0s autopkgtest [15:57:01]: starting date and time: 2024-03-14 15:57:01+0000 0s autopkgtest [15:57:01]: git checkout: b506e79c ssh-setup/nova: fix ARCH having two lines of data 0s autopkgtest [15:57:01]: host juju-7f2275-prod-proposed-migration-environment-3; command line: /home/ubuntu/autopkgtest/runner/autopkgtest --output-dir /tmp/autopkgtest-work.j7ic19js/out --timeout-copy=6000 --setup-commands /home/ubuntu/autopkgtest-cloud/worker-config-production/setup-canonical.sh --apt-pocket=proposed=src:e2fsprogs,src:borgbackup,src:borgbackup2,src:fuse --apt-upgrade sssd --timeout-short=300 --timeout-copy=20000 --timeout-build=20000 '--env=ADT_TEST_TRIGGERS=e2fsprogs/1.47.0-2.4~exp1ubuntu2 borgbackup/1.2.7-2build2 borgbackup2/2.0.0b8-2build1 fuse/2.9.9-8.1' -- ssh -s /home/ubuntu/autopkgtest/ssh-setup/nova -- --flavor autopkgtest --security-groups autopkgtest-juju-7f2275-prod-proposed-migration-environment-3@bos02-ppc64el-15.secgroup --name adt-noble-ppc64el-sssd-20240314-155701-juju-7f2275-prod-proposed-migration-environment-3 --image adt/ubuntu-noble-ppc64el-server --keyname testbed-juju-7f2275-prod-proposed-migration-environment-3 --net-id=net_prod-proposed-migration -e TERM=linux -e ''"'"'http_proxy=http://squid.internal:3128'"'"'' -e ''"'"'https_proxy=http://squid.internal:3128'"'"'' -e ''"'"'no_proxy=127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com'"'"'' --mirror=http://ftpmaster.internal/ubuntu/ 177s autopkgtest [15:59:58]: testbed dpkg architecture: ppc64el 177s autopkgtest [15:59:58]: testbed apt version: 2.7.12 177s autopkgtest [15:59:58]: @@@@@@@@@@@@@@@@@@@@ test bed setup 178s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 178s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [2967 kB] 179s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [47.8 kB] 179s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [4812 B] 179s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [453 kB] 179s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el Packages [604 kB] 179s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el c-n-f Metadata [3116 B] 179s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el Packages [1372 B] 179s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el c-n-f Metadata [116 B] 179s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el Packages [3295 kB] 179s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el c-n-f Metadata [8652 B] 179s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el Packages [42.2 kB] 179s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el c-n-f Metadata [116 B] 182s Fetched 7543 kB in 2s (3077 kB/s) 183s Reading package lists... 186s Reading package lists... 186s Building dependency tree... 186s Reading state information... 186s Calculating upgrade... 186s The following packages will be REMOVED: 186s libext2fs2 186s The following NEW packages will be installed: 186s libext2fs2t64 186s The following packages will be upgraded: 186s e2fsprogs e2fsprogs-l10n libcom-err2 libss2 logsave 187s 5 upgraded, 1 newly installed, 1 to remove and 0 not upgraded. 187s Need to get 1003 kB of archives. 187s After this operation, 134 kB of additional disk space will be used. 187s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el e2fsprogs-l10n all 1.47.0-2.4~exp1ubuntu2 [5996 B] 187s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el logsave ppc64el 1.47.0-2.4~exp1ubuntu2 [22.9 kB] 187s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libext2fs2t64 ppc64el 1.47.0-2.4~exp1ubuntu2 [270 kB] 187s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el e2fsprogs ppc64el 1.47.0-2.4~exp1ubuntu2 [663 kB] 187s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libcom-err2 ppc64el 1.47.0-2.4~exp1ubuntu2 [22.9 kB] 187s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libss2 ppc64el 1.47.0-2.4~exp1ubuntu2 [18.0 kB] 188s Fetched 1003 kB in 1s (1620 kB/s) 188s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70095 files and directories currently installed.) 188s Preparing to unpack .../e2fsprogs-l10n_1.47.0-2.4~exp1ubuntu2_all.deb ... 188s Unpacking e2fsprogs-l10n (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 188s Preparing to unpack .../logsave_1.47.0-2.4~exp1ubuntu2_ppc64el.deb ... 188s Unpacking logsave (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 188s dpkg: libext2fs2:ppc64el: dependency problems, but removing anyway as you requested: 188s libblockdev-fs3:ppc64el depends on libext2fs2 (>= 1.42.11). 188s e2fsprogs depends on libext2fs2 (= 1.47.0-2ubuntu1). 188s btrfs-progs depends on libext2fs2 (>= 1.42). 188s 188s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70095 files and directories currently installed.) 188s Removing libext2fs2:ppc64el (1.47.0-2ubuntu1) ... 188s Selecting previously unselected package libext2fs2t64:ppc64el. 188s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70088 files and directories currently installed.) 188s Preparing to unpack .../libext2fs2t64_1.47.0-2.4~exp1ubuntu2_ppc64el.deb ... 188s Adding 'diversion of /lib/powerpc64le-linux-gnu/libe2p.so.2 to /lib/powerpc64le-linux-gnu/libe2p.so.2.usr-is-merged by libext2fs2t64' 188s Adding 'diversion of /lib/powerpc64le-linux-gnu/libe2p.so.2.3 to /lib/powerpc64le-linux-gnu/libe2p.so.2.3.usr-is-merged by libext2fs2t64' 188s Adding 'diversion of /lib/powerpc64le-linux-gnu/libext2fs.so.2 to /lib/powerpc64le-linux-gnu/libext2fs.so.2.usr-is-merged by libext2fs2t64' 188s Adding 'diversion of /lib/powerpc64le-linux-gnu/libext2fs.so.2.4 to /lib/powerpc64le-linux-gnu/libext2fs.so.2.4.usr-is-merged by libext2fs2t64' 188s Unpacking libext2fs2t64:ppc64el (1.47.0-2.4~exp1ubuntu2) ... 188s Setting up libext2fs2t64:ppc64el (1.47.0-2.4~exp1ubuntu2) ... 188s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70104 files and directories currently installed.) 188s Preparing to unpack .../e2fsprogs_1.47.0-2.4~exp1ubuntu2_ppc64el.deb ... 188s Unpacking e2fsprogs (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 188s Preparing to unpack .../libcom-err2_1.47.0-2.4~exp1ubuntu2_ppc64el.deb ... 188s Unpacking libcom-err2:ppc64el (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 188s Preparing to unpack .../libss2_1.47.0-2.4~exp1ubuntu2_ppc64el.deb ... 188s Unpacking libss2:ppc64el (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 188s Setting up libcom-err2:ppc64el (1.47.0-2.4~exp1ubuntu2) ... 188s Setting up libss2:ppc64el (1.47.0-2.4~exp1ubuntu2) ... 188s Setting up logsave (1.47.0-2.4~exp1ubuntu2) ... 188s Setting up e2fsprogs (1.47.0-2.4~exp1ubuntu2) ... 188s update-initramfs: deferring update (trigger activated) 188s e2scrub_all.service is a disabled or a static unit not running, not starting it. 189s Setting up e2fsprogs-l10n (1.47.0-2.4~exp1ubuntu2) ... 189s Processing triggers for man-db (2.12.0-3) ... 189s Processing triggers for libc-bin (2.39-0ubuntu2) ... 190s Processing triggers for initramfs-tools (0.142ubuntu20) ... 190s update-initramfs: Generating /boot/initrd.img-6.8.0-11-generic 190s W: No lz4 in /usr/bin:/sbin:/bin, using gzip 196s Reading package lists... 196s Building dependency tree... 196s Reading state information... 196s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 197s Hit:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease 197s Hit:2 http://ftpmaster.internal/ubuntu noble InRelease 197s Hit:3 http://ftpmaster.internal/ubuntu noble-updates InRelease 197s Hit:4 http://ftpmaster.internal/ubuntu noble-security InRelease 198s Reading package lists... 198s Reading package lists... 199s Building dependency tree... 199s Reading state information... 199s Calculating upgrade... 199s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 199s Reading package lists... 199s Building dependency tree... 199s Reading state information... 199s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 200s autopkgtest [16:00:21]: rebooting testbed after setup commands that affected boot 239s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 252s autopkgtest [16:01:13]: testbed running kernel: Linux 6.8.0-11-generic #11-Ubuntu SMP Wed Feb 14 00:33:03 UTC 2024 254s autopkgtest [16:01:15]: @@@@@@@@@@@@@@@@@@@@ apt-source sssd 273s Get:1 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (dsc) [5269 B] 273s Get:2 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (tar) [7983 kB] 273s Get:3 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (asc) [833 B] 273s Get:4 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (diff) [48.4 kB] 273s gpgv: Signature made Mon Feb 26 21:56:54 2024 UTC 273s gpgv: using RSA key E92FD0B36B14F1F4D8E0EB2F106DA1C8C3CBBF14 273s gpgv: Can't check signature: No public key 273s dpkg-source: warning: cannot verify inline signature for ./sssd_2.9.4-1ubuntu1.dsc: no acceptable signature found 274s autopkgtest [16:01:35]: testing package sssd version 2.9.4-1ubuntu1 274s autopkgtest [16:01:35]: build not needed 288s autopkgtest [16:01:49]: test ldap-user-group-ldap-auth: preparing testbed 291s Reading package lists... 291s Building dependency tree... 291s Reading state information... 291s Starting pkgProblemResolver with broken count: 0 291s Starting 2 pkgProblemResolver with broken count: 0 291s Done 291s The following additional packages will be installed: 291s expect ldap-utils libavahi-client3 libavahi-common-data libavahi-common3 291s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 291s libevent-2.1-7 libini-config5 libipa-hbac-dev libipa-hbac0 libjose0 libkrad0 291s libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo libodbc2 291s libpam-pwquality libpam-sss libpath-utils1 libpwquality-common libpwquality1 291s libref-array1 libsmbclient libsss-certmap-dev libsss-certmap0 291s libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev libsss-nss-idmap0 291s libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0 libverto-libevent1 291s libverto1 libwbclient0 python3-libipa-hbac python3-libsss-nss-idmap 292s python3-sss samba-libs slapd sssd sssd-ad sssd-ad-common sssd-common 292s sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap 292s sssd-passkey sssd-proxy sssd-tools tcl-expect tcl8.6 292s Suggested packages: 292s tk8.6 libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal 292s odbc-postgresql tdsodbc adcli libsasl2-modules-ldap tcl-tclreadline 292s Recommended packages: 292s cracklib-runtime libsasl2-modules-gssapi-mit 292s | libsasl2-modules-gssapi-heimdal 292s The following NEW packages will be installed: 292s autopkgtest-satdep expect ldap-utils libavahi-client3 libavahi-common-data 292s libavahi-common3 libbasicobjects0 libc-ares2 libcollection4 libcrack2 292s libdhash1 libevent-2.1-7 libini-config5 libipa-hbac-dev libipa-hbac0 292s libjose0 libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo 292s libodbc2 libpam-pwquality libpam-sss libpath-utils1 libpwquality-common 292s libpwquality1 libref-array1 libsmbclient libsss-certmap-dev libsss-certmap0 292s libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev libsss-nss-idmap0 292s libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0 libverto-libevent1 292s libverto1 libwbclient0 python3-libipa-hbac python3-libsss-nss-idmap 292s python3-sss samba-libs slapd sssd sssd-ad sssd-ad-common sssd-common 292s sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap 292s sssd-passkey sssd-proxy sssd-tools tcl-expect tcl8.6 292s 0 upgraded, 65 newly installed, 0 to remove and 0 not upgraded. 292s Need to get 14.3 MB/14.3 MB of archives. 292s After this operation, 69.9 MB of additional disk space will be used. 292s Get:1 /tmp/autopkgtest.5IM9ed/1-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [868 B] 292s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el libltdl7 ppc64el 2.4.7-7 [48.0 kB] 292s Get:3 http://ftpmaster.internal/ubuntu noble/main ppc64el libodbc2 ppc64el 2.3.12-1 [187 kB] 292s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el slapd ppc64el 2.6.7+dfsg-1~exp1ubuntu1 [1768 kB] 292s Get:5 http://ftpmaster.internal/ubuntu noble/main ppc64el libtcl8.6 ppc64el 8.6.13+dfsg-2 [1179 kB] 293s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el tcl8.6 ppc64el 8.6.13+dfsg-2 [14.8 kB] 293s Get:7 http://ftpmaster.internal/ubuntu noble/universe ppc64el tcl-expect ppc64el 5.45.4-2build1 [112 kB] 293s Get:8 http://ftpmaster.internal/ubuntu noble/universe ppc64el expect ppc64el 5.45.4-2build1 [137 kB] 293s Get:9 http://ftpmaster.internal/ubuntu noble/main ppc64el ldap-utils ppc64el 2.6.7+dfsg-1~exp1ubuntu1 [154 kB] 293s Get:10 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common-data ppc64el 0.8-13ubuntu2 [29.5 kB] 293s Get:11 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common3 ppc64el 0.8-13ubuntu2 [25.8 kB] 293s Get:12 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-client3 ppc64el 0.8-13ubuntu2 [30.6 kB] 293s Get:13 http://ftpmaster.internal/ubuntu noble/main ppc64el libcrack2 ppc64el 2.9.6-5.1 [30.9 kB] 293s Get:14 http://ftpmaster.internal/ubuntu noble/main ppc64el libevent-2.1-7 ppc64el 2.1.12-stable-9 [169 kB] 293s Get:15 http://ftpmaster.internal/ubuntu noble/universe ppc64el libjose0 ppc64el 11-3 [50.3 kB] 293s Get:16 http://ftpmaster.internal/ubuntu noble/main ppc64el libverto-libevent1 ppc64el 0.3.1-1ubuntu5 [5960 B] 293s Get:17 http://ftpmaster.internal/ubuntu noble/main ppc64el libverto1 ppc64el 0.3.1-1ubuntu5 [11.6 kB] 293s Get:18 http://ftpmaster.internal/ubuntu noble/main ppc64el libkrad0 ppc64el 1.20.1-5build1 [24.3 kB] 293s Get:19 http://ftpmaster.internal/ubuntu noble/main ppc64el libtalloc2 ppc64el 2.4.2-1 [36.6 kB] 293s Get:20 http://ftpmaster.internal/ubuntu noble/main ppc64el libtdb1 ppc64el 1.4.10-1 [62.7 kB] 293s Get:21 http://ftpmaster.internal/ubuntu noble/main ppc64el libtevent0 ppc64el 0.16.1-1 [50.8 kB] 293s Get:22 http://ftpmaster.internal/ubuntu noble/main ppc64el libldb2 ppc64el 2:2.8.0+samba4.19.5+dfsg-1ubuntu1 [219 kB] 293s Get:23 http://ftpmaster.internal/ubuntu noble/main ppc64el libnfsidmap1 ppc64el 1:2.6.3-3ubuntu1 [53.0 kB] 293s Get:24 http://ftpmaster.internal/ubuntu noble/universe ppc64el libnss-sudo all 1.9.15p5-3ubuntu1 [14.9 kB] 293s Get:25 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality-common all 1.4.5-3 [7658 B] 293s Get:26 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality1 ppc64el 1.4.5-3 [16.9 kB] 293s Get:27 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-pwquality ppc64el 1.4.5-3 [12.5 kB] 293s Get:28 http://ftpmaster.internal/ubuntu noble/main ppc64el libwbclient0 ppc64el 2:4.19.5+dfsg-1ubuntu1 [76.5 kB] 293s Get:29 http://ftpmaster.internal/ubuntu noble/main ppc64el samba-libs ppc64el 2:4.19.5+dfsg-1ubuntu1 [6674 kB] 294s Get:30 http://ftpmaster.internal/ubuntu noble/main ppc64el libnss-sss ppc64el 2.9.4-1ubuntu1 [36.3 kB] 294s Get:31 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-sss ppc64el 2.9.4-1ubuntu1 [56.4 kB] 294s Get:32 http://ftpmaster.internal/ubuntu noble/main ppc64el python3-sss ppc64el 2.9.4-1ubuntu1 [48.0 kB] 294s Get:33 http://ftpmaster.internal/ubuntu noble/main ppc64el libc-ares2 ppc64el 1.27.0-1 [99.0 kB] 294s Get:34 http://ftpmaster.internal/ubuntu noble/main ppc64el libdhash1 ppc64el 0.6.2-2 [9830 B] 294s Get:35 http://ftpmaster.internal/ubuntu noble/main ppc64el libbasicobjects0 ppc64el 0.6.2-2 [5806 B] 294s Get:36 http://ftpmaster.internal/ubuntu noble/main ppc64el libcollection4 ppc64el 0.6.2-2 [35.3 kB] 294s Get:37 http://ftpmaster.internal/ubuntu noble/main ppc64el libpath-utils1 ppc64el 0.6.2-2 [10.2 kB] 294s Get:38 http://ftpmaster.internal/ubuntu noble/main ppc64el libref-array1 ppc64el 0.6.2-2 [7724 B] 294s Get:39 http://ftpmaster.internal/ubuntu noble/main ppc64el libini-config5 ppc64el 0.6.2-2 [53.9 kB] 294s Get:40 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-certmap0 ppc64el 2.9.4-1ubuntu1 [53.6 kB] 294s Get:41 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-idmap0 ppc64el 2.9.4-1ubuntu1 [24.7 kB] 294s Get:42 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-nss-idmap0 ppc64el 2.9.4-1ubuntu1 [37.4 kB] 294s Get:43 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-common ppc64el 2.9.4-1ubuntu1 [1280 kB] 294s Get:44 http://ftpmaster.internal/ubuntu noble/universe ppc64el sssd-idp ppc64el 2.9.4-1ubuntu1 [30.8 kB] 294s Get:45 http://ftpmaster.internal/ubuntu noble/universe ppc64el sssd-passkey ppc64el 2.9.4-1ubuntu1 [35.4 kB] 294s Get:46 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ad-common ppc64el 2.9.4-1ubuntu1 [88.6 kB] 294s Get:47 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-krb5-common ppc64el 2.9.4-1ubuntu1 [103 kB] 294s Get:48 http://ftpmaster.internal/ubuntu noble/main ppc64el libsmbclient ppc64el 2:4.19.5+dfsg-1ubuntu1 [70.4 kB] 294s Get:49 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ad ppc64el 2.9.4-1ubuntu1 [147 kB] 294s Get:50 http://ftpmaster.internal/ubuntu noble/main ppc64el libipa-hbac0 ppc64el 2.9.4-1ubuntu1 [17.4 kB] 294s Get:51 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ipa ppc64el 2.9.4-1ubuntu1 [240 kB] 294s Get:52 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-krb5 ppc64el 2.9.4-1ubuntu1 [14.4 kB] 294s Get:53 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ldap ppc64el 2.9.4-1ubuntu1 [31.6 kB] 294s Get:54 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-proxy ppc64el 2.9.4-1ubuntu1 [48.0 kB] 294s Get:55 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd ppc64el 2.9.4-1ubuntu1 [4124 B] 294s Get:56 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-dbus ppc64el 2.9.4-1ubuntu1 [122 kB] 294s Get:57 http://ftpmaster.internal/ubuntu noble/universe ppc64el sssd-kcm ppc64el 2.9.4-1ubuntu1 [160 kB] 294s Get:58 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-tools ppc64el 2.9.4-1ubuntu1 [108 kB] 294s Get:59 http://ftpmaster.internal/ubuntu noble/main ppc64el libipa-hbac-dev ppc64el 2.9.4-1ubuntu1 [6666 B] 294s Get:60 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-certmap-dev ppc64el 2.9.4-1ubuntu1 [5734 B] 294s Get:61 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-idmap-dev ppc64el 2.9.4-1ubuntu1 [8380 B] 294s Get:62 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-nss-idmap-dev ppc64el 2.9.4-1ubuntu1 [6722 B] 294s Get:63 http://ftpmaster.internal/ubuntu noble/universe ppc64el libsss-sudo ppc64el 2.9.4-1ubuntu1 [22.4 kB] 294s Get:64 http://ftpmaster.internal/ubuntu noble/universe ppc64el python3-libipa-hbac ppc64el 2.9.4-1ubuntu1 [19.2 kB] 294s Get:65 http://ftpmaster.internal/ubuntu noble/universe ppc64el python3-libsss-nss-idmap ppc64el 2.9.4-1ubuntu1 [9542 B] 295s Preconfiguring packages ... 295s Fetched 14.3 MB in 3s (5211 kB/s) 295s Selecting previously unselected package libltdl7:ppc64el. 295s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70104 files and directories currently installed.) 