in [pre-auth] mode. 710s [p11_child[2232]] [main] (0x2000): Running with effective IDs: [0][0]. 710s [p11_child[2232]] [main] (0x2000): Running with real IDs [0][0]. 710s [p11_child[2232]] [do_card] (0x4000): Module List: 710s [p11_child[2232]] [do_card] (0x4000): common name: [softhsm2]. 710s [p11_child[2232]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 710s [p11_child[2232]] [do_card] (0x4000): Description [SoftHSM slot ID 0x28e7808a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 710s [p11_child[2232]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 710s [p11_child[2232]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x28e7808a][686260362] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 710s [p11_child[2232]] [do_card] (0x4000): Login NOT required. 710s [p11_child[2232]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 710s [p11_child[2232]] [do_verification] (0x0040): X509_verify_cert failed [0]. 710s [p11_child[2232]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 710s [p11_child[2232]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 710s [p11_child[2232]] [do_card] (0x4000): No certificate found. 710s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-28.output 710s + return 2 710s + invalid_certificate /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem partial_chain 710s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem partial_chain 710s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s + local key_pass=pass:random-root-ca-trusted-cert-0001-10320 710s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem 710s + local verify_option=partial_chain 710s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10320 710s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s + local key_pass=pass:random-root-ca-trusted-cert-0001-10320 710s + local key_cn 710s + local key_name 710s + local tokens_dir 710s + local output_cert_file 710s + token_name= 710s ++ basename /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem .pem 710s + key_name=test-root-CA-trusted-certificate-0001 710s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-root-CA-trusted-certificate-0001.pem 710s ++ sed -n 's/ *commonName *= //p' 711s Test Organization Root Tr Token 711s + key_cn='Test Organization Root Trusted Certificate 0001' 711s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 711s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf 711s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf 711s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 711s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001 711s + token_name='Test Organization Root Tr Token' 711s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 711s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-root-CA-trusted-certificate-0001 ']' 711s + echo 'Test Organization Root Tr Token' 711s + '[' -n partial_chain ']' 711s + local verify_arg=--verify=partial_chain 711s + local output_base_name=SSSD-child-24063 711s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-24063.output 711s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-24063.pem 711s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem 711s [p11_child[2239]] [main] (0x0400): p11_child started. 711s [p11_child[2239]] [main] (0x2000): Running in [pre-auth] mode. 711s [p11_child[2239]] [main] (0x2000): Running with effective IDs: [0][0]. 711s [p11_child[2239]] [main] (0x2000): Running with real IDs [0][0]. 711s [p11_child[2239]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 711s [p11_child[2239]] [do_card] (0x4000): Module List: 711s [p11_child[2239]] [do_card] (0x4000): common name: [softhsm2]. 711s [p11_child[2239]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 711s [p11_child[2239]] [do_card] (0x4000): Description [SoftHSM slot ID 0x28e7808a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 711s [p11_child[2239]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 711s [p11_child[2239]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x28e7808a][686260362] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 711s [p11_child[2239]] [do_card] (0x4000): Login NOT required. 711s [p11_child[2239]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 711s [p11_child[2239]] [do_verification] (0x0040): X509_verify_cert failed [0]. 711s [p11_child[2239]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 711s [p11_child[2239]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 711s [p11_child[2239]] [do_card] (0x4000): No certificate found. 711s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-24063.output 711s + return 2 711s + invalid_certificate /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 /dev/null 711s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 /dev/null 711s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-772 711s + local key_ring=/dev/null 711s + local verify_option= 711s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 711s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-772 711s + local key_cn 711s + local key_name 711s + local tokens_dir 711s + local output_cert_file 711s + token_name= 711s ++ basename /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem .pem 711s + key_name=test-intermediate-CA-trusted-certificate-0001 711s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s ++ sed -n 's/ *commonName *= //p' 711s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 711s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 711s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 711s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 711s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 711s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001 711s + token_name='Test Organization Interme Token' 711s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 711s + local key_file 711s + local decrypted_key 711s + mkdir -p /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001 711s + key_file=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001-key.pem 711s + decrypted_key=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 711s + cat 711s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 053350 --so-pin 053350 --free 711s Slot 0 has a free/uninitialized token. 711s The token has been initialized and is reassigned to slot 1379085857 711s + softhsm2-util --show-slots 711s Available slots: 711s Slot 1379085857 711s Slot info: 711s Description: SoftHSM slot ID 0x52332e21 711s Manufacturer ID: SoftHSM project 711s Hardware version: 2.6 711s Firmware version: 2.6 711s Token present: yes 711s Token info: 711s Manufacturer ID: SoftHSM project 711s Model: SoftHSM v2 711s Hardware version: 2.6 711s Firmware version: 2.6 711s Serial number: d97eb5aa52332e21 711s Initialized: yes 711s User PIN init.: yes 711s Label: Test Organization Interme Token 711s Slot 1 711s Slot info: 711s Description: SoftHSM slot ID 0x1 711s Manufacturer ID: SoftHSM project 711s Hardware version: 2.6 711s Firmware version: 2.6 711s Token present: yes 711s Token info: 711s Manufacturer ID: SoftHSM project 711s Model: SoftHSM v2 711s Hardware version: 2.6 711s Firmware version: 2.6 711s Serial number: 711s Initialized: no 711s User PIN init.: no 711s Label: 711s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 711s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-772 -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 711s writing RSA key 711s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 711s + rm /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 711s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 711s Object 0: 711s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d97eb5aa52332e21;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 711s Type: X.509 Certificate (RSA-1024) 711s Expires: Mon Mar 24 20:19:57 2025 711s Label: Test Organization Intermediate Trusted Certificate 0001 711s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 711s 711s Test Organization Interme Token 711s + echo 'Test Organization Interme Token' 711s + '[' -n '' ']' 711s + local output_base_name=SSSD-child-31896 711s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-31896.output 711s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-31896.pem 711s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 711s [p11_child[2255]] [main] (0x0400): p11_child started. 711s [p11_child[2255]] [main] (0x2000): Running in [pre-auth] mode. 711s [p11_child[2255]] [main] (0x2000): Running with effective IDs: [0][0]. 711s [p11_child[2255]] [main] (0x2000): Running with real IDs [0][0]. 711s [p11_child[2255]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 711s [p11_child[2255]] [do_work] (0x0040): init_verification failed. 711s [p11_child[2255]] [main] (0x0020): p11_child failed (5) 711s + return 2 711s + valid_certificate /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 /dev/null no_verification 711s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 /dev/null no_verification 711s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-772 711s + local key_ring=/dev/null 711s + local verify_option=no_verification 711s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 711s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-772 711s + local key_cn 711s + local key_name 711s + local tokens_dir 711s + local output_cert_file 711s + token_name= 711s ++ basename /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem .pem 711s + key_name=test-intermediate-CA-trusted-certificate-0001 711s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s ++ sed -n 's/ *commonName *= //p' 711s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 711s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 711s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 711s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 711s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 711s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001 711s + token_name='Test Organization Interme Token' 711s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 711s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 711s + echo 'Test Organization Interme Token' 711s + '[' -n no_verification ']' 711s + local verify_arg=--verify=no_verification 711s + local output_base_name=SSSD-child-15829 711s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-15829.output 711s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-15829.pem 711s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 711s Test Organization Interme Token 711s [p11_child[2261]] [main] (0x0400): p11_child started. 711s [p11_child[2261]] [main] (0x2000): Running in [pre-auth] mode. 711s [p11_child[2261]] [main] (0x2000): Running with effective IDs: [0][0]. 711s [p11_child[2261]] [main] (0x2000): Running with real IDs [0][0]. 711s [p11_child[2261]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 711s [p11_child[2261]] [do_card] (0x4000): Module List: 711s [p11_child[2261]] [do_card] (0x4000): common name: [softhsm2]. 711s [p11_child[2261]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 711s [p11_child[2261]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52332e21] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 711s [p11_child[2261]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 711s [p11_child[2261]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x52332e21][1379085857] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 711s [p11_child[2261]] [do_card] (0x4000): Login NOT required. 711s [p11_child[2261]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 711s [p11_child[2261]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 711s [p11_child[2261]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x52332e21;slot-manufacturer=SoftHSM%20project;slot-id=1379085857;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d97eb5aa52332e21;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 711s [p11_child[2261]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 711s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-15829.output 711s + echo '-----BEGIN CERTIFICATE-----' 711s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-15829.output 711s + echo '-----END CERTIFICATE-----' 711s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-15829.pem 711s Certificate: 711s Data: 711s Version: 3 (0x2) 711s Serial Number: 4 (0x4) 711s Signature Algorithm: sha256WithRSAEncryption 711s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 711s Validity 711s Not Before: Mar 24 20:19:57 2024 GMT 711s Not After : Mar 24 20:19:57 2025 GMT 711s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 711s Subject Public Key Info: 711s Public Key Algorithm: rsaEncryption 711s Public-Key: (1024 bit) 711s Modulus: 711s 00:ce:41:be:8d:91:48:83:57:77:c1:12:ca:05:4f: 711s 30:aa:b1:94:ba:b4:d5:fe:70:4f:00:b0:95:c3:43: 711s 41:ae:57:c5:fc:46:ea:64:3f:1d:08:9b:f1:cc:80: 711s 62:35:67:f8:03:37:55:fe:ca:a9:47:64:53:6a:7b: 711s 4e:e2:cc:e8:00:65:a7:b7:f7:ac:20:d9:9e:68:5c: 711s 55:61:e7:44:7d:35:d7:4d:6c:2d:e4:b7:e9:c8:bf: 711s 76:7f:d3:13:b2:e7:4d:43:25:79:b7:56:a0:46:e0: 711s 6f:df:14:c3:46:14:af:a8:36:c9:53:91:d7:4b:c1: 711s 30:2c:54:0a:43:e2:af:ec:07 711s Exponent: 65537 (0x10001) 711s X509v3 extensions: 711s X509v3 Authority Key Identifier: 711s 97:5D:4F:01:EB:DA:50:96:F2:57:98:B1:98:EB:A8:DB:1E:9C:7A:BD 711s X509v3 Basic Constraints: 711s CA:FALSE 711s Netscape Cert Type: 711s SSL Client, S/MIME 711s Netscape Comment: 711s Test Organization Intermediate CA trusted Certificate 711s X509v3 Subject Key Identifier: 711s A2:FA:13:BE:0D:B8:DF:84:86:C5:69:D5:7B:79:7C:76:07:13:49:24 711s X509v3 Key Usage: critical 711s Digital Signature, Non Repudiation, Key Encipherment 711s X509v3 Extended Key Usage: 711s TLS Web Client Authentication, E-mail Protection 711s X509v3 Subject Alternative Name: 711s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 711s Signature Algorithm: sha256WithRSAEncryption 711s Signature Value: 711s 5b:ae:73:49:30:35:55:d5:3b:e4:20:3a:51:68:13:0b:6b:1c: 711s 1a:8f:f1:8d:4d:09:ee:41:5c:a4:34:4f:36:d5:b6:73:f6:a2: 711s 53:93:0c:ed:c7:a2:d1:3b:04:6b:ec:72:31:51:fa:a7:88:4f: 711s db:7e:3e:d9:29:cf:9a:f2:a9:c8:ef:ef:6a:82:4c:97:d8:5e: 711s 3b:1f:df:c1:99:cc:f6:d1:88:34:33:28:e7:7f:cf:23:78:31: 711s 2a:0f:12:c5:fe:9d:82:3d:c6:32:99:79:21:08:7e:dc:26:52: 711s 9b:7b:4b:68:37:85:99:88:59:30:8c:6c:7f:e6:79:5b:0e:3f: 711s 76:c4 711s + local found_md5 expected_md5 711s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s + expected_md5=Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 711s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-15829.pem 711s + found_md5=Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 711s + '[' Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 '!=' Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 ']' 711s + output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-15829-auth.output 711s ++ basename /tmp/sssd-softhsm2-hap7gG/SSSD-child-15829-auth.output .output 711s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-15829-auth.pem 711s + echo -n 053350 711s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 711s [p11_child[2269]] [main] (0x0400): p11_child started. 711s [p11_child[2269]] [main] (0x2000): Running in [auth] mode. 711s [p11_child[2269]] [main] (0x2000): Running with effective IDs: [0][0]. 711s [p11_child[2269]] [main] (0x2000): Running with real IDs [0][0]. 711s [p11_child[2269]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 711s [p11_child[2269]] [do_card] (0x4000): Module List: 711s [p11_child[2269]] [do_card] (0x4000): common name: [softhsm2]. 711s [p11_child[2269]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 711s [p11_child[2269]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52332e21] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 711s [p11_child[2269]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 711s [p11_child[2269]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x52332e21][1379085857] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 711s [p11_child[2269]] [do_card] (0x4000): Login required. 711s [p11_child[2269]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 711s [p11_child[2269]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 711s [p11_child[2269]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x52332e21;slot-manufacturer=SoftHSM%20project;slot-id=1379085857;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d97eb5aa52332e21;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 711s [p11_child[2269]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 711s [p11_child[2269]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 711s [p11_child[2269]] [do_card] (0x4000): Certificate verified and validated. 711s [p11_child[2269]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 711s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-15829-auth.output 711s + echo '-----BEGIN CERTIFICATE-----' 711s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-15829-auth.output 711s + echo '-----END CERTIFICATE-----' 711s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-15829-auth.pem 711s Certificate: 711s Data: 711s Version: 3 (0x2) 711s Serial Number: 4 (0x4) 711s Signature Algorithm: sha256WithRSAEncryption 711s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 711s Validity 711s Not Before: Mar 24 20:19:57 2024 GMT 711s Not After : Mar 24 20:19:57 2025 GMT 711s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 711s Subject Public Key Info: 711s Public Key Algorithm: rsaEncryption 711s Public-Key: (1024 bit) 711s Modulus: 711s 00:ce:41:be:8d:91:48:83:57:77:c1:12:ca:05:4f: 711s 30:aa:b1:94:ba:b4:d5:fe:70:4f:00:b0:95:c3:43: 711s 41:ae:57:c5:fc:46:ea:64:3f:1d:08:9b:f1:cc:80: 711s 62:35:67:f8:03:37:55:fe:ca:a9:47:64:53:6a:7b: 711s 4e:e2:cc:e8:00:65:a7:b7:f7:ac:20:d9:9e:68:5c: 711s 55:61:e7:44:7d:35:d7:4d:6c:2d:e4:b7:e9:c8:bf: 711s 76:7f:d3:13:b2:e7:4d:43:25:79:b7:56:a0:46:e0: 711s 6f:df:14:c3:46:14:af:a8:36:c9:53:91:d7:4b:c1: 711s 30:2c:54:0a:43:e2:af:ec:07 711s Exponent: 65537 (0x10001) 711s X509v3 extensions: 711s X509v3 Authority Key Identifier: 711s 97:5D:4F:01:EB:DA:50:96:F2:57:98:B1:98:EB:A8:DB:1E:9C:7A:BD 711s X509v3 Basic Constraints: 711s CA:FALSE 711s Netscape Cert Type: 711s SSL Client, S/MIME 711s Netscape Comment: 711s Test Organization Intermediate CA trusted Certificate 711s X509v3 Subject Key Identifier: 711s A2:FA:13:BE:0D:B8:DF:84:86:C5:69:D5:7B:79:7C:76:07:13:49:24 711s X509v3 Key Usage: critical 711s Digital Signature, Non Repudiation, Key Encipherment 711s X509v3 Extended Key Usage: 711s TLS Web Client Authentication, E-mail Protection 711s X509v3 Subject Alternative Name: 711s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 711s Signature Algorithm: sha256WithRSAEncryption 711s Signature Value: 711s 5b:ae:73:49:30:35:55:d5:3b:e4:20:3a:51:68:13:0b:6b:1c: 711s 1a:8f:f1:8d:4d:09:ee:41:5c:a4:34:4f:36:d5:b6:73:f6:a2: 711s 53:93:0c:ed:c7:a2:d1:3b:04:6b:ec:72:31:51:fa:a7:88:4f: 711s db:7e:3e:d9:29:cf:9a:f2:a9:c8:ef:ef:6a:82:4c:97:d8:5e: 711s 3b:1f:df:c1:99:cc:f6:d1:88:34:33:28:e7:7f:cf:23:78:31: 711s 2a:0f:12:c5:fe:9d:82:3d:c6:32:99:79:21:08:7e:dc:26:52: 711s 9b:7b:4b:68:37:85:99:88:59:30:8c:6c:7f:e6:79:5b:0e:3f: 711s 76:c4 711s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-15829-auth.pem 711s + found_md5=Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 711s + '[' Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 '!=' Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 ']' 711s + invalid_certificate /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 711s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 711s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-772 711s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 711s + local verify_option= 711s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 711s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-772 711s + local key_cn 711s + local key_name 711s + local tokens_dir 711s + local output_cert_file 711s + token_name= 711s ++ basename /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem .pem 711s + key_name=test-intermediate-CA-trusted-certificate-0001 711s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s ++ sed -n 's/ *commonName *= //p' 711s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 711s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 711s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 711s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 711s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 711s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001 711s + token_name='Test Organization Interme Token' 711s Test Organization Interme Token 711s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 711s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 711s + echo 'Test Organization Interme Token' 711s + '[' -n '' ']' 711s + local output_base_name=SSSD-child-27810 711s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-27810.output 711s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-27810.pem 711s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 711s [p11_child[2279]] [main] (0x0400): p11_child started. 711s [p11_child[2279]] [main] (0x2000): Running in [pre-auth] mode. 711s [p11_child[2279]] [main] (0x2000): Running with effective IDs: [0][0]. 711s [p11_child[2279]] [main] (0x2000): Running with real IDs [0][0]. 711s [p11_child[2279]] [do_card] (0x4000): Module List: 711s [p11_child[2279]] [do_card] (0x4000): common name: [softhsm2]. 711s [p11_child[2279]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 711s [p11_child[2279]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52332e21] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 711s [p11_child[2279]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 711s [p11_child[2279]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x52332e21][1379085857] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 711s [p11_child[2279]] [do_card] (0x4000): Login NOT required. 711s [p11_child[2279]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 711s [p11_child[2279]] [do_verification] (0x0040): X509_verify_cert failed [0]. 711s [p11_child[2279]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 711s [p11_child[2279]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 711s [p11_child[2279]] [do_card] (0x4000): No certificate found. 711s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-27810.output 711s + return 2 711s + invalid_certificate /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem partial_chain 711s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem partial_chain 711s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-772 711s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 711s + local verify_option=partial_chain 711s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 711s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-772 711s + local key_cn 711s + local key_name 711s + local tokens_dir 711s + local output_cert_file 711s + token_name= 711s ++ basename /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem .pem 711s + key_name=test-intermediate-CA-trusted-certificate-0001 711s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s ++ sed -n 's/ *commonName *= //p' 711s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 711s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 711s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 711s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 711s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 711s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001 711s + token_name='Test Organization Interme Token' 711s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 711s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 711s + echo 'Test Organization Interme Token' 711s + '[' -n partial_chain ']' 711s + local verify_arg=--verify=partial_chain 711s + local output_base_name=SSSD-child-21271 711s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-21271.output 711s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-21271.pem 711s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 711s Test Organization Interme Token 711s [p11_child[2286]] [main] (0x0400): p11_child started. 