295s Preparing to unpack .../00-libltdl7_2.4.7-7_ppc64el.deb ... 295s Unpacking libltdl7:ppc64el (2.4.7-7) ... 295s Selecting previously unselected package libodbc2:ppc64el. 295s Preparing to unpack .../01-libodbc2_2.3.12-1_ppc64el.deb ... 295s Unpacking libodbc2:ppc64el (2.3.12-1) ... 295s Selecting previously unselected package slapd. 295s Preparing to unpack .../02-slapd_2.6.7+dfsg-1~exp1ubuntu1_ppc64el.deb ... 295s Unpacking slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 295s Selecting previously unselected package libtcl8.6:ppc64el. 295s Preparing to unpack .../03-libtcl8.6_8.6.13+dfsg-2_ppc64el.deb ... 295s Unpacking libtcl8.6:ppc64el (8.6.13+dfsg-2) ... 295s Selecting previously unselected package tcl8.6. 295s Preparing to unpack .../04-tcl8.6_8.6.13+dfsg-2_ppc64el.deb ... 295s Unpacking tcl8.6 (8.6.13+dfsg-2) ... 295s Selecting previously unselected package tcl-expect:ppc64el. 295s Preparing to unpack .../05-tcl-expect_5.45.4-2build1_ppc64el.deb ... 295s Unpacking tcl-expect:ppc64el (5.45.4-2build1) ... 295s Selecting previously unselected package expect. 295s Preparing to unpack .../06-expect_5.45.4-2build1_ppc64el.deb ... 295s Unpacking expect (5.45.4-2build1) ... 295s Selecting previously unselected package ldap-utils. 295s Preparing to unpack .../07-ldap-utils_2.6.7+dfsg-1~exp1ubuntu1_ppc64el.deb ... 295s Unpacking ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 295s Selecting previously unselected package libavahi-common-data:ppc64el. 295s Preparing to unpack .../08-libavahi-common-data_0.8-13ubuntu2_ppc64el.deb ... 295s Unpacking libavahi-common-data:ppc64el (0.8-13ubuntu2) ... 295s Selecting previously unselected package libavahi-common3:ppc64el. 295s Preparing to unpack .../09-libavahi-common3_0.8-13ubuntu2_ppc64el.deb ... 295s Unpacking libavahi-common3:ppc64el (0.8-13ubuntu2) ... 295s Selecting previously unselected package libavahi-client3:ppc64el. 295s Preparing to unpack .../10-libavahi-client3_0.8-13ubuntu2_ppc64el.deb ... 295s Unpacking libavahi-client3:ppc64el (0.8-13ubuntu2) ... 295s Selecting previously unselected package libcrack2:ppc64el. 295s Preparing to unpack .../11-libcrack2_2.9.6-5.1_ppc64el.deb ... 295s Unpacking libcrack2:ppc64el (2.9.6-5.1) ... 296s Selecting previously unselected package libevent-2.1-7:ppc64el. 296s Preparing to unpack .../12-libevent-2.1-7_2.1.12-stable-9_ppc64el.deb ... 296s Unpacking libevent-2.1-7:ppc64el (2.1.12-stable-9) ... 296s Selecting previously unselected package libjose0:ppc64el. 296s Preparing to unpack .../13-libjose0_11-3_ppc64el.deb ... 296s Unpacking libjose0:ppc64el (11-3) ... 296s Selecting previously unselected package libverto-libevent1:ppc64el. 296s Preparing to unpack .../14-libverto-libevent1_0.3.1-1ubuntu5_ppc64el.deb ... 296s Unpacking libverto-libevent1:ppc64el (0.3.1-1ubuntu5) ... 296s Selecting previously unselected package libverto1:ppc64el. 296s Preparing to unpack .../15-libverto1_0.3.1-1ubuntu5_ppc64el.deb ... 296s Unpacking libverto1:ppc64el (0.3.1-1ubuntu5) ... 296s Selecting previously unselected package libkrad0:ppc64el. 296s Preparing to unpack .../16-libkrad0_1.20.1-5build1_ppc64el.deb ... 296s Unpacking libkrad0:ppc64el (1.20.1-5build1) ... 296s Selecting previously unselected package libtalloc2:ppc64el. 296s Preparing to unpack .../17-libtalloc2_2.4.2-1_ppc64el.deb ... 296s Unpacking libtalloc2:ppc64el (2.4.2-1) ... 296s Selecting previously unselected package libtdb1:ppc64el. 296s Preparing to unpack .../18-libtdb1_1.4.10-1_ppc64el.deb ... 296s Unpacking libtdb1:ppc64el (1.4.10-1) ... 296s Selecting previously unselected package libtevent0:ppc64el. 296s Preparing to unpack .../19-libtevent0_0.16.1-1_ppc64el.deb ... 296s Unpacking libtevent0:ppc64el (0.16.1-1) ... 296s Selecting previously unselected package libldb2:ppc64el. 296s Preparing to unpack .../20-libldb2_2%3a2.8.0+samba4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 296s Unpacking libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 296s Selecting previously unselected package libnfsidmap1:ppc64el. 296s Preparing to unpack .../21-libnfsidmap1_1%3a2.6.3-3ubuntu1_ppc64el.deb ... 296s Unpacking libnfsidmap1:ppc64el (1:2.6.3-3ubuntu1) ... 296s Selecting previously unselected package libnss-sudo. 296s Preparing to unpack .../22-libnss-sudo_1.9.15p5-3ubuntu1_all.deb ... 296s Unpacking libnss-sudo (1.9.15p5-3ubuntu1) ... 296s Selecting previously unselected package libpwquality-common. 296s Preparing to unpack .../23-libpwquality-common_1.4.5-3_all.deb ... 296s Unpacking libpwquality-common (1.4.5-3) ... 296s Selecting previously unselected package libpwquality1:ppc64el. 296s Preparing to unpack .../24-libpwquality1_1.4.5-3_ppc64el.deb ... 296s Unpacking libpwquality1:ppc64el (1.4.5-3) ... 296s Selecting previously unselected package libpam-pwquality:ppc64el. 296s Preparing to unpack .../25-libpam-pwquality_1.4.5-3_ppc64el.deb ... 296s Unpacking libpam-pwquality:ppc64el (1.4.5-3) ... 296s Selecting previously unselected package libwbclient0:ppc64el. 296s Preparing to unpack .../26-libwbclient0_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 296s Unpacking libwbclient0:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 296s Selecting previously unselected package samba-libs:ppc64el. 296s Preparing to unpack .../27-samba-libs_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 296s Unpacking samba-libs:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 296s Selecting previously unselected package libnss-sss:ppc64el. 296s Preparing to unpack .../28-libnss-sss_2.9.4-1ubuntu1_ppc64el.deb ... 296s Unpacking libnss-sss:ppc64el (2.9.4-1ubuntu1) ... 296s Selecting previously unselected package libpam-sss:ppc64el. 296s Preparing to unpack .../29-libpam-sss_2.9.4-1ubuntu1_ppc64el.deb ... 296s Unpacking libpam-sss:ppc64el (2.9.4-1ubuntu1) ... 296s Selecting previously unselected package python3-sss. 296s Preparing to unpack .../30-python3-sss_2.9.4-1ubuntu1_ppc64el.deb ... 296s Unpacking python3-sss (2.9.4-1ubuntu1) ... 296s Selecting previously unselected package libc-ares2:ppc64el. 296s Preparing to unpack .../31-libc-ares2_1.27.0-1_ppc64el.deb ... 296s Unpacking libc-ares2:ppc64el (1.27.0-1) ... 296s Selecting previously unselected package libdhash1:ppc64el. 296s Preparing to unpack .../32-libdhash1_0.6.2-2_ppc64el.deb ... 296s Unpacking libdhash1:ppc64el (0.6.2-2) ... 296s Selecting previously unselected package libbasicobjects0:ppc64el. 296s Preparing to unpack .../33-libbasicobjects0_0.6.2-2_ppc64el.deb ... 296s Unpacking libbasicobjects0:ppc64el (0.6.2-2) ... 296s Selecting previously unselected package libcollection4:ppc64el. 296s Preparing to unpack .../34-libcollection4_0.6.2-2_ppc64el.deb ... 296s Unpacking libcollection4:ppc64el (0.6.2-2) ... 296s Selecting previously unselected package libpath-utils1:ppc64el. 296s Preparing to unpack .../35-libpath-utils1_0.6.2-2_ppc64el.deb ... 296s Unpacking libpath-utils1:ppc64el (0.6.2-2) ... 296s Selecting previously unselected package libref-array1:ppc64el. 296s Preparing to unpack .../36-libref-array1_0.6.2-2_ppc64el.deb ... 296s Unpacking libref-array1:ppc64el (0.6.2-2) ... 296s Selecting previously unselected package libini-config5:ppc64el. 296s Preparing to unpack .../37-libini-config5_0.6.2-2_ppc64el.deb ... 296s Unpacking libini-config5:ppc64el (0.6.2-2) ... 296s Selecting previously unselected package libsss-certmap0. 296s Preparing to unpack .../38-libsss-certmap0_2.9.4-1ubuntu1_ppc64el.deb ... 296s Unpacking libsss-certmap0 (2.9.4-1ubuntu1) ... 296s Selecting previously unselected package libsss-idmap0. 296s Preparing to unpack .../39-libsss-idmap0_2.9.4-1ubuntu1_ppc64el.deb ... 296s Unpacking libsss-idmap0 (2.9.4-1ubuntu1) ... 296s Selecting previously unselected package libsss-nss-idmap0. 296s Preparing to unpack .../40-libsss-nss-idmap0_2.9.4-1ubuntu1_ppc64el.deb ... 296s Unpacking libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 296s Selecting previously unselected package sssd-common. 296s Preparing to unpack .../41-sssd-common_2.9.4-1ubuntu1_ppc64el.deb ... 296s Unpacking sssd-common (2.9.4-1ubuntu1) ... 296s Selecting previously unselected package sssd-idp. 297s Preparing to unpack .../42-sssd-idp_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking sssd-idp (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package sssd-passkey. 297s Preparing to unpack .../43-sssd-passkey_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking sssd-passkey (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package sssd-ad-common. 297s Preparing to unpack .../44-sssd-ad-common_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking sssd-ad-common (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package sssd-krb5-common. 297s Preparing to unpack .../45-sssd-krb5-common_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking sssd-krb5-common (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package libsmbclient:ppc64el. 297s Preparing to unpack .../46-libsmbclient_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 297s Unpacking libsmbclient:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 297s Selecting previously unselected package sssd-ad. 297s Preparing to unpack .../47-sssd-ad_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking sssd-ad (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package libipa-hbac0. 297s Preparing to unpack .../48-libipa-hbac0_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking libipa-hbac0 (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package sssd-ipa. 297s Preparing to unpack .../49-sssd-ipa_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking sssd-ipa (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package sssd-krb5. 297s Preparing to unpack .../50-sssd-krb5_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking sssd-krb5 (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package sssd-ldap. 297s Preparing to unpack .../51-sssd-ldap_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking sssd-ldap (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package sssd-proxy. 297s Preparing to unpack .../52-sssd-proxy_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking sssd-proxy (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package sssd. 297s Preparing to unpack .../53-sssd_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking sssd (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package sssd-dbus. 297s Preparing to unpack .../54-sssd-dbus_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking sssd-dbus (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package sssd-kcm. 297s Preparing to unpack .../55-sssd-kcm_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking sssd-kcm (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package sssd-tools. 297s Preparing to unpack .../56-sssd-tools_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking sssd-tools (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package libipa-hbac-dev. 297s Preparing to unpack .../57-libipa-hbac-dev_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking libipa-hbac-dev (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package libsss-certmap-dev. 297s Preparing to unpack .../58-libsss-certmap-dev_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking libsss-certmap-dev (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package libsss-idmap-dev. 297s Preparing to unpack .../59-libsss-idmap-dev_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking libsss-idmap-dev (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package libsss-nss-idmap-dev. 297s Preparing to unpack .../60-libsss-nss-idmap-dev_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking libsss-nss-idmap-dev (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package libsss-sudo. 297s Preparing to unpack .../61-libsss-sudo_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking libsss-sudo (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package python3-libipa-hbac. 297s Preparing to unpack .../62-python3-libipa-hbac_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking python3-libipa-hbac (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package python3-libsss-nss-idmap. 297s Preparing to unpack .../63-python3-libsss-nss-idmap_2.9.4-1ubuntu1_ppc64el.deb ... 297s Unpacking python3-libsss-nss-idmap (2.9.4-1ubuntu1) ... 297s Selecting previously unselected package autopkgtest-satdep. 297s Preparing to unpack .../64-1-autopkgtest-satdep.deb ... 297s Unpacking autopkgtest-satdep (0) ... 297s Setting up libpwquality-common (1.4.5-3) ... 297s Setting up libpath-utils1:ppc64el (0.6.2-2) ... 297s Setting up libnfsidmap1:ppc64el (1:2.6.3-3ubuntu1) ... 297s Setting up libsss-idmap0 (2.9.4-1ubuntu1) ... 297s Setting up libbasicobjects0:ppc64el (0.6.2-2) ... 297s Setting up libsss-idmap-dev (2.9.4-1ubuntu1) ... 297s Setting up libtdb1:ppc64el (1.4.10-1) ... 297s Setting up libc-ares2:ppc64el (1.27.0-1) ... 297s Setting up ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 297s Setting up libjose0:ppc64el (11-3) ... 297s Setting up libwbclient0:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 297s Setting up libtalloc2:ppc64el (2.4.2-1) ... 297s Setting up libdhash1:ppc64el (0.6.2-2) ... 297s Setting up libtevent0:ppc64el (0.16.1-1) ... 297s Setting up libavahi-common-data:ppc64el (0.8-13ubuntu2) ... 297s Setting up libevent-2.1-7:ppc64el (2.1.12-stable-9) ... 297s Setting up libtcl8.6:ppc64el (8.6.13+dfsg-2) ... 297s Setting up libltdl7:ppc64el (2.4.7-7) ... 297s Setting up libcrack2:ppc64el (2.9.6-5.1) ... 297s Setting up libcollection4:ppc64el (0.6.2-2) ... 297s Setting up libodbc2:ppc64el (2.3.12-1) ... 297s Setting up libipa-hbac0 (2.9.4-1ubuntu1) ... 297s Setting up python3-libipa-hbac (2.9.4-1ubuntu1) ... 297s Setting up libref-array1:ppc64el (0.6.2-2) ... 297s Setting up libnss-sudo (1.9.15p5-3ubuntu1) ... 297s Setting up libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 297s Setting up libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 297s Setting up libnss-sss:ppc64el (2.9.4-1ubuntu1) ... 297s Setting up slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 298s Creating new user openldap... done. 298s Creating initial configuration... done. 298s Creating LDAP directory... done. 298s Setting up tcl8.6 (8.6.13+dfsg-2) ... 298s Setting up libsss-sudo (2.9.4-1ubuntu1) ... 298s Setting up libsss-nss-idmap-dev (2.9.4-1ubuntu1) ... 298s Setting up libipa-hbac-dev (2.9.4-1ubuntu1) ... 298s Setting up libini-config5:ppc64el (0.6.2-2) ... 298s Setting up libavahi-common3:ppc64el (0.8-13ubuntu2) ... 298s Setting up tcl-expect:ppc64el (5.45.4-2build1) ... 298s Setting up python3-sss (2.9.4-1ubuntu1) ... 298s Setting up libsss-certmap0 (2.9.4-1ubuntu1) ... 298s Setting up libpwquality1:ppc64el (1.4.5-3) ... 298s Setting up python3-libsss-nss-idmap (2.9.4-1ubuntu1) ... 298s Setting up libavahi-client3:ppc64el (0.8-13ubuntu2) ... 298s Setting up expect (5.45.4-2build1) ... 298s Setting up libpam-pwquality:ppc64el (1.4.5-3) ... 299s Setting up samba-libs:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 299s Setting up libsss-certmap-dev (2.9.4-1ubuntu1) ... 299s Setting up libsmbclient:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 299s Setting up libpam-sss:ppc64el (2.9.4-1ubuntu1) ... 299s Setting up sssd-common (2.9.4-1ubuntu1) ... 299s Creating SSSD system user & group... 299s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 299s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 299s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 299s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 300s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 300s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 300s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 300s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 301s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 301s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 301s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 302s sssd-autofs.service is a disabled or a static unit, not starting it. 302s sssd-nss.service is a disabled or a static unit, not starting it. 302s sssd-pam.service is a disabled or a static unit, not starting it. 302s sssd-ssh.service is a disabled or a static unit, not starting it. 302s sssd-sudo.service is a disabled or a static unit, not starting it. 302s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 302s Setting up sssd-proxy (2.9.4-1ubuntu1) ... 302s Setting up sssd-kcm (2.9.4-1ubuntu1) ... 302s Created symlink /etc/systemd/system/sockets.target.wants/sssd-kcm.socket → /usr/lib/systemd/system/sssd-kcm.socket. 303s sssd-kcm.service is a disabled or a static unit, not starting it. 303s Setting up sssd-dbus (2.9.4-1ubuntu1) ... 303s sssd-ifp.service is a disabled or a static unit, not starting it. 303s Setting up sssd-ad-common (2.9.4-1ubuntu1) ... 303s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 304s sssd-pac.service is a disabled or a static unit, not starting it. 304s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 304s Setting up sssd-krb5-common (2.9.4-1ubuntu1) ... 304s Setting up sssd-krb5 (2.9.4-1ubuntu1) ... 304s Setting up sssd-ldap (2.9.4-1ubuntu1) ... 304s Setting up sssd-ad (2.9.4-1ubuntu1) ... 304s Setting up sssd-tools (2.9.4-1ubuntu1) ... 304s Setting up sssd-ipa (2.9.4-1ubuntu1) ... 304s Setting up sssd (2.9.4-1ubuntu1) ... 304s Setting up libverto-libevent1:ppc64el (0.3.1-1ubuntu5) ... 304s Setting up libverto1:ppc64el (0.3.1-1ubuntu5) ... 304s Setting up libkrad0:ppc64el (1.20.1-5build1) ... 304s Setting up sssd-passkey (2.9.4-1ubuntu1) ... 304s Setting up sssd-idp (2.9.4-1ubuntu1) ... 304s Setting up autopkgtest-satdep (0) ... 304s Processing triggers for libc-bin (2.39-0ubuntu2) ... 304s Processing triggers for ufw (0.36.2-5) ... 304s Processing triggers for man-db (2.12.0-3) ... 305s Processing triggers for dbus (1.14.10-4ubuntu1) ... 316s (Reading database ... 71389 files and directories currently installed.) 316s Removing autopkgtest-satdep (0) ... 