711s [p11_child[2286]] [main] (0x2000): Running in [pre-auth] mode. 711s [p11_child[2286]] [main] (0x2000): Running with effective IDs: [0][0]. 711s [p11_child[2286]] [main] (0x2000): Running with real IDs [0][0]. 711s [p11_child[2286]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 711s [p11_child[2286]] [do_card] (0x4000): Module List: 711s [p11_child[2286]] [do_card] (0x4000): common name: [softhsm2]. 711s [p11_child[2286]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 711s [p11_child[2286]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52332e21] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 711s [p11_child[2286]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 711s [p11_child[2286]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x52332e21][1379085857] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 711s [p11_child[2286]] [do_card] (0x4000): Login NOT required. 711s [p11_child[2286]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 711s [p11_child[2286]] [do_verification] (0x0040): X509_verify_cert failed [0]. 711s [p11_child[2286]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 711s [p11_child[2286]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 711s [p11_child[2286]] [do_card] (0x4000): No certificate found. 711s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-21271.output 711s + return 2 711s + valid_certificate /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 711s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 711s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-772 711s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 711s + local verify_option= 711s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 711s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-772 711s + local key_cn 711s + local key_name 711s + local tokens_dir 711s + local output_cert_file 711s + token_name= 711s ++ basename /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem .pem 711s + key_name=test-intermediate-CA-trusted-certificate-0001 711s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s ++ sed -n 's/ *commonName *= //p' 711s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 711s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 711s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 711s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 711s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 711s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001 711s + token_name='Test Organization Interme Token' 711s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 711s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 711s + echo 'Test Organization Interme Token' 711s Test Organization Interme Token 711s + '[' -n '' ']' 711s + local output_base_name=SSSD-child-22076 711s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-22076.output 711s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-22076.pem 711s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 711s [p11_child[2293]] [main] (0x0400): p11_child started. 711s [p11_child[2293]] [main] (0x2000): Running in [pre-auth] mode. 711s [p11_child[2293]] [main] (0x2000): Running with effective IDs: [0][0]. 711s [p11_child[2293]] [main] (0x2000): Running with real IDs [0][0]. 711s [p11_child[2293]] [do_card] (0x4000): Module List: 711s [p11_child[2293]] [do_card] (0x4000): common name: [softhsm2]. 711s [p11_child[2293]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 711s [p11_child[2293]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52332e21] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 711s [p11_child[2293]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 711s [p11_child[2293]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x52332e21][1379085857] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 711s [p11_child[2293]] [do_card] (0x4000): Login NOT required. 711s [p11_child[2293]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 711s [p11_child[2293]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 711s [p11_child[2293]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 711s [p11_child[2293]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x52332e21;slot-manufacturer=SoftHSM%20project;slot-id=1379085857;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d97eb5aa52332e21;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 711s [p11_child[2293]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 711s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-22076.output 711s + echo '-----BEGIN CERTIFICATE-----' 711s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-22076.output 711s + echo '-----END CERTIFICATE-----' 711s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-22076.pem 711s Certificate: 711s Data: 711s Version: 3 (0x2) 711s Serial Number: 4 (0x4) 711s Signature Algorithm: sha256WithRSAEncryption 711s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 711s Validity 711s Not Before: Mar 24 20:19:57 2024 GMT 711s Not After : Mar 24 20:19:57 2025 GMT 711s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 711s Subject Public Key Info: 711s Public Key Algorithm: rsaEncryption 711s Public-Key: (1024 bit) 711s Modulus: 711s 00:ce:41:be:8d:91:48:83:57:77:c1:12:ca:05:4f: 711s 30:aa:b1:94:ba:b4:d5:fe:70:4f:00:b0:95:c3:43: 711s 41:ae:57:c5:fc:46:ea:64:3f:1d:08:9b:f1:cc:80: 711s 62:35:67:f8:03:37:55:fe:ca:a9:47:64:53:6a:7b: 711s 4e:e2:cc:e8:00:65:a7:b7:f7:ac:20:d9:9e:68:5c: 711s 55:61:e7:44:7d:35:d7:4d:6c:2d:e4:b7:e9:c8:bf: 711s 76:7f:d3:13:b2:e7:4d:43:25:79:b7:56:a0:46:e0: 711s 6f:df:14:c3:46:14:af:a8:36:c9:53:91:d7:4b:c1: 711s 30:2c:54:0a:43:e2:af:ec:07 711s Exponent: 65537 (0x10001) 711s X509v3 extensions: 711s X509v3 Authority Key Identifier: 711s 97:5D:4F:01:EB:DA:50:96:F2:57:98:B1:98:EB:A8:DB:1E:9C:7A:BD 711s X509v3 Basic Constraints: 711s CA:FALSE 711s Netscape Cert Type: 711s SSL Client, S/MIME 711s Netscape Comment: 711s Test Organization Intermediate CA trusted Certificate 711s X509v3 Subject Key Identifier: 711s A2:FA:13:BE:0D:B8:DF:84:86:C5:69:D5:7B:79:7C:76:07:13:49:24 711s X509v3 Key Usage: critical 711s Digital Signature, Non Repudiation, Key Encipherment 711s X509v3 Extended Key Usage: 711s TLS Web Client Authentication, E-mail Protection 711s X509v3 Subject Alternative Name: 711s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 711s Signature Algorithm: sha256WithRSAEncryption 711s Signature Value: 711s 5b:ae:73:49:30:35:55:d5:3b:e4:20:3a:51:68:13:0b:6b:1c: 711s 1a:8f:f1:8d:4d:09:ee:41:5c:a4:34:4f:36:d5:b6:73:f6:a2: 711s 53:93:0c:ed:c7:a2:d1:3b:04:6b:ec:72:31:51:fa:a7:88:4f: 711s db:7e:3e:d9:29:cf:9a:f2:a9:c8:ef:ef:6a:82:4c:97:d8:5e: 711s 3b:1f:df:c1:99:cc:f6:d1:88:34:33:28:e7:7f:cf:23:78:31: 711s 2a:0f:12:c5:fe:9d:82:3d:c6:32:99:79:21:08:7e:dc:26:52: 711s 9b:7b:4b:68:37:85:99:88:59:30:8c:6c:7f:e6:79:5b:0e:3f: 711s 76:c4 711s + local found_md5 expected_md5 711s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s + expected_md5=Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 711s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-22076.pem 711s + found_md5=Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 711s + '[' Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 '!=' Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 ']' 711s + output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-22076-auth.output 711s ++ basename /tmp/sssd-softhsm2-hap7gG/SSSD-child-22076-auth.output .output 711s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-22076-auth.pem 711s + echo -n 053350 711s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 711s [p11_child[2301]] [main] (0x0400): p11_child started. 711s [p11_child[2301]] [main] (0x2000): Running in [auth] mode. 711s [p11_child[2301]] [main] (0x2000): Running with effective IDs: [0][0]. 711s [p11_child[2301]] [main] (0x2000): Running with real IDs [0][0]. 711s [p11_child[2301]] [do_card] (0x4000): Module List: 711s [p11_child[2301]] [do_card] (0x4000): common name: [softhsm2]. 711s [p11_child[2301]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 711s [p11_child[2301]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52332e21] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 711s [p11_child[2301]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 711s [p11_child[2301]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x52332e21][1379085857] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 711s [p11_child[2301]] [do_card] (0x4000): Login required. 711s [p11_child[2301]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 711s [p11_child[2301]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 711s [p11_child[2301]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 711s [p11_child[2301]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x52332e21;slot-manufacturer=SoftHSM%20project;slot-id=1379085857;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d97eb5aa52332e21;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 711s [p11_child[2301]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 711s [p11_child[2301]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 711s [p11_child[2301]] [do_card] (0x4000): Certificate verified and validated. 711s [p11_child[2301]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 711s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-22076-auth.output 711s + echo '-----BEGIN CERTIFICATE-----' 711s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-22076-auth.output 711s + echo '-----END CERTIFICATE-----' 711s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-22076-auth.pem 711s Certificate: 711s Data: 711s Version: 3 (0x2) 711s Serial Number: 4 (0x4) 711s Signature Algorithm: sha256WithRSAEncryption 711s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 711s Validity 711s Not Before: Mar 24 20:19:57 2024 GMT 711s Not After : Mar 24 20:19:57 2025 GMT 711s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 711s Subject Public Key Info: 711s Public Key Algorithm: rsaEncryption 711s Public-Key: (1024 bit) 711s Modulus: 711s 00:ce:41:be:8d:91:48:83:57:77:c1:12:ca:05:4f: 711s 30:aa:b1:94:ba:b4:d5:fe:70:4f:00:b0:95:c3:43: 711s 41:ae:57:c5:fc:46:ea:64:3f:1d:08:9b:f1:cc:80: 711s 62:35:67:f8:03:37:55:fe:ca:a9:47:64:53:6a:7b: 711s 4e:e2:cc:e8:00:65:a7:b7:f7:ac:20:d9:9e:68:5c: 711s 55:61:e7:44:7d:35:d7:4d:6c:2d:e4:b7:e9:c8:bf: 711s 76:7f:d3:13:b2:e7:4d:43:25:79:b7:56:a0:46:e0: 711s 6f:df:14:c3:46:14:af:a8:36:c9:53:91:d7:4b:c1: 711s 30:2c:54:0a:43:e2:af:ec:07 711s Exponent: 65537 (0x10001) 711s X509v3 extensions: 711s X509v3 Authority Key Identifier: 711s 97:5D:4F:01:EB:DA:50:96:F2:57:98:B1:98:EB:A8:DB:1E:9C:7A:BD 711s X509v3 Basic Constraints: 711s CA:FALSE 711s Netscape Cert Type: 711s SSL Client, S/MIME 711s Netscape Comment: 711s Test Organization Intermediate CA trusted Certificate 711s X509v3 Subject Key Identifier: 711s A2:FA:13:BE:0D:B8:DF:84:86:C5:69:D5:7B:79:7C:76:07:13:49:24 711s X509v3 Key Usage: critical 711s Digital Signature, Non Repudiation, Key Encipherment 711s X509v3 Extended Key Usage: 711s TLS Web Client Authentication, E-mail Protection 711s X509v3 Subject Alternative Name: 711s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 711s Signature Algorithm: sha256WithRSAEncryption 711s Signature Value: 711s 5b:ae:73:49:30:35:55:d5:3b:e4:20:3a:51:68:13:0b:6b:1c: 711s 1a:8f:f1:8d:4d:09:ee:41:5c:a4:34:4f:36:d5:b6:73:f6:a2: 711s 53:93:0c:ed:c7:a2:d1:3b:04:6b:ec:72:31:51:fa:a7:88:4f: 711s db:7e:3e:d9:29:cf:9a:f2:a9:c8:ef:ef:6a:82:4c:97:d8:5e: 711s 3b:1f:df:c1:99:cc:f6:d1:88:34:33:28:e7:7f:cf:23:78:31: 711s 2a:0f:12:c5:fe:9d:82:3d:c6:32:99:79:21:08:7e:dc:26:52: 711s 9b:7b:4b:68:37:85:99:88:59:30:8c:6c:7f:e6:79:5b:0e:3f: 711s 76:c4 711s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-22076-auth.pem 711s + found_md5=Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 711s + '[' Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 '!=' Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 ']' 711s + valid_certificate /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem partial_chain 711s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem partial_chain 711s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-772 711s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 711s + local verify_option=partial_chain 711s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 711s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-772 711s + local key_cn 711s + local key_name 711s + local tokens_dir 711s + local output_cert_file 711s + token_name= 711s ++ basename /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem .pem 711s + key_name=test-intermediate-CA-trusted-certificate-0001 711s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 711s ++ sed -n 's/ *commonName *= //p' 711s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 711s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 711s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 711s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 711s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 711s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001 711s + token_name='Test Organization Interme Token' 711s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 711s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 711s + echo 'Test Organization Interme Token' 711s + '[' -n partial_chain ']' 711s + local verify_arg=--verify=partial_chain 711s + local output_base_name=SSSD-child-8361 711s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-8361.output 711s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-8361.pem 711s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 711s Test Organization Interme Token 711s [p11_child[2311]] [main] (0x0400): p11_child started. 711s [p11_child[2311]] [main] (0x2000): Running in [pre-auth] mode. 711s [p11_child[2311]] [main] (0x2000): Running with effective IDs: [0][0]. 711s [p11_child[2311]] [main] (0x2000): Running with real IDs [0][0]. 711s [p11_child[2311]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 711s [p11_child[2311]] [do_card] (0x4000): Module List: 711s [p11_child[2311]] [do_card] (0x4000): common name: [softhsm2]. 711s [p11_child[2311]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 711s [p11_child[2311]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52332e21] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 711s [p11_child[2311]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 711s [p11_child[2311]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x52332e21][1379085857] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 711s [p11_child[2311]] [do_card] (0x4000): Login NOT required. 711s [p11_child[2311]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 711s [p11_child[2311]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 711s [p11_child[2311]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 711s [p11_child[2311]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x52332e21;slot-manufacturer=SoftHSM%20project;slot-id=1379085857;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d97eb5aa52332e21;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 711s [p11_child[2311]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 711s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-8361.output 711s + echo '-----BEGIN CERTIFICATE-----' 711s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-8361.output 711s + echo '-----END CERTIFICATE-----' 711s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-8361.pem 711s Certificate: 711s Data: 711s Version: 3 (0x2) 711s Serial Number: 4 (0x4) 711s Signature Algorithm: sha256WithRSAEncryption 711s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 711s Validity 711s Not Before: Mar 24 20:19:57 2024 GMT 711s Not After : Mar 24 20:19:57 2025 GMT 711s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 711s Subject Public Key Info: 711s Public Key Algorithm: rsaEncryption 711s Public-Key: (1024 bit) 711s Modulus: 711s 00:ce:41:be:8d:91:48:83:57:77:c1:12:ca:05:4f: 711s 30:aa:b1:94:ba:b4:d5:fe:70:4f:00:b0:95:c3:43: 711s 41:ae:57:c5:fc:46:ea:64:3f:1d:08:9b:f1:cc:80: 711s 62:35:67:f8:03:37:55:fe:ca:a9:47:64:53:6a:7b: 711s 4e:e2:cc:e8:00:65:a7:b7:f7:ac:20:d9:9e:68:5c: 711s 55:61:e7:44:7d:35:d7:4d:6c:2d:e4:b7:e9:c8:bf: 711s 76:7f:d3:13:b2:e7:4d:43:25:79:b7:56:a0:46:e0: 711s 6f:df:14:c3:46:14:af:a8:36:c9:53:91:d7:4b:c1: 711s 30:2c:54:0a:43:e2:af:ec:07 711s Exponent: 65537 (0x10001) 711s X509v3 extensions: 711s X509v3 Authority Key Identifier: 711s 97:5D:4F:01:EB:DA:50:96:F2:57:98:B1:98:EB:A8:DB:1E:9C:7A:BD 711s X509v3 Basic Constraints: 711s CA:FALSE 711s Netscape Cert Type: 711s SSL Client, S/MIME 711s Netscape Comment: 711s Test Organization Intermediate CA trusted Certificate 711s X509v3 Subject Key Identifier: 711s A2:FA:13:BE:0D:B8:DF:84:86:C5:69:D5:7B:79:7C:76:07:13:49:24 711s X509v3 Key Usage: critical 711s Digital Signature, Non Repudiation, Key Encipherment 711s X509v3 Extended Key Usage: 711s TLS Web Client Authentication, E-mail Protection 711s X509v3 Subject Alternative Name: 711s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 711s Signature Algorithm: sha256WithRSAEncryption 711s Signature Value: 711s 5b:ae:73:49:30:35:55:d5:3b:e4:20:3a:51:68:13:0b:6b:1c: 711s 1a:8f:f1:8d:4d:09:ee:41:5c:a4:34:4f:36:d5:b6:73:f6:a2: 711s 53:93:0c:ed:c7:a2:d1:3b:04:6b:ec:72:31:51:fa:a7:88:4f: 711s db:7e:3e:d9:29:cf:9a:f2:a9:c8:ef:ef:6a:82:4c:97:d8:5e: 711s 3b:1f:df:c1:99:cc:f6:d1:88:34:33:28:e7:7f:cf:23:78:31: 711s 2a:0f:12:c5:fe:9d:82:3d:c6:32:99:79:21:08:7e:dc:26:52: 711s 9b:7b:4b:68:37:85:99:88:59:30:8c:6c:7f:e6:79:5b:0e:3f: 711s 76:c4 711s + local found_md5 expected_md5 711s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 712s + expected_md5=Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 712s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-8361.pem 712s + found_md5=Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 712s + '[' Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 '!=' Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 ']' 712s + output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-8361-auth.output 712s ++ basename /tmp/sssd-softhsm2-hap7gG/SSSD-child-8361-auth.output .output 712s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-8361-auth.pem 712s + echo -n 053350 712s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 712s [p11_child[2319]] [main] (0x0400): p11_child started. 712s [p11_child[2319]] [main] (0x2000): Running in [auth] mode. 712s [p11_child[2319]] [main] (0x2000): Running with effective IDs: [0][0]. 712s [p11_child[2319]] [main] (0x2000): Running with real IDs [0][0]. 712s [p11_child[2319]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 712s [p11_child[2319]] [do_card] (0x4000): Module List: 712s [p11_child[2319]] [do_card] (0x4000): common name: [softhsm2]. 712s [p11_child[2319]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2319]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52332e21] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 712s [p11_child[2319]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 712s [p11_child[2319]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x52332e21][1379085857] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2319]] [do_card] (0x4000): Login required. 712s [p11_child[2319]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 712s [p11_child[2319]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 712s [p11_child[2319]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 712s [p11_child[2319]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x52332e21;slot-manufacturer=SoftHSM%20project;slot-id=1379085857;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d97eb5aa52332e21;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 712s [p11_child[2319]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 712s [p11_child[2319]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 712s [p11_child[2319]] [do_card] (0x4000): Certificate verified and validated. 712s [p11_child[2319]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 712s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-8361-auth.output 712s + echo '-----BEGIN CERTIFICATE-----' 712s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-8361-auth.output 712s + echo '-----END CERTIFICATE-----' 712s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-8361-auth.pem 712s Certificate: 712s Data: 712s Version: 3 (0x2) 712s Serial Number: 4 (0x4) 712s Signature Algorithm: sha256WithRSAEncryption 712s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 712s Validity 712s Not Before: Mar 24 20:19:57 2024 GMT 712s Not After : Mar 24 20:19:57 2025 GMT 712s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 712s Subject Public Key Info: 712s Public Key Algorithm: rsaEncryption 712s Public-Key: (1024 bit) 712s Modulus: 712s 00:ce:41:be:8d:91:48:83:57:77:c1:12:ca:05:4f: 712s 30:aa:b1:94:ba:b4:d5:fe:70:4f:00:b0:95:c3:43: 712s 41:ae:57:c5:fc:46:ea:64:3f:1d:08:9b:f1:cc:80: 712s 62:35:67:f8:03:37:55:fe:ca:a9:47:64:53:6a:7b: 712s 4e:e2:cc:e8:00:65:a7:b7:f7:ac:20:d9:9e:68:5c: 712s 55:61:e7:44:7d:35:d7:4d:6c:2d:e4:b7:e9:c8:bf: 712s 76:7f:d3:13:b2:e7:4d:43:25:79:b7:56:a0:46:e0: 712s 6f:df:14:c3:46:14:af:a8:36:c9:53:91:d7:4b:c1: 712s 30:2c:54:0a:43:e2:af:ec:07 712s Exponent: 65537 (0x10001) 712s X509v3 extensions: 712s X509v3 Authority Key Identifier: 712s 97:5D:4F:01:EB:DA:50:96:F2:57:98:B1:98:EB:A8:DB:1E:9C:7A:BD 712s X509v3 Basic Constraints: 712s CA:FALSE 712s Netscape Cert Type: 712s SSL Client, S/MIME 712s Netscape Comment: 712s Test Organization Intermediate CA trusted Certificate 712s X509v3 Subject Key Identifier: 712s A2:FA:13:BE:0D:B8:DF:84:86:C5:69:D5:7B:79:7C:76:07:13:49:24 712s X509v3 Key Usage: critical 712s Digital Signature, Non Repudiation, Key Encipherment 712s X509v3 Extended Key Usage: 712s TLS Web Client Authentication, E-mail Protection 712s X509v3 Subject Alternative Name: 712s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 712s Signature Algorithm: sha256WithRSAEncryption 712s Signature Value: 712s 5b:ae:73:49:30:35:55:d5:3b:e4:20:3a:51:68:13:0b:6b:1c: 712s 1a:8f:f1:8d:4d:09:ee:41:5c:a4:34:4f:36:d5:b6:73:f6:a2: 712s 53:93:0c:ed:c7:a2:d1:3b:04:6b:ec:72:31:51:fa:a7:88:4f: 712s db:7e:3e:d9:29:cf:9a:f2:a9:c8:ef:ef:6a:82:4c:97:d8:5e: 712s 3b:1f:df:c1:99:cc:f6:d1:88:34:33:28:e7:7f:cf:23:78:31: 712s 2a:0f:12:c5:fe:9d:82:3d:c6:32:99:79:21:08:7e:dc:26:52: 712s 9b:7b:4b:68:37:85:99:88:59:30:8c:6c:7f:e6:79:5b:0e:3f: 712s 76:c4 712s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-8361-auth.pem 712s + found_md5=Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 712s + '[' Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 '!=' Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 ']' 712s + invalid_certificate /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem 712s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem 712s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 712s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-772 712s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem 712s + local verify_option= 712s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 712s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 712s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-772 712s + local key_cn 712s + local key_name 712s + local tokens_dir 712s + local output_cert_file 712s + token_name= 712s ++ basename /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem .pem 712s + key_name=test-intermediate-CA-trusted-certificate-0001 712s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 712s ++ sed -n 's/ *commonName *= //p' 712s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 712s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 712s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 712s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 712s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 712s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001 712s + token_name='Test Organization Interme Token' 712s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 712s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 712s + echo 'Test Organization Interme Token' 712s + '[' -n '' ']' 712s + local output_base_name=SSSD-child-17363 712s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-17363.output 712s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-17363.pem 712s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem 712s Test Organization Interme Token 712s [p11_child[2329]] [main] (0x0400): p11_child started. 712s [p11_child[2329]] [main] (0x2000): Running in [pre-auth] mode. 712s [p11_child[2329]] [main] (0x2000): Running with effective IDs: [0][0]. 712s [p11_child[2329]] [main] (0x2000): Running with real IDs [0][0]. 712s [p11_child[2329]] [do_card] (0x4000): Module List: 712s [p11_child[2329]] [do_card] (0x4000): common name: [softhsm2]. 712s [p11_child[2329]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2329]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52332e21] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 712s [p11_child[2329]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 712s [p11_child[2329]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x52332e21][1379085857] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2329]] [do_card] (0x4000): Login NOT required. 712s [p11_child[2329]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 712s [p11_child[2329]] [do_verification] (0x0040): X509_verify_cert failed [0]. 712s [p11_child[2329]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 712s [p11_child[2329]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 712s [p11_child[2329]] [do_card] (0x4000): No certificate found. 712s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-17363.output 712s + return 2 712s + valid_certificate /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem partial_chain 712s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem partial_chain 712s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 712s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-772 712s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem 712s + local verify_option=partial_chain 712s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-772 712s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 712s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-772 712s + local key_cn 712s + local key_name 712s + local tokens_dir 712s + local output_cert_file 712s + token_name= 712s ++ basename /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem .pem 712s + key_name=test-intermediate-CA-trusted-certificate-0001 712s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 712s ++ sed -n 's/ *commonName *= //p' 712s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 712s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 712s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 712s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 712s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 712s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001 712s + token_name='Test Organization Interme Token' 712s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 712s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 712s + echo 'Test Organization Interme Token' 712s Test Organization Interme Token 712s + '[' -n partial_chain ']' 712s + local verify_arg=--verify=partial_chain 712s + local output_base_name=SSSD-child-20030 712s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-20030.output 712s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-20030.pem 712s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem 712s [p11_child[2336]] [main] (0x0400): p11_child started. 712s [p11_child[2336]] [main] (0x2000): Running in [pre-auth] mode. 712s [p11_child[2336]] [main] (0x2000): Running with effective IDs: [0][0]. 712s [p11_child[2336]] [main] (0x2000): Running with real IDs [0][0]. 712s [p11_child[2336]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 712s [p11_child[2336]] [do_card] (0x4000): Module List: 712s [p11_child[2336]] [do_card] (0x4000): common name: [softhsm2]. 712s [p11_child[2336]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2336]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52332e21] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 712s [p11_child[2336]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 712s [p11_child[2336]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x52332e21][1379085857] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2336]] [do_card] (0x4000): Login NOT required. 712s [p11_child[2336]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 712s [p11_child[2336]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 712s [p11_child[2336]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 712s [p11_child[2336]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x52332e21;slot-manufacturer=SoftHSM%20project;slot-id=1379085857;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d97eb5aa52332e21;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 712s [p11_child[2336]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 712s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-20030.output 712s + echo '-----BEGIN CERTIFICATE-----' 712s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-20030.output 712s + echo '-----END CERTIFICATE-----' 712s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-20030.pem 712s Certificate: 712s Data: 712s Version: 3 (0x2) 712s Serial Number: 4 (0x4) 712s Signature Algorithm: sha256WithRSAEncryption 712s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 712s Validity 712s Not Before: Mar 24 20:19:57 2024 GMT 712s Not After : Mar 24 20:19:57 2025 GMT 712s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 712s Subject Public Key Info: 712s Public Key Algorithm: rsaEncryption 712s Public-Key: (1024 bit) 712s Modulus: 712s 00:ce:41:be:8d:91:48:83:57:77:c1:12:ca:05:4f: 712s 30:aa:b1:94:ba:b4:d5:fe:70:4f:00:b0:95:c3:43: 712s 41:ae:57:c5:fc:46:ea:64:3f:1d:08:9b:f1:cc:80: 712s 62:35:67:f8:03:37:55:fe:ca:a9:47:64:53:6a:7b: 712s 4e:e2:cc:e8:00:65:a7:b7:f7:ac:20:d9:9e:68:5c: 712s 55:61:e7:44:7d:35:d7:4d:6c:2d:e4:b7:e9:c8:bf: 712s 76:7f:d3:13:b2:e7:4d:43:25:79:b7:56:a0:46:e0: 712s 6f:df:14:c3:46:14:af:a8:36:c9:53:91:d7:4b:c1: 712s 30:2c:54:0a:43:e2:af:ec:07 712s Exponent: 65537 (0x10001) 712s X509v3 extensions: 712s X509v3 Authority Key Identifier: 712s 97:5D:4F:01:EB:DA:50:96:F2:57:98:B1:98:EB:A8:DB:1E:9C:7A:BD 712s X509v3 Basic Constraints: 712s CA:FALSE 712s Netscape Cert Type: 712s SSL Client, S/MIME 712s Netscape Comment: 712s Test Organization Intermediate CA trusted Certificate 712s X509v3 Subject Key Identifier: 712s A2:FA:13:BE:0D:B8:DF:84:86:C5:69:D5:7B:79:7C:76:07:13:49:24 712s X509v3 Key Usage: critical 712s Digital Signature, Non Repudiation, Key Encipherment 712s X509v3 Extended Key Usage: 712s TLS Web Client Authentication, E-mail Protection 712s X509v3 Subject Alternative Name: 712s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 712s Signature Algorithm: sha256WithRSAEncryption 712s Signature Value: 712s 5b:ae:73:49:30:35:55:d5:3b:e4:20:3a:51:68:13:0b:6b:1c: 712s 1a:8f:f1:8d:4d:09:ee:41:5c:a4:34:4f:36:d5:b6:73:f6:a2: 712s 53:93:0c:ed:c7:a2:d1:3b:04:6b:ec:72:31:51:fa:a7:88:4f: 712s db:7e:3e:d9:29:cf:9a:f2:a9:c8:ef:ef:6a:82:4c:97:d8:5e: 712s 3b:1f:df:c1:99:cc:f6:d1:88:34:33:28:e7:7f:cf:23:78:31: 712s 2a:0f:12:c5:fe:9d:82:3d:c6:32:99:79:21:08:7e:dc:26:52: 712s 9b:7b:4b:68:37:85:99:88:59:30:8c:6c:7f:e6:79:5b:0e:3f: 712s 76:c4 712s + local found_md5 expected_md5 712s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/test-intermediate-CA-trusted-certificate-0001.pem 712s + expected_md5=Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 712s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-20030.pem 712s + found_md5=Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 712s + '[' Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 '!=' Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 ']' 712s + output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-20030-auth.output 712s ++ basename /tmp/sssd-softhsm2-hap7gG/SSSD-child-20030-auth.output .output 712s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-20030-auth.pem 712s + echo -n 053350 712s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-hap7gG/test-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 712s [p11_child[2344]] [main] (0x0400): p11_child started. 712s [p11_child[2344]] [main] (0x2000): Running in [auth] mode. 712s [p11_child[2344]] [main] (0x2000): Running with effective IDs: [0][0]. 712s [p11_child[2344]] [main] (0x2000): Running with real IDs [0][0]. 712s [p11_child[2344]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 712s [p11_child[2344]] [do_card] (0x4000): Module List: 712s [p11_child[2344]] [do_card] (0x4000): common name: [softhsm2]. 712s [p11_child[2344]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2344]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52332e21] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 712s [p11_child[2344]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 712s [p11_child[2344]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x52332e21][1379085857] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2344]] [do_card] (0x4000): Login required. 712s [p11_child[2344]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 712s [p11_child[2344]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 712s [p11_child[2344]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 712s [p11_child[2344]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x52332e21;slot-manufacturer=SoftHSM%20project;slot-id=1379085857;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d97eb5aa52332e21;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 712s [p11_child[2344]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 712s [p11_child[2344]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 712s [p11_child[2344]] [do_card] (0x4000): Certificate verified and validated. 712s [p11_child[2344]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 712s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-20030-auth.output 712s + echo '-----BEGIN CERTIFICATE-----' 712s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-20030-auth.output 712s + echo '-----END CERTIFICATE-----' 712s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-20030-auth.pem 712s Certificate: 712s Data: 712s Version: 3 (0x2) 712s Serial Number: 4 (0x4) 712s Signature Algorithm: sha256WithRSAEncryption 712s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 712s Validity 712s Not Before: Mar 24 20:19:57 2024 GMT 712s Not After : Mar 24 20:19:57 2025 GMT 712s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 712s Subject Public Key Info: 712s Public Key Algorithm: rsaEncryption 712s Public-Key: (1024 bit) 712s Modulus: 712s 00:ce:41:be:8d:91:48:83:57:77:c1:12:ca:05:4f: 712s 30:aa:b1:94:ba:b4:d5:fe:70:4f:00:b0:95:c3:43: 712s 41:ae:57:c5:fc:46:ea:64:3f:1d:08:9b:f1:cc:80: 712s 62:35:67:f8:03:37:55:fe:ca:a9:47:64:53:6a:7b: 712s 4e:e2:cc:e8:00:65:a7:b7:f7:ac:20:d9:9e:68:5c: 712s 55:61:e7:44:7d:35:d7:4d:6c:2d:e4:b7:e9:c8:bf: 712s 76:7f:d3:13:b2:e7:4d:43:25:79:b7:56:a0:46:e0: 712s 6f:df:14:c3:46:14:af:a8:36:c9:53:91:d7:4b:c1: 712s 30:2c:54:0a:43:e2:af:ec:07 712s Exponent: 65537 (0x10001) 712s X509v3 extensions: 712s X509v3 Authority Key Identifier: 712s 97:5D:4F:01:EB:DA:50:96:F2:57:98:B1:98:EB:A8:DB:1E:9C:7A:BD 712s X509v3 Basic Constraints: 712s CA:FALSE 712s Netscape Cert Type: 712s SSL Client, S/MIME 712s Netscape Comment: 712s Test Organization Intermediate CA trusted Certificate 712s X509v3 Subject Key Identifier: 712s A2:FA:13:BE:0D:B8:DF:84:86:C5:69:D5:7B:79:7C:76:07:13:49:24 712s X509v3 Key Usage: critical 712s Digital Signature, Non Repudiation, Key Encipherment 712s X509v3 Extended Key Usage: 712s TLS Web Client Authentication, E-mail Protection 712s X509v3 Subject Alternative Name: 712s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 712s Signature Algorithm: sha256WithRSAEncryption 712s Signature Value: 712s 5b:ae:73:49:30:35:55:d5:3b:e4:20:3a:51:68:13:0b:6b:1c: 712s 1a:8f:f1:8d:4d:09:ee:41:5c:a4:34:4f:36:d5:b6:73:f6:a2: 712s 53:93:0c:ed:c7:a2:d1:3b:04:6b:ec:72:31:51:fa:a7:88:4f: 712s db:7e:3e:d9:29:cf:9a:f2:a9:c8:ef:ef:6a:82:4c:97:d8:5e: 712s 3b:1f:df:c1:99:cc:f6:d1:88:34:33:28:e7:7f:cf:23:78:31: 712s 2a:0f:12:c5:fe:9d:82:3d:c6:32:99:79:21:08:7e:dc:26:52: 712s 9b:7b:4b:68:37:85:99:88:59:30:8c:6c:7f:e6:79:5b:0e:3f: 712s 76:c4 712s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-20030-auth.pem 712s + found_md5=Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 712s + '[' Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 '!=' Modulus=CE41BE8D9148835777C112CA054F30AAB194BAB4D5FE704F00B095C34341AE57C5FC46EA643F1D089BF1CC80623567F8033755FECAA94764536A7B4EE2CCE80065A7B7F7AC20D99E685C5561E7447D35D74D6C2DE4B7E9C8BF767FD313B2E74D432579B756A046E06FDF14C34614AFA836C95391D74BC1302C540A43E2AFEC07 ']' 712s + invalid_certificate /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 712s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 712s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 712s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20209 712s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 712s + local verify_option= 712s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 712s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 712s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20209 712s + local key_cn 712s + local key_name 712s + local tokens_dir 712s + local output_cert_file 712s + token_name= 712s ++ basename /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 712s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 712s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 712s ++ sed -n 's/ *commonName *= //p' 712s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 712s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 712s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 712s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 712s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 712s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 712s + token_name='Test Organization Sub Int Token' 712s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 712s + local key_file 712s + local decrypted_key 712s + mkdir -p /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 712s + key_file=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 712s + decrypted_key=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 712s + cat 712s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 053350 --so-pin 053350 --free 712s Slot 0 has a free/uninitialized token. 712s The token has been initialized and is reassigned to slot 1052374006 712s + softhsm2-util --show-slots 712s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 712s Available slots: 712s Slot 1052374006 712s Slot info: 712s Description: SoftHSM slot ID 0x3eb9f3f6 712s Manufacturer ID: SoftHSM project 712s Hardware version: 2.6 712s Firmware version: 2.6 712s Token present: yes 712s Token info: 712s Manufacturer ID: SoftHSM project 712s Model: SoftHSM v2 712s Hardware version: 2.6 712s Firmware version: 2.6 712s Serial number: fac88f68beb9f3f6 712s Initialized: yes 712s User PIN init.: yes 712s Label: Test Organization Sub Int Token 712s Slot 1 712s Slot info: 712s Description: SoftHSM slot ID 0x1 712s Manufacturer ID: SoftHSM project 712s Hardware version: 2.6 712s Firmware version: 2.6 712s Token present: yes 712s Token info: 712s Manufacturer ID: SoftHSM project 712s Model: SoftHSM v2 712s Hardware version: 2.6 712s Firmware version: 2.6 712s Serial number: 712s Initialized: no 712s User PIN init.: no 712s Label: 712s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-20209 -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 712s writing RSA key 712s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 712s + rm /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 712s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 712s Object 0: 712s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fac88f68beb9f3f6;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 712s Type: X.509 Certificate (RSA-1024) 712s Expires: Mon Mar 24 20:19:57 2025 712s Label: Test Organization Sub Intermediate Trusted Certificate 0001 712s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 712s 712s + echo 'Test Organization Sub Int Token' 712s Test Organization Sub Int Token 712s + '[' -n '' ']' 712s + local output_base_name=SSSD-child-402 712s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-402.output 712s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-402.pem 712s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 712s [p11_child[2363]] [main] (0x0400): p11_child started. 712s [p11_child[2363]] [main] (0x2000): Running in [pre-auth] mode. 712s [p11_child[2363]] [main] (0x2000): Running with effective IDs: [0][0]. 712s [p11_child[2363]] [main] (0x2000): Running with real IDs [0][0]. 712s [p11_child[2363]] [do_card] (0x4000): Module List: 712s [p11_child[2363]] [do_card] (0x4000): common name: [softhsm2]. 712s [p11_child[2363]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2363]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3eb9f3f6] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 712s [p11_child[2363]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 712s [p11_child[2363]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3eb9f3f6][1052374006] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2363]] [do_card] (0x4000): Login NOT required. 712s [p11_child[2363]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 712s [p11_child[2363]] [do_verification] (0x0040): X509_verify_cert failed [0]. 712s [p11_child[2363]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 712s [p11_child[2363]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 712s [p11_child[2363]] [do_card] (0x4000): No certificate found. 712s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-402.output 712s + return 2 712s + invalid_certificate /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem partial_chain 712s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 /tmp/sssd-softhsm2-hap7gG/test-root-CA.pem partial_chain 712s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 712s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20209 712s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 712s + local verify_option=partial_chain 712s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 712s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 712s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20209 712s + local key_cn 712s + local key_name 712s + local tokens_dir 712s + local output_cert_file 712s + token_name= 712s ++ basename /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 712s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 712s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 712s ++ sed -n 's/ *commonName *= //p' 712s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 712s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 712s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 712s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 712s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 712s Test Organization Sub Int Token 712s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 712s + token_name='Test Organization Sub Int Token' 712s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 712s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 712s + echo 'Test Organization Sub Int Token' 712s + '[' -n partial_chain ']' 712s + local verify_arg=--verify=partial_chain 712s + local output_base_name=SSSD-child-15291 712s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-15291.output 712s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-15291.pem 712s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-hap7gG/test-root-CA.pem 712s [p11_child[2370]] [main] (0x0400): p11_child started. 712s [p11_child[2370]] [main] (0x2000): Running in [pre-auth] mode. 712s [p11_child[2370]] [main] (0x2000): Running with effective IDs: [0][0]. 712s [p11_child[2370]] [main] (0x2000): Running with real IDs [0][0]. 712s [p11_child[2370]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 712s [p11_child[2370]] [do_card] (0x4000): Module List: 712s [p11_child[2370]] [do_card] (0x4000): common name: [softhsm2]. 712s [p11_child[2370]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2370]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3eb9f3f6] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 712s [p11_child[2370]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 712s [p11_child[2370]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3eb9f3f6][1052374006] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2370]] [do_card] (0x4000): Login NOT required. 712s [p11_child[2370]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 712s [p11_child[2370]] [do_verification] (0x0040): X509_verify_cert failed [0]. 712s [p11_child[2370]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 712s [p11_child[2370]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 712s [p11_child[2370]] [do_card] (0x4000): No certificate found. 