316s autopkgtest [16:02:17]: test ldap-user-group-ldap-auth: [----------------------- 317s + . debian/tests/util 317s + . debian/tests/common-tests 317s + mydomain=example.com 317s + myhostname=ldap.example.com 317s + mysuffix=dc=example,dc=com 317s + admin_dn=cn=admin,dc=example,dc=com 317s + admin_pw=secret 317s + ldap_user=testuser1 317s + ldap_user_pw=testuser1secret 317s + ldap_group=ldapusers 317s + adjust_hostname ldap.example.com 317s + local myhostname=ldap.example.com 317s + echo ldap.example.com 317s + hostname ldap.example.com 317s + grep -qE ldap.example.com /etc/hosts 317s + echo 127.0.1.10 ldap.example.com 317s + reconfigure_slapd 317s + debconf-set-selections 317s + rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb 317s + dpkg-reconfigure -fnoninteractive -pcritical slapd 317s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 317s Moving old database directory to /var/backups: 317s - directory unknown... done. 317s Creating initial configuration... done. 317s Creating LDAP directory... done. 318s + generate_certs ldap.example.com 318s + local cn=ldap.example.com 318s + local cert=/etc/ldap/server.pem 318s + local key=/etc/ldap/server.key 318s + local cnf=/etc/ldap/openssl.cnf 318s + cat 318s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 318s .............................modifying entry "cn=config" 318s 318s ..........++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 318s ......................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 318s ----- 318s + chmod 0640 /etc/ldap/server.key 318s + chgrp openldap /etc/ldap/server.key 318s + [ ! -f /etc/ldap/server.pem ] 318s + [ ! -f /etc/ldap/server.key ] 318s + enable_ldap_ssl 318s + cat 318s + cat 318s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 318s + populate_ldap_rfc2307 318s + + cat 318s ldapadd -x -D cn=admin,dc=example,dc=com -w secret 318s adding new entry "ou=People,dc=example,dc=com" 318s 318s adding new entry "ou=Group,dc=example,dc=com" 318s 318s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 318s 318s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 318s 318s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 318s 318s + configure_sssd_ldap_rfc2307 318s + cat 318s + chmod 0600 /etc/sssd/sssd.conf 318s + systemctl restart sssd 318s + enable_pam_mkhomedir 318s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 318s + Assert local user databases do not have our LDAP test data 318s echo session optional pam_mkhomedir.so 318s + run_common_tests 318s + echo Assert local user databases do not have our LDAP test data 318s + check_local_user testuser1 318s + local local_user=testuser1 318s + grep -q ^testuser1 /etc/passwd 318s + check_local_group testuser1 318s + local local_group=testuser1 318s + grep -q ^testuser1 /etc/group 318s + check_local_group ldapusers 318s + local local_group=ldapusers 318s + grep -q ^ldapusers /etc/group 318s + The LDAP user is known to the system via getent 318s echo The LDAP user is known to the system via getent 318s + check_getent_user testuser1 318s + local getent_user=testuser1 318s + local output 318s + getent passwd testuser1 318s The LDAP user's private group is known to the system via getent 318s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 318s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 318s + echo The LDAP user's private group is known to the system via getent 318s + check_getent_group testuser1 318s + local getent_group=testuser1 318s + local output 318s + getent group testuser1 318s + output=testuser1:*:10001:testuser1 318s + [ -zThe LDAP group ldapusers is known to the system via getent 318s testuser1:*:10001:testuser1 ] 318s + echo The LDAP group ldapusers is known to the system via getent 318s + check_getent_group ldapusers 318s + local getent_group=ldapusers 318s + local output 318s + getent group ldapusers 318s + output=ldapusers:*:10100:testuser1 318s + [ -z ldapusers:*:10100:testuser1 ] 318s + echo The id(1) command can resolve the group membership of the LDAP user 318s The id(1) command can resolve the group membership of the LDAP user 318s + id -Gn testuser1 318s + output=testuser1 ldapusers 318s + [ testuser1 ldapusers != testuser1 ldapusers ] 318s + echo The LDAP user can login on a terminalThe LDAP user can login on a terminal 318s 318s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1secret 318s spawn login 318s ldap.example.com login: testuser1 318s Password: 318s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic ppc64le) 318s 318s * Documentation: https://help.ubuntu.com 318s * Management: https://landscape.canonical.com 318s * Support: https://ubuntu.com/pro 318s 318s 318s The programs included with the Ubuntu system are free software; 318s the exact distribution terms for each program are described in the 318s individual files in /usr/share/doc/*/copyright. 318s 318s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 318s applicable law. 318s 318s 318s The programs included with the Ubuntu system are free software; 318s the exact distribution terms for each program are described in the 318s individual files in /usr/share/doc/*/copyright. 318s 318s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 318s applicable law. 318s 318s Creating directory '/home/testuser1'. 318s [?2004htestuser1@ldap:~$ id -un 318s [?2004l testuser1 319s [?2004htestuser1@ldap:~$ autopkgtest [16:02:20]: test ldap-user-group-ldap-auth: -----------------------] 319s ldap-user-group-ldap-auth PASS 319s autopkgtest [16:02:20]: test ldap-user-group-ldap-auth: - - - - - - - - - - results - - - - - - - - - - 319s autopkgtest [16:02:20]: test ldap-user-group-krb5-auth: preparing testbed 321s Reading package lists... 321s Building dependency tree... 321s Reading state information... 321s Starting pkgProblemResolver with broken count: 0 321s Starting 2 pkgProblemResolver with broken count: 0 321s Done 321s The following additional packages will be installed: 322s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4 322s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 322s Suggested packages: 322s krb5-kdc-ldap krb5-kpropd krb5-k5tls krb5-doc 322s The following NEW packages will be installed: 322s autopkgtest-satdep krb5-admin-server krb5-config krb5-kdc krb5-user 322s libgssrpc4 libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 322s 0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded. 322s Need to get 669 kB/670 kB of archives. 322s After this operation, 3104 kB of additional disk space will be used. 322s Get:1 /tmp/autopkgtest.5IM9ed/2-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [888 B] 322s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el krb5-config all 2.7 [22.0 kB] 322s Get:3 http://ftpmaster.internal/ubuntu noble/main ppc64el libgssrpc4 ppc64el 1.20.1-5build1 [64.3 kB] 322s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el libkadm5clnt-mit12 ppc64el 1.20.1-5build1 [43.7 kB] 322s Get:5 http://ftpmaster.internal/ubuntu noble/main ppc64el libkdb5-10 ppc64el 1.20.1-5build1 [46.3 kB] 322s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el libkadm5srv-mit12 ppc64el 1.20.1-5build1 [60.8 kB] 322s Get:7 http://ftpmaster.internal/ubuntu noble/universe ppc64el krb5-user ppc64el 1.20.1-5build1 [117 kB] 322s Get:8 http://ftpmaster.internal/ubuntu noble/universe ppc64el krb5-kdc ppc64el 1.20.1-5build1 [207 kB] 322s Get:9 http://ftpmaster.internal/ubuntu noble/universe ppc64el krb5-admin-server ppc64el 1.20.1-5build1 [108 kB] 322s Preconfiguring packages ... 323s Fetched 669 kB in 1s (1149 kB/s) 323s Selecting previously unselected package krb5-config. 323s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 71389 files and directories currently installed.) 323s Preparing to unpack .../0-krb5-config_2.7_all.deb ... 323s Unpacking krb5-config (2.7) ... 323s Selecting previously unselected package libgssrpc4:ppc64el. 323s Preparing to unpack .../1-libgssrpc4_1.20.1-5build1_ppc64el.deb ... 323s Unpacking libgssrpc4:ppc64el (1.20.1-5build1) ... 323s Selecting previously unselected package libkadm5clnt-mit12:ppc64el. 323s Preparing to unpack .../2-libkadm5clnt-mit12_1.20.1-5build1_ppc64el.deb ... 323s Unpacking libkadm5clnt-mit12:ppc64el (1.20.1-5build1) ... 323s Selecting previously unselected package libkdb5-10:ppc64el. 323s Preparing to unpack .../3-libkdb5-10_1.20.1-5build1_ppc64el.deb ... 323s Unpacking libkdb5-10:ppc64el (1.20.1-5build1) ... 323s Selecting previously unselected package libkadm5srv-mit12:ppc64el. 323s Preparing to unpack .../4-libkadm5srv-mit12_1.20.1-5build1_ppc64el.deb ... 323s Unpacking libkadm5srv-mit12:ppc64el (1.20.1-5build1) ... 323s Selecting previously unselected package krb5-user. 323s Preparing to unpack .../5-krb5-user_1.20.1-5build1_ppc64el.deb ... 323s Unpacking krb5-user (1.20.1-5build1) ... 323s Selecting previously unselected package krb5-kdc. 323s Preparing to unpack .../6-krb5-kdc_1.20.1-5build1_ppc64el.deb ... 323s Unpacking krb5-kdc (1.20.1-5build1) ... 323s Selecting previously unselected package krb5-admin-server. 323s Preparing to unpack .../7-krb5-admin-server_1.20.1-5build1_ppc64el.deb ... 323s Unpacking krb5-admin-server (1.20.1-5build1) ... 323s Selecting previously unselected package autopkgtest-satdep. 323s Preparing to unpack .../8-2-autopkgtest-satdep.deb ... 323s Unpacking autopkgtest-satdep (0) ... 323s Setting up libgssrpc4:ppc64el (1.20.1-5build1) ... 323s Setting up krb5-config (2.7) ... 323s Setting up libkadm5clnt-mit12:ppc64el (1.20.1-5build1) ... 323s Setting up libkdb5-10:ppc64el (1.20.1-5build1) ... 323s Setting up libkadm5srv-mit12:ppc64el (1.20.1-5build1) ... 323s Setting up krb5-user (1.20.1-5build1) ... 323s update-alternatives: using /usr/bin/kinit.mit to provide /usr/bin/kinit (kinit) in auto mode 323s update-alternatives: using /usr/bin/klist.mit to provide /usr/bin/klist (klist) in auto mode 323s update-alternatives: using /usr/bin/kswitch.mit to provide /usr/bin/kswitch (kswitch) in auto mode 323s update-alternatives: using /usr/bin/ksu.mit to provide /usr/bin/ksu (ksu) in auto mode 323s update-alternatives: using /usr/bin/kpasswd.mit to provide /usr/bin/kpasswd (kpasswd) in auto mode 323s update-alternatives: using /usr/bin/kdestroy.mit to provide /usr/bin/kdestroy (kdestroy) in auto mode 323s update-alternatives: using /usr/bin/kadmin.mit to provide /usr/bin/kadmin (kadmin) in auto mode 323s update-alternatives: using /usr/bin/ktutil.mit to provide /usr/bin/ktutil (ktutil) in auto mode 323s Setting up krb5-kdc (1.20.1-5build1) ... 324s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-kdc.service → /usr/lib/systemd/system/krb5-kdc.service. 324s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 324s Setting up krb5-admin-server (1.20.1-5build1) ... 325s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-admin-server.service → /usr/lib/systemd/system/krb5-admin-server.service. 325s Setting up autopkgtest-satdep (0) ... 325s Processing triggers for man-db (2.12.0-3) ... 326s Processing triggers for libc-bin (2.39-0ubuntu2) ... 334s (Reading database ... 71482 files and directories currently installed.) 334s Removing autopkgtest-satdep (0) ... 335s autopkgtest [16:02:36]: test ldap-user-group-krb5-auth: [----------------------- 335s + . debian/tests/util 335s + . debian/tests/common-tests 335s + mydomain=example.com 335s + myhostname=ldap.example.com 335s + mysuffix=dc=example,dc=com 335s + myrealm=EXAMPLE.COM 335s + admin_dn=cn=admin,dc=example,dc=com 335s + admin_pw=secret 335s + ldap_user=testuser1 335s + ldap_user_pw=testuser1secret 335s + kerberos_principal_pw=testuser1kerberos 335s + ldap_group=ldapusers 335s + adjust_hostname ldap.example.com 335s + local myhostname=ldap.example.com 335s + echo ldap.example.com 335s + hostname ldap.example.com 335s + grep -qE ldap.example.com /etc/hosts 335s + reconfigure_slapd 335s + debconf-set-selections 335s + rm -rf /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1 /var/backups/unknown-2.6.7+dfsg-1~exp1ubuntu1-20240314-160218.ldapdb 335s + dpkg-reconfigure -fnoninteractive -pcritical slapd 335s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 335s Moving old database directory to /var/backups: 335s - directory unknown... done. 335s Creating initial configuration... done. 335s Creating LDAP directory... done. 336s + generate_certs ldap.example.com 336s + local cn=ldap.example.com 336s + local cert=/etc/ldap/server.pem 336s + local key=/etc/ldap/server.key 336s + local cnf=/etc/ldap/openssl.cnf 336s + cat 336s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 336s ......++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 336s ..............++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 336s ----- 336s + chmod 0640 /etc/ldap/server.key 336s + chgrp openldap /etc/ldap/server.key 336s + [ ! -f /etc/ldap/server.pem ] 336s + [ ! -f /etc/ldap/server.key ] 336s + enable_ldap_ssl 336s + cat 336s + cat 336s modifying entry "cn=config" 336s 336s adding new entry "ou=People,dc=example,dc=com" 336s 336s adding new entry "ou=Group,dc=example,dc=com" 336s 336s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 336s 336s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 336s 336s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 336s 336s Initializing database '/var/lib/krb5kdc/principal' for realm 'EXAMPLE.COM', 336s master key name 'K/M@EXAMPLE.COM' 336s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 336s + populate_ldap_rfc2307 336s + cat 336s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 336s + create_realm EXAMPLE.COM ldap.example.com 336s + local realm_name=EXAMPLE.COM 336s + local kerberos_server=ldap.example.com 336s + rm -rf /var/lib/krb5kdc/* 336s + rm -rf /etc/krb5kdc/kdc.conf 336s + rm -f /etc/krb5.keytab 336s + cat 336s + cat 336s + echo # */admin * 336s + kdb5_util create -s -P secretpassword 336s + systemctl restart krb5-kdc.service krb5-admin-server.service 336s + create_krb_principal testuser1 testuser1kerberos 336s + local principal=testuser1 336s + local password=testuser1kerberos 336s + kadmin.local -q addprinc -pw testuser1kerberos testuser1 336s No policy specified for testuser1@EXAMPLE.COM; defaulting to no policy 336s Authenticating as principal root/admin@EXAMPLE.COM with password. 336s Principal "testuser1@EXAMPLE.COM" created. 336s + configure_sssd_ldap_rfc2307_krb5_auth 336s + cat 336s + chmod 0600 /etc/sssd/sssd.conf 336s + systemctl restart sssd 336s + enable_pam_mkhomedir 336s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 336s + run_common_tests 336s + echo Assert local user databases do not have our LDAP test dataAssert local user databases do not have our LDAP test data 336s 336s + check_local_user testuser1 336s + local local_user=testuser1 336s + grep -q ^testuser1 /etc/passwd 336s + check_local_group testuser1 336s + local local_group=testuser1 336s + grep -q ^testuser1 /etc/group 336s + check_local_group ldapusers 336s + local local_group=ldapusers 336s + grep -q ^ldapusers /etc/group 336s + echo The LDAP user is known to the system via getent 336s + check_getent_user testuser1 336s + local getent_user=testuser1 336s + local output 336s + getent passwd testuser1 336s The LDAP user is known to the system via getent 336s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 336s + [The LDAP user's private group is known to the system via getent 336s -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 336s + echo The LDAP user's private group is known to the system via getent 336s + check_getent_group testuser1 336s + local getent_group=testuser1 336s + local output 336s + getent group testuser1 336s The LDAP group ldapusers is known to the system via getent 336s + output=testuser1:*:10001:testuser1 336s + [ -z testuser1:*:10001:testuser1 ] 336s + echo The LDAP group ldapusers is known to the system via getent 336s + check_getent_group ldapusers 336s + local getent_group=ldapusers 336s + local output 336s + getent group ldapusers 336s The id(1) command can resolve the group membership of the LDAP user 336s + output=ldapusers:*:10100:testuser1 336s + [ -z ldapusers:*:10100:testuser1 ] 336s + echo The id(1) command can resolve the group membership of the LDAP user 336s + id -Gn testuser1 336s + output=testuser1 ldapusers 336s + [ testuser1 ldapusers != testuser1 ldapusers ] 336s + echo The Kerberos principal can login on a terminalThe Kerberos principal can login on a terminal 336s 336s + kdestroy 336s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1kerberos testuser1@EXAMPLE.COM 336s spawn login 336s ldap.example.com login: testuser1 336s Password: 337s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic ppc64le) 337s 337s * Documentation: https://help.ubuntu.com 337s * Management: https://landscape.canonical.com 337s * Support: https://ubuntu.com/pro 337s 337s 337s The programs included with the Ubuntu system are free software; 337s the exact distribution terms for each program are described in the 337s individual files in /usr/share/doc/*/copyright. 337s 337s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 337s applicable law. 337s 337s Last login: Thu Mar 14 16:02:19 UTC 2024 on pts/0 337s [?2004htestuser1@ldap:~$ id -un 337s [?2004l testuser1 337s [?2004htestuser1@ldap:~$ klist 337s [?2004l Ticket cache: FILE:/tmp/krb5cc_10001_tVQwdI 337s Default principal: testuser1@EXAMPLE.COMautopkgtest [16:02:38]: test ldap-user-group-krb5-auth: -----------------------] 338s ldap-user-group-krb5-auth PASS 338s autopkgtest [16:02:39]: test ldap-user-group-krb5-auth: - - - - - - - - - - results - - - - - - - - - - 338s autopkgtest [16:02:39]: test sssd-softhism2-certificates-tests.sh: preparing testbed 443s autopkgtest [16:04:24]: testbed dpkg architecture: ppc64el 443s autopkgtest [16:04:24]: testbed apt version: 2.7.12 443s autopkgtest [16:04:24]: @@@@@@@@@@@@@@@@@@@@ test bed setup 444s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 444s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [453 kB] 444s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [2967 kB] 445s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [4812 B] 445s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [47.8 kB] 445s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el Packages [604 kB] 445s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el c-n-f Metadata [3116 B] 445s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el Packages [1372 B] 445s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el c-n-f Metadata [116 B] 445s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el Packages [3295 kB] 445s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el c-n-f Metadata [8652 B] 445s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el Packages [42.2 kB] 445s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el c-n-f Metadata [116 B] 448s Fetched 7543 kB in 2s (3286 kB/s) 448s Reading package lists... 450s Reading package lists... 451s Building dependency tree... 451s Reading state information... 451s Calculating upgrade... 