712s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-15291.output 712s + return 2 712s + valid_certificate /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 712s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 712s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 712s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20209 712s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 712s + local verify_option= 712s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 712s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 712s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20209 712s + local key_cn 712s + local key_name 712s + local tokens_dir 712s + local output_cert_file 712s + token_name= 712s ++ basename /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 712s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 712s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 712s ++ sed -n 's/ *commonName *= //p' 712s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 712s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 712s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 712s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 712s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 712s Test Organization Sub Int Token 712s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 712s + token_name='Test Organization Sub Int Token' 712s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 712s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 712s + echo 'Test Organization Sub Int Token' 712s + '[' -n '' ']' 712s + local output_base_name=SSSD-child-32186 712s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-32186.output 712s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-32186.pem 712s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 712s [p11_child[2377]] [main] (0x0400): p11_child started. 712s [p11_child[2377]] [main] (0x2000): Running in [pre-auth] mode. 712s [p11_child[2377]] [main] (0x2000): Running with effective IDs: [0][0]. 712s [p11_child[2377]] [main] (0x2000): Running with real IDs [0][0]. 712s [p11_child[2377]] [do_card] (0x4000): Module List: 712s [p11_child[2377]] [do_card] (0x4000): common name: [softhsm2]. 712s [p11_child[2377]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2377]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3eb9f3f6] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 712s [p11_child[2377]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 712s [p11_child[2377]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3eb9f3f6][1052374006] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2377]] [do_card] (0x4000): Login NOT required. 712s [p11_child[2377]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 712s [p11_child[2377]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 712s [p11_child[2377]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 712s [p11_child[2377]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3eb9f3f6;slot-manufacturer=SoftHSM%20project;slot-id=1052374006;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fac88f68beb9f3f6;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 712s [p11_child[2377]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 712s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-32186.output 712s + echo '-----BEGIN CERTIFICATE-----' 712s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-32186.output 712s + echo '-----END CERTIFICATE-----' 712s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-32186.pem 712s Certificate: 712s Data: 712s Version: 3 (0x2) 712s Serial Number: 5 (0x5) 712s Signature Algorithm: sha256WithRSAEncryption 712s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 712s Validity 712s Not Before: Mar 24 20:19:57 2024 GMT 712s Not After : Mar 24 20:19:57 2025 GMT 712s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 712s Subject Public Key Info: 712s Public Key Algorithm: rsaEncryption 712s Public-Key: (1024 bit) 712s Modulus: 712s 00:db:a4:d6:0c:43:50:42:63:8e:ed:3f:8d:3b:74: 712s 34:e1:61:0e:b8:de:ed:30:9a:4f:66:a0:c1:fa:2b: 712s 67:53:11:05:7f:81:2c:e6:e2:10:5e:b7:23:29:3a: 712s fd:66:f9:3f:39:46:1a:a0:74:57:19:8d:0e:78:b0: 712s db:8d:15:8e:ad:81:3b:48:a0:51:79:c8:6e:ae:fc: 712s 8c:87:ae:7f:a6:5b:01:c4:c7:90:fe:72:0f:4a:62: 712s 66:01:19:f4:28:bb:de:6a:a4:18:8b:a4:5b:37:8d: 712s fa:13:80:59:16:5c:3e:2a:1b:0f:92:73:da:3b:61: 712s d3:f4:a0:26:23:54:54:e2:17 712s Exponent: 65537 (0x10001) 712s X509v3 extensions: 712s X509v3 Authority Key Identifier: 712s 8C:C3:81:B4:B6:0A:EE:07:EF:DA:6A:33:2E:86:58:0E:C5:44:21:24 712s X509v3 Basic Constraints: 712s CA:FALSE 712s Netscape Cert Type: 712s SSL Client, S/MIME 712s Netscape Comment: 712s Test Organization Sub Intermediate CA trusted Certificate 712s X509v3 Subject Key Identifier: 712s 87:69:03:D9:2B:D7:8B:4B:86:31:50:9B:E2:18:34:AC:57:1D:B9:B7 712s X509v3 Key Usage: critical 712s Digital Signature, Non Repudiation, Key Encipherment 712s X509v3 Extended Key Usage: 712s TLS Web Client Authentication, E-mail Protection 712s X509v3 Subject Alternative Name: 712s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 712s Signature Algorithm: sha256WithRSAEncryption 712s Signature Value: 712s c7:57:e6:d4:f2:fd:23:e7:34:0b:5e:ab:6a:2d:30:4d:48:93: 712s a8:0b:76:27:95:41:23:55:07:8f:32:ae:c1:d6:57:db:f6:d6: 712s fc:a9:bf:34:b4:c5:78:76:92:1c:e8:2e:09:c8:42:f6:2c:70: 712s 82:1c:47:98:e3:ea:95:da:28:13:32:49:56:8c:87:f0:40:fb: 712s c6:0b:7d:24:4b:cb:ef:3b:2a:b1:40:86:e8:2e:62:32:8e:33: 712s 16:55:6a:32:f4:f8:20:17:a1:39:9d:42:23:09:65:b9:c6:ca: 712s d8:45:7a:b2:68:22:1b:7f:07:92:bf:f8:ab:90:73:50:bf:2c: 712s 3c:6e 712s + local found_md5 expected_md5 712s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 712s + expected_md5=Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 712s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-32186.pem 712s + found_md5=Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 712s + '[' Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 '!=' Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 ']' 712s + output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-32186-auth.output 712s ++ basename /tmp/sssd-softhsm2-hap7gG/SSSD-child-32186-auth.output .output 712s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-32186-auth.pem 712s + echo -n 053350 712s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 712s [p11_child[2385]] [main] (0x0400): p11_child started. 712s [p11_child[2385]] [main] (0x2000): Running in [auth] mode. 712s [p11_child[2385]] [main] (0x2000): Running with effective IDs: [0][0]. 712s [p11_child[2385]] [main] (0x2000): Running with real IDs [0][0]. 712s [p11_child[2385]] [do_card] (0x4000): Module List: 712s [p11_child[2385]] [do_card] (0x4000): common name: [softhsm2]. 712s [p11_child[2385]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2385]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3eb9f3f6] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 712s [p11_child[2385]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 712s [p11_child[2385]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3eb9f3f6][1052374006] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2385]] [do_card] (0x4000): Login required. 712s [p11_child[2385]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 712s [p11_child[2385]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 712s [p11_child[2385]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 712s [p11_child[2385]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3eb9f3f6;slot-manufacturer=SoftHSM%20project;slot-id=1052374006;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fac88f68beb9f3f6;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 712s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 712s [p11_child[2385]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 712s [p11_child[2385]] [do_card] (0x4000): Certificate verified and validated. 712s [p11_child[2385]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 712s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-32186-auth.output 712s + echo '-----BEGIN CERTIFICATE-----' 712s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-32186-auth.output 712s + echo '-----END CERTIFICATE-----' 712s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-32186-auth.pem 712s Certificate: 712s Data: 712s Version: 3 (0x2) 712s Serial Number: 5 (0x5) 712s Signature Algorithm: sha256WithRSAEncryption 712s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 712s Validity 712s Not Before: Mar 24 20:19:57 2024 GMT 712s Not After : Mar 24 20:19:57 2025 GMT 712s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 712s Subject Public Key Info: 712s Public Key Algorithm: rsaEncryption 712s Public-Key: (1024 bit) 712s Modulus: 712s 00:db:a4:d6:0c:43:50:42:63:8e:ed:3f:8d:3b:74: 712s 34:e1:61:0e:b8:de:ed:30:9a:4f:66:a0:c1:fa:2b: 712s 67:53:11:05:7f:81:2c:e6:e2:10:5e:b7:23:29:3a: 712s fd:66:f9:3f:39:46:1a:a0:74:57:19:8d:0e:78:b0: 712s db:8d:15:8e:ad:81:3b:48:a0:51:79:c8:6e:ae:fc: 712s 8c:87:ae:7f:a6:5b:01:c4:c7:90:fe:72:0f:4a:62: 712s 66:01:19:f4:28:bb:de:6a:a4:18:8b:a4:5b:37:8d: 712s fa:13:80:59:16:5c:3e:2a:1b:0f:92:73:da:3b:61: 712s d3:f4:a0:26:23:54:54:e2:17 712s Exponent: 65537 (0x10001) 712s X509v3 extensions: 712s X509v3 Authority Key Identifier: 712s 8C:C3:81:B4:B6:0A:EE:07:EF:DA:6A:33:2E:86:58:0E:C5:44:21:24 712s X509v3 Basic Constraints: 712s CA:FALSE 712s Netscape Cert Type: 712s SSL Client, S/MIME 712s Netscape Comment: 712s Test Organization Sub Intermediate CA trusted Certificate 712s X509v3 Subject Key Identifier: 712s 87:69:03:D9:2B:D7:8B:4B:86:31:50:9B:E2:18:34:AC:57:1D:B9:B7 712s X509v3 Key Usage: critical 712s Digital Signature, Non Repudiation, Key Encipherment 712s X509v3 Extended Key Usage: 712s TLS Web Client Authentication, E-mail Protection 712s X509v3 Subject Alternative Name: 712s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 712s Signature Algorithm: sha256WithRSAEncryption 712s Signature Value: 712s c7:57:e6:d4:f2:fd:23:e7:34:0b:5e:ab:6a:2d:30:4d:48:93: 712s a8:0b:76:27:95:41:23:55:07:8f:32:ae:c1:d6:57:db:f6:d6: 712s fc:a9:bf:34:b4:c5:78:76:92:1c:e8:2e:09:c8:42:f6:2c:70: 712s 82:1c:47:98:e3:ea:95:da:28:13:32:49:56:8c:87:f0:40:fb: 712s c6:0b:7d:24:4b:cb:ef:3b:2a:b1:40:86:e8:2e:62:32:8e:33: 712s 16:55:6a:32:f4:f8:20:17:a1:39:9d:42:23:09:65:b9:c6:ca: 712s d8:45:7a:b2:68:22:1b:7f:07:92:bf:f8:ab:90:73:50:bf:2c: 712s 3c:6e 712s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-32186-auth.pem 712s + found_md5=Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 712s + '[' Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 '!=' Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 ']' 712s + valid_certificate /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem partial_chain 712s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 /tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem partial_chain 712s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 712s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20209 712s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 712s + local verify_option=partial_chain 712s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 712s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 712s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20209 712s + local key_cn 712s + local key_name 712s + local tokens_dir 712s + local output_cert_file 712s + token_name= 712s ++ basename /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 712s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 712s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 712s ++ sed -n 's/ *commonName *= //p' 712s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 712s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 712s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 712s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 712s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 712s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 712s + token_name='Test Organization Sub Int Token' 712s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 712s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 712s + echo 'Test Organization Sub Int Token' 712s + '[' -n partial_chain ']' 712s + local verify_arg=--verify=partial_chain 712s + local output_base_name=SSSD-child-19040 712s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-19040.output 712s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-19040.pem 712s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem 712s Test Organization Sub Int Token 712s [p11_child[2395]] [main] (0x0400): p11_child started. 712s [p11_child[2395]] [main] (0x2000): Running in [pre-auth] mode. 712s [p11_child[2395]] [main] (0x2000): Running with effective IDs: [0][0]. 712s [p11_child[2395]] [main] (0x2000): Running with real IDs [0][0]. 712s [p11_child[2395]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 712s [p11_child[2395]] [do_card] (0x4000): Module List: 712s [p11_child[2395]] [do_card] (0x4000): common name: [softhsm2]. 712s [p11_child[2395]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2395]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3eb9f3f6] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 712s [p11_child[2395]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 712s [p11_child[2395]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3eb9f3f6][1052374006] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 712s [p11_child[2395]] [do_card] (0x4000): Login NOT required. 712s [p11_child[2395]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 712s [p11_child[2395]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 712s [p11_child[2395]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 712s [p11_child[2395]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3eb9f3f6;slot-manufacturer=SoftHSM%20project;slot-id=1052374006;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fac88f68beb9f3f6;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 712s [p11_child[2395]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 712s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-19040.output 712s + echo '-----BEGIN CERTIFICATE-----' 712s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-19040.output 712s + echo '-----END CERTIFICATE-----' 712s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-19040.pem 712s Certificate: 712s Data: 712s Version: 3 (0x2) 712s Serial Number: 5 (0x5) 712s Signature Algorithm: sha256WithRSAEncryption 712s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 712s Validity 712s Not Before: Mar 24 20:19:57 2024 GMT 712s Not After : Mar 24 20:19:57 2025 GMT 712s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 712s Subject Public Key Info: 712s Public Key Algorithm: rsaEncryption 712s Public-Key: (1024 bit) 712s Modulus: 712s 00:db:a4:d6:0c:43:50:42:63:8e:ed:3f:8d:3b:74: 712s 34:e1:61:0e:b8:de:ed:30:9a:4f:66:a0:c1:fa:2b: 712s 67:53:11:05:7f:81:2c:e6:e2:10:5e:b7:23:29:3a: 712s fd:66:f9:3f:39:46:1a:a0:74:57:19:8d:0e:78:b0: 712s db:8d:15:8e:ad:81:3b:48:a0:51:79:c8:6e:ae:fc: 712s 8c:87:ae:7f:a6:5b:01:c4:c7:90:fe:72:0f:4a:62: 712s 66:01:19:f4:28:bb:de:6a:a4:18:8b:a4:5b:37:8d: 712s fa:13:80:59:16:5c:3e:2a:1b:0f:92:73:da:3b:61: 712s d3:f4:a0:26:23:54:54:e2:17 712s Exponent: 65537 (0x10001) 712s X509v3 extensions: 712s X509v3 Authority Key Identifier: 712s 8C:C3:81:B4:B6:0A:EE:07:EF:DA:6A:33:2E:86:58:0E:C5:44:21:24 712s X509v3 Basic Constraints: 712s CA:FALSE 712s Netscape Cert Type: 712s SSL Client, S/MIME 712s Netscape Comment: 712s Test Organization Sub Intermediate CA trusted Certificate 712s X509v3 Subject Key Identifier: 712s 87:69:03:D9:2B:D7:8B:4B:86:31:50:9B:E2:18:34:AC:57:1D:B9:B7 712s X509v3 Key Usage: critical 712s Digital Signature, Non Repudiation, Key Encipherment 712s X509v3 Extended Key Usage: 712s TLS Web Client Authentication, E-mail Protection 712s X509v3 Subject Alternative Name: 712s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 712s Signature Algorithm: sha256WithRSAEncryption 712s Signature Value: 712s c7:57:e6:d4:f2:fd:23:e7:34:0b:5e:ab:6a:2d:30:4d:48:93: 712s a8:0b:76:27:95:41:23:55:07:8f:32:ae:c1:d6:57:db:f6:d6: 712s fc:a9:bf:34:b4:c5:78:76:92:1c:e8:2e:09:c8:42:f6:2c:70: 712s 82:1c:47:98:e3:ea:95:da:28:13:32:49:56:8c:87:f0:40:fb: 712s c6:0b:7d:24:4b:cb:ef:3b:2a:b1:40:86:e8:2e:62:32:8e:33: 712s 16:55:6a:32:f4:f8:20:17:a1:39:9d:42:23:09:65:b9:c6:ca: 712s d8:45:7a:b2:68:22:1b:7f:07:92:bf:f8:ab:90:73:50:bf:2c: 712s 3c:6e 712s + local found_md5 expected_md5 712s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 713s + expected_md5=Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 713s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-19040.pem 713s + found_md5=Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 713s + '[' Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 '!=' Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 ']' 713s + output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-19040-auth.output 713s ++ basename /tmp/sssd-softhsm2-hap7gG/SSSD-child-19040-auth.output .output 713s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-19040-auth.pem 713s + echo -n 053350 713s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-hap7gG/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 713s [p11_child[2403]] [main] (0x0400): p11_child started. 713s [p11_child[2403]] [main] (0x2000): Running in [auth] mode. 713s [p11_child[2403]] [main] (0x2000): Running with effective IDs: [0][0]. 713s [p11_child[2403]] [main] (0x2000): Running with real IDs [0][0]. 713s [p11_child[2403]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 713s [p11_child[2403]] [do_card] (0x4000): Module List: 713s [p11_child[2403]] [do_card] (0x4000): common name: [softhsm2]. 713s [p11_child[2403]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 713s [p11_child[2403]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3eb9f3f6] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 713s [p11_child[2403]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 713s [p11_child[2403]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3eb9f3f6][1052374006] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 713s [p11_child[2403]] [do_card] (0x4000): Login required. 713s [p11_child[2403]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 713s [p11_child[2403]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 713s [p11_child[2403]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 713s [p11_child[2403]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3eb9f3f6;slot-manufacturer=SoftHSM%20project;slot-id=1052374006;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fac88f68beb9f3f6;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 713s [p11_child[2403]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 713s [p11_child[2403]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 713s [p11_child[2403]] [do_card] (0x4000): Certificate verified and validated. 713s [p11_child[2403]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 713s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-19040-auth.output 713s + echo '-----BEGIN CERTIFICATE-----' 713s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-19040-auth.output 713s + echo '-----END CERTIFICATE-----' 713s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-19040-auth.pem 713s Certificate: 713s Data: 713s Version: 3 (0x2) 713s Serial Number: 5 (0x5) 713s Signature Algorithm: sha256WithRSAEncryption 713s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 713s Validity 713s Not Before: Mar 24 20:19:57 2024 GMT 713s Not After : Mar 24 20:19:57 2025 GMT 713s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 713s Subject Public Key Info: 713s Public Key Algorithm: rsaEncryption 713s Public-Key: (1024 bit) 713s Modulus: 713s 00:db:a4:d6:0c:43:50:42:63:8e:ed:3f:8d:3b:74: 713s 34:e1:61:0e:b8:de:ed:30:9a:4f:66:a0:c1:fa:2b: 713s 67:53:11:05:7f:81:2c:e6:e2:10:5e:b7:23:29:3a: 713s fd:66:f9:3f:39:46:1a:a0:74:57:19:8d:0e:78:b0: 713s db:8d:15:8e:ad:81:3b:48:a0:51:79:c8:6e:ae:fc: 713s 8c:87:ae:7f:a6:5b:01:c4:c7:90:fe:72:0f:4a:62: 713s 66:01:19:f4:28:bb:de:6a:a4:18:8b:a4:5b:37:8d: 713s fa:13:80:59:16:5c:3e:2a:1b:0f:92:73:da:3b:61: 713s d3:f4:a0:26:23:54:54:e2:17 713s Exponent: 65537 (0x10001) 713s X509v3 extensions: 713s X509v3 Authority Key Identifier: 713s 8C:C3:81:B4:B6:0A:EE:07:EF:DA:6A:33:2E:86:58:0E:C5:44:21:24 713s X509v3 Basic Constraints: 713s CA:FALSE 713s Netscape Cert Type: 713s SSL Client, S/MIME 713s Netscape Comment: 713s Test Organization Sub Intermediate CA trusted Certificate 713s X509v3 Subject Key Identifier: 713s 87:69:03:D9:2B:D7:8B:4B:86:31:50:9B:E2:18:34:AC:57:1D:B9:B7 713s X509v3 Key Usage: critical 713s Digital Signature, Non Repudiation, Key Encipherment 713s X509v3 Extended Key Usage: 713s TLS Web Client Authentication, E-mail Protection 713s X509v3 Subject Alternative Name: 713s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 713s Signature Algorithm: sha256WithRSAEncryption 713s Signature Value: 713s c7:57:e6:d4:f2:fd:23:e7:34:0b:5e:ab:6a:2d:30:4d:48:93: 713s a8:0b:76:27:95:41:23:55:07:8f:32:ae:c1:d6:57:db:f6:d6: 713s fc:a9:bf:34:b4:c5:78:76:92:1c:e8:2e:09:c8:42:f6:2c:70: 713s 82:1c:47:98:e3:ea:95:da:28:13:32:49:56:8c:87:f0:40:fb: 713s c6:0b:7d:24:4b:cb:ef:3b:2a:b1:40:86:e8:2e:62:32:8e:33: 713s 16:55:6a:32:f4:f8:20:17:a1:39:9d:42:23:09:65:b9:c6:ca: 713s d8:45:7a:b2:68:22:1b:7f:07:92:bf:f8:ab:90:73:50:bf:2c: 713s 3c:6e 713s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-19040-auth.pem 713s + found_md5=Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 713s + '[' Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 '!=' Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 ']' 713s + invalid_certificate /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem 713s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem 713s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 713s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20209 713s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem 713s + local verify_option= 713s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 713s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 713s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20209 713s + local key_cn 713s + local key_name 713s + local tokens_dir 713s + local output_cert_file 713s + token_name= 713s ++ basename /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 713s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 713s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 713s ++ sed -n 's/ *commonName *= //p' 713s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 713s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 713s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 713s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 713s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 713s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 713s + token_name='Test Organization Sub Int Token' 713s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 713s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 713s + echo 'Test Organization Sub Int Token' 713s + '[' -n '' ']' 713s + local output_base_name=SSSD-child-26208 713s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-26208.output 713s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-26208.pem 713s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem 713s Test Organization Sub Int Token 713s [p11_child[2413]] [main] (0x0400): p11_child started. 713s [p11_child[2413]] [main] (0x2000): Running in [pre-auth] mode. 713s [p11_child[2413]] [main] (0x2000): Running with effective IDs: [0][0]. 713s [p11_child[2413]] [main] (0x2000): Running with real IDs [0][0]. 713s [p11_child[2413]] [do_card] (0x4000): Module List: 713s [p11_child[2413]] [do_card] (0x4000): common name: [softhsm2]. 713s [p11_child[2413]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 713s [p11_child[2413]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3eb9f3f6] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 713s [p11_child[2413]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 713s [p11_child[2413]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3eb9f3f6][1052374006] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 713s [p11_child[2413]] [do_card] (0x4000): Login NOT required. 713s [p11_child[2413]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 713s [p11_child[2413]] [do_verification] (0x0040): X509_verify_cert failed [0]. 713s [p11_child[2413]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 713s [p11_child[2413]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 713s [p11_child[2413]] [do_card] (0x4000): No certificate found. 713s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-26208.output 713s + return 2 713s + invalid_certificate /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 /tmp/sssd-softhsm2-hap7gG/test-root-intermediate-chain-CA.pem partial_chain 713s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 /tmp/sssd-softhsm2-hap7gG/test-root-intermediate-chain-CA.pem partial_chain 713s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 713s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20209 713s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-root-intermediate-chain-CA.pem 713s + local verify_option=partial_chain 713s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 713s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 713s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20209 713s + local key_cn 713s + local key_name 713s + local tokens_dir 713s + local output_cert_file 713s + token_name= 713s ++ basename /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 713s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 713s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 713s ++ sed -n 's/ *commonName *= //p' 713s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 713s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 713s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 713s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 713s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 713s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 713s + token_name='Test Organization Sub Int Token' 713s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 713s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 713s + echo 'Test Organization Sub Int Token' 713s Test Organization Sub Int Token 713s + '[' -n partial_chain ']' 713s + local verify_arg=--verify=partial_chain 713s + local output_base_name=SSSD-child-22378 713s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-22378.output 713s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-22378.pem 713s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-hap7gG/test-root-intermediate-chain-CA.pem 713s [p11_child[2420]] [main] (0x0400): p11_child started. 713s [p11_child[2420]] [main] (0x2000): Running in [pre-auth] mode. 713s [p11_child[2420]] [main] (0x2000): Running with effective IDs: [0][0]. 713s [p11_child[2420]] [main] (0x2000): Running with real IDs [0][0]. 713s [p11_child[2420]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 713s [p11_child[2420]] [do_card] (0x4000): Module List: 713s [p11_child[2420]] [do_card] (0x4000): common name: [softhsm2]. 713s [p11_child[2420]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 713s [p11_child[2420]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3eb9f3f6] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 713s [p11_child[2420]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 713s [p11_child[2420]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3eb9f3f6][1052374006] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 713s [p11_child[2420]] [do_card] (0x4000): Login NOT required. 713s [p11_child[2420]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 713s [p11_child[2420]] [do_verification] (0x0040): X509_verify_cert failed [0]. 713s [p11_child[2420]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 713s [p11_child[2420]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 713s [p11_child[2420]] [do_card] (0x4000): No certificate found. 713s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-22378.output 713s + return 2 713s + valid_certificate /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem partial_chain 713s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem partial_chain 713s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 713s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20209 713s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem 713s + local verify_option=partial_chain 713s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 713s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 713s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20209 713s + local key_cn 713s + local key_name 713s + local tokens_dir 713s + local output_cert_file 713s + token_name= 713s ++ basename /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 713s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 713s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 713s ++ sed -n 's/ *commonName *= //p' 713s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 713s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 713s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 713s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 713s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 713s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 713s + token_name='Test Organization Sub Int Token' 713s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 713s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 713s + echo 'Test Organization Sub Int Token' 713s + '[' -n partial_chain ']' 713s + local verify_arg=--verify=partial_chain 713s + local output_base_name=SSSD-child-7069 713s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-7069.output 713s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-7069.pem 713s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem 713s Test Organization Sub Int Token 713s [p11_child[2427]] [main] (0x0400): p11_child started. 713s [p11_child[2427]] [main] (0x2000): Running in [pre-auth] mode. 713s [p11_child[2427]] [main] (0x2000): Running with effective IDs: [0][0]. 713s [p11_child[2427]] [main] (0x2000): Running with real IDs [0][0]. 713s [p11_child[2427]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 713s [p11_child[2427]] [do_card] (0x4000): Module List: 713s [p11_child[2427]] [do_card] (0x4000): common name: [softhsm2]. 713s [p11_child[2427]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 713s [p11_child[2427]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3eb9f3f6] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 713s [p11_child[2427]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 713s [p11_child[2427]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3eb9f3f6][1052374006] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 713s [p11_child[2427]] [do_card] (0x4000): Login NOT required. 713s [p11_child[2427]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 713s [p11_child[2427]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 713s [p11_child[2427]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 713s [p11_child[2427]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3eb9f3f6;slot-manufacturer=SoftHSM%20project;slot-id=1052374006;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fac88f68beb9f3f6;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 713s [p11_child[2427]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 713s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-7069.output 713s + echo '-----BEGIN CERTIFICATE-----' 713s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-7069.output 713s + echo '-----END CERTIFICATE-----' 713s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-7069.pem 713s Certificate: 713s Data: 713s Version: 3 (0x2) 713s Serial Number: 5 (0x5) 713s Signature Algorithm: sha256WithRSAEncryption 713s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 713s Validity 713s Not Before: Mar 24 20:19:57 2024 GMT 713s Not After : Mar 24 20:19:57 2025 GMT 713s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 713s Subject Public Key Info: 713s Public Key Algorithm: rsaEncryption 713s Public-Key: (1024 bit) 713s Modulus: 713s 00:db:a4:d6:0c:43:50:42:63:8e:ed:3f:8d:3b:74: 713s 34:e1:61:0e:b8:de:ed:30:9a:4f:66:a0:c1:fa:2b: 713s 67:53:11:05:7f:81:2c:e6:e2:10:5e:b7:23:29:3a: 713s fd:66:f9:3f:39:46:1a:a0:74:57:19:8d:0e:78:b0: 713s db:8d:15:8e:ad:81:3b:48:a0:51:79:c8:6e:ae:fc: 713s 8c:87:ae:7f:a6:5b:01:c4:c7:90:fe:72:0f:4a:62: 713s 66:01:19:f4:28:bb:de:6a:a4:18:8b:a4:5b:37:8d: 713s fa:13:80:59:16:5c:3e:2a:1b:0f:92:73:da:3b:61: 713s d3:f4:a0:26:23:54:54:e2:17 713s Exponent: 65537 (0x10001) 713s X509v3 extensions: 713s X509v3 Authority Key Identifier: 713s 8C:C3:81:B4:B6:0A:EE:07:EF:DA:6A:33:2E:86:58:0E:C5:44:21:24 713s X509v3 Basic Constraints: 713s CA:FALSE 713s Netscape Cert Type: 713s SSL Client, S/MIME 713s Netscape Comment: 713s Test Organization Sub Intermediate CA trusted Certificate 713s X509v3 Subject Key Identifier: 713s 87:69:03:D9:2B:D7:8B:4B:86:31:50:9B:E2:18:34:AC:57:1D:B9:B7 713s X509v3 Key Usage: critical 713s Digital Signature, Non Repudiation, Key Encipherment 713s X509v3 Extended Key Usage: 713s TLS Web Client Authentication, E-mail Protection 713s X509v3 Subject Alternative Name: 713s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 713s Signature Algorithm: sha256WithRSAEncryption 713s Signature Value: 713s c7:57:e6:d4:f2:fd:23:e7:34:0b:5e:ab:6a:2d:30:4d:48:93: 713s a8:0b:76:27:95:41:23:55:07:8f:32:ae:c1:d6:57:db:f6:d6: 713s fc:a9:bf:34:b4:c5:78:76:92:1c:e8:2e:09:c8:42:f6:2c:70: 713s 82:1c:47:98:e3:ea:95:da:28:13:32:49:56:8c:87:f0:40:fb: 713s c6:0b:7d:24:4b:cb:ef:3b:2a:b1:40:86:e8:2e:62:32:8e:33: 713s 16:55:6a:32:f4:f8:20:17:a1:39:9d:42:23:09:65:b9:c6:ca: 713s d8:45:7a:b2:68:22:1b:7f:07:92:bf:f8:ab:90:73:50:bf:2c: 713s 3c:6e 713s + local found_md5 expected_md5 713s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 713s + expected_md5=Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 713s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-7069.pem 713s + found_md5=Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 713s + '[' Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 '!=' Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 ']' 713s + output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-7069-auth.output 713s ++ basename /tmp/sssd-softhsm2-hap7gG/SSSD-child-7069-auth.output .output 713s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-7069-auth.pem 713s + echo -n 053350 713s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 713s [p11_child[2435]] [main] (0x0400): p11_child started. 713s [p11_child[2435]] [main] (0x2000): Running in [auth] mode. 713s [p11_child[2435]] [main] (0x2000): Running with effective IDs: [0][0]. 713s [p11_child[2435]] [main] (0x2000): Running with real IDs [0][0]. 713s [p11_child[2435]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 713s [p11_child[2435]] [do_card] (0x4000): Module List: 713s [p11_child[2435]] [do_card] (0x4000): common name: [softhsm2]. 713s [p11_child[2435]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 713s [p11_child[2435]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3eb9f3f6] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 713s [p11_child[2435]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 713s [p11_child[2435]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3eb9f3f6][1052374006] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 713s [p11_child[2435]] [do_card] (0x4000): Login required. 713s [p11_child[2435]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 713s [p11_child[2435]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 713s [p11_child[2435]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 713s [p11_child[2435]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3eb9f3f6;slot-manufacturer=SoftHSM%20project;slot-id=1052374006;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fac88f68beb9f3f6;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 713s [p11_child[2435]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 713s [p11_child[2435]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 713s [p11_child[2435]] [do_card] (0x4000): Certificate verified and validated. 713s [p11_child[2435]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 713s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-7069-auth.output 713s + echo '-----BEGIN CERTIFICATE-----' 713s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-7069-auth.output 713s + echo '-----END CERTIFICATE-----' 713s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-7069-auth.pem 713s Certificate: 713s Data: 713s Version: 3 (0x2) 713s Serial Number: 5 (0x5) 713s Signature Algorithm: sha256WithRSAEncryption 713s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 713s Validity 713s Not Before: Mar 24 20:19:57 2024 GMT 713s Not After : Mar 24 20:19:57 2025 GMT 713s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 713s Subject Public Key Info: 713s Public Key Algorithm: rsaEncryption 713s Public-Key: (1024 bit) 713s Modulus: 713s 00:db:a4:d6:0c:43:50:42:63:8e:ed:3f:8d:3b:74: 713s 34:e1:61:0e:b8:de:ed:30:9a:4f:66:a0:c1:fa:2b: 713s 67:53:11:05:7f:81:2c:e6:e2:10:5e:b7:23:29:3a: 713s fd:66:f9:3f:39:46:1a:a0:74:57:19:8d:0e:78:b0: 713s db:8d:15:8e:ad:81:3b:48:a0:51:79:c8:6e:ae:fc: 713s 8c:87:ae:7f:a6:5b:01:c4:c7:90:fe:72:0f:4a:62: 713s 66:01:19:f4:28:bb:de:6a:a4:18:8b:a4:5b:37:8d: 713s fa:13:80:59:16:5c:3e:2a:1b:0f:92:73:da:3b:61: 713s d3:f4:a0:26:23:54:54:e2:17 713s Exponent: 65537 (0x10001) 713s X509v3 extensions: 713s X509v3 Authority Key Identifier: 713s 8C:C3:81:B4:B6:0A:EE:07:EF:DA:6A:33:2E:86:58:0E:C5:44:21:24 713s X509v3 Basic Constraints: 713s CA:FALSE 713s Netscape Cert Type: 713s SSL Client, S/MIME 713s Netscape Comment: 713s Test Organization Sub Intermediate CA trusted Certificate 713s X509v3 Subject Key Identifier: 713s 87:69:03:D9:2B:D7:8B:4B:86:31:50:9B:E2:18:34:AC:57:1D:B9:B7 713s X509v3 Key Usage: critical 713s Digital Signature, Non Repudiation, Key Encipherment 713s X509v3 Extended Key Usage: 713s TLS Web Client Authentication, E-mail Protection 713s X509v3 Subject Alternative Name: 713s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 713s Signature Algorithm: sha256WithRSAEncryption 713s Signature Value: 713s c7:57:e6:d4:f2:fd:23:e7:34:0b:5e:ab:6a:2d:30:4d:48:93: 713s a8:0b:76:27:95:41:23:55:07:8f:32:ae:c1:d6:57:db:f6:d6: 713s fc:a9:bf:34:b4:c5:78:76:92:1c:e8:2e:09:c8:42:f6:2c:70: 713s 82:1c:47:98:e3:ea:95:da:28:13:32:49:56:8c:87:f0:40:fb: 713s c6:0b:7d:24:4b:cb:ef:3b:2a:b1:40:86:e8:2e:62:32:8e:33: 713s 16:55:6a:32:f4:f8:20:17:a1:39:9d:42:23:09:65:b9:c6:ca: 713s d8:45:7a:b2:68:22:1b:7f:07:92:bf:f8:ab:90:73:50:bf:2c: 713s 3c:6e 713s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-7069-auth.pem 713s + found_md5=Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 713s + '[' Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 '!=' Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 ']' 713s + valid_certificate /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 /tmp/sssd-softhsm2-hap7gG/test-intermediate-sub-chain-CA.pem partial_chain 713s + check_certificate /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 /tmp/sssd-softhsm2-hap7gG/test-intermediate-sub-chain-CA.pem partial_chain 713s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 713s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20209 713s + local key_ring=/tmp/sssd-softhsm2-hap7gG/test-intermediate-sub-chain-CA.pem 713s + local verify_option=partial_chain 713s + prepare_softhsm2_card /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20209 713s + local certificate=/tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 713s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20209 713s + local key_cn 713s + local key_name 713s + local tokens_dir 713s + local output_cert_file 713s + token_name= 713s ++ basename /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 713s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 713s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 713s ++ sed -n 's/ *commonName *= //p' 713s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 713s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 713s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 713s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 713s ++ basename /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 713s + tokens_dir=/tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 713s + token_name='Test Organization Sub Int Token' 713s + '[' '!' -e /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 713s + '[' '!' -d /tmp/sssd-softhsm2-hap7gG/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 713s + echo 'Test Organization Sub Int Token' 713s + '[' -n partial_chain ']' 713s + local verify_arg=--verify=partial_chain 713s + local output_base_name=SSSD-child-7027 713s + local output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-7027.output 713s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-7027.pem 713s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-hap7gG/test-intermediate-sub-chain-CA.pem 713s Test Organization Sub Int Token 713s [p11_child[2445]] [main] (0x0400): p11_child started. 713s [p11_child[2445]] [main] (0x2000): Running in [pre-auth] mode. 713s [p11_child[2445]] [main] (0x2000): Running with effective IDs: [0][0]. 713s [p11_child[2445]] [main] (0x2000): Running with real IDs [0][0]. 713s [p11_child[2445]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 713s [p11_child[2445]] [do_card] (0x4000): Module List: 713s [p11_child[2445]] [do_card] (0x4000): common name: [softhsm2]. 713s [p11_child[2445]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 713s [p11_child[2445]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3eb9f3f6] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 713s [p11_child[2445]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 713s [p11_child[2445]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3eb9f3f6][1052374006] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 713s [p11_child[2445]] [do_card] (0x4000): Login NOT required. 713s [p11_child[2445]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 713s [p11_child[2445]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 713s [p11_child[2445]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 713s [p11_child[2445]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3eb9f3f6;slot-manufacturer=SoftHSM%20project;slot-id=1052374006;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fac88f68beb9f3f6;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 713s [p11_child[2445]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 713s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-7027.output 713s + echo '-----BEGIN CERTIFICATE-----' 713s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-7027.output 713s + echo '-----END CERTIFICATE-----' 713s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-7027.pem 713s Certificate: 713s Data: 713s Version: 3 (0x2) 713s Serial Number: 5 (0x5) 713s Signature Algorithm: sha256WithRSAEncryption 713s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 713s Validity 713s Not Before: Mar 24 20:19:57 2024 GMT 713s Not After : Mar 24 20:19:57 2025 GMT 713s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 713s Subject Public Key Info: 713s Public Key Algorithm: rsaEncryption 713s Public-Key: (1024 bit) 713s Modulus: 713s 00:db:a4:d6:0c:43:50:42:63:8e:ed:3f:8d:3b:74: 713s 34:e1:61:0e:b8:de:ed:30:9a:4f:66:a0:c1:fa:2b: 713s 67:53:11:05:7f:81:2c:e6:e2:10:5e:b7:23:29:3a: 713s fd:66:f9:3f:39:46:1a:a0:74:57:19:8d:0e:78:b0: 713s db:8d:15:8e:ad:81:3b:48:a0:51:79:c8:6e:ae:fc: 713s 8c:87:ae:7f:a6:5b:01:c4:c7:90:fe:72:0f:4a:62: 713s 66:01:19:f4:28:bb:de:6a:a4:18:8b:a4:5b:37:8d: 713s fa:13:80:59:16:5c:3e:2a:1b:0f:92:73:da:3b:61: 713s d3:f4:a0:26:23:54:54:e2:17 713s Exponent: 65537 (0x10001) 713s X509v3 extensions: 713s X509v3 Authority Key Identifier: 713s 8C:C3:81:B4:B6:0A:EE:07:EF:DA:6A:33:2E:86:58:0E:C5:44:21:24 713s X509v3 Basic Constraints: 713s CA:FALSE 713s Netscape Cert Type: 713s SSL Client, S/MIME 713s Netscape Comment: 713s Test Organization Sub Intermediate CA trusted Certificate 713s X509v3 Subject Key Identifier: 713s 87:69:03:D9:2B:D7:8B:4B:86:31:50:9B:E2:18:34:AC:57:1D:B9:B7 713s X509v3 Key Usage: critical 713s Digital Signature, Non Repudiation, Key Encipherment 713s X509v3 Extended Key Usage: 713s TLS Web Client Authentication, E-mail Protection 713s X509v3 Subject Alternative Name: 713s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 713s Signature Algorithm: sha256WithRSAEncryption 713s Signature Value: 713s c7:57:e6:d4:f2:fd:23:e7:34:0b:5e:ab:6a:2d:30:4d:48:93: 713s a8:0b:76:27:95:41:23:55:07:8f:32:ae:c1:d6:57:db:f6:d6: 713s fc:a9:bf:34:b4:c5:78:76:92:1c:e8:2e:09:c8:42:f6:2c:70: 713s 82:1c:47:98:e3:ea:95:da:28:13:32:49:56:8c:87:f0:40:fb: 713s c6:0b:7d:24:4b:cb:ef:3b:2a:b1:40:86:e8:2e:62:32:8e:33: 713s 16:55:6a:32:f4:f8:20:17:a1:39:9d:42:23:09:65:b9:c6:ca: 713s d8:45:7a:b2:68:22:1b:7f:07:92:bf:f8:ab:90:73:50:bf:2c: 713s 3c:6e 713s + local found_md5 expected_md5 713s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/test-sub-intermediate-CA-trusted-certificate-0001.pem 713s + expected_md5=Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 713s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-7027.pem 713s + found_md5=Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 713s + '[' Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 '!=' Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 ']' 713s + output_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-7027-auth.output 713s ++ basename /tmp/sssd-softhsm2-hap7gG/SSSD-child-7027-auth.output .output 713s + output_cert_file=/tmp/sssd-softhsm2-hap7gG/SSSD-child-7027-auth.pem 713s + echo -n 053350 713s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-hap7gG/test-intermediate-sub-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 713s [p11_child[2453]] [main] (0x0400): p11_child started. 713s [p11_child[2453]] [main] (0x2000): Running in [auth] mode. 713s [p11_child[2453]] [main] (0x2000): Running with effective IDs: [0][0]. 713s [p11_child[2453]] [main] (0x2000): Running with real IDs [0][0]. 713s [p11_child[2453]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 713s [p11_child[2453]] [do_card] (0x4000): Module List: 713s [p11_child[2453]] [do_card] (0x4000): common name: [softhsm2]. 713s [p11_child[2453]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 713s [p11_child[2453]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3eb9f3f6] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 713s [p11_child[2453]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 713s [p11_child[2453]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3eb9f3f6][1052374006] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 713s [p11_child[2453]] [do_card] (0x4000): Login required. 713s [p11_child[2453]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 713s [p11_child[2453]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 713s [p11_child[2453]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 713s [p11_child[2453]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3eb9f3f6;slot-manufacturer=SoftHSM%20project;slot-id=1052374006;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fac88f68beb9f3f6;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 713s [p11_child[2453]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 713s [p11_child[2453]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 713s [p11_child[2453]] [do_card] (0x4000): Certificate verified and validated. 