451s The following packages will be REMOVED: 451s libext2fs2 451s The following NEW packages will be installed: 451s libext2fs2t64 451s The following packages will be upgraded: 451s e2fsprogs e2fsprogs-l10n libcom-err2 libss2 logsave 451s 5 upgraded, 1 newly installed, 1 to remove and 0 not upgraded. 451s Need to get 1003 kB of archives. 451s After this operation, 134 kB of additional disk space will be used. 451s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el e2fsprogs-l10n all 1.47.0-2.4~exp1ubuntu2 [5996 B] 451s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el logsave ppc64el 1.47.0-2.4~exp1ubuntu2 [22.9 kB] 451s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libext2fs2t64 ppc64el 1.47.0-2.4~exp1ubuntu2 [270 kB] 451s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el e2fsprogs ppc64el 1.47.0-2.4~exp1ubuntu2 [663 kB] 451s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libcom-err2 ppc64el 1.47.0-2.4~exp1ubuntu2 [22.9 kB] 451s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libss2 ppc64el 1.47.0-2.4~exp1ubuntu2 [18.0 kB] 452s Fetched 1003 kB in 1s (1638 kB/s) 452s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70095 files and directories currently installed.) 452s Preparing to unpack .../e2fsprogs-l10n_1.47.0-2.4~exp1ubuntu2_all.deb ... 452s Unpacking e2fsprogs-l10n (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 452s Preparing to unpack .../logsave_1.47.0-2.4~exp1ubuntu2_ppc64el.deb ... 452s Unpacking logsave (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 452s dpkg: libext2fs2:ppc64el: dependency problems, but removing anyway as you requested: 452s libblockdev-fs3:ppc64el depends on libext2fs2 (>= 1.42.11). 452s e2fsprogs depends on libext2fs2 (= 1.47.0-2ubuntu1). 452s btrfs-progs depends on libext2fs2 (>= 1.42). 452s 452s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70095 files and directories currently installed.) 452s Removing libext2fs2:ppc64el (1.47.0-2ubuntu1) ... 452s Selecting previously unselected package libext2fs2t64:ppc64el. 452s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70088 files and directories currently installed.) 452s Preparing to unpack .../libext2fs2t64_1.47.0-2.4~exp1ubuntu2_ppc64el.deb ... 452s Adding 'diversion of /lib/powerpc64le-linux-gnu/libe2p.so.2 to /lib/powerpc64le-linux-gnu/libe2p.so.2.usr-is-merged by libext2fs2t64' 452s Adding 'diversion of /lib/powerpc64le-linux-gnu/libe2p.so.2.3 to /lib/powerpc64le-linux-gnu/libe2p.so.2.3.usr-is-merged by libext2fs2t64' 452s Adding 'diversion of /lib/powerpc64le-linux-gnu/libext2fs.so.2 to /lib/powerpc64le-linux-gnu/libext2fs.so.2.usr-is-merged by libext2fs2t64' 452s Adding 'diversion of /lib/powerpc64le-linux-gnu/libext2fs.so.2.4 to /lib/powerpc64le-linux-gnu/libext2fs.so.2.4.usr-is-merged by libext2fs2t64' 452s Unpacking libext2fs2t64:ppc64el (1.47.0-2.4~exp1ubuntu2) ... 452s Setting up libext2fs2t64:ppc64el (1.47.0-2.4~exp1ubuntu2) ... 452s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70104 files and directories currently installed.) 452s Preparing to unpack .../e2fsprogs_1.47.0-2.4~exp1ubuntu2_ppc64el.deb ... 452s Unpacking e2fsprogs (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 452s Preparing to unpack .../libcom-err2_1.47.0-2.4~exp1ubuntu2_ppc64el.deb ... 452s Unpacking libcom-err2:ppc64el (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 452s Preparing to unpack .../libss2_1.47.0-2.4~exp1ubuntu2_ppc64el.deb ... 452s Unpacking libss2:ppc64el (1.47.0-2.4~exp1ubuntu2) over (1.47.0-2ubuntu1) ... 452s Setting up libcom-err2:ppc64el (1.47.0-2.4~exp1ubuntu2) ... 452s Setting up libss2:ppc64el (1.47.0-2.4~exp1ubuntu2) ... 452s Setting up logsave (1.47.0-2.4~exp1ubuntu2) ... 452s Setting up e2fsprogs (1.47.0-2.4~exp1ubuntu2) ... 452s update-initramfs: deferring update (trigger activated) 453s e2scrub_all.service is a disabled or a static unit not running, not starting it. 453s Setting up e2fsprogs-l10n (1.47.0-2.4~exp1ubuntu2) ... 453s Processing triggers for man-db (2.12.0-3) ... 454s Processing triggers for libc-bin (2.39-0ubuntu2) ... 454s Processing triggers for initramfs-tools (0.142ubuntu20) ... 454s update-initramfs: Generating /boot/initrd.img-6.8.0-11-generic 454s W: No lz4 in /usr/bin:/sbin:/bin, using gzip 459s Reading package lists... 460s Building dependency tree... 460s Reading state information... 460s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 460s Hit:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease 460s Hit:2 http://ftpmaster.internal/ubuntu noble InRelease 460s Hit:3 http://ftpmaster.internal/ubuntu noble-updates InRelease 460s Hit:4 http://ftpmaster.internal/ubuntu noble-security InRelease 461s Reading package lists... 462s Reading package lists... 462s Building dependency tree... 462s Reading state information... 462s Calculating upgrade... 462s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 462s Reading package lists... 462s Building dependency tree... 462s Reading state information... 462s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 463s autopkgtest [16:04:44]: rebooting testbed after setup commands that affected boot 501s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 515s Reading package lists... 515s Building dependency tree... 515s Reading state information... 516s Starting pkgProblemResolver with broken count: 0 516s Starting 2 pkgProblemResolver with broken count: 0 516s Done 516s The following additional packages will be installed: 516s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 516s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 516s libevent-2.1-7 libgnutls-dane0 libini-config5 libipa-hbac0 libldb2 516s libnfsidmap1 libnss-sss libpam-pwquality libpam-sss libpath-utils1 516s libpwquality-common libpwquality1 libref-array1 libsmbclient libsofthsm2 516s libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 516s libtevent0 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 516s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 516s sssd-krb5-common sssd-ldap sssd-proxy 516s Suggested packages: 516s dns-root-data adcli libsss-sudo sssd-tools libsasl2-modules-ldap 516s Recommended packages: 516s cracklib-runtime libsasl2-modules-gssapi-mit 516s | libsasl2-modules-gssapi-heimdal ldap-utils 516s The following NEW packages will be installed: 516s autopkgtest-satdep gnutls-bin libavahi-client3 libavahi-common-data 516s libavahi-common3 libbasicobjects0 libc-ares2 libcollection4 libcrack2 516s libdhash1 libevent-2.1-7 libgnutls-dane0 libini-config5 libipa-hbac0 libldb2 516s libnfsidmap1 libnss-sss libpam-pwquality libpam-sss libpath-utils1 516s libpwquality-common libpwquality1 libref-array1 libsmbclient libsofthsm2 516s libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 516s libtevent0 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 516s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 516s sssd-krb5-common sssd-ldap sssd-proxy 516s 0 upgraded, 46 newly installed, 0 to remove and 0 not upgraded. 516s Need to get 11.4 MB/11.4 MB of archives. 516s After this operation, 56.9 MB of additional disk space will be used. 516s Get:1 /tmp/autopkgtest.5IM9ed/3-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [752 B] 516s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el libevent-2.1-7 ppc64el 2.1.12-stable-9 [169 kB] 516s Get:3 http://ftpmaster.internal/ubuntu noble/main ppc64el libunbound8 ppc64el 1.19.1-1ubuntu1 [537 kB] 516s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el libgnutls-dane0 ppc64el 3.8.3-1ubuntu1 [24.5 kB] 516s Get:5 http://ftpmaster.internal/ubuntu noble/universe ppc64el gnutls-bin ppc64el 3.8.3-1ubuntu1 [290 kB] 516s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common-data ppc64el 0.8-13ubuntu2 [29.5 kB] 516s Get:7 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common3 ppc64el 0.8-13ubuntu2 [25.8 kB] 516s Get:8 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-client3 ppc64el 0.8-13ubuntu2 [30.6 kB] 516s Get:9 http://ftpmaster.internal/ubuntu noble/main ppc64el libcrack2 ppc64el 2.9.6-5.1 [30.9 kB] 516s Get:10 http://ftpmaster.internal/ubuntu noble/main ppc64el libtalloc2 ppc64el 2.4.2-1 [36.6 kB] 516s Get:11 http://ftpmaster.internal/ubuntu noble/main ppc64el libtdb1 ppc64el 1.4.10-1 [62.7 kB] 516s Get:12 http://ftpmaster.internal/ubuntu noble/main ppc64el libtevent0 ppc64el 0.16.1-1 [50.8 kB] 517s Get:13 http://ftpmaster.internal/ubuntu noble/main ppc64el libldb2 ppc64el 2:2.8.0+samba4.19.5+dfsg-1ubuntu1 [219 kB] 517s Get:14 http://ftpmaster.internal/ubuntu noble/main ppc64el libnfsidmap1 ppc64el 1:2.6.3-3ubuntu1 [53.0 kB] 517s Get:15 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality-common all 1.4.5-3 [7658 B] 517s Get:16 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality1 ppc64el 1.4.5-3 [16.9 kB] 517s Get:17 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-pwquality ppc64el 1.4.5-3 [12.5 kB] 517s Get:18 http://ftpmaster.internal/ubuntu noble/main ppc64el libwbclient0 ppc64el 2:4.19.5+dfsg-1ubuntu1 [76.5 kB] 517s Get:19 http://ftpmaster.internal/ubuntu noble/main ppc64el samba-libs ppc64el 2:4.19.5+dfsg-1ubuntu1 [6674 kB] 517s Get:20 http://ftpmaster.internal/ubuntu noble/universe ppc64el softhsm2-common ppc64el 2.6.1-2.2 [5810 B] 517s Get:21 http://ftpmaster.internal/ubuntu noble/universe ppc64el libsofthsm2 ppc64el 2.6.1-2.2 [294 kB] 517s Get:22 http://ftpmaster.internal/ubuntu noble/universe ppc64el softhsm2 ppc64el 2.6.1-2.2 [196 kB] 517s Get:23 http://ftpmaster.internal/ubuntu noble/main ppc64el python3-sss ppc64el 2.9.4-1ubuntu1 [48.0 kB] 517s Get:24 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-idmap0 ppc64el 2.9.4-1ubuntu1 [24.7 kB] 517s Get:25 http://ftpmaster.internal/ubuntu noble/main ppc64el libnss-sss ppc64el 2.9.4-1ubuntu1 [36.3 kB] 517s Get:26 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-sss ppc64el 2.9.4-1ubuntu1 [56.4 kB] 517s Get:27 http://ftpmaster.internal/ubuntu noble/main ppc64el libc-ares2 ppc64el 1.27.0-1 [99.0 kB] 517s Get:28 http://ftpmaster.internal/ubuntu noble/main ppc64el libdhash1 ppc64el 0.6.2-2 [9830 B] 517s Get:29 http://ftpmaster.internal/ubuntu noble/main ppc64el libbasicobjects0 ppc64el 0.6.2-2 [5806 B] 517s Get:30 http://ftpmaster.internal/ubuntu noble/main ppc64el libcollection4 ppc64el 0.6.2-2 [35.3 kB] 517s Get:31 http://ftpmaster.internal/ubuntu noble/main ppc64el libpath-utils1 ppc64el 0.6.2-2 [10.2 kB] 517s Get:32 http://ftpmaster.internal/ubuntu noble/main ppc64el libref-array1 ppc64el 0.6.2-2 [7724 B] 517s Get:33 http://ftpmaster.internal/ubuntu noble/main ppc64el libini-config5 ppc64el 0.6.2-2 [53.9 kB] 517s Get:34 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-certmap0 ppc64el 2.9.4-1ubuntu1 [53.6 kB] 517s Get:35 http://ftpmaster.internal/ubuntu noble/main ppc64el libsss-nss-idmap0 ppc64el 2.9.4-1ubuntu1 [37.4 kB] 517s Get:36 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-common ppc64el 2.9.4-1ubuntu1 [1280 kB] 517s Get:37 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ad-common ppc64el 2.9.4-1ubuntu1 [88.6 kB] 517s Get:38 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-krb5-common ppc64el 2.9.4-1ubuntu1 [103 kB] 517s Get:39 http://ftpmaster.internal/ubuntu noble/main ppc64el libsmbclient ppc64el 2:4.19.5+dfsg-1ubuntu1 [70.4 kB] 517s Get:40 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ad ppc64el 2.9.4-1ubuntu1 [147 kB] 517s Get:41 http://ftpmaster.internal/ubuntu noble/main ppc64el libipa-hbac0 ppc64el 2.9.4-1ubuntu1 [17.4 kB] 517s Get:42 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ipa ppc64el 2.9.4-1ubuntu1 [240 kB] 517s Get:43 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-krb5 ppc64el 2.9.4-1ubuntu1 [14.4 kB] 517s Get:44 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-ldap ppc64el 2.9.4-1ubuntu1 [31.6 kB] 517s Get:45 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd-proxy ppc64el 2.9.4-1ubuntu1 [48.0 kB] 517s Get:46 http://ftpmaster.internal/ubuntu noble/main ppc64el sssd ppc64el 2.9.4-1ubuntu1 [4124 B] 517s Fetched 11.4 MB in 1s (10.2 MB/s) 517s Selecting previously unselected package libevent-2.1-7:ppc64el. 517s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70104 files and directories currently installed.) 517s Preparing to unpack .../00-libevent-2.1-7_2.1.12-stable-9_ppc64el.deb ... 517s Unpacking libevent-2.1-7:ppc64el (2.1.12-stable-9) ... 517s Selecting previously unselected package libunbound8:ppc64el. 517s Preparing to unpack .../01-libunbound8_1.19.1-1ubuntu1_ppc64el.deb ... 517s Unpacking libunbound8:ppc64el (1.19.1-1ubuntu1) ... 518s Selecting previously unselected package libgnutls-dane0:ppc64el. 518s Preparing to unpack .../02-libgnutls-dane0_3.8.3-1ubuntu1_ppc64el.deb ... 518s Unpacking libgnutls-dane0:ppc64el (3.8.3-1ubuntu1) ... 518s Selecting previously unselected package gnutls-bin. 518s Preparing to unpack .../03-gnutls-bin_3.8.3-1ubuntu1_ppc64el.deb ... 518s Unpacking gnutls-bin (3.8.3-1ubuntu1) ... 518s Selecting previously unselected package libavahi-common-data:ppc64el. 518s Preparing to unpack .../04-libavahi-common-data_0.8-13ubuntu2_ppc64el.deb ... 518s Unpacking libavahi-common-data:ppc64el (0.8-13ubuntu2) ... 518s Selecting previously unselected package libavahi-common3:ppc64el. 518s Preparing to unpack .../05-libavahi-common3_0.8-13ubuntu2_ppc64el.deb ... 518s Unpacking libavahi-common3:ppc64el (0.8-13ubuntu2) ... 518s Selecting previously unselected package libavahi-client3:ppc64el. 518s Preparing to unpack .../06-libavahi-client3_0.8-13ubuntu2_ppc64el.deb ... 518s Unpacking libavahi-client3:ppc64el (0.8-13ubuntu2) ... 518s Selecting previously unselected package libcrack2:ppc64el. 518s Preparing to unpack .../07-libcrack2_2.9.6-5.1_ppc64el.deb ... 518s Unpacking libcrack2:ppc64el (2.9.6-5.1) ... 518s Selecting previously unselected package libtalloc2:ppc64el. 518s Preparing to unpack .../08-libtalloc2_2.4.2-1_ppc64el.deb ... 518s Unpacking libtalloc2:ppc64el (2.4.2-1) ... 518s Selecting previously unselected package libtdb1:ppc64el. 518s Preparing to unpack .../09-libtdb1_1.4.10-1_ppc64el.deb ... 518s Unpacking libtdb1:ppc64el (1.4.10-1) ... 518s Selecting previously unselected package libtevent0:ppc64el. 518s Preparing to unpack .../10-libtevent0_0.16.1-1_ppc64el.deb ... 518s Unpacking libtevent0:ppc64el (0.16.1-1) ... 518s Selecting previously unselected package libldb2:ppc64el. 518s Preparing to unpack .../11-libldb2_2%3a2.8.0+samba4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 518s Unpacking libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 518s Selecting previously unselected package libnfsidmap1:ppc64el. 518s Preparing to unpack .../12-libnfsidmap1_1%3a2.6.3-3ubuntu1_ppc64el.deb ... 518s Unpacking libnfsidmap1:ppc64el (1:2.6.3-3ubuntu1) ... 518s Selecting previously unselected package libpwquality-common. 518s Preparing to unpack .../13-libpwquality-common_1.4.5-3_all.deb ... 518s Unpacking libpwquality-common (1.4.5-3) ... 518s Selecting previously unselected package libpwquality1:ppc64el. 518s Preparing to unpack .../14-libpwquality1_1.4.5-3_ppc64el.deb ... 518s Unpacking libpwquality1:ppc64el (1.4.5-3) ... 518s Selecting previously unselected package libpam-pwquality:ppc64el. 518s Preparing to unpack .../15-libpam-pwquality_1.4.5-3_ppc64el.deb ... 518s Unpacking libpam-pwquality:ppc64el (1.4.5-3) ... 518s Selecting previously unselected package libwbclient0:ppc64el. 518s Preparing to unpack .../16-libwbclient0_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 518s Unpacking libwbclient0:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 518s Selecting previously unselected package samba-libs:ppc64el. 518s Preparing to unpack .../17-samba-libs_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 518s Unpacking samba-libs:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 518s Selecting previously unselected package softhsm2-common. 518s Preparing to unpack .../18-softhsm2-common_2.6.1-2.2_ppc64el.deb ... 518s Unpacking softhsm2-common (2.6.1-2.2) ... 518s Selecting previously unselected package libsofthsm2. 518s Preparing to unpack .../19-libsofthsm2_2.6.1-2.2_ppc64el.deb ... 518s Unpacking libsofthsm2 (2.6.1-2.2) ... 518s Selecting previously unselected package softhsm2. 518s Preparing to unpack .../20-softhsm2_2.6.1-2.2_ppc64el.deb ... 518s Unpacking softhsm2 (2.6.1-2.2) ... 518s Selecting previously unselected package python3-sss. 518s Preparing to unpack .../21-python3-sss_2.9.4-1ubuntu1_ppc64el.deb ... 518s Unpacking python3-sss (2.9.4-1ubuntu1) ... 518s Selecting previously unselected package libsss-idmap0. 518s Preparing to unpack .../22-libsss-idmap0_2.9.4-1ubuntu1_ppc64el.deb ... 518s Unpacking libsss-idmap0 (2.9.4-1ubuntu1) ... 518s Selecting previously unselected package libnss-sss:ppc64el. 518s Preparing to unpack .../23-libnss-sss_2.9.4-1ubuntu1_ppc64el.deb ... 518s Unpacking libnss-sss:ppc64el (2.9.4-1ubuntu1) ... 518s Selecting previously unselected package libpam-sss:ppc64el. 518s Preparing to unpack .../24-libpam-sss_2.9.4-1ubuntu1_ppc64el.deb ... 518s Unpacking libpam-sss:ppc64el (2.9.4-1ubuntu1) ... 518s Selecting previously unselected package libc-ares2:ppc64el. 518s Preparing to unpack .../25-libc-ares2_1.27.0-1_ppc64el.deb ... 518s Unpacking libc-ares2:ppc64el (1.27.0-1) ... 518s Selecting previously unselected package libdhash1:ppc64el. 518s Preparing to unpack .../26-libdhash1_0.6.2-2_ppc64el.deb ... 518s Unpacking libdhash1:ppc64el (0.6.2-2) ... 518s Selecting previously unselected package libbasicobjects0:ppc64el. 518s Preparing to unpack .../27-libbasicobjects0_0.6.2-2_ppc64el.deb ... 518s Unpacking libbasicobjects0:ppc64el (0.6.2-2) ... 518s Selecting previously unselected package libcollection4:ppc64el. 518s Preparing to unpack .../28-libcollection4_0.6.2-2_ppc64el.deb ... 518s Unpacking libcollection4:ppc64el (0.6.2-2) ... 518s Selecting previously unselected package libpath-utils1:ppc64el. 518s Preparing to unpack .../29-libpath-utils1_0.6.2-2_ppc64el.deb ... 518s Unpacking libpath-utils1:ppc64el (0.6.2-2) ... 518s Selecting previously unselected package libref-array1:ppc64el. 518s Preparing to unpack .../30-libref-array1_0.6.2-2_ppc64el.deb ... 518s Unpacking libref-array1:ppc64el (0.6.2-2) ... 518s Selecting previously unselected package libini-config5:ppc64el. 518s Preparing to unpack .../31-libini-config5_0.6.2-2_ppc64el.deb ... 518s Unpacking libini-config5:ppc64el (0.6.2-2) ... 518s Selecting previously unselected package libsss-certmap0. 518s Preparing to unpack .../32-libsss-certmap0_2.9.4-1ubuntu1_ppc64el.deb ... 518s Unpacking libsss-certmap0 (2.9.4-1ubuntu1) ... 518s Selecting previously unselected package libsss-nss-idmap0. 518s Preparing to unpack .../33-libsss-nss-idmap0_2.9.4-1ubuntu1_ppc64el.deb ... 518s Unpacking libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 518s Selecting previously unselected package sssd-common. 518s Preparing to unpack .../34-sssd-common_2.9.4-1ubuntu1_ppc64el.deb ... 518s Unpacking sssd-common (2.9.4-1ubuntu1) ... 518s Selecting previously unselected package sssd-ad-common. 518s Preparing to unpack .../35-sssd-ad-common_2.9.4-1ubuntu1_ppc64el.deb ... 518s Unpacking sssd-ad-common (2.9.4-1ubuntu1) ... 518s Selecting previously unselected package sssd-krb5-common. 518s Preparing to unpack .../36-sssd-krb5-common_2.9.4-1ubuntu1_ppc64el.deb ... 518s Unpacking sssd-krb5-common (2.9.4-1ubuntu1) ... 518s Selecting previously unselected package libsmbclient:ppc64el. 518s Preparing to unpack .../37-libsmbclient_2%3a4.19.5+dfsg-1ubuntu1_ppc64el.deb ... 518s Unpacking libsmbclient:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 518s Selecting previously unselected package sssd-ad. 518s Preparing to unpack .../38-sssd-ad_2.9.4-1ubuntu1_ppc64el.deb ... 518s Unpacking sssd-ad (2.9.4-1ubuntu1) ... 518s Selecting previously unselected package libipa-hbac0. 518s Preparing to unpack .../39-libipa-hbac0_2.9.4-1ubuntu1_ppc64el.deb ... 518s Unpacking libipa-hbac0 (2.9.4-1ubuntu1) ... 518s Selecting previously unselected package sssd-ipa. 518s Preparing to unpack .../40-sssd-ipa_2.9.4-1ubuntu1_ppc64el.deb ... 518s Unpacking sssd-ipa (2.9.4-1ubuntu1) ... 518s Selecting previously unselected package sssd-krb5. 518s Preparing to unpack .../41-sssd-krb5_2.9.4-1ubuntu1_ppc64el.deb ... 518s Unpacking sssd-krb5 (2.9.4-1ubuntu1) ... 518s Selecting previously unselected package sssd-ldap. 518s Preparing to unpack .../42-sssd-ldap_2.9.4-1ubuntu1_ppc64el.deb ... 518s Unpacking sssd-ldap (2.9.4-1ubuntu1) ... 518s Selecting previously unselected package sssd-proxy. 518s Preparing to unpack .../43-sssd-proxy_2.9.4-1ubuntu1_ppc64el.deb ... 518s Unpacking sssd-proxy (2.9.4-1ubuntu1) ... 518s Selecting previously unselected package sssd. 518s Preparing to unpack .../44-sssd_2.9.4-1ubuntu1_ppc64el.deb ... 518s Unpacking sssd (2.9.4-1ubuntu1) ... 518s Selecting previously unselected package autopkgtest-satdep. 518s Preparing to unpack .../45-3-autopkgtest-satdep.deb ... 518s Unpacking autopkgtest-satdep (0) ... 518s Setting up libpwquality-common (1.4.5-3) ... 518s Setting up libpath-utils1:ppc64el (0.6.2-2) ... 518s Setting up softhsm2-common (2.6.1-2.2) ... 519s 519s Creating config file /etc/softhsm/softhsm2.conf with new version 519s Setting up libnfsidmap1:ppc64el (1:2.6.3-3ubuntu1) ... 519s Setting up libsss-idmap0 (2.9.4-1ubuntu1) ... 519s Setting up libbasicobjects0:ppc64el (0.6.2-2) ... 519s Setting up libtdb1:ppc64el (1.4.10-1) ... 519s Setting up libc-ares2:ppc64el (1.27.0-1) ... 519s Setting up libwbclient0:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 519s Setting up libtalloc2:ppc64el (2.4.2-1) ... 519s Setting up libdhash1:ppc64el (0.6.2-2) ... 519s Setting up libtevent0:ppc64el (0.16.1-1) ... 519s Setting up libavahi-common-data:ppc64el (0.8-13ubuntu2) ... 519s Setting up libevent-2.1-7:ppc64el (2.1.12-stable-9) ... 519s Setting up libcrack2:ppc64el (2.9.6-5.1) ... 519s Setting up libcollection4:ppc64el (0.6.2-2) ... 519s Setting up libipa-hbac0 (2.9.4-1ubuntu1) ... 519s Setting up libref-array1:ppc64el (0.6.2-2) ... 519s Setting up libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 519s Setting up libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 519s Setting up libnss-sss:ppc64el (2.9.4-1ubuntu1) ... 519s Setting up libsofthsm2 (2.6.1-2.2) ... 519s Setting up softhsm2 (2.6.1-2.2) ... 519s Setting up libini-config5:ppc64el (0.6.2-2) ... 519s Setting up libavahi-common3:ppc64el (0.8-13ubuntu2) ... 519s Setting up python3-sss (2.9.4-1ubuntu1) ... 519s Setting up libsss-certmap0 (2.9.4-1ubuntu1) ... 519s Setting up libunbound8:ppc64el (1.19.1-1ubuntu1) ... 519s Setting up libpwquality1:ppc64el (1.4.5-3) ... 519s Setting up libavahi-client3:ppc64el (0.8-13ubuntu2) ... 519s Setting up libgnutls-dane0:ppc64el (3.8.3-1ubuntu1) ... 519s Setting up libpam-pwquality:ppc64el (1.4.5-3) ... 519s Setting up samba-libs:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 519s Setting up libsmbclient:ppc64el (2:4.19.5+dfsg-1ubuntu1) ... 519s Setting up libpam-sss:ppc64el (2.9.4-1ubuntu1) ... 519s Setting up gnutls-bin (3.8.3-1ubuntu1) ... 519s Setting up sssd-common (2.9.4-1ubuntu1) ... 519s Creating SSSD system user & group... 519s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 519s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 519s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 519s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 520s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 520s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 520s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 520s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 521s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 521s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 521s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 522s sssd-autofs.service is a disabled or a static unit, not starting it. 522s sssd-nss.service is a disabled or a static unit, not starting it. 522s sssd-pam.service is a disabled or a static unit, not starting it. 522s sssd-ssh.service is a disabled or a static unit, not starting it. 522s sssd-sudo.service is a disabled or a static unit, not starting it. 522s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 522s Setting up sssd-proxy (2.9.4-1ubuntu1) ... 522s Setting up sssd-ad-common (2.9.4-1ubuntu1) ... 522s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 522s sssd-pac.service is a disabled or a static unit, not starting it. 522s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 522s Setting up sssd-krb5-common (2.9.4-1ubuntu1) ... 522s Setting up sssd-krb5 (2.9.4-1ubuntu1) ... 522s Setting up sssd-ldap (2.9.4-1ubuntu1) ... 522s Setting up sssd-ad (2.9.4-1ubuntu1) ... 522s Setting up sssd-ipa (2.9.4-1ubuntu1) ... 522s Setting up sssd (2.9.4-1ubuntu1) ... 522s Setting up autopkgtest-satdep (0) ... 522s Processing triggers for man-db (2.12.0-3) ... 523s Processing triggers for libc-bin (2.39-0ubuntu2) ... 526s (Reading database ... 70692 files and directories currently installed.) 526s Removing autopkgtest-satdep (0) ... 535s autopkgtest [16:05:56]: test sssd-softhism2-certificates-tests.sh: [----------------------- 535s + '[' -z ubuntu ']' 535s + required_tools=(p11tool openssl softhsm2-util) 535s + for cmd in "${required_tools[@]}" 535s + command -v p11tool 535s + for cmd in "${required_tools[@]}" 535s + command -v openssl 535s + for cmd in "${required_tools[@]}" 535s + command -v softhsm2-util 535s + PIN=053350 535s +++ find /usr/lib/softhsm/libsofthsm2.so 535s +++ head -n 1 535s ++ realpath /usr/lib/softhsm/libsofthsm2.so 535s + SOFTHSM2_MODULE=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 535s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 535s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 535s + '[' '!' -v NO_SSSD_TESTS ']' 535s + '[' '!' -x /usr/libexec/sssd/p11_child ']' 535s + ca_db_arg=ca_db 535s ++ /usr/libexec/sssd/p11_child --help 535s + p11_child_help='Usage: p11_child [OPTION...] 535s -d, --debug-level=INT Debug level 535s --debug-timestamps=INT Add debug timestamps 535s --debug-microseconds=INT Show timestamps with microseconds 535s --dumpable=INT Allow core dumps 535s --debug-fd=INT An open file descriptor for the debug 535s logs 535s --logger=stderr|files|journald Set logger 535s --auth Run in auth mode 535s --pre Run in pre-auth mode 535s --wait_for_card Wait until card is available 535s --verification Run in verification mode 535s --pin Expect PIN on stdin 535s --keypad Expect PIN on keypad 535s --verify=STRING Tune validation 535s --ca_db=STRING CA DB to use 535s --module_name=STRING Module name for authentication 535s --token_name=STRING Token name for authentication 535s --key_id=STRING Key ID for authentication 535s --label=STRING Label for authentication 535s --certificate=STRING certificate to verify, base64 encoded 535s --uri=STRING PKCS#11 URI to restrict selection 535s --chain-id=LONG Tevent chain ID used for logging 535s purposes 535s 535s Help options: 535s -?, --help Show this help message 535s --usage Display brief usage message' 535s + echo 'Usage: p11_child [OPTION...] 535s -d, --debug-level=INT Debug level 535s + grep nssdb -qs 535s --debug-timestamps=INT Add debug timestamps 535s --debug-microseconds=INT Show timestamps with microseconds 535s --dumpable=INT Allow core dumps 535s --debug-fd=INT An open file descriptor for the debug 535s logs 535s --logger=stderr|files|journald Set logger 535s --auth Run in auth mode 535s --pre Run in pre-auth mode 535s --wait_for_card Wait until card is available 535s --verification Run in verification mode 535s --pin Expect PIN on stdin 535s --keypad Expect PIN on keypad 535s --verify=STRING Tune validation 535s --ca_db=STRING CA DB to use 535s --module_name=STRING Module name for authentication 535s --token_name=STRING Token name for authentication 535s --key_id=STRING Key ID for authentication 535s --label=STRING Label for authentication 535s --certificate=STRING certificate to verify, base64 encoded 535s --uri=STRING PKCS#11 URI to restrict selection 535s --chain-id=LONG Tevent chain ID used for logging 535s purposes 535s 535s Help options: 535s -?, --help Show this help message 535s --usage Display brief usage message' 535s + echo 'Usage: p11_child [OPTION...] 535s -d, --debug-level=INT Debug level 535s + grep -qs -- --ca_db 535s --debug-timestamps=INT Add debug timestamps 535s --debug-microseconds=INT Show timestamps with microseconds 535s --dumpable=INT Allow core dumps 535s --debug-fd=INT An open file descriptor for the debug 535s logs 535s --logger=stderr|files|journald Set logger 535s --auth Run in auth mode 535s --pre Run in pre-auth mode 535s --wait_for_card Wait until card is available 535s --verification Run in verification mode 535s --pin Expect PIN on stdin 535s --keypad Expect PIN on keypad 535s --verify=STRING Tune validation 535s --ca_db=STRING CA DB to use 535s --module_name=STRING Module name for authentication 535s --token_name=STRING Token name for authentication 535s --key_id=STRING Key ID for authentication 535s --label=STRING Label for authentication 535s --certificate=STRING certificate to verify, base64 encoded 535s --uri=STRING PKCS#11 URI to restrict selection 535s --chain-id=LONG Tevent chain ID used for logging 535s purposes 535s 535s Help options: 535s -?, --help Show this help message 535s --usage Display brief usage message' 535s + '[' '!' -e /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so ']' 535s ++ mktemp -d -t sssd-softhsm2-XXXXXX 535s + tmpdir=/tmp/sssd-softhsm2-E1Fh0L 535s + keys_size=1024 535s + [[ ! -v KEEP_TEMPORARY_FILES ]] 535s + trap 'rm -rf "$tmpdir"' EXIT 535s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 535s + echo -n 01 535s + touch /tmp/sssd-softhsm2-E1Fh0L/index.txt 535s + mkdir -p /tmp/sssd-softhsm2-E1Fh0L/new_certs 535s + cat 535s + root_ca_key_pass=pass:random-root-CA-password-17746 535s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-key.pem -passout pass:random-root-CA-password-17746 1024 535s + openssl req -passin pass:random-root-CA-password-17746 -batch -config /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 535s + openssl x509 -noout -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 535s + cat 535s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-17554 535s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-17554 1024 535s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-17554 -config /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.config -key /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-17746 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-certificate-request.pem 535s + openssl req -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-certificate-request.pem 535s Certificate Request: 535s Data: 535s Version: 1 (0x0) 535s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 535s Subject Public Key Info: 535s Public Key Algorithm: rsaEncryption 535s Public-Key: (1024 bit) 535s Modulus: 535s 00:9f:70:ad:8d:8c:e5:09:f8:ed:06:25:cd:0e:84: 535s 85:78:5b:b2:6a:ba:98:d4:d6:60:e8:27:6f:8b:36: 535s e4:08:6e:01:da:a0:1b:34:8a:a0:66:85:46:cc:35: 535s ed:8d:66:33:7f:ed:ac:ef:19:26:7a:9b:b4:32:05: 535s 68:e8:00:e1:6d:03:52:97:78:99:db:ea:2a:7e:75: 535s 35:b1:ba:c6:10:15:f9:5b:05:0f:9e:6a:2f:10:e5: 535s 29:fd:f5:a6:03:07:e1:f4:8c:0a:ba:1f:62:c4:d5: 535s 69:21:f9:b1:e8:6b:3f:1e:4d:1d:ce:17:35:8e:bd: 535s ee:eb:6d:c3:31:68:7c:f1:bb 535s Exponent: 65537 (0x10001) 535s Attributes: 535s (none) 535s Requested Extensions: 535s Signature Algorithm: sha256WithRSAEncryption 535s Signature Value: 535s 4b:f3:90:a5:55:7b:40:c6:54:16:21:64:c8:3b:ce:de:be:25: 535s 2a:f5:e7:57:82:fb:de:82:62:1b:b2:df:1d:dc:f4:9f:38:d3: 535s df:8f:ae:89:84:20:38:50:ab:f7:c5:f7:bb:e6:aa:61:f7:6d: 535s 7a:0e:91:1b:e9:1b:fa:f3:4b:48:b6:b1:5d:56:55:d0:df:6e: 535s 91:0c:e6:13:6d:1e:c1:3c:75:ff:a9:3a:b8:0b:5b:55:13:75: 535s 70:6c:cb:3c:ad:fd:15:28:52:da:ac:80:d4:9c:b4:7a:ec:49: 535s 35:e2:cb:bb:ee:61:8e:ad:e0:30:06:24:40:b6:9d:2a:a5:1e: 535s fd:ba 535s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.config -passin pass:random-root-CA-password-17746 -keyfile /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-key.pem -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem 535s Using configuration from /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.config 535s Check that the request matches the signature 535s Signature ok 535s Certificate Details: 535s Serial Number: 1 (0x1) 535s Validity 535s Not Before: Mar 14 16:05:56 2024 GMT 535s Not After : Mar 14 16:05:56 2025 GMT 535s Subject: 535s organizationName = Test Organization 535s organizationalUnitName = Test Organization Unit 535s commonName = Test Organization Intermediate CA 535s X509v3 extensions: 535s X509v3 Subject Key Identifier: 535s 3F:09:E3:6B:68:8E:15:D2:C5:A3:F5:6F:5A:EC:11:7A:7B:28:1D:EF 535s X509v3 Authority Key Identifier: 535s keyid:96:42:62:62:C7:9C:95:D6:39:4B:F3:42:1E:24:D2:E5:56:A1:10:64 535s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 535s serial:00 535s X509v3 Basic Constraints: 535s CA:TRUE 535s X509v3 Key Usage: critical 535s Digital Signature, Certificate Sign, CRL Sign 535s Certificate is to be certified until Mar 14 16:05:56 2025 GMT (365 days) 535s 535s Write out database with 1 new entries 535s Database updated 535s + openssl x509 -noout -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem 535s + openssl verify -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem 536s /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem: OK 536s + cat 536s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-29624 536s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-29624 1024 536s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-29624 -config /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-17554 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-certificate-request.pem 536s + openssl req -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-certificate-request.pem 536s Certificate Request: 536s Data: 536s Version: 1 (0x0) 536s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 536s Subject Public Key Info: 536s Public Key Algorithm: rsaEncryption 536s Public-Key: (1024 bit) 536s Modulus: 536s 00:d8:d0:49:0e:bc:25:12:db:d3:2b:54:46:73:d4: 536s 2a:29:45:69:c5:d2:ef:1d:48:7d:e0:29:99:e6:97: 536s 84:db:a2:c0:a9:10:4a:a7:f0:d7:d4:ac:87:b7:bf: 536s b4:59:cf:b3:11:b5:16:26:f2:81:a3:90:ae:20:61: 536s d4:2c:dd:80:95:25:77:17:6f:ad:9d:42:bb:10:bc: 536s 64:12:a3:de:c8:f3:90:6e:ea:a3:90:ff:a4:7c:df: 536s d9:6c:48:45:45:b7:37:fc:e9:ce:14:97:97:7f:cb: 536s 62:7d:5a:20:cf:06:b3:65:32:25:f4:ee:b4:6f:1c: 536s 8f:c1:5b:3e:c9:80:fb:1c:5f 536s Exponent: 65537 (0x10001) 536s Attributes: 536s (none) 536s Requested Extensions: 536s Signature Algorithm: sha256WithRSAEncryption 536s Signature Value: 536s 9d:22:9e:20:76:5f:52:e1:4d:7a:bb:2b:b2:f8:ea:94:32:d2: 536s 94:d3:0f:e1:95:70:a2:f6:61:1a:19:4f:46:7e:12:19:66:08: 536s 5e:ef:a3:9b:88:97:54:2e:84:db:e9:b6:9a:e1:07:a0:e5:01: 536s a8:ea:a9:20:87:68:2b:38:38:60:7b:8a:b5:da:e9:ec:ff:e0: 536s e6:2e:8a:28:32:3e:62:5b:e8:6b:72:25:3a:8d:66:ed:30:22: 536s e0:2c:42:92:b2:fd:a8:64:07:d4:79:ec:0f:05:ed:21:87:77: 536s 1c:7e:4e:4e:58:38:bd:5f:b1:17:fb:ea:24:45:32:7f:fa:80: 536s 90:05 536s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-17554 -keyfile /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem 536s Using configuration from /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.config 536s Check that the request matches the signature 536s Signature ok 536s Certificate Details: 536s Serial Number: 2 (0x2) 536s Validity 536s Not Before: Mar 14 16:05:57 2024 GMT 536s Not After : Mar 14 16:05:57 2025 GMT 536s Subject: 536s organizationName = Test Organization 536s organizationalUnitName = Test Organization Unit 536s commonName = Test Organization Sub Intermediate CA 536s X509v3 extensions: 536s X509v3 Subject Key Identifier: 536s BE:E0:30:2D:FC:7F:41:9D:4F:4A:1F:A5:52:1A:9A:7E:4C:C3:1B:B6 536s X509v3 Authority Key Identifier: 536s keyid:3F:09:E3:6B:68:8E:15:D2:C5:A3:F5:6F:5A:EC:11:7A:7B:28:1D:EF 536s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 536s serial:01 536s X509v3 Basic Constraints: 536s CA:TRUE 536s X509v3 Key Usage: critical 536s Digital Signature, Certificate Sign, CRL Sign 536s Certificate is to be certified until Mar 14 16:05:57 2025 GMT (365 days) 536s 536s Write out database with 1 new entries 536s Database updated 536s + openssl x509 -noout -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem 536s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem 536s /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem: OK 536s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem 536s + local cmd=openssl 536s + shift 536s + openssl verify -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem 536s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 536s error 20 at 0 depth lookup: unable to get local issuer certificate 536s error /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem: verification failed 536s + cat 536s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-28382 536s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-28382 1024 536s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-28382 -key /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001-request.pem 536s + openssl req -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001-request.pem 536s Certificate Request: 536s Data: 536s Version: 1 (0x0) 