713s [p11_child[2453]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 713s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-hap7gG/SSSD-child-7027-auth.output 713s + echo '-----BEGIN CERTIFICATE-----' 713s + tail -n1 /tmp/sssd-softhsm2-hap7gG/SSSD-child-7027-auth.output 713s + echo '-----END CERTIFICATE-----' 713s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-7027-auth.pem 713s Certificate: 713s Data: 713s Version: 3 (0x2) 713s Serial Number: 5 (0x5) 713s Signature Algorithm: sha256WithRSAEncryption 713s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 713s Validity 713s Not Before: Mar 24 20:19:57 2024 GMT 713s Not After : Mar 24 20:19:57 2025 GMT 713s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 713s Subject Public Key Info: 713s Public Key Algorithm: rsaEncryption 713s Public-Key: (1024 bit) 713s Modulus: 713s 00:db:a4:d6:0c:43:50:42:63:8e:ed:3f:8d:3b:74: 713s 34:e1:61:0e:b8:de:ed:30:9a:4f:66:a0:c1:fa:2b: 713s 67:53:11:05:7f:81:2c:e6:e2:10:5e:b7:23:29:3a: 713s fd:66:f9:3f:39:46:1a:a0:74:57:19:8d:0e:78:b0: 713s db:8d:15:8e:ad:81:3b:48:a0:51:79:c8:6e:ae:fc: 713s 8c:87:ae:7f:a6:5b:01:c4:c7:90:fe:72:0f:4a:62: 713s 66:01:19:f4:28:bb:de:6a:a4:18:8b:a4:5b:37:8d: 713s fa:13:80:59:16:5c:3e:2a:1b:0f:92:73:da:3b:61: 713s d3:f4:a0:26:23:54:54:e2:17 713s Exponent: 65537 (0x10001) 713s X509v3 extensions: 713s X509v3 Authority Key Identifier: 713s 8C:C3:81:B4:B6:0A:EE:07:EF:DA:6A:33:2E:86:58:0E:C5:44:21:24 713s X509v3 Basic Constraints: 713s CA:FALSE 713s Netscape Cert Type: 713s SSL Client, S/MIME 713s Netscape Comment: 713s Test Organization Sub Intermediate CA trusted Certificate 713s X509v3 Subject Key Identifier: 713s 87:69:03:D9:2B:D7:8B:4B:86:31:50:9B:E2:18:34:AC:57:1D:B9:B7 713s X509v3 Key Usage: critical 713s Digital Signature, Non Repudiation, Key Encipherment 713s X509v3 Extended Key Usage: 713s TLS Web Client Authentication, E-mail Protection 713s X509v3 Subject Alternative Name: 713s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 713s Signature Algorithm: sha256WithRSAEncryption 713s Signature Value: 713s c7:57:e6:d4:f2:fd:23:e7:34:0b:5e:ab:6a:2d:30:4d:48:93: 713s a8:0b:76:27:95:41:23:55:07:8f:32:ae:c1:d6:57:db:f6:d6: 713s fc:a9:bf:34:b4:c5:78:76:92:1c:e8:2e:09:c8:42:f6:2c:70: 713s 82:1c:47:98:e3:ea:95:da:28:13:32:49:56:8c:87:f0:40:fb: 713s c6:0b:7d:24:4b:cb:ef:3b:2a:b1:40:86:e8:2e:62:32:8e:33: 713s 16:55:6a:32:f4:f8:20:17:a1:39:9d:42:23:09:65:b9:c6:ca: 713s d8:45:7a:b2:68:22:1b:7f:07:92:bf:f8:ab:90:73:50:bf:2c: 713s 3c:6e 713s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-hap7gG/SSSD-child-7027-auth.pem 713s + found_md5=Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 713s + '[' Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 '!=' Modulus=DBA4D60C435042638EED3F8D3B7434E1610EB8DEED309A4F66A0C1FA2B675311057F812CE6E2105EB723293AFD66F93F39461AA07457198D0E78B0DB8D158EAD813B48A05179C86EAEFC8C87AE7FA65B01C4C790FE720F4A62660119F428BBDE6AA4188BA45B378DFA138059165C3E2A1B0F9273DA3B61D3F4A026235454E217 ']' 713s + set +x 713s 713s Test completed, Root CA and intermediate issued certificates verified! 714s autopkgtest [20:20:02]: test sssd-softhism2-certificates-tests.sh: -----------------------] 714s sssd-softhism2-certificates-tests.sh PASS 714s autopkgtest [20:20:02]: test sssd-softhism2-certificates-tests.sh: - - - - - - - - - - results - - - - - - - - - - 715s autopkgtest [20:20:03]: test sssd-smart-card-pam-auth-configs: preparing testbed 720s Reading package lists... 721s Building dependency tree... 721s Reading state information... 721s Starting pkgProblemResolver with broken count: 0 721s Starting 2 pkgProblemResolver with broken count: 0 721s Done 722s The following additional packages will be installed: 722s pamtester 722s The following NEW packages will be installed: 722s autopkgtest-satdep pamtester 722s 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. 722s Need to get 12.3 kB/13.0 kB of archives. 722s After this operation, 36.9 kB of additional disk space will be used. 722s Get:1 /tmp/autopkgtest.kUbq3h/4-autopkgtest-satdep.deb autopkgtest-satdep arm64 0 [756 B] 722s Get:2 http://ftpmaster.internal/ubuntu noble/universe arm64 pamtester arm64 0.1.2-4 [12.3 kB] 723s Fetched 12.3 kB in 0s (70.5 kB/s) 723s Selecting previously unselected package pamtester. 723s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74974 files and directories currently installed.) 723s Preparing to unpack .../pamtester_0.1.2-4_arm64.deb ... 723s Unpacking pamtester (0.1.2-4) ... 723s Selecting previously unselected package autopkgtest-satdep. 723s Preparing to unpack .../4-autopkgtest-satdep.deb ... 723s Unpacking autopkgtest-satdep (0) ... 723s Setting up pamtester (0.1.2-4) ... 723s Setting up autopkgtest-satdep (0) ... 723s Processing triggers for man-db (2.12.0-3) ... 727s (Reading database ... 74980 files and directories currently installed.) 727s Removing autopkgtest-satdep (0) ... 728s autopkgtest [20:20:16]: test sssd-smart-card-pam-auth-configs: env OFFLINE_MODE=1 bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 728s autopkgtest [20:20:16]: test sssd-smart-card-pam-auth-configs: [----------------------- 728s + '[' -z ubuntu ']' 728s + export DEBIAN_FRONTEND=noninteractive 728s + DEBIAN_FRONTEND=noninteractive 728s + required_tools=(pamtester softhsm2-util sssd) 728s + [[ ! -v OFFLINE_MODE ]] 728s + for cmd in "${required_tools[@]}" 728s + command -v pamtester 728s + for cmd in "${required_tools[@]}" 728s + command -v softhsm2-util 728s + for cmd in "${required_tools[@]}" 728s + command -v sssd 728s + PIN=123456 728s ++ mktemp -d -t sssd-softhsm2-certs-XXXXXX 728s + tmpdir=/tmp/sssd-softhsm2-certs-luPGlE 728s + backupsdir= 728s + alternative_pam_configs=(sss-smart-card-optional sss-smart-card-required) 728s + declare -a restore_paths 728s + declare -a delete_paths 728s + trap handle_exit EXIT 728s ++ dirname debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 728s + tester=debian/tests/sssd-softhism2-certificates-tests.sh 728s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 728s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 728s + export PIN TEST_TMPDIR=/tmp/sssd-softhsm2-certs-luPGlE GENERATE_SMART_CARDS=1 KEEP_TEMPORARY_FILES=1 NO_SSSD_TESTS=1 728s + TEST_TMPDIR=/tmp/sssd-softhsm2-certs-luPGlE 728s + GENERATE_SMART_CARDS=1 728s + KEEP_TEMPORARY_FILES=1 728s + NO_SSSD_TESTS=1 728s + bash debian/tests/sssd-softhism2-certificates-tests.sh 728s + '[' -z ubuntu ']' 728s + required_tools=(p11tool openssl softhsm2-util) 728s + for cmd in "${required_tools[@]}" 728s + command -v p11tool 728s + for cmd in "${required_tools[@]}" 728s + command -v openssl 728s + for cmd in "${required_tools[@]}" 728s + command -v softhsm2-util 728s + PIN=123456 728s +++ head -n 1 728s +++ find /usr/lib/softhsm/libsofthsm2.so 728s ++ realpath /usr/lib/softhsm/libsofthsm2.so 728s + SOFTHSM2_MODULE=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 728s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 728s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 728s + '[' '!' -v NO_SSSD_TESTS ']' 728s + '[' '!' -e /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so ']' 728s + tmpdir=/tmp/sssd-softhsm2-certs-luPGlE 728s + keys_size=1024 728s + [[ ! -v KEEP_TEMPORARY_FILES ]] 728s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 728s + echo -n 01 728s + touch /tmp/sssd-softhsm2-certs-luPGlE/index.txt 728s + mkdir -p /tmp/sssd-softhsm2-certs-luPGlE/new_certs 728s + cat 728s + root_ca_key_pass=pass:random-root-CA-password-4433 728s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-key.pem -passout pass:random-root-CA-password-4433 1024 728s + openssl req -passin pass:random-root-CA-password-4433 -batch -config /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA.pem 728s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA.pem 728s + cat 728s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-11011 728s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-11011 1024 728s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-11011 -config /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-4433 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-certificate-request.pem 728s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-certificate-request.pem 728s Certificate Request: 728s Data: 728s Version: 1 (0x0) 728s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 728s Subject Public Key Info: 728s Public Key Algorithm: rsaEncryption 728s Public-Key: (1024 bit) 728s Modulus: 728s 00:ab:6c:2d:e4:70:85:76:da:09:00:8d:60:b6:fc: 728s 9d:c4:72:c2:02:34:33:7f:7f:00:69:c9:69:fc:51: 728s 49:40:d7:84:33:24:0e:62:d3:69:e7:00:b7:fb:23: 728s 9c:f8:25:e8:b0:47:df:db:86:61:fc:3d:62:42:e6: 728s 32:98:74:e2:e3:ba:fc:f6:8c:18:0b:7c:b3:94:b5: 728s aa:ca:33:0e:c2:d9:92:9c:77:96:2e:10:66:0e:a0: 728s 34:2b:61:7b:a4:19:0c:1c:5f:c1:a9:1b:1b:83:6d: 728s 59:cd:9f:f4:4d:b4:ee:df:22:39:85:c2:0a:cb:99: 728s 39:5a:e2:b0:43:e7:12:ca:61 728s Exponent: 65537 (0x10001) 728s Attributes: 728s (none) 728s Requested Extensions: 728s Signature Algorithm: sha256WithRSAEncryption 728s Signature Value: 728s 39:77:6b:2e:bf:97:cf:20:b9:70:43:7c:04:36:7b:ab:7b:03: 728s b9:8c:7a:a2:56:76:79:2f:6d:0f:32:b6:45:e8:f5:0c:bc:25: 728s 77:3c:0a:cb:4b:8a:9f:1d:b2:f1:18:9d:22:1b:56:b9:42:4f: 728s 4c:74:fc:54:56:37:81:b2:ae:a1:05:21:1c:94:08:3d:00:17: 728s f6:b8:02:77:33:0f:a8:47:59:6e:c2:8e:c6:50:8e:52:a5:3a: 728s be:b4:84:ab:3d:be:2f:a7:68:e6:fc:0a:32:f4:94:ca:92:d2: 728s 4f:c4:47:97:2c:0a:e2:82:13:d0:17:a8:9d:f1:76:c0:b5:01: 728s d7:25 728s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA.config -passin pass:random-root-CA-password-4433 -keyfile /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem 728s Using configuration from /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA.config 728s Check that the request matches the signature 728s Signature ok 728s Certificate Details: 728s Serial Number: 1 (0x1) 728s Validity 728s Not Before: Mar 24 20:20:16 2024 GMT 728s Not After : Mar 24 20:20:16 2025 GMT 728s Subject: 728s organizationName = Test Organization 728s organizationalUnitName = Test Organization Unit 728s commonName = Test Organization Intermediate CA 728s X509v3 extensions: 728s X509v3 Subject Key Identifier: 728s 29:A2:9B:8B:A8:2F:9E:2D:81:C3:96:53:83:CF:13:D1:61:A4:D6:A9 728s X509v3 Authority Key Identifier: 728s keyid:3F:4E:CA:C4:B8:C2:74:47:27:40:1D:80:6B:2E:7A:58:22:CC:7F:6A 728s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 728s serial:00 728s X509v3 Basic Constraints: 728s CA:TRUE 728s X509v3 Key Usage: critical 728s Digital Signature, Certificate Sign, CRL Sign 728s Certificate is to be certified until Mar 24 20:20:16 2025 GMT (365 days) 728s 728s Write out database with 1 new entries 728s Database updated 728s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem 728s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem 728s /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem: OK 728s + cat 728s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-24878 728s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-24878 1024 728s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-24878 -config /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-11011 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-certificate-request.pem 728s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-certificate-request.pem 728s Certificate Request: 728s Data: 728s Version: 1 (0x0) 728s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 728s Subject Public Key Info: 728s Public Key Algorithm: rsaEncryption 728s Public-Key: (1024 bit) 728s Modulus: 728s 00:de:5f:41:42:0b:3c:f5:b8:de:cb:7b:c7:ae:f2: 728s 5f:f9:c5:d6:f3:da:d0:f0:33:4d:1c:88:d6:f3:2b: 728s ee:45:a4:37:0a:2a:44:24:ba:cb:82:50:54:88:9f: 728s db:7c:d0:cc:46:0a:d0:9b:d3:b4:8d:99:1a:14:48: 728s d5:70:0b:be:76:e4:b3:d8:07:bb:b6:83:0e:4a:fd: 728s ba:ad:ae:bb:db:69:aa:d4:32:78:d3:3c:7c:1a:38: 728s 36:0d:c3:75:a3:4c:58:a6:17:11:28:20:68:57:33: 728s 21:4c:31:10:6f:d5:03:2e:2e:42:05:a5:1d:91:07: 728s 96:a7:29:09:fa:c1:ef:2d:4b 728s Exponent: 65537 (0x10001) 728s Attributes: 728s (none) 728s Requested Extensions: 728s Signature Algorithm: sha256WithRSAEncryption 728s Signature Value: 728s b2:69:2e:c0:db:3f:d9:bf:6c:78:53:de:02:31:02:c3:66:f9: 728s 47:8a:33:44:27:ee:05:da:26:3b:da:2b:4b:e8:7c:a9:fb:89: 728s b8:2e:aa:75:a5:1c:98:08:0d:7f:a2:50:55:c7:25:81:4b:c9: 728s 65:0d:34:ae:93:d0:ab:ee:a9:41:a1:76:2e:c1:6e:de:48:e9: 728s b6:f8:fd:21:69:b0:d1:0b:55:c3:49:b0:82:d1:c2:e7:0a:af: 728s 75:62:7d:f5:69:d9:ef:ab:af:af:0f:be:ac:29:e3:16:eb:84: 728s 63:e3:db:9c:df:11:b5:c1:e3:87:76:16:85:64:9c:8e:ce:b7: 728s 84:9f 728s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-11011 -keyfile /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.pem 728s Using configuration from /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.config 728s Check that the request matches the signature 728s Signature ok 728s Certificate Details: 728s Serial Number: 2 (0x2) 728s Validity 728s Not Before: Mar 24 20:20:16 2024 GMT 728s Not After : Mar 24 20:20:16 2025 GMT 728s Subject: 728s organizationName = Test Organization 728s organizationalUnitName = Test Organization Unit 728s commonName = Test Organization Sub Intermediate CA 728s X509v3 extensions: 728s X509v3 Subject Key Identifier: 728s CB:1A:58:05:8C:11:1C:30:7F:04:14:77:BB:51:37:E4:1D:6F:13:33 728s X509v3 Authority Key Identifier: 728s keyid:29:A2:9B:8B:A8:2F:9E:2D:81:C3:96:53:83:CF:13:D1:61:A4:D6:A9 728s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 728s serial:01 728s X509v3 Basic Constraints: 728s CA:TRUE 728s X509v3 Key Usage: critical 728s Digital Signature, Certificate Sign, CRL Sign 728s Certificate is to be certified until Mar 24 20:20:16 2025 GMT (365 days) 728s 728s Write out database with 1 new entries 728s Database updated 728s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.pem 728s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.pem 728s /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.pem: OK 728s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.pem 728s + local cmd=openssl 728s + shift 728s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.pem 728s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 728s error 20 at 0 depth lookup: unable to get local issuer certificate 728s error /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.pem: verification failed 728s + cat 728s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-9666 728s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-9666 1024 728s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-9666 -key /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001-request.pem 728s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001-request.pem 728s Certificate Request: 728s Data: 728s Version: 1 (0x0) 728s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 728s Subject Public Key Info: 728s Public Key Algorithm: rsaEncryption 728s Public-Key: (1024 bit) 728s Modulus: 728s 00:e6:bc:04:d3:e5:12:cc:88:41:b2:59:e3:b6:0f: 728s b8:b0:b4:92:c2:7f:89:b6:87:ce:59:3c:c9:28:59: 728s ee:d8:da:57:dc:c6:c4:ce:f3:7f:f5:87:57:22:b7: 728s 6c:27:f8:6a:78:7e:76:d7:be:8b:e3:5f:c7:39:9f: 728s eb:c9:96:c7:e8:95:40:9d:38:1c:e5:eb:85:e2:39: 728s f6:56:0f:bc:67:4c:d0:5a:39:04:42:c8:be:b8:66: 728s 28:fa:00:2c:11:af:ca:3f:0d:1e:77:c6:fe:09:22: 728s ac:97:79:0d:10:75:63:2f:ca:e2:10:ed:3d:cb:6e: 728s ca:55:b2:4c:1e:90:d9:c3:d7 728s Exponent: 65537 (0x10001) 728s Attributes: 728s Requested Extensions: 728s X509v3 Basic Constraints: 728s CA:FALSE 728s Netscape Cert Type: 728s SSL Client, S/MIME 728s Netscape Comment: 728s Test Organization Root CA trusted Certificate 728s X509v3 Subject Key Identifier: 728s 40:8D:F5:63:BA:75:D1:FA:A0:B9:CC:E5:75:52:3C:17:9D:D4:06:6A 728s X509v3 Key Usage: critical 728s Digital Signature, Non Repudiation, Key Encipherment 728s X509v3 Extended Key Usage: 728s TLS Web Client Authentication, E-mail Protection 728s X509v3 Subject Alternative Name: 728s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 728s Signature Algorithm: sha256WithRSAEncryption 728s Signature Value: 728s aa:a4:57:99:7a:74:49:52:e4:e5:a9:56:a8:3f:15:da:93:05: 728s dd:c4:b0:be:55:13:fb:d0:b7:7c:ea:6a:e2:1e:b9:af:d3:01: 728s 16:e0:46:01:92:e9:bb:96:bd:2c:e7:05:b1:78:91:cb:d6:e6: 728s cf:4b:35:9b:54:ff:17:dc:ab:b3:6c:52:ce:b8:3f:f8:51:a7: 728s 1b:ce:c3:19:b1:9c:80:6a:06:90:32:2f:8a:e1:07:98:1d:95: 728s 31:cb:ed:cf:06:a6:c0:7b:9e:91:d8:e9:50:06:9f:68:fb:6d: 728s 43:e4:ad:0e:19:38:55:c3:c0:7c:a8:fd:2a:50:0b:37:42:95: 728s ec:1b 728s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA.config -passin pass:random-root-CA-password-4433 -keyfile /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001.pem 728s Using configuration from /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA.config 728s Check that the request matches the signature 728s Signature ok 728s Certificate Details: 728s Serial Number: 3 (0x3) 728s Validity 728s Not Before: Mar 24 20:20:16 2024 GMT 728s Not After : Mar 24 20:20:16 2025 GMT 728s Subject: 728s organizationName = Test Organization 728s organizationalUnitName = Test Organization Unit 728s commonName = Test Organization Root Trusted Certificate 0001 728s X509v3 extensions: 728s X509v3 Authority Key Identifier: 728s 3F:4E:CA:C4:B8:C2:74:47:27:40:1D:80:6B:2E:7A:58:22:CC:7F:6A 728s X509v3 Basic Constraints: 728s CA:FALSE 728s Netscape Cert Type: 728s SSL Client, S/MIME 728s Netscape Comment: 728s Test Organization Root CA trusted Certificate 728s X509v3 Subject Key Identifier: 728s 40:8D:F5:63:BA:75:D1:FA:A0:B9:CC:E5:75:52:3C:17:9D:D4:06:6A 728s X509v3 Key Usage: critical 728s Digital Signature, Non Repudiation, Key Encipherment 728s X509v3 Extended Key Usage: 728s TLS Web Client Authentication, E-mail Protection 728s X509v3 Subject Alternative Name: 728s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 728s Certificate is to be certified until Mar 24 20:20:16 2025 GMT (365 days) 728s 728s Write out database with 1 new entries 728s Database updated 728s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001.pem 728s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001.pem 728s /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001.pem: OK 728s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001.pem 728s + local cmd=openssl 728s + shift 728s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001.pem 728s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 728s error 20 at 0 depth lookup: unable to get local issuer certificate 728s error /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001.pem: verification failed 728s + cat 728s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-6219 728s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-6219 1024 729s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-6219 -key /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001-request.pem 729s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001-request.pem 729s Certificate Request: 729s Data: 729s Version: 1 (0x0) 729s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 729s Subject Public Key Info: 729s Public Key Algorithm: rsaEncryption 729s Public-Key: (1024 bit) 729s Modulus: 729s 00:bd:bc:23:90:53:c1:02:c3:d2:fb:81:66:69:2b: 729s 23:47:70:fc:d0:26:de:fe:2d:68:ff:e9:b3:6e:c5: 729s b2:c6:92:9c:ba:d1:99:c6:48:37:93:39:e3:2b:a4: 729s 38:29:bf:78:67:1b:76:b2:2f:db:ec:52:92:db:72: 729s bd:08:c9:27:57:83:fe:64:2f:a5:ad:06:05:2b:83: 729s 2f:a1:9c:d9:c0:1e:5f:32:23:c2:22:b3:27:e6:8e: 729s b4:97:45:36:7c:c1:df:42:fa:07:15:86:61:0b:69: 729s ee:cf:e3:ed:bc:63:01:b2:3c:c2:27:ef:68:cf:ac: 729s c6:e3:04:3f:05:4c:cd:7c:e7 729s Exponent: 65537 (0x10001) 729s Attributes: 729s Requested Extensions: 729s X509v3 Basic Constraints: 729s CA:FALSE 729s Netscape Cert Type: 729s SSL Client, S/MIME 729s Netscape Comment: 729s Test Organization Intermediate CA trusted Certificate 729s X509v3 Subject Key Identifier: 729s B3:7A:5C:E0:A2:C7:38:34:9D:17:8B:37:87:A7:3B:00:C6:BC:51:18 729s X509v3 Key Usage: critical 729s Digital Signature, Non Repudiation, Key Encipherment 729s X509v3 Extended Key Usage: 729s TLS Web Client Authentication, E-mail Protection 729s X509v3 Subject Alternative Name: 729s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 729s Signature Algorithm: sha256WithRSAEncryption 729s Signature Value: 729s a1:3e:cb:d0:9d:18:3e:9f:08:81:df:14:80:25:55:b9:e4:00: 729s ca:f8:c2:86:94:f4:46:d0:4e:ad:c2:0e:eb:eb:c0:67:17:00: 729s dd:d7:db:14:a4:bf:6f:6d:63:d8:94:f9:3c:ed:ea:df:92:01: 729s 8e:61:2b:93:47:a4:b7:49:0a:ef:dc:1d:30:87:80:90:5b:4e: 729s 0e:7a:60:d4:7c:cc:5a:c7:dd:10:59:6d:20:41:dc:10:cd:7e: 729s 8d:8e:93:1f:72:80:51:8e:a3:58:2e:00:5d:7a:ba:5d:df:b5: 729s b0:7c:f1:4a:13:d2:e2:57:e1:87:2b:8c:f1:6e:ee:31:3d:92: 729s 5d:09 729s + openssl ca -passin pass:random-intermediate-CA-password-11011 -config /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001.pem 729s Using configuration from /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.config 729s Check that the request matches the signature 729s Signature ok 729s Certificate Details: 729s Serial Number: 4 (0x4) 729s Validity 729s Not Before: Mar 24 20:20:17 2024 GMT 729s Not After : Mar 24 20:20:17 2025 GMT 729s Subject: 729s organizationName = Test Organization 729s organizationalUnitName = Test Organization Unit 729s commonName = Test Organization Intermediate Trusted Certificate 0001 729s X509v3 extensions: 729s X509v3 Authority Key Identifier: 729s 29:A2:9B:8B:A8:2F:9E:2D:81:C3:96:53:83:CF:13:D1:61:A4:D6:A9 729s X509v3 Basic Constraints: 729s CA:FALSE 729s Netscape Cert Type: 729s SSL Client, S/MIME 729s Netscape Comment: 729s Test Organization Intermediate CA trusted Certificate 729s X509v3 Subject Key Identifier: 729s B3:7A:5C:E0:A2:C7:38:34:9D:17:8B:37:87:A7:3B:00:C6:BC:51:18 729s X509v3 Key Usage: critical 729s Digital Signature, Non Repudiation, Key Encipherment 729s X509v3 Extended Key Usage: 729s TLS Web Client Authentication, E-mail Protection 729s X509v3 Subject Alternative Name: 729s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 729s Certificate is to be certified until Mar 24 20:20:17 2025 GMT (365 days) 729s 729s Write out database with 1 new entries 729s Database updated 729s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001.pem 729s This certificate should not be trusted fully 729s + echo 'This certificate should not be trusted fully' 729s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001.pem 729s + local cmd=openssl 729s + shift 729s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001.pem 729s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 729s error 2 at 1 depth lookup: unable to get issuer certificate 729s error /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 729s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001.pem 729s /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001.pem: OK 729s + cat 729s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-30747 729s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-30747 1024 729s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-30747 -key /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 729s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 729s + openssl ca -passin pass:random-sub-intermediate-CA-password-24878 -config /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem 729s Certificate Request: 729s Data: 729s Version: 1 (0x0) 729s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 729s Subject Public Key Info: 729s Public Key Algorithm: rsaEncryption 729s Public-Key: (1024 bit) 729s Modulus: 729s 00:c6:c0:f8:69:1f:15:48:60:de:33:c4:61:60:25: 729s 86:e0:81:e7:69:dc:e7:89:7e:f3:54:6f:c8:0b:9e: 729s a0:12:fd:b6:40:66:18:46:84:c5:7f:e9:21:97:2c: 729s 88:0a:fb:55:ab:9e:14:c3:4b:b9:63:69:da:98:1b: 729s 14:4e:dd:13:8f:f3:ed:d9:bf:25:4f:1e:c5:07:65: 729s 31:47:be:c9:05:7b:94:2a:42:99:b8:5d:98:f1:7f: 729s a2:1d:63:1f:49:ae:4c:c2:5c:fb:ee:95:bd:7e:6b: 729s 06:76:32:27:10:3d:9d:25:f6:1e:47:21:05:d2:50: 729s 64:de:3b:67:c2:f5:43:3f:2b 729s Exponent: 65537 (0x10001) 729s Attributes: 729s Requested Extensions: 729s X509v3 Basic Constraints: 729s CA:FALSE 729s Netscape Cert Type: 729s SSL Client, S/MIME 729s Netscape Comment: 729s Test Organization Sub Intermediate CA trusted Certificate 729s X509v3 Subject Key Identifier: 729s 83:94:F2:8B:9D:19:FD:6C:21:EF:2D:D9:34:96:4B:BB:89:75:CC:95 729s X509v3 Key Usage: critical 729s Digital Signature, Non Repudiation, Key Encipherment 729s X509v3 Extended Key Usage: 729s TLS Web Client Authentication, E-mail Protection 729s X509v3 Subject Alternative Name: 729s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 729s Signature Algorithm: sha256WithRSAEncryption 729s Signature Value: 729s 4c:fe:fb:84:21:7e:47:d8:e0:d1:a8:08:a2:70:cb:9e:d5:e8: 729s 9e:45:6d:c5:89:cb:10:e1:98:fd:f0:d6:17:d6:e7:51:72:06: 729s 71:b7:9c:a2:28:a6:0e:c9:6a:be:5e:c3:45:48:98:5d:de:f4: 729s 6e:8b:4e:9f:2e:8f:84:80:03:30:db:93:8c:ed:ba:6a:76:e7: 729s 54:c4:cf:24:00:25:04:af:b5:ac:1c:38:ee:e7:bf:32:06:e9: 729s 8d:f5:8f:e8:8c:f8:b7:9c:96:fb:19:c0:7d:45:51:8f:da:24: 729s 40:ae:39:1f:a4:84:6e:7b:f8:29:ce:aa:75:80:a9:60:8f:46: 729s 4f:6b 729s Using configuration from /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.config 729s Check that the request matches the signature 729s Signature ok 729s Certificate Details: 729s Serial Number: 5 (0x5) 729s Validity 729s Not Before: Mar 24 20:20:17 2024 GMT 729s Not After : Mar 24 20:20:17 2025 GMT 729s Subject: 729s organizationName = Test Organization 729s organizationalUnitName = Test Organization Unit 729s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 729s X509v3 extensions: 729s X509v3 Authority Key Identifier: 729s CB:1A:58:05:8C:11:1C:30:7F:04:14:77:BB:51:37:E4:1D:6F:13:33 729s X509v3 Basic Constraints: 729s CA:FALSE 729s Netscape Cert Type: 729s SSL Client, S/MIME 729s Netscape Comment: 729s Test Organization Sub Intermediate CA trusted Certificate 729s X509v3 Subject Key Identifier: 729s 83:94:F2:8B:9D:19:FD:6C:21:EF:2D:D9:34:96:4B:BB:89:75:CC:95 729s X509v3 Key Usage: critical 729s Digital Signature, Non Repudiation, Key Encipherment 729s X509v3 Extended Key Usage: 729s TLS Web Client Authentication, E-mail Protection 729s X509v3 Subject Alternative Name: 729s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 729s Certificate is to be certified until Mar 24 20:20:17 2025 GMT (365 days) 729s 729s Write out database with 1 new entries 729s Database updated 729s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem 729s + echo 'This certificate should not be trusted fully' 729s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem 729s + local cmd=openssl 729s + shift 729s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem 729s This certificate should not be trusted fully 729s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 729s error 2 at 1 depth lookup: unable to get issuer certificate 729s error /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 729s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem 729s + local cmd=openssl 729s + shift 729s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem 729s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 729s error 20 at 0 depth lookup: unable to get local issuer certificate 729s error /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 729s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem 729s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem 729s /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 729s + local cmd=openssl 729s + shift 729s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem 729s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 729s error 20 at 0 depth lookup: unable to get local issuer certificate 729s error /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 729s Building a the full-chain CA file... 729s + echo 'Building a the full-chain CA file...' 729s + cat /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.pem 729s + cat /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem 729s + cat /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.pem 729s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-certs-luPGlE/test-full-chain-CA.pem 729s + openssl pkcs7 -print_certs -noout 729s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 729s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 729s 729s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 729s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 729s 729s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 729s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 729s 729s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem 729s /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA.pem: OK 729s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001.pem 729s /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001.pem: OK 729s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001.pem 729s /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001.pem: OK 729s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-root-intermediate-chain-CA.pem 729s /tmp/sssd-softhsm2-certs-luPGlE/test-root-intermediate-chain-CA.pem: OK 729s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-luPGlE/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem 729s /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 729s Certificates generation completed! 729s + echo 'Certificates generation completed!' 729s + [[ -v NO_SSSD_TESTS ]] 729s + [[ -v GENERATE_SMART_CARDS ]] 729s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9666 729s + local certificate=/tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001.pem 729s + local key_pass=pass:random-root-ca-trusted-cert-0001-9666 729s + local key_cn 729s + local key_name 729s + local tokens_dir 729s + local output_cert_file 729s + token_name= 729s ++ basename /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001.pem .pem 729s + key_name=test-root-CA-trusted-certificate-0001 729s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001.pem 729s ++ sed -n 's/ *commonName *= //p' 729s + key_cn='Test Organization Root Trusted Certificate 0001' 729s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 729s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-root-CA-trusted-certificate-0001.conf 729s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-root-CA-trusted-certificate-0001.conf 729s ++ basename /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 729s + tokens_dir=/tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-root-CA-trusted-certificate-0001 729s + token_name='Test Organization Root Tr Token' 729s + '[' '!' -e /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 729s + local key_file 729s + local decrypted_key 729s + mkdir -p /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-root-CA-trusted-certificate-0001 729s + key_file=/tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001-key.pem 729s + decrypted_key=/tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001-key-decrypted.pem 729s + cat 729s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 123456 --so-pin 123456 --free 729s Slot 0 has a free/uninitialized token. 729s The token has been initialized and is reassigned to slot 641499700 729s + softhsm2-util --show-slots 729s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 729s Available slots: 729s Slot 641499700 729s Slot info: 729s Description: SoftHSM slot ID 0x263c8234 729s Manufacturer ID: SoftHSM project 729s Hardware version: 2.6 729s Firmware version: 2.6 729s Token present: yes 729s Token info: 729s Manufacturer ID: SoftHSM project 729s Model: SoftHSM v2 729s Hardware version: 2.6 729s Firmware version: 2.6 729s Serial number: f63cdd8ea63c8234 729s Initialized: yes 729s User PIN init.: yes 729s Label: Test Organization Root Tr Token 729s Slot 1 729s Slot info: 729s Description: SoftHSM slot ID 0x1 729s Manufacturer ID: SoftHSM project 729s Hardware version: 2.6 729s Firmware version: 2.6 729s Token present: yes 729s Token info: 729s Manufacturer ID: SoftHSM project 729s Model: SoftHSM v2 729s Hardware version: 2.6 729s Firmware version: 2.6 729s Serial number: 729s Initialized: no 729s User PIN init.: no 729s Label: 729s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-9666 -in /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001-key-decrypted.pem 729s writing RSA key 729s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 729s + rm /tmp/sssd-softhsm2-certs-luPGlE/test-root-CA-trusted-certificate-0001-key-decrypted.pem 729s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 729s Object 0: 729s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f63cdd8ea63c8234;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 729s Type: X.509 Certificate (RSA-1024) 729s Expires: Mon Mar 24 20:20:16 2025 729s Label: Test Organization Root Trusted Certificate 0001 729s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 729s 729s Test Organization Root Tr Token 729s + echo 'Test Organization Root Tr Token' 729s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-6219 729s + local certificate=/tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001.pem 729s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-6219 729s + local key_cn 729s + local key_name 729s + local tokens_dir 729s + local output_cert_file 729s + token_name= 729s ++ basename /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001.pem .pem 729s + key_name=test-intermediate-CA-trusted-certificate-0001 729s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001.pem 729s ++ sed -n 's/ *commonName *= //p' 729s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 729s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 729s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 729s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 729s ++ basename /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 729s + tokens_dir=/tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-intermediate-CA-trusted-certificate-0001 729s + token_name='Test Organization Interme Token' 729s + '[' '!' -e /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 729s + local key_file 729s + local decrypted_key 729s + mkdir -p /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-intermediate-CA-trusted-certificate-0001 729s + key_file=/tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001-key.pem 729s + decrypted_key=/tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 729s + cat 729s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 123456 --so-pin 123456 --free 729s Slot 0 has a free/uninitialized token. 729s The token has been initialized and is reassigned to slot 731182511 729s + softhsm2-util --show-slots 729s Available slots: 729s Slot 731182511 729s Slot info: 729s Description: SoftHSM slot ID 0x2b94f5af 729s Manufacturer ID: SoftHSM project 729s Hardware version: 2.6 729s Firmware version: 2.6 729s Token present: yes 729s Token info: 729s Manufacturer ID: SoftHSM project 729s Model: SoftHSM v2 729s Hardware version: 2.6 729s Firmware version: 2.6 729s Serial number: 7adf543c2b94f5af 729s Initialized: yes 729s User PIN init.: yes 729s Label: Test Organization Interme Token 729s Slot 1 729s Slot info: 729s Description: SoftHSM slot ID 0x1 729s Manufacturer ID: SoftHSM project 729s Hardware version: 2.6 729s Firmware version: 2.6 729s Token present: yes 729s Token info: 729s Manufacturer ID: SoftHSM project 729s Model: SoftHSM v2 729s Hardware version: 2.6 729s Firmware version: 2.6 729s Serial number: 729s Initialized: no 729s User PIN init.: no 729s Label: 729s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 729s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-6219 -in /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 729s writing RSA key 729s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 729s + rm /tmp/sssd-softhsm2-certs-luPGlE/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 729s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 729s Object 0: 729s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=7adf543c2b94f5af;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 729s Type: X.509 Certificate (RSA-1024) 729s Expires: Mon Mar 24 20:20:17 2025 729s Label: Test Organization Intermediate Trusted Certificate 0001 729s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 729s 729s Test Organization Interme Token 729s + echo 'Test Organization Interme Token' 729s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-30747 729s + local certificate=/tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem 729s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-30747 729s + local key_cn 729s + local key_name 729s + local tokens_dir 729s + local output_cert_file 729s + token_name= 729s ++ basename /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 729s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 729s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem 729s ++ sed -n 's/ *commonName *= //p' 729s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 729s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 729s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 729s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 729s ++ basename /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 729s + tokens_dir=/tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 729s + token_name='Test Organization Sub Int Token' 729s + '[' '!' -e /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 729s + local key_file 729s + local decrypted_key 729s + mkdir -p /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 729s + key_file=/tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 729s + decrypted_key=/tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 729s + cat 729s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 123456 --so-pin 123456 --free 729s Slot 0 has a free/uninitialized token. 729s The token has been initialized and is reassigned to slot 1999964710 729s + softhsm2-util --show-slots 729s Available slots: 729s Slot 1999964710 729s Slot info: 729s Description: SoftHSM slot ID 0x77350a26 729s Manufacturer ID: SoftHSM project 729s Hardware version: 2.6 729s Firmware version: 2.6 729s Token present: yes 729s Token info: 729s Manufacturer ID: SoftHSM project 729s Model: SoftHSM v2 729s Hardware version: 2.6 729s Firmware version: 2.6 729s Serial number: 62fef3e277350a26 729s Initialized: yes 729s User PIN init.: yes 729s Label: Test Organization Sub Int Token 729s Slot 1 729s Slot info: 729s Description: SoftHSM slot ID 0x1 729s Manufacturer ID: SoftHSM project 729s Hardware version: 2.6 729s Firmware version: 2.6 729s Token present: yes 729s Token info: 729s Manufacturer ID: SoftHSM project 729s Model: SoftHSM v2 729s Hardware version: 2.6 729s Firmware version: 2.6 729s Serial number: 729s Initialized: no 729s User PIN init.: no 729s Label: 729s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 729s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-30747 -in /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 729s writing RSA key 729s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 729s + rm /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 729s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 729s Object 0: 729s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=62fef3e277350a26;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 729s Type: X.509 Certificate (RSA-1024) 729s Expires: Mon Mar 24 20:20:17 2025 729s Label: Test Organization Sub Intermediate Trusted Certificate 0001 729s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 729s 729s Test Organization Sub Int Token 729s Certificates generation completed! 729s + echo 'Test Organization Sub Int Token' 729s + echo 'Certificates generation completed!' 729s + exit 0 729s + find /tmp/sssd-softhsm2-certs-luPGlE -type d -exec chmod 777 '{}' ';' 729s + find /tmp/sssd-softhsm2-certs-luPGlE -type f -exec chmod 666 '{}' ';' 730s + backup_file /etc/sssd/sssd.conf 730s + '[' -z '' ']' 730s ++ mktemp -d -t sssd-softhsm2-backups-XXXXXX 730s + backupsdir=/tmp/sssd-softhsm2-backups-g16f54 730s + '[' -e /etc/sssd/sssd.conf ']' 730s + delete_paths+=("$1") 730s + rm -f /etc/sssd/sssd.conf 730s ++ runuser -u ubuntu -- sh -c 'echo ~' 730s + user_home=/home/ubuntu 730s + mkdir -p /home/ubuntu 730s + chown ubuntu:ubuntu /home/ubuntu 730s ++ runuser -u ubuntu -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}' 730s + user_config=/home/ubuntu/.config 730s + system_config=/etc 730s + softhsm2_conf_paths=("${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf" "root:$system_config/softhsm/softhsm2.conf") 730s + for path_pair in "${softhsm2_conf_paths[@]}" 730s + IFS=: 730s + read -r -a path 730s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 730s + backup_file /home/ubuntu/.config/softhsm2/softhsm2.conf 730s + '[' -z /tmp/sssd-softhsm2-backups-g16f54 ']' 730s + '[' -e /home/ubuntu/.config/softhsm2/softhsm2.conf ']' 730s + delete_paths+=("$1") 730s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 730s + for path_pair in "${softhsm2_conf_paths[@]}" 730s + IFS=: 730s + read -r -a path 730s + path=/etc/softhsm/softhsm2.conf 730s + backup_file /etc/softhsm/softhsm2.conf 730s + '[' -z /tmp/sssd-softhsm2-backups-g16f54 ']' 730s + '[' -e /etc/softhsm/softhsm2.conf ']' 730s ++ dirname /etc/softhsm/softhsm2.conf 730s + local back_dir=/tmp/sssd-softhsm2-backups-g16f54//etc/softhsm 730s ++ basename /etc/softhsm/softhsm2.conf 730s + local back_path=/tmp/sssd-softhsm2-backups-g16f54//etc/softhsm/softhsm2.conf 730s + '[' '!' -e /tmp/sssd-softhsm2-backups-g16f54//etc/softhsm/softhsm2.conf ']' 730s + mkdir -p /tmp/sssd-softhsm2-backups-g16f54//etc/softhsm 730s + cp -a /etc/softhsm/softhsm2.conf /tmp/sssd-softhsm2-backups-g16f54//etc/softhsm/softhsm2.conf 730s + restore_paths+=("$back_path") 730s + rm -f /etc/softhsm/softhsm2.conf 730s + test_authentication login /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-root-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-luPGlE/test-full-chain-CA.pem 730s + pam_service=login 730s + certificate_config=/tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-root-CA-trusted-certificate-0001.conf 730s + ca_db=/tmp/sssd-softhsm2-certs-luPGlE/test-full-chain-CA.pem 730s + verification_options= 730s + mkdir -p -m 700 /etc/sssd 730s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-luPGlE/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 730s + cat 730s Using CA DB '/tmp/sssd-softhsm2-certs-luPGlE/test-full-chain-CA.pem' with verification options: '' 730s + chmod 600 /etc/sssd/sssd.conf 730s + for path_pair in "${softhsm2_conf_paths[@]}" 730s + IFS=: 730s + read -r -a path 730s + user=ubuntu 730s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 730s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 730s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 730s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-root-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 730s + runuser -u ubuntu -- softhsm2-util --show-slots 730s + grep 'Test Organization' 730s Label: Test Organization Root Tr Token 730s + for path_pair in "${softhsm2_conf_paths[@]}" 730s + IFS=: 730s + read -r -a path 730s + user=root 730s + path=/etc/softhsm/softhsm2.conf 730s ++ dirname /etc/softhsm/softhsm2.conf 730s + runuser -u root -- mkdir -p /etc/softhsm 730s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-root-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 730s + runuser -u root -- softhsm2-util --show-slots 730s + grep 'Test Organization' 730s Label: Test Organization Root Tr Token 730s + systemctl restart sssd 730s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 731s + for alternative in "${alternative_pam_configs[@]}" 731s + pam-auth-update --enable sss-smart-card-optional 731s + cat /etc/pam.d/common-auth 731s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 731s + echo -n -e 123456 731s # 731s # /etc/pam.d/common-auth - authentication settings common to all services 731s # 731s # This file is included from other service-specific PAM config files, 731s # and should contain a list of the authentication modules that define 731s # the central authentication scheme for use on the system 731s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 731s # traditional Unix authentication mechanisms. 731s # 731s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 731s # To take advantage of this, it is recommended that you configure any 731s # local modules either before or after the default block, and use 731s # pam-auth-update to manage selection of other modules. See 731s # pam-auth-update(8) for details. 731s 731s # here are the per-package modules (the "Primary" block) 731s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 731s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 731s auth [success=1 default=ignore] pam_sss.so use_first_pass 731s # here's the fallback if no module succeeds 731s auth requisite pam_deny.so 731s # prime the stack with a positive return value if there isn't one already; 731s # this avoids us returning an error just because nothing sets a success code 731s # since the modules above will each just jump around 731s auth required pam_permit.so 731s # and here are more per-package modules (the "Additional" block) 731s auth optional pam_cap.so 731s # end of pam-auth-update config 732s pamtester: invoking pam_start(login, ubuntu, ...) 732s pamtester: performing operation - authenticate 732s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 732s + echo -n -e 123456 732s + runuser -u ubuntu -- pamtester -v login '' authenticate 732s pamtester: invoking pam_start(login, , ...) 732s pamtester: performing operation - authenticate 732s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 732s + echo -n -e wrong123456 732s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 732s pamtester: invoking pam_start(login, ubuntu, ...) 732s pamtester: performing operation - authenticate 734s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 734s + echo -n -e wrong123456 734s + runuser -u ubuntu -- pamtester -v login '' authenticate 734s pamtester: invoking pam_start(login, , ...) 734s pamtester: performing operation - authenticate 737s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 737s + echo -n -e 123456 737s + pamtester -v login root authenticate 737s pamtester: invoking pam_start(login, root, ...) 737s pamtester: performing operation - authenticate 740s Password: pamtester: Authentication failure 740s + for alternative in "${alternative_pam_configs[@]}" 740s + pam-auth-update --enable sss-smart-card-required 740s PAM configuration 740s ----------------- 740s 740s Incompatible PAM profiles selected. 