536s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 536s Subject Public Key Info: 536s Public Key Algorithm: rsaEncryption 536s Public-Key: (1024 bit) 536s Modulus: 536s 00:bd:b4:7f:e0:c9:c6:c2:95:2f:4e:9b:cd:bf:23: 536s e5:d6:ce:1d:f0:f0:44:c4:1e:a0:61:83:74:da:58: 536s 60:8b:59:da:57:69:24:f6:c6:41:e7:12:bf:0b:65: 536s ed:00:b6:65:24:10:28:bd:86:c1:f9:f6:89:2e:0c: 536s 63:96:13:88:cc:47:d2:19:db:0b:76:24:8e:8e:63: 536s 65:37:9e:08:55:8f:50:e8:cb:88:67:25:8d:31:74: 536s 70:8f:79:02:43:f5:19:6e:b3:55:71:06:ea:e3:5a: 536s 99:a4:f1:65:92:b2:c5:7f:0a:f9:8f:1f:f2:bb:0c: 536s 0e:0f:82:92:0c:53:50:04:4b 536s Exponent: 65537 (0x10001) 536s Attributes: 536s Requested Extensions: 536s X509v3 Basic Constraints: 536s CA:FALSE 536s Netscape Cert Type: 536s SSL Client, S/MIME 536s Netscape Comment: 536s Test Organization Root CA trusted Certificate 536s X509v3 Subject Key Identifier: 536s F2:E8:88:68:14:75:55:18:9F:D4:E1:73:80:4B:8F:B3:91:68:39:9A 536s X509v3 Key Usage: critical 536s Digital Signature, Non Repudiation, Key Encipherment 536s X509v3 Extended Key Usage: 536s TLS Web Client Authentication, E-mail Protection 536s X509v3 Subject Alternative Name: 536s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 536s Signature Algorithm: sha256WithRSAEncryption 536s Signature Value: 536s 43:49:8d:b7:7e:d3:dc:8a:76:6c:c9:23:67:d3:c3:fe:5c:8a: 536s 76:6b:db:e4:dc:cd:98:f9:0d:f2:39:50:12:c6:4d:9f:ad:00: 536s 09:36:ea:cd:e4:17:c5:d3:87:c1:ac:ca:78:6f:9a:49:80:5b: 536s 3d:39:ed:30:e4:74:46:d4:63:5e:42:76:5e:56:e2:b5:6e:7e: 536s ff:52:f8:ad:e0:b5:22:a8:5d:79:9e:4d:0a:fa:7c:8e:7a:20: 536s 99:e1:65:b0:b9:e8:25:09:fe:ca:18:3d:13:39:73:d1:0e:89: 536s 50:93:2a:14:79:c5:39:ec:e1:c9:ba:ee:8e:e8:15:7d:09:ae: 536s df:cf 536s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.config -passin pass:random-root-CA-password-17746 -keyfile /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-key.pem -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 536s Using configuration from /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.config 536s Check that the request matches the signature 536s Signature ok 536s Certificate Details: 536s Serial Number: 3 (0x3) 536s Validity 536s Not Before: Mar 14 16:05:57 2024 GMT 536s Not After : Mar 14 16:05:57 2025 GMT 536s Subject: 536s organizationName = Test Organization 536s organizationalUnitName = Test Organization Unit 536s commonName = Test Organization Root Trusted Certificate 0001 536s X509v3 extensions: 536s X509v3 Authority Key Identifier: 536s 96:42:62:62:C7:9C:95:D6:39:4B:F3:42:1E:24:D2:E5:56:A1:10:64 536s X509v3 Basic Constraints: 536s CA:FALSE 536s Netscape Cert Type: 536s SSL Client, S/MIME 536s Netscape Comment: 536s Test Organization Root CA trusted Certificate 536s X509v3 Subject Key Identifier: 536s F2:E8:88:68:14:75:55:18:9F:D4:E1:73:80:4B:8F:B3:91:68:39:9A 536s X509v3 Key Usage: critical 536s Digital Signature, Non Repudiation, Key Encipherment 536s X509v3 Extended Key Usage: 536s TLS Web Client Authentication, E-mail Protection 536s X509v3 Subject Alternative Name: 536s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 536s Certificate is to be certified until Mar 14 16:05:57 2025 GMT (365 days) 536s 536s Write out database with 1 new entries 536s Database updated 536s + openssl x509 -noout -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 536s + openssl verify -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 536s /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem: OK 536s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 536s + local cmd=openssl 536s + shift 536s + openssl verify -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 536s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 536s error 20 at 0 depth lookup: unable to get local issuer certificate 536s error /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem: verification failed 536s + cat 536s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-9549 536s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-9549 1024 536s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-9549 -key /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001-request.pem 536s + openssl req -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001-request.pem 536s Certificate Request: 536s Data: 536s Version: 1 (0x0) 536s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 536s Subject Public Key Info: 536s Public Key Algorithm: rsaEncryption 536s Public-Key: (1024 bit) 536s Modulus: 536s 00:da:47:b0:94:0c:2d:9f:22:be:e8:9f:21:e3:24: 536s c5:fc:c8:e6:e4:cb:eb:65:16:d0:dd:56:5f:5a:b2: 536s e5:a1:49:64:db:6e:e1:64:53:a0:0d:16:e5:f8:75: 536s 20:72:6d:30:f2:d7:4a:2c:7f:3c:04:f1:c2:34:a0: 536s 09:80:33:9c:8e:6f:0a:24:90:88:88:ca:cb:7d:5f: 536s 1d:6b:36:0e:7a:5c:78:df:08:32:9e:0c:39:e4:f3: 536s f8:27:bf:88:06:48:62:f0:2c:33:a7:1d:1c:3f:ef: 536s f5:fd:f9:9e:7a:03:cd:1b:a0:d7:13:ec:56:13:65: 536s dd:f6:f6:ea:e2:08:0b:00:d7 536s Exponent: 65537 (0x10001) 536s Attributes: 536s Requested Extensions: 536s X509v3 Basic Constraints: 536s CA:FALSE 536s Netscape Cert Type: 536s SSL Client, S/MIME 536s Netscape Comment: 536s Test Organization Intermediate CA trusted Certificate 536s X509v3 Subject Key Identifier: 536s 12:68:86:3E:9A:03:79:54:98:8F:CD:30:1A:41:CF:D7:B9:17:60:1B 536s X509v3 Key Usage: critical 536s Digital Signature, Non Repudiation, Key Encipherment 536s X509v3 Extended Key Usage: 536s TLS Web Client Authentication, E-mail Protection 536s X509v3 Subject Alternative Name: 536s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 536s Signature Algorithm: sha256WithRSAEncryption 536s Signature Value: 536s c7:61:c2:93:ae:1b:af:b3:59:35:f6:bd:28:b3:f9:3d:51:a7: 536s ae:b6:d8:bb:47:f5:80:5e:fa:88:7a:cc:54:fe:6f:96:ed:64: 536s 5b:47:a9:af:f7:27:ba:41:ad:ec:aa:df:f0:14:81:b3:1e:29: 536s 15:94:63:0c:63:4c:9e:97:c9:87:16:7b:70:cc:9c:0f:95:c6: 536s f2:b3:c2:09:64:2b:fa:c6:47:58:26:1c:8e:dc:c5:9f:23:a3: 536s 6b:c0:c5:a3:1c:26:3d:b4:30:19:64:d0:50:38:a4:2e:c4:29: 536s ac:39:1e:b1:4a:82:b0:79:5a:81:dd:6e:51:8b:5e:ae:4f:04: 536s 3e:69 536s + openssl ca -passin pass:random-intermediate-CA-password-17554 -config /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 536s Using configuration from /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.config 536s Check that the request matches the signature 536s Signature ok 536s Certificate Details: 536s Serial Number: 4 (0x4) 536s Validity 536s Not Before: Mar 14 16:05:57 2024 GMT 536s Not After : Mar 14 16:05:57 2025 GMT 536s Subject: 536s organizationName = Test Organization 536s organizationalUnitName = Test Organization Unit 536s commonName = Test Organization Intermediate Trusted Certificate 0001 536s X509v3 extensions: 536s X509v3 Authority Key Identifier: 536s 3F:09:E3:6B:68:8E:15:D2:C5:A3:F5:6F:5A:EC:11:7A:7B:28:1D:EF 536s X509v3 Basic Constraints: 536s CA:FALSE 536s Netscape Cert Type: 536s SSL Client, S/MIME 536s Netscape Comment: 536s Test Organization Intermediate CA trusted Certificate 536s X509v3 Subject Key Identifier: 536s 12:68:86:3E:9A:03:79:54:98:8F:CD:30:1A:41:CF:D7:B9:17:60:1B 536s X509v3 Key Usage: critical 536s Digital Signature, Non Repudiation, Key Encipherment 536s X509v3 Extended Key Usage: 536s TLS Web Client Authentication, E-mail Protection 536s X509v3 Subject Alternative Name: 536s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 536s Certificate is to be certified until Mar 14 16:05:57 2025 GMT (365 days) 536s 536s Write out database with 1 new entries 536s Database updated 536s + openssl x509 -noout -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 536s This certificate should not be trusted fully 536s + echo 'This certificate should not be trusted fully' 536s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 536s + local cmd=openssl 536s + shift 536s + openssl verify -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 536s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 536s error 2 at 1 depth lookup: unable to get issuer certificate 536s error /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 536s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 536s /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem: OK 536s + cat 536s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-31373 536s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-31373 1024 536s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-31373 -key /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 536s + openssl req -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 536s Certificate Request: 536s Data: 536s Version: 1 (0x0) 536s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 536s Subject Public Key Info: 536s Public Key Algorithm: rsaEncryption 536s Public-Key: (1024 bit) 536s Modulus: 536s 00:d3:bb:ac:29:39:7f:64:c2:8b:3c:aa:ec:97:d1: 536s 7e:05:28:8b:84:04:61:8b:2f:5a:98:59:50:e1:9e: 536s 2d:c3:de:7d:d8:34:12:38:7c:38:48:a7:3d:02:55: 536s e8:46:b3:43:32:2a:fe:bc:41:59:13:5f:af:5e:b9: 536s 72:3b:99:da:c5:97:4a:b8:11:8f:82:88:e4:13:0a: 536s 19:37:e7:8d:75:14:c7:e9:8a:7d:e0:8a:ee:0e:18: 536s 10:a7:1c:bb:06:ac:f4:6c:7b:d3:ef:54:6a:25:cb: 536s 5c:51:c1:1c:9f:76:c0:43:44:32:60:3a:0c:97:a6: 536s 65:4d:8e:e4:55:4e:11:4d:87 536s Exponent: 65537 (0x10001) 536s Attributes: 536s Requested Extensions: 536s X509v3 Basic Constraints: 536s CA:FALSE 536s Netscape Cert Type: 536s SSL Client, S/MIME 536s Netscape Comment: 536s Test Organization Sub Intermediate CA trusted Certificate 536s X509v3 Subject Key Identifier: 536s 12:76:52:0B:53:5A:E6:17:9E:C0:CF:DF:55:97:AD:47:27:1C:7A:C2 536s X509v3 Key Usage: critical 536s Digital Signature, Non Repudiation, Key Encipherment 536s X509v3 Extended Key Usage: 536s TLS Web Client Authentication, E-mail Protection 536s X509v3 Subject Alternative Name: 536s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 536s Signature Algorithm: sha256WithRSAEncryption 536s Signature Value: 536s 02:ab:a0:d2:fc:af:2b:ff:2b:ed:53:49:16:a3:78:95:ac:c2: 536s 92:43:2c:4b:38:93:f5:49:4e:77:a9:60:43:29:02:25:6d:b3: 536s c0:6f:19:a2:0f:ee:51:96:94:2e:d8:c9:32:c8:e5:2b:7c:73: 536s 6e:95:a1:54:c8:25:a7:2c:e4:94:b2:ba:26:4c:fa:0a:55:59: 536s 67:d0:9a:94:5f:f6:d3:18:7e:56:29:2c:b8:d9:60:35:06:96: 536s 5a:2a:4a:7e:c4:90:63:f7:ad:0b:ab:5d:7d:d7:f4:e5:af:78: 536s 51:65:f9:6c:e1:a9:a4:c4:87:e6:20:47:13:6f:b7:64:2f:8e: 536s 03:71 536s + openssl ca -passin pass:random-sub-intermediate-CA-password-29624 -config /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 536s Using configuration from /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.config 536s Check that the request matches the signature 536s Signature ok 536s Certificate Details: 536s Serial Number: 5 (0x5) 536s Validity 536s Not Before: Mar 14 16:05:57 2024 GMT 536s Not After : Mar 14 16:05:57 2025 GMT 536s Subject: 536s organizationName = Test Organization 536s organizationalUnitName = Test Organization Unit 536s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 536s X509v3 extensions: 536s X509v3 Authority Key Identifier: 536s BE:E0:30:2D:FC:7F:41:9D:4F:4A:1F:A5:52:1A:9A:7E:4C:C3:1B:B6 536s X509v3 Basic Constraints: 536s CA:FALSE 536s Netscape Cert Type: 536s SSL Client, S/MIME 536s Netscape Comment: 536s Test Organization Sub Intermediate CA trusted Certificate 536s X509v3 Subject Key Identifier: 536s 12:76:52:0B:53:5A:E6:17:9E:C0:CF:DF:55:97:AD:47:27:1C:7A:C2 536s X509v3 Key Usage: critical 536s Digital Signature, Non Repudiation, Key Encipherment 536s X509v3 Extended Key Usage: 536s TLS Web Client Authentication, E-mail Protection 536s X509v3 Subject Alternative Name: 536s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 536s Certificate is to be certified until Mar 14 16:05:57 2025 GMT (365 days) 536s 536s Write out database with 1 new entries 536s Database updated 536s + openssl x509 -noout -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 536s This certificate should not be trusted fully 536s + echo 'This certificate should not be trusted fully' 536s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 536s + local cmd=openssl 536s + shift 536s + openssl verify -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 536s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 536s error 2 at 1 depth lookup: unable to get issuer certificate 536s error /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 536s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 536s + local cmd=openssl 536s + shift 536s + openssl verify -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 536s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 536s error 20 at 0 depth lookup: unable to get local issuer certificate 536s error /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 536s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 536s /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 536s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 536s + local cmd=openssl 536s + shift 536s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 536s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 536s error 20 at 0 depth lookup: unable to get local issuer certificate 536s error /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 536s Building a the full-chain CA file... 536s + echo 'Building a the full-chain CA file...' 536s + cat /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem 536s + cat /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem 536s + cat /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem 536s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 536s + openssl pkcs7 -print_certs -noout 536s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 536s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 536s 536s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 536s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 536s 536s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 536s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 536s 536s + openssl verify -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem 536s /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem: OK 536s + openssl verify -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 536s + openssl verify -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 536s /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem: OK 536s /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem: OK 536s + openssl verify -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-root-intermediate-chain-CA.pem 536s + openssl verify -CAfile /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 536s /tmp/sssd-softhsm2-E1Fh0L/test-root-intermediate-chain-CA.pem: OK 536s /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 536s Certificates generation completed! 536s + echo 'Certificates generation completed!' 536s + [[ -v NO_SSSD_TESTS ]] 536s + invalid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 /dev/null 536s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 /dev/null 536s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 536s + local key_pass=pass:random-root-ca-trusted-cert-0001-28382 536s + local key_ring=/dev/null 536s + local verify_option= 536s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 536s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 536s + local key_pass=pass:random-root-ca-trusted-cert-0001-28382 536s + local key_cn 536s + local key_name 536s + local tokens_dir 536s + local output_cert_file 536s + token_name= 536s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem .pem 536s + key_name=test-root-CA-trusted-certificate-0001 536s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 536s ++ sed -n 's/ *commonName *= //p' 536s + key_cn='Test Organization Root Trusted Certificate 0001' 536s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 536s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf 536s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf 536s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 536s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001 536s + token_name='Test Organization Root Tr Token' 536s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 536s + local key_file 536s + local decrypted_key 536s + mkdir -p /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001 536s + key_file=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001-key.pem 536s + decrypted_key=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001-key-decrypted.pem 536s + cat 536s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 053350 --so-pin 053350 --free 536s Slot 0 has a free/uninitialized token. 536s The token has been initialized and is reassigned to slot 1142914527 536s + softhsm2-util --show-slots 536s Available slots: 536s Slot 1142914527 536s Slot info: 536s Description: SoftHSM slot ID 0x441f7ddf 536s Manufacturer ID: SoftHSM project 536s Hardware version: 2.6 536s Firmware version: 2.6 536s Token present: yes 536s Token info: 536s Manufacturer ID: SoftHSM project 536s Model: SoftHSM v2 536s Hardware version: 2.6 536s Firmware version: 2.6 536s Serial number: 84bd0eefc41f7ddf 536s Initialized: yes 536s User PIN init.: yes 536s Label: Test Organization Root Tr Token 536s Slot 1 536s Slot info: 536s Description: SoftHSM slot ID 0x1 536s Manufacturer ID: SoftHSM project 536s Hardware version: 2.6 536s Firmware version: 2.6 536s Token present: yes 536s Token info: 536s Manufacturer ID: SoftHSM project 536s Model: SoftHSM v2 536s Hardware version: 2.6 536s Firmware version: 2.6 536s Serial number: 536s Initialized: no 536s User PIN init.: no 536s Label: 536s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 536s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-28382 -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001-key-decrypted.pem 536s writing RSA key 536s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 536s + rm /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001-key-decrypted.pem 536s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 536s Object 0: 536s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=84bd0eefc41f7ddf;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 536s Type: X.509 Certificate (RSA-1024) 536s Expires: Fri Mar 14 16:05:57 2025 536s Label: Test Organization Root Trusted Certificate 0001 536s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 536s 536s Test Organization Root Tr Token 536s + echo 'Test Organization Root Tr Token' 536s + '[' -n '' ']' 536s + local output_base_name=SSSD-child-14002 536s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-14002.output 536s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-14002.pem 536s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 536s [p11_child[2225]] [main] (0x0400): p11_child started. 