740s 740s The following PAM profiles cannot be used together: 740s 740s SSS required smart card authentication, SSS optional smart card 740s authentication 740s 740s Please select a different set of modules to enable. 740s 740s + cat /etc/pam.d/common-auth 740s # 740s # /etc/pam.d/common-auth - authentication settings common to all services 740s # 740s # This file is included from other service-specific PAM config files, 740s # and should contain a list of the authentication modules that define 740s # the central authentication scheme for use on the system 740s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 740s # traditional Unix authentication mechanisms. 740s # 740s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 740s # To take advantage of this, it is recommended that you configure any 740s # local modules either before or after the default block, and use 740s # pam-auth-update to manage selection of other modules. See 740s # pam-auth-update(8) for details. 740s 740s # here are the per-package modules (the "Primary" block) 740s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 740s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 740s auth [success=1 default=ignore] pam_sss.so use_first_pass 740s # here's the fallback if no module succeeds 740s auth requisite pam_deny.so 740s # prime the stack with a positive return value if there isn't one already; 740s # this avoids us returning an error just because nothing sets a success code 740s # since the modules above will each just jump around 740s auth required pam_permit.so 740s # and here are more per-package modules (the "Additional" block) 740s auth optional pam_cap.so 740s # end of pam-auth-update config 740s + echo -n -e 123456 740s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 740s pamtester: invoking pam_start(login, ubuntu, ...) 740s pamtester: performing operation - authenticate 740s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 740s + echo -n -e 123456 740s + runuser -u ubuntu -- pamtester -v login '' authenticate 740s pamtester: invoking pam_start(login, , ...) 740s pamtester: performing operation - authenticate 740s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 740s + echo -n -e wrong123456 740s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 740s pamtester: invoking pam_start(login, ubuntu, ...) 740s pamtester: performing operation - authenticate 744s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 744s + echo -n -e wrong123456 744s + runuser -u ubuntu -- pamtester -v login '' authenticate 744s pamtester: invoking pam_start(login, , ...) 744s pamtester: performing operation - authenticate 746s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 746s + echo -n -e 123456 746s + pamtester -v login root authenticate 746s pamtester: invoking pam_start(login, root, ...) 746s pamtester: performing operation - authenticate 748s pamtester: Authentication service cannot retrieve authentication info 748s + test_authentication login /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-luPGlE/test-full-chain-CA.pem 748s + pam_service=login 748s + certificate_config=/tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 748s + ca_db=/tmp/sssd-softhsm2-certs-luPGlE/test-full-chain-CA.pem 748s + verification_options= 748s + mkdir -p -m 700 /etc/sssd 748s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-luPGlE/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 748s + cat 748s Using CA DB '/tmp/sssd-softhsm2-certs-luPGlE/test-full-chain-CA.pem' with verification options: '' 748s + chmod 600 /etc/sssd/sssd.conf 748s + for path_pair in "${softhsm2_conf_paths[@]}" 748s + IFS=: 748s + read -r -a path 748s + user=ubuntu 748s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 748s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 748s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 748s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 748s + runuser -u ubuntu -- softhsm2-util --show-slots 748s + grep 'Test Organization' 748s Label: Test Organization Sub Int Token 748s + for path_pair in "${softhsm2_conf_paths[@]}" 748s + IFS=: 748s + read -r -a path 748s + user=root 748s + path=/etc/softhsm/softhsm2.conf 748s ++ dirname /etc/softhsm/softhsm2.conf 748s + runuser -u root -- mkdir -p /etc/softhsm 749s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 749s + runuser -u root -- softhsm2-util --show-slots 749s + grep 'Test Organization' 749s Label: Test Organization Sub Int Token 749s + systemctl restart sssd 749s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 750s + for alternative in "${alternative_pam_configs[@]}" 750s + pam-auth-update --enable sss-smart-card-optional 750s + cat /etc/pam.d/common-auth 750s + echo -n -e 123456 750s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 750s # 750s # /etc/pam.d/common-auth - authentication settings common to all services 750s # 750s # This file is included from other service-specific PAM config files, 750s # and should contain a list of the authentication modules that define 750s # the central authentication scheme for use on the system 750s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 750s # traditional Unix authentication mechanisms. 750s # 750s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 750s # To take advantage of this, it is recommended that you configure any 750s # local modules either before or after the default block, and use 750s # pam-auth-update to manage selection of other modules. See 750s # pam-auth-update(8) for details. 750s 750s # here are the per-package modules (the "Primary" block) 750s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 750s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 750s auth [success=1 default=ignore] pam_sss.so use_first_pass 750s # here's the fallback if no module succeeds 750s auth requisite pam_deny.so 750s # prime the stack with a positive return value if there isn't one already; 750s # this avoids us returning an error just because nothing sets a success code 750s # since the modules above will each just jump around 750s auth required pam_permit.so 750s # and here are more per-package modules (the "Additional" block) 750s auth optional pam_cap.so 750s # end of pam-auth-update config 751s pamtester: invoking pam_start(login, ubuntu, ...) 751s pamtester: performing operation - authenticate 751s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 751s + echo -n -e 123456 751s + runuser -u ubuntu -- pamtester -v login '' authenticate 751s pamtester: invoking pam_start(login, , ...) 751s pamtester: performing operation - authenticate 751s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 751s + echo -n -e wrong123456 751s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 751s pamtester: invoking pam_start(login, ubuntu, ...) 751s pamtester: performing operation - authenticate 754s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 754s + echo -n -e wrong123456 754s + runuser -u ubuntu -- pamtester -v login '' authenticate 754s pamtester: invoking pam_start(login, , ...) 754s pamtester: performing operation - authenticate 757s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 757s + echo -n -e 123456 757s + pamtester -v login root authenticate 757s pamtester: invoking pam_start(login, root, ...) 757s pamtester: performing operation - authenticate 760s Password: pamtester: Authentication failure 760s + for alternative in "${alternative_pam_configs[@]}" 760s + pam-auth-update --enable sss-smart-card-required 760s PAM configuration 760s ----------------- 760s 760s Incompatible PAM profiles selected. 760s 760s The following PAM profiles cannot be used together: 760s 760s SSS required smart card authentication, SSS optional smart card 760s authentication 760s 760s Please select a different set of modules to enable. 760s 760s + cat /etc/pam.d/common-auth 760s # 760s # /etc/pam.d/common-auth - authentication settings common to all services 760s # 760s # This file is included from other service-specific PAM config files, 760s # and should contain a list of the authentication modules that define 760s # the central authentication scheme for use on the system 760s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 760s # traditional Unix authentication mechanisms. 760s # 760s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 760s # To take advantage of this, it is recommended that you configure any 760s # local modules either before or after the default block, and use 760s # pam-auth-update to manage selection of other modules. See 760s # pam-auth-update(8) for details. 760s 760s # here are the per-package modules (the "Primary" block) 760s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 760s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 760s auth [success=1 default=ignore] pam_sss.so use_first_pass 760s # here's the fallback if no module succeeds 760s auth requisite pam_deny.so 760s # prime the stack with a positive return value if there isn't one already; 760s # this avoids us returning an error just because nothing sets a success code 760s # since the modules above will each just jump around 760s auth required pam_permit.so 760s # and here are more per-package modules (the "Additional" block) 760s auth optional pam_cap.so 760s # end of pam-auth-update config 760s + echo -n -e 123456 760s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 760s pamtester: invoking pam_start(login, ubuntu, ...) 760s pamtester: performing operation - authenticate 760s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 760s + echo -n -e 123456 760s + runuser -u ubuntu -- pamtester -v login '' authenticate 760s pamtester: invoking pam_start(login, , ...) 760s pamtester: performing operation - authenticate 760s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 760s + echo -n -e wrong123456 760s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 760s pamtester: invoking pam_start(login, ubuntu, ...) 760s pamtester: performing operation - authenticate 764s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 764s + echo -n -e wrong123456 764s + runuser -u ubuntu -- pamtester -v login '' authenticate 764s pamtester: invoking pam_start(login, , ...) 764s pamtester: performing operation - authenticate 767s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 768s + pamtester -v login root authenticate 768s pamtester: invoking pam_start(login, root, ...) 768s pamtester: performing operation - authenticate 768s + echo -n -e 123456 769s pamtester: Authentication service cannot retrieve authentication info 769s + test_authentication login /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.pem partial_chain 769s + pam_service=login 769s + certificate_config=/tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 769s + ca_db=/tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.pem 769s + verification_options=partial_chain 769s + mkdir -p -m 700 /etc/sssd 769s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.pem'\'' with verification options: '\''partial_chain'\''' 769s + cat 769s Using CA DB '/tmp/sssd-softhsm2-certs-luPGlE/test-sub-intermediate-CA.pem' with verification options: 'partial_chain' 769s + chmod 600 /etc/sssd/sssd.conf 769s + for path_pair in "${softhsm2_conf_paths[@]}" 769s + IFS=: 769s + read -r -a path 769s + user=ubuntu 769s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 769s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 769s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 769s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 769s + grep 'Test Organization' 769s + runuser -u ubuntu -- softhsm2-util --show-slots 769s + for path_pair in "${softhsm2_conf_paths[@]}" 769s + IFS=: 769s + read -r -a path 769s + user=root 769s + path=/etc/softhsm/softhsm2.conf 769s ++ dirname /etc/softhsm/softhsm2.conf 769s Label: Test Organization Sub Int Token 769s + runuser -u root -- mkdir -p /etc/softhsm 770s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-luPGlE/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 770s + runuser -u root -- softhsm2-util --show-slots 770s + grep 'Test Organization' 770s Label: Test Organization Sub Int Token 770s + systemctl restart sssd 770s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 770s + for alternative in "${alternative_pam_configs[@]}" 770s + pam-auth-update --enable sss-smart-card-optional 770s + cat /etc/pam.d/common-auth 770s # 770s # /etc/pam.d/common-auth - authentication settings common to all services 770s # 770s # This file is included from other service-specific PAM config files, 770s # and should contain a list of the authentication modules that define 770s # the central authentication scheme for use on the system 770s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 770s # traditional Unix authentication mechanisms. 770s # 770s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 770s # To take advantage of this, it is recommended that you configure any 770s # local modules either before or after the default block, and use 770s # pam-auth-update to manage selection of other modules. See 770s # pam-auth-update(8) for details. 770s 770s # here are the per-package modules (the "Primary" block) 770s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 770s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 770s auth [success=1 default=ignore] pam_sss.so use_first_pass 770s # here's the fallback if no module succeeds 770s auth requisite pam_deny.so 770s # prime the stack with a positive return value if there isn't one already; 770s # this avoids us returning an error just because nothing sets a success code 770s # since the modules above will each just jump around 770s auth required pam_permit.so 770s # and here are more per-package modules (the "Additional" block) 770s auth optional pam_cap.so 770s # end of pam-auth-update config 770s + echo -n -e 123456 770s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 770s pamtester: invoking pam_start(login, ubuntu, ...) 770s pamtester: performing operation - authenticate 771s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 771s + echo -n -e 123456 771s + runuser -u ubuntu -- pamtester -v login '' authenticate 771s pamtester: invoking pam_start(login, , ...) 771s pamtester: performing operation - authenticate 771s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 771s + echo -n -e wrong123456 771s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 771s pamtester: invoking pam_start(login, ubuntu, ...) 771s pamtester: performing operation - authenticate 774s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 774s + echo -n -e wrong123456 774s + runuser -u ubuntu -- pamtester -v login '' authenticate 774s pamtester: invoking pam_start(login, , ...) 774s pamtester: performing operation - authenticate 777s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 777s + echo -n -e 123456 777s + pamtester -v login root authenticate 777s pamtester: invoking pam_start(login, root, ...) 777s pamtester: performing operation - authenticate 780s Password: pamtester: Authentication failure 780s + for alternative in "${alternative_pam_configs[@]}" 780s + pam-auth-update --enable sss-smart-card-required 780s PAM configuration 780s ----------------- 780s 780s Incompatible PAM profiles selected. 780s 780s The following PAM profiles cannot be used together: 780s 780s SSS required smart card authentication, SSS optional smart card 780s authentication 780s 780s Please select a different set of modules to enable. 780s 780s + cat /etc/pam.d/common-auth 780s # 780s # /etc/pam.d/common-auth - authentication settings common to all services 780s # 780s # This file is included from other service-specific PAM config files, 780s # and should contain a list of the authentication modules that define 780s # the central authentication scheme for use on the system 780s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 780s # traditional Unix authentication mechanisms. 780s # 780s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 780s # To take advantage of this, it is recommended that you configure any 780s # local modules either before or after the default block, and use 780s # pam-auth-update to manage selection of other modules. See 780s # pam-auth-update(8) for details. 780s 780s # here are the per-package modules (the "Primary" block) 780s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 780s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 780s auth [success=1 default=ignore] pam_sss.so use_first_pass 780s # here's the fallback if no module succeeds 780s auth requisite pam_deny.so 780s # prime the stack with a positive return value if there isn't one already; 780s # this avoids us returning an error just because nothing sets a success code 780s # since the modules above will each just jump around 780s auth required pam_permit.so 780s # and here are more per-package modules (the "Additional" block) 780s auth optional pam_cap.so 780s # end of pam-auth-update config 780s + echo -n -e 123456 780s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 780s pamtester: invoking pam_start(login, ubuntu, ...) 780s pamtester: performing operation - authenticate 780s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 780s + echo -n -e 123456 780s + runuser -u ubuntu -- pamtester -v login '' authenticate 780s pamtester: invoking pam_start(login, , ...) 780s pamtester: performing operation - authenticate 780s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 780s + echo -n -e wrong123456 780s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 780s pamtester: invoking pam_start(login, ubuntu, ...) 780s pamtester: performing operation - authenticate 783s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 783s + echo -n -e wrong123456 783s + runuser -u ubuntu -- pamtester -v login '' authenticate 783s pamtester: invoking pam_start(login, , ...) 783s pamtester: performing operation - authenticate 786s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 786s + echo -n -e 123456 786s + pamtester -v login root authenticate 786s pamtester: invoking pam_start(login, root, ...) 786s pamtester: performing operation - authenticate 789s pamtester: Authentication service cannot retrieve authentication info 789s + handle_exit 789s + exit_code=0 789s + restore_changes 789s + for path in "${restore_paths[@]}" 789s + local original_path 789s ++ realpath --strip --relative-base=/tmp/sssd-softhsm2-backups-g16f54 /tmp/sssd-softhsm2-backups-g16f54//etc/softhsm/softhsm2.conf 789s + original_path=/etc/softhsm/softhsm2.conf 789s + rm /etc/softhsm/softhsm2.conf 789s + mv /tmp/sssd-softhsm2-backups-g16f54//etc/softhsm/softhsm2.conf /etc/softhsm/softhsm2.conf 789s + for path in "${delete_paths[@]}" 789s + rm -f /etc/sssd/sssd.conf 789s + for path in "${delete_paths[@]}" 789s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 789s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 789s + '[' -e /etc/sssd/sssd.conf ']' 789s + systemctl stop sssd 789s + '[' -e /etc/softhsm/softhsm2.conf ']' 789s + chmod 600 /etc/softhsm/softhsm2.conf 789s + rm -rf /tmp/sssd-softhsm2-certs-luPGlE 789s + '[' 0 = 0 ']' 789s + rm -rf /tmp/sssd-softhsm2-backups-g16f54 789s Script completed successfully! 789s + set +x 789s autopkgtest [20:21:17]: test sssd-smart-card-pam-auth-configs: -----------------------] 790s autopkgtest [20:21:18]: test sssd-smart-card-pam-auth-configs: - - - - - - - - - - results - - - - - - - - - - 790s sssd-smart-card-pam-auth-configs PASS 791s autopkgtest [20:21:19]: @@@@@@@@@@@@@@@@@@@@ summary 791s ldap-user-group-ldap-auth PASS 791s ldap-user-group-krb5-auth PASS 791s sssd-softhism2-certificates-tests.sh PASS 791s sssd-smart-card-pam-auth-configs PASS 802s stack.identity-v3+json"}]}} 802s DEBUG (session:946) GET call to https://keystone.ps6.canonical.com:5000/v3 used request id req-b93068e7-b2ac-413b-82f6-b51c7574a510 802s DEBUG (base:182) Making authentication request to https://keystone.ps6.canonical.com:5000/v3/auth/tokens 802s DEBUG (connectionpool:429) https://keystone.ps6.canonical.com:5000 "POST /v3/auth/tokens HTTP/1.1" 201 12445 802s DEBUG (base:187) {"token": {"methods": ["password"], "user": {"domain": {"id": "default", "name": "Default"}, "id": "369f50a481564a2c9433776a4ebd224d", "name": "prod-proposed-migration-arm64", "password_expires_at": null}, "audit_ids": ["hEG8-5_gQciKK9UmtJBcHw"], "expires_at": "2024-03-25T20:12:26.000000Z", "issued_at": "2024-03-24T20:12:26.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "bd8b3df3f03d43a0a9303b7c0434fdab", "name": "prod-proposed-migration-arm64_project"}, "is_domain": false, "roles": [{"id": "86bf3043974746c2bf52c2a9f362f986", "name": "reader"}, {"id": "15cf997650e345b7b21c02b5cdb7d84a", "name": "member"}], "is_admin_project": false, "catalog": [{"endpoints": [{"id": "213cdf38198c4581bd5b7d6d0836923b", "interface": "internal", "region_id": "prodstack6", "url": "https://radosgw-internal.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "67061eee26944a1a8009f9d07be19738", "interface": "public", "region_id": "prodstack6", "url": "https://radosgw.ps6.canonical.com:443/", "region": "prodstack6"}, {"id": "fc88c52c749a47d08a24a2c7efbde01b", "interface": "admin", "region_id": "prodstack6", "url": "https://radosgw-admin.ps6.canonical.com:443/", "region": "prodstack6"}], "id": "06e4714942634054bf9aa11715312b4e", "type": "s3", "name": "s3"}, {"endpoints": [{"id": "8aa44c94b63746bd9b37f1008ad55fa8", "interface": "admin", "region_id": "prodstack6", "url": "https://aodh-admin.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "92cf08a80a0242ebbca8ec893cf332b1", "interface": "public", "region_id": "prodstack6", "url": "https://aodh.ps6.canonical.com:8042", "region": "prodstack6"}, {"id": "d8139c6e11ae4edcb78981c12bd53212", "interface": "internal", "region_id": "prodstack6", "url": "https://aodh-internal.ps6.canonical.com:8042", "region": "prodstack6"}], "id": "2fb939b0b969435c8f0c5fa4edb4de94", "type": "alarming", "name": "aodh"}, {"endpoints": [{"id": "a49fcc80e658411885f88cdd8432a571", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "b23866fddba8415885b06c064c34b94b", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8000/v1", "region": "prodstack6"}, {"id": "f84ae55197f94b8392a678f35c82ca26", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8000/v1", "region": "prodstack6"}], "id": "3d4b59f7dab644b2b527e8e96b697545", "type": "cloudformation", "name": "heat-cfn"}, {"endpoints": [{"id": "2e0143334c6241169f45f1c11970c6bc", "interface": "public", "region_id": "prodstack6", "url": "https://heat.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "5e19c32243c04a3faf1e5f9ab900c260", "interface": "internal", "region_id": "prodstack6", "url": "https://heat-internal.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}, {"id": "b3fc5c88ec8543a691fec75726b86967", "interface": "admin", "region_id": "prodstack6", "url": "https://heat-admin.ps6.canonical.com:8004/v1/bd8b3df3f03d43a0a9303b7c0434fdab", "region": "prodstack6"}], "id": "43b926205044476b8093b18d8ce0a9e4", "type": "orchestration", "name": "heat"}, {"endpoints": [{"id": "a47569b96e5b4146a312e4673504557c", "interface": "public", "region_id": "prodstack6", "url": "https://glance.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "bba35c4ab04f4114a2a34e65568537bd", "interface": "internal", "region_id": "prodstack6", "url": "https://glance-internal.ps6.canonical.com:9292", "region": "prodstack6"}, {"id": "ef769f1117c74a62a279131486c89628", "interface": "admin", "region_id": "prodstack6", "url": "https://glance-admin