536s [p11_child[2225]] [main] (0x2000): Running in [pre-auth] mode. 536s [p11_child[2225]] [main] (0x2000): Running with effective IDs: [0][0]. 536s [p11_child[2225]] [main] (0x2000): Running with real IDs [0][0]. 536s [p11_child[2225]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 536s [p11_child[2225]] [do_work] (0x0040): init_verification failed. 536s [p11_child[2225]] [main] (0x0020): p11_child failed (5) 536s + return 2 536s + valid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 /dev/null no_verification 536s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 /dev/null no_verification 536s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 536s + local key_pass=pass:random-root-ca-trusted-cert-0001-28382 536s + local key_ring=/dev/null 536s + local verify_option=no_verification 536s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 536s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 536s + local key_pass=pass:random-root-ca-trusted-cert-0001-28382 536s + local key_cn 536s + local key_name 536s + local tokens_dir 536s + local output_cert_file 536s + token_name= 536s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem .pem 536s + key_name=test-root-CA-trusted-certificate-0001 536s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 536s ++ sed -n 's/ *commonName *= //p' 536s + key_cn='Test Organization Root Trusted Certificate 0001' 536s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 536s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf 536s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf 536s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 536s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001 536s + token_name='Test Organization Root Tr Token' 536s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 536s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001 ']' 536s + echo 'Test Organization Root Tr Token' 536s Test Organization Root Tr Token 536s + '[' -n no_verification ']' 536s + local verify_arg=--verify=no_verification 536s + local output_base_name=SSSD-child-11805 536s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-11805.output 536s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-11805.pem 536s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 536s [p11_child[2231]] [main] (0x0400): p11_child started. 536s [p11_child[2231]] [main] (0x2000): Running in [pre-auth] mode. 536s [p11_child[2231]] [main] (0x2000): Running with effective IDs: [0][0]. 536s [p11_child[2231]] [main] (0x2000): Running with real IDs [0][0]. 536s [p11_child[2231]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 536s [p11_child[2231]] [do_card] (0x4000): Module List: 536s [p11_child[2231]] [do_card] (0x4000): common name: [softhsm2]. 536s [p11_child[2231]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 536s [p11_child[2231]] [do_card] (0x4000): Description [SoftHSM slot ID 0x441f7ddf] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 536s [p11_child[2231]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 536s [p11_child[2231]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x441f7ddf][1142914527] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 536s [p11_child[2231]] [do_card] (0x4000): Login NOT required. 536s [p11_child[2231]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 536s [p11_child[2231]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 536s [p11_child[2231]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x441f7ddf;slot-manufacturer=SoftHSM%20project;slot-id=1142914527;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=84bd0eefc41f7ddf;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 536s [p11_child[2231]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 536s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-11805.output 536s + echo '-----BEGIN CERTIFICATE-----' 536s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-11805.output 536s + echo '-----END CERTIFICATE-----' 536s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-11805.pem 536s Certificate: 536s Data: 536s Version: 3 (0x2) 536s Serial Number: 3 (0x3) 536s Signature Algorithm: sha256WithRSAEncryption 536s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 536s Validity 536s Not Before: Mar 14 16:05:57 2024 GMT 536s Not After : Mar 14 16:05:57 2025 GMT 536s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 536s Subject Public Key Info: 536s Public Key Algorithm: rsaEncryption 536s Public-Key: (1024 bit) 536s Modulus: 536s 00:bd:b4:7f:e0:c9:c6:c2:95:2f:4e:9b:cd:bf:23: 536s e5:d6:ce:1d:f0:f0:44:c4:1e:a0:61:83:74:da:58: 536s 60:8b:59:da:57:69:24:f6:c6:41:e7:12:bf:0b:65: 536s ed:00:b6:65:24:10:28:bd:86:c1:f9:f6:89:2e:0c: 536s 63:96:13:88:cc:47:d2:19:db:0b:76:24:8e:8e:63: 536s 65:37:9e:08:55:8f:50:e8:cb:88:67:25:8d:31:74: 536s 70:8f:79:02:43:f5:19:6e:b3:55:71:06:ea:e3:5a: 536s 99:a4:f1:65:92:b2:c5:7f:0a:f9:8f:1f:f2:bb:0c: 536s 0e:0f:82:92:0c:53:50:04:4b 536s Exponent: 65537 (0x10001) 536s X509v3 extensions: 536s X509v3 Authority Key Identifier: 536s 96:42:62:62:C7:9C:95:D6:39:4B:F3:42:1E:24:D2:E5:56:A1:10:64 536s X509v3 Basic Constraints: 536s CA:FALSE 536s Netscape Cert Type: 536s SSL Client, S/MIME 536s Netscape Comment: 536s Test Organization Root CA trusted Certificate 536s X509v3 Subject Key Identifier: 536s F2:E8:88:68:14:75:55:18:9F:D4:E1:73:80:4B:8F:B3:91:68:39:9A 536s X509v3 Key Usage: critical 536s Digital Signature, Non Repudiation, Key Encipherment 536s X509v3 Extended Key Usage: 536s TLS Web Client Authentication, E-mail Protection 536s X509v3 Subject Alternative Name: 536s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 536s Signature Algorithm: sha256WithRSAEncryption 536s Signature Value: 536s 3e:51:99:f7:9f:cb:69:2d:8b:fb:34:87:71:da:ac:3c:af:50: 536s a5:a4:b2:06:34:d1:8b:bb:9a:d3:04:02:e8:59:48:28:e8:ee: 536s 8d:7e:91:01:c1:1e:59:25:47:94:e5:0d:20:51:01:e2:ca:3c: 536s af:b4:07:af:d4:67:be:81:0d:3a:7b:07:4f:ab:ac:7f:ad:36: 536s 44:26:71:d6:ae:e1:a8:8e:f2:d3:b2:3a:aa:41:48:d8:6f:37: 536s 0e:f9:23:c0:aa:0e:90:19:71:7a:6d:f6:db:9f:ff:5c:d0:16: 536s 10:f1:30:80:67:8d:73:c7:16:b0:7d:9c:ef:13:21:cd:48:8c: 536s 32:af 536s + local found_md5 expected_md5 536s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 536s + expected_md5=Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B 536s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-11805.pem 536s + found_md5=Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B 536s + '[' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B '!=' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B ']' 536s + output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-11805-auth.output 536s ++ basename /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-11805-auth.output .output 536s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-11805-auth.pem 536s + echo -n 053350 536s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 536s [p11_child[2239]] [main] (0x0400): p11_child started. 536s [p11_child[2239]] [main] (0x2000): Running in [auth] mode. 536s [p11_child[2239]] [main] (0x2000): Running with effective IDs: [0][0]. 536s [p11_child[2239]] [main] (0x2000): Running with real IDs [0][0]. 536s [p11_child[2239]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 536s [p11_child[2239]] [do_card] (0x4000): Module List: 536s [p11_child[2239]] [do_card] (0x4000): common name: [softhsm2]. 536s [p11_child[2239]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 536s [p11_child[2239]] [do_card] (0x4000): Description [SoftHSM slot ID 0x441f7ddf] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 536s [p11_child[2239]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 536s [p11_child[2239]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x441f7ddf][1142914527] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 536s [p11_child[2239]] [do_card] (0x4000): Login required. 536s [p11_child[2239]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 536s [p11_child[2239]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 536s [p11_child[2239]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x441f7ddf;slot-manufacturer=SoftHSM%20project;slot-id=1142914527;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=84bd0eefc41f7ddf;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 536s [p11_child[2239]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 536s [p11_child[2239]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 536s [p11_child[2239]] [do_card] (0x4000): Certificate verified and validated. 536s [p11_child[2239]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 536s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-11805-auth.output 536s + echo '-----BEGIN CERTIFICATE-----' 536s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-11805-auth.output 536s + echo '-----END CERTIFICATE-----' 536s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-11805-auth.pem 536s Certificate: 536s Data: 536s Version: 3 (0x2) 536s Serial Number: 3 (0x3) 536s Signature Algorithm: sha256WithRSAEncryption 536s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 536s Validity 536s Not Before: Mar 14 16:05:57 2024 GMT 536s Not After : Mar 14 16:05:57 2025 GMT 536s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 536s Subject Public Key Info: 536s Public Key Algorithm: rsaEncryption 536s Public-Key: (1024 bit) 536s Modulus: 536s 00:bd:b4:7f:e0:c9:c6:c2:95:2f:4e:9b:cd:bf:23: 536s e5:d6:ce:1d:f0:f0:44:c4:1e:a0:61:83:74:da:58: 536s 60:8b:59:da:57:69:24:f6:c6:41:e7:12:bf:0b:65: 536s ed:00:b6:65:24:10:28:bd:86:c1:f9:f6:89:2e:0c: 536s 63:96:13:88:cc:47:d2:19:db:0b:76:24:8e:8e:63: 536s 65:37:9e:08:55:8f:50:e8:cb:88:67:25:8d:31:74: 536s 70:8f:79:02:43:f5:19:6e:b3:55:71:06:ea:e3:5a: 536s 99:a4:f1:65:92:b2:c5:7f:0a:f9:8f:1f:f2:bb:0c: 536s 0e:0f:82:92:0c:53:50:04:4b 536s Exponent: 65537 (0x10001) 536s X509v3 extensions: 536s X509v3 Authority Key Identifier: 536s 96:42:62:62:C7:9C:95:D6:39:4B:F3:42:1E:24:D2:E5:56:A1:10:64 536s X509v3 Basic Constraints: 536s CA:FALSE 536s Netscape Cert Type: 536s SSL Client, S/MIME 536s Netscape Comment: 536s Test Organization Root CA trusted Certificate 536s X509v3 Subject Key Identifier: 536s F2:E8:88:68:14:75:55:18:9F:D4:E1:73:80:4B:8F:B3:91:68:39:9A 536s X509v3 Key Usage: critical 536s Digital Signature, Non Repudiation, Key Encipherment 536s X509v3 Extended Key Usage: 536s TLS Web Client Authentication, E-mail Protection 536s X509v3 Subject Alternative Name: 536s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 536s Signature Algorithm: sha256WithRSAEncryption 536s Signature Value: 536s 3e:51:99:f7:9f:cb:69:2d:8b:fb:34:87:71:da:ac:3c:af:50: 536s a5:a4:b2:06:34:d1:8b:bb:9a:d3:04:02:e8:59:48:28:e8:ee: 536s 8d:7e:91:01:c1:1e:59:25:47:94:e5:0d:20:51:01:e2:ca:3c: 536s af:b4:07:af:d4:67:be:81:0d:3a:7b:07:4f:ab:ac:7f:ad:36: 536s 44:26:71:d6:ae:e1:a8:8e:f2:d3:b2:3a:aa:41:48:d8:6f:37: 536s 0e:f9:23:c0:aa:0e:90:19:71:7a:6d:f6:db:9f:ff:5c:d0:16: 536s 10:f1:30:80:67:8d:73:c7:16:b0:7d:9c:ef:13:21:cd:48:8c: 536s 32:af 536s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-11805-auth.pem 536s + found_md5=Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B 536s + '[' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B '!=' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B ']' 536s + valid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 536s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 536s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 536s + local key_pass=pass:random-root-ca-trusted-cert-0001-28382 536s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 536s + local verify_option= 536s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 536s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 536s + local key_pass=pass:random-root-ca-trusted-cert-0001-28382 536s + local key_cn 536s + local key_name 536s + local tokens_dir 536s + local output_cert_file 536s + token_name= 536s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem .pem 536s + key_name=test-root-CA-trusted-certificate-0001 536s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 536s ++ sed -n 's/ *commonName *= //p' 536s + key_cn='Test Organization Root Trusted Certificate 0001' 536s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 536s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf 536s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf 536s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 536s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001 536s + token_name='Test Organization Root Tr Token' 536s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 536s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001 ']' 536s + echo 'Test Organization Root Tr Token' 536s Test Organization Root Tr Token 536s + '[' -n '' ']' 536s + local output_base_name=SSSD-child-31297 536s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-31297.output 536s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-31297.pem 536s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 536s [p11_child[2249]] [main] (0x0400): p11_child started. 536s [p11_child[2249]] [main] (0x2000): Running in [pre-auth] mode. 536s [p11_child[2249]] [main] (0x2000): Running with effective IDs: [0][0]. 536s [p11_child[2249]] [main] (0x2000): Running with real IDs [0][0]. 536s [p11_child[2249]] [do_card] (0x4000): Module List: 536s [p11_child[2249]] [do_card] (0x4000): common name: [softhsm2]. 536s [p11_child[2249]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 536s [p11_child[2249]] [do_card] (0x4000): Description [SoftHSM slot ID 0x441f7ddf] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 536s [p11_child[2249]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 536s [p11_child[2249]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x441f7ddf][1142914527] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 536s [p11_child[2249]] [do_card] (0x4000): Login NOT required. 536s [p11_child[2249]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 536s [p11_child[2249]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 536s [p11_child[2249]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 536s [p11_child[2249]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x441f7ddf;slot-manufacturer=SoftHSM%20project;slot-id=1142914527;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=84bd0eefc41f7ddf;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 536s [p11_child[2249]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 536s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-31297.output 536s + echo '-----BEGIN CERTIFICATE-----' 536s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-31297.output 536s + echo '-----END CERTIFICATE-----' 536s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-31297.pem 537s Certificate: 537s Data: 537s Version: 3 (0x2) 537s Serial Number: 3 (0x3) 537s Signature Algorithm: sha256WithRSAEncryption 537s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 537s Validity 537s Not Before: Mar 14 16:05:57 2024 GMT 537s Not After : Mar 14 16:05:57 2025 GMT 537s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 537s Subject Public Key Info: 537s Public Key Algorithm: rsaEncryption 537s Public-Key: (1024 bit) 537s Modulus: 537s 00:bd:b4:7f:e0:c9:c6:c2:95:2f:4e:9b:cd:bf:23: 537s e5:d6:ce:1d:f0:f0:44:c4:1e:a0:61:83:74:da:58: 537s 60:8b:59:da:57:69:24:f6:c6:41:e7:12:bf:0b:65: 537s ed:00:b6:65:24:10:28:bd:86:c1:f9:f6:89:2e:0c: 537s 63:96:13:88:cc:47:d2:19:db:0b:76:24:8e:8e:63: 537s 65:37:9e:08:55:8f:50:e8:cb:88:67:25:8d:31:74: 537s 70:8f:79:02:43:f5:19:6e:b3:55:71:06:ea:e3:5a: 537s 99:a4:f1:65:92:b2:c5:7f:0a:f9:8f:1f:f2:bb:0c: 537s 0e:0f:82:92:0c:53:50:04:4b 537s Exponent: 65537 (0x10001) 537s X509v3 extensions: 537s X509v3 Authority Key Identifier: 537s 96:42:62:62:C7:9C:95:D6:39:4B:F3:42:1E:24:D2:E5:56:A1:10:64 537s X509v3 Basic Constraints: 537s CA:FALSE 537s Netscape Cert Type: 537s SSL Client, S/MIME 537s Netscape Comment: 537s Test Organization Root CA trusted Certificate 537s X509v3 Subject Key Identifier: 537s F2:E8:88:68:14:75:55:18:9F:D4:E1:73:80:4B:8F:B3:91:68:39:9A 537s X509v3 Key Usage: critical 537s Digital Signature, Non Repudiation, Key Encipherment 537s X509v3 Extended Key Usage: 537s TLS Web Client Authentication, E-mail Protection 537s X509v3 Subject Alternative Name: 537s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 537s Signature Algorithm: sha256WithRSAEncryption 537s Signature Value: 537s 3e:51:99:f7:9f:cb:69:2d:8b:fb:34:87:71:da:ac:3c:af:50: 537s a5:a4:b2:06:34:d1:8b:bb:9a:d3:04:02:e8:59:48:28:e8:ee: 537s 8d:7e:91:01:c1:1e:59:25:47:94:e5:0d:20:51:01:e2:ca:3c: 537s af:b4:07:af:d4:67:be:81:0d:3a:7b:07:4f:ab:ac:7f:ad:36: 537s 44:26:71:d6:ae:e1:a8:8e:f2:d3:b2:3a:aa:41:48:d8:6f:37: 537s 0e:f9:23:c0:aa:0e:90:19:71:7a:6d:f6:db:9f:ff:5c:d0:16: 537s 10:f1:30:80:67:8d:73:c7:16:b0:7d:9c:ef:13:21:cd:48:8c: 537s 32:af 537s + local found_md5 expected_md5 537s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 537s + expected_md5=Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B 537s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-31297.pem 537s + found_md5=Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B 537s + '[' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B '!=' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B ']' 537s + output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-31297-auth.output 537s ++ basename /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-31297-auth.output .output 537s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-31297-auth.pem 537s + echo -n 053350 537s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 537s [p11_child[2257]] [main] (0x0400): p11_child started. 537s [p11_child[2257]] [main] (0x2000): Running in [auth] mode. 537s [p11_child[2257]] [main] (0x2000): Running with effective IDs: [0][0]. 537s [p11_child[2257]] [main] (0x2000): Running with real IDs [0][0]. 537s [p11_child[2257]] [do_card] (0x4000): Module List: 537s [p11_child[2257]] [do_card] (0x4000): common name: [softhsm2]. 537s [p11_child[2257]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 537s [p11_child[2257]] [do_card] (0x4000): Description [SoftHSM slot ID 0x441f7ddf] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 537s [p11_child[2257]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 537s [p11_child[2257]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x441f7ddf][1142914527] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 537s [p11_child[2257]] [do_card] (0x4000): Login required. 537s [p11_child[2257]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 537s [p11_child[2257]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 537s [p11_child[2257]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 537s [p11_child[2257]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x441f7ddf;slot-manufacturer=SoftHSM%20project;slot-id=1142914527;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=84bd0eefc41f7ddf;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 537s [p11_child[2257]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 537s [p11_child[2257]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 537s [p11_child[2257]] [do_card] (0x4000): Certificate verified and validated. 537s [p11_child[2257]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 537s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-31297-auth.output 537s + echo '-----BEGIN CERTIFICATE-----' 537s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-31297-auth.output 537s + echo '-----END CERTIFICATE-----' 537s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-31297-auth.pem 537s Certificate: 537s Data: 537s Version: 3 (0x2) 537s Serial Number: 3 (0x3) 537s Signature Algorithm: sha256WithRSAEncryption 537s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 537s Validity 537s Not Before: Mar 14 16:05:57 2024 GMT 537s Not After : Mar 14 16:05:57 2025 GMT 537s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 537s Subject Public Key Info: 537s Public Key Algorithm: rsaEncryption 537s Public-Key: (1024 bit) 537s Modulus: 537s 00:bd:b4:7f:e0:c9:c6:c2:95:2f:4e:9b:cd:bf:23: 537s e5:d6:ce:1d:f0:f0:44:c4:1e:a0:61:83:74:da:58: 537s 60:8b:59:da:57:69:24:f6:c6:41:e7:12:bf:0b:65: 537s ed:00:b6:65:24:10:28:bd:86:c1:f9:f6:89:2e:0c: 537s 63:96:13:88:cc:47:d2:19:db:0b:76:24:8e:8e:63: 537s 65:37:9e:08:55:8f:50:e8:cb:88:67:25:8d:31:74: 537s 70:8f:79:02:43:f5:19:6e:b3:55:71:06:ea:e3:5a: 537s 99:a4:f1:65:92:b2:c5:7f:0a:f9:8f:1f:f2:bb:0c: 537s 0e:0f:82:92:0c:53:50:04:4b 537s Exponent: 65537 (0x10001) 537s X509v3 extensions: 537s X509v3 Authority Key Identifier: 537s 96:42:62:62:C7:9C:95:D6:39:4B:F3:42:1E:24:D2:E5:56:A1:10:64 537s X509v3 Basic Constraints: 537s CA:FALSE 537s Netscape Cert Type: 537s SSL Client, S/MIME 537s Netscape Comment: 537s Test Organization Root CA trusted Certificate 537s X509v3 Subject Key Identifier: 537s F2:E8:88:68:14:75:55:18:9F:D4:E1:73:80:4B:8F:B3:91:68:39:9A 537s X509v3 Key Usage: critical 537s Digital Signature, Non Repudiation, Key Encipherment 537s X509v3 Extended Key Usage: 537s TLS Web Client Authentication, E-mail Protection 537s X509v3 Subject Alternative Name: 537s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 537s Signature Algorithm: sha256WithRSAEncryption 537s Signature Value: 537s 3e:51:99:f7:9f:cb:69:2d:8b:fb:34:87:71:da:ac:3c:af:50: 537s a5:a4:b2:06:34:d1:8b:bb:9a:d3:04:02:e8:59:48:28:e8:ee: 537s 8d:7e:91:01:c1:1e:59:25:47:94:e5:0d:20:51:01:e2:ca:3c: 537s af:b4:07:af:d4:67:be:81:0d:3a:7b:07:4f:ab:ac:7f:ad:36: 537s 44:26:71:d6:ae:e1:a8:8e:f2:d3:b2:3a:aa:41:48:d8:6f:37: 537s 0e:f9:23:c0:aa:0e:90:19:71:7a:6d:f6:db:9f:ff:5c:d0:16: 537s 10:f1:30:80:67:8d:73:c7:16:b0:7d:9c:ef:13:21:cd:48:8c: 537s 32:af 537s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-31297-auth.pem 537s + found_md5=Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B 537s + '[' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B '!=' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B ']' 537s + valid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem partial_chain 537s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem partial_chain 537s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 537s + local key_pass=pass:random-root-ca-trusted-cert-0001-28382 537s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 537s + local verify_option=partial_chain 537s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 537s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 537s + local key_pass=pass:random-root-ca-trusted-cert-0001-28382 537s + local key_cn 537s + local key_name 537s + local tokens_dir 537s + local output_cert_file 537s + token_name= 537s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem .pem 537s + key_name=test-root-CA-trusted-certificate-0001 537s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 537s ++ sed -n 's/ *commonName *= //p' 537s + key_cn='Test Organization Root Trusted Certificate 0001' 537s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 537s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf 537s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf 537s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 537s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001 537s + token_name='Test Organization Root Tr Token' 537s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 537s Test Organization Root Tr Token 537s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001 ']' 537s + echo 'Test Organization Root Tr Token' 537s + '[' -n partial_chain ']' 537s + local verify_arg=--verify=partial_chain 537s + local output_base_name=SSSD-child-21006 537s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21006.output 537s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21006.pem 537s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 537s [p11_child[2267]] [main] (0x0400): p11_child started. 537s [p11_child[2267]] [main] (0x2000): Running in [pre-auth] mode. 537s [p11_child[2267]] [main] (0x2000): Running with effective IDs: [0][0]. 537s [p11_child[2267]] [main] (0x2000): Running with real IDs [0][0]. 537s [p11_child[2267]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 537s [p11_child[2267]] [do_card] (0x4000): Module List: 537s [p11_child[2267]] [do_card] (0x4000): common name: [softhsm2]. 537s [p11_child[2267]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 537s [p11_child[2267]] [do_card] (0x4000): Description [SoftHSM slot ID 0x441f7ddf] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 537s [p11_child[2267]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 537s [p11_child[2267]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x441f7ddf][1142914527] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 537s [p11_child[2267]] [do_card] (0x4000): Login NOT required. 537s [p11_child[2267]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 537s [p11_child[2267]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 537s [p11_child[2267]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 537s [p11_child[2267]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x441f7ddf;slot-manufacturer=SoftHSM%20project;slot-id=1142914527;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=84bd0eefc41f7ddf;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 537s [p11_child[2267]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 537s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21006.output 537s + echo '-----BEGIN CERTIFICATE-----' 537s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21006.output 537s + echo '-----END CERTIFICATE-----' 537s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21006.pem 537s Certificate: 537s Data: 537s Version: 3 (0x2) 537s Serial Number: 3 (0x3) 537s Signature Algorithm: sha256WithRSAEncryption 537s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 537s Validity 537s Not Before: Mar 14 16:05:57 2024 GMT 537s Not After : Mar 14 16:05:57 2025 GMT 537s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 537s Subject Public Key Info: 537s Public Key Algorithm: rsaEncryption 537s Public-Key: (1024 bit) 537s Modulus: 537s 00:bd:b4:7f:e0:c9:c6:c2:95:2f:4e:9b:cd:bf:23: 537s e5:d6:ce:1d:f0:f0:44:c4:1e:a0:61:83:74:da:58: 537s 60:8b:59:da:57:69:24:f6:c6:41:e7:12:bf:0b:65: 537s ed:00:b6:65:24:10:28:bd:86:c1:f9:f6:89:2e:0c: 537s 63:96:13:88:cc:47:d2:19:db:0b:76:24:8e:8e:63: 537s 65:37:9e:08:55:8f:50:e8:cb:88:67:25:8d:31:74: 537s 70:8f:79:02:43:f5:19:6e:b3:55:71:06:ea:e3:5a: 537s 99:a4:f1:65:92:b2:c5:7f:0a:f9:8f:1f:f2:bb:0c: 537s 0e:0f:82:92:0c:53:50:04:4b 537s Exponent: 65537 (0x10001) 537s X509v3 extensions: 537s X509v3 Authority Key Identifier: 537s 96:42:62:62:C7:9C:95:D6:39:4B:F3:42:1E:24:D2:E5:56:A1:10:64 537s X509v3 Basic Constraints: 537s CA:FALSE 537s Netscape Cert Type: 537s SSL Client, S/MIME 537s Netscape Comment: 537s Test Organization Root CA trusted Certificate 537s X509v3 Subject Key Identifier: 537s F2:E8:88:68:14:75:55:18:9F:D4:E1:73:80:4B:8F:B3:91:68:39:9A 537s X509v3 Key Usage: critical 537s Digital Signature, Non Repudiation, Key Encipherment 537s X509v3 Extended Key Usage: 537s TLS Web Client Authentication, E-mail Protection 537s X509v3 Subject Alternative Name: 537s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 537s Signature Algorithm: sha256WithRSAEncryption 537s Signature Value: 537s 3e:51:99:f7:9f:cb:69:2d:8b:fb:34:87:71:da:ac:3c:af:50: 537s a5:a4:b2:06:34:d1:8b:bb:9a:d3:04:02:e8:59:48:28:e8:ee: 537s 8d:7e:91:01:c1:1e:59:25:47:94:e5:0d:20:51:01:e2:ca:3c: 537s af:b4:07:af:d4:67:be:81:0d:3a:7b:07:4f:ab:ac:7f:ad:36: 537s 44:26:71:d6:ae:e1:a8:8e:f2:d3:b2:3a:aa:41:48:d8:6f:37: 537s 0e:f9:23:c0:aa:0e:90:19:71:7a:6d:f6:db:9f:ff:5c:d0:16: 537s 10:f1:30:80:67:8d:73:c7:16:b0:7d:9c:ef:13:21:cd:48:8c: 537s 32:af 537s + local found_md5 expected_md5 537s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 537s + expected_md5=Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B 537s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21006.pem 537s + found_md5=Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B 537s + '[' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B '!=' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B ']' 537s + output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21006-auth.output 537s ++ basename /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21006-auth.output .output 537s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21006-auth.pem 537s + echo -n 053350 537s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 537s [p11_child[2275]] [main] (0x0400): p11_child started. 537s [p11_child[2275]] [main] (0x2000): Running in [auth] mode. 537s [p11_child[2275]] [main] (0x2000): Running with effective IDs: [0][0]. 537s [p11_child[2275]] [main] (0x2000): Running with real IDs [0][0]. 537s [p11_child[2275]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 537s [p11_child[2275]] [do_card] (0x4000): Module List: 537s [p11_child[2275]] [do_card] (0x4000): common name: [softhsm2]. 537s [p11_child[2275]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 537s [p11_child[2275]] [do_card] (0x4000): Description [SoftHSM slot ID 0x441f7ddf] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 537s [p11_child[2275]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 537s [p11_child[2275]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x441f7ddf][1142914527] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 537s [p11_child[2275]] [do_card] (0x4000): Login required. 537s [p11_child[2275]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 537s [p11_child[2275]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 537s [p11_child[2275]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 537s [p11_child[2275]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x441f7ddf;slot-manufacturer=SoftHSM%20project;slot-id=1142914527;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=84bd0eefc41f7ddf;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 537s [p11_child[2275]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 537s [p11_child[2275]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 537s [p11_child[2275]] [do_card] (0x4000): Certificate verified and validated. 537s [p11_child[2275]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 537s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21006-auth.output 537s + echo '-----BEGIN CERTIFICATE-----' 537s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21006-auth.output 537s + echo '-----END CERTIFICATE-----' 537s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21006-auth.pem 537s Certificate: 537s Data: 537s Version: 3 (0x2) 537s Serial Number: 3 (0x3) 537s Signature Algorithm: sha256WithRSAEncryption 537s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 537s Validity 537s Not Before: Mar 14 16:05:57 2024 GMT 537s Not After : Mar 14 16:05:57 2025 GMT 537s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 537s Subject Public Key Info: 537s Public Key Algorithm: rsaEncryption 537s Public-Key: (1024 bit) 537s Modulus: 537s 00:bd:b4:7f:e0:c9:c6:c2:95:2f:4e:9b:cd:bf:23: 537s e5:d6:ce:1d:f0:f0:44:c4:1e:a0:61:83:74:da:58: 537s 60:8b:59:da:57:69:24:f6:c6:41:e7:12:bf:0b:65: 537s ed:00:b6:65:24:10:28:bd:86:c1:f9:f6:89:2e:0c: 537s 63:96:13:88:cc:47:d2:19:db:0b:76:24:8e:8e:63: 537s 65:37:9e:08:55:8f:50:e8:cb:88:67:25:8d:31:74: 537s 70:8f:79:02:43:f5:19:6e:b3:55:71:06:ea:e3:5a: 537s 99:a4:f1:65:92:b2:c5:7f:0a:f9:8f:1f:f2:bb:0c: 537s 0e:0f:82:92:0c:53:50:04:4b 537s Exponent: 65537 (0x10001) 537s X509v3 extensions: 537s X509v3 Authority Key Identifier: 537s 96:42:62:62:C7:9C:95:D6:39:4B:F3:42:1E:24:D2:E5:56:A1:10:64 537s X509v3 Basic Constraints: 537s CA:FALSE 537s Netscape Cert Type: 537s SSL Client, S/MIME 537s Netscape Comment: 537s Test Organization Root CA trusted Certificate 537s X509v3 Subject Key Identifier: 537s F2:E8:88:68:14:75:55:18:9F:D4:E1:73:80:4B:8F:B3:91:68:39:9A 537s X509v3 Key Usage: critical 537s Digital Signature, Non Repudiation, Key Encipherment 537s X509v3 Extended Key Usage: 537s TLS Web Client Authentication, E-mail Protection 537s X509v3 Subject Alternative Name: 537s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 537s Signature Algorithm: sha256WithRSAEncryption 537s Signature Value: 537s 3e:51:99:f7:9f:cb:69:2d:8b:fb:34:87:71:da:ac:3c:af:50: 537s a5:a4:b2:06:34:d1:8b:bb:9a:d3:04:02:e8:59:48:28:e8:ee: 537s 8d:7e:91:01:c1:1e:59:25:47:94:e5:0d:20:51:01:e2:ca:3c: 537s af:b4:07:af:d4:67:be:81:0d:3a:7b:07:4f:ab:ac:7f:ad:36: 537s 44:26:71:d6:ae:e1:a8:8e:f2:d3:b2:3a:aa:41:48:d8:6f:37: 537s 0e:f9:23:c0:aa:0e:90:19:71:7a:6d:f6:db:9f:ff:5c:d0:16: 537s 10:f1:30:80:67:8d:73:c7:16:b0:7d:9c:ef:13:21:cd:48:8c: 537s 32:af 537s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21006-auth.pem 537s + found_md5=Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B 537s + '[' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B '!=' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B ']' 537s + valid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 537s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 537s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 537s + local key_pass=pass:random-root-ca-trusted-cert-0001-28382 537s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 537s + local verify_option= 537s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 537s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 537s + local key_pass=pass:random-root-ca-trusted-cert-0001-28382 537s + local key_cn 537s + local key_name 537s + local tokens_dir 537s + local output_cert_file 537s + token_name= 537s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem .pem 537s + key_name=test-root-CA-trusted-certificate-0001 537s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 537s ++ sed -n 's/ *commonName *= //p' 537s + key_cn='Test Organization Root Trusted Certificate 0001' 537s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 537s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf 537s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf 537s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 537s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001 537s + token_name='Test Organization Root Tr Token' 537s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 537s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001 ']' 537s + echo 'Test Organization Root Tr Token' 537s Test Organization Root Tr Token 537s + '[' -n '' ']' 537s + local output_base_name=SSSD-child-1269 537s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-1269.output 537s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-1269.pem 537s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 537s [p11_child[2285]] [main] (0x0400): p11_child started. 537s [p11_child[2285]] [main] (0x2000): Running in [pre-auth] mode. 537s [p11_child[2285]] [main] (0x2000): Running with effective IDs: [0][0]. 537s [p11_child[2285]] [main] (0x2000): Running with real IDs [0][0]. 537s [p11_child[2285]] [do_card] (0x4000): Module List: 537s [p11_child[2285]] [do_card] (0x4000): common name: [softhsm2]. 537s [p11_child[2285]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 537s [p11_child[2285]] [do_card] (0x4000): Description [SoftHSM slot ID 0x441f7ddf] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 537s [p11_child[2285]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 537s [p11_child[2285]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x441f7ddf][1142914527] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 537s [p11_child[2285]] [do_card] (0x4000): Login NOT required. 537s [p11_child[2285]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 537s [p11_child[2285]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 537s [p11_child[2285]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 537s [p11_child[2285]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x441f7ddf;slot-manufacturer=SoftHSM%20project;slot-id=1142914527;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=84bd0eefc41f7ddf;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 537s [p11_child[2285]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 537s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-1269.output 537s + echo '-----BEGIN CERTIFICATE-----' 537s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-1269.output 537s + echo '-----END CERTIFICATE-----' 537s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-1269.pem 537s + local found_md5 expected_md5 537s Certificate: 537s Data: 537s Version: 3 (0x2) 537s Serial Number: 3 (0x3) 537s Signature Algorithm: sha256WithRSAEncryption 537s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 537s Validity 537s Not Before: Mar 14 16:05:57 2024 GMT 537s Not After : Mar 14 16:05:57 2025 GMT 537s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 537s Subject Public Key Info: 537s Public Key Algorithm: rsaEncryption 537s Public-Key: (1024 bit) 537s Modulus: 537s 00:bd:b4:7f:e0:c9:c6:c2:95:2f:4e:9b:cd:bf:23: 537s e5:d6:ce:1d:f0:f0:44:c4:1e:a0:61:83:74:da:58: 537s 60:8b:59:da:57:69:24:f6:c6:41:e7:12:bf:0b:65: 537s ed:00:b6:65:24:10:28:bd:86:c1:f9:f6:89:2e:0c: 537s 63:96:13:88:cc:47:d2:19:db:0b:76:24:8e:8e:63: 537s 65:37:9e:08:55:8f:50:e8:cb:88:67:25:8d:31:74: 537s 70:8f:79:02:43:f5:19:6e:b3:55:71:06:ea:e3:5a: 537s 99:a4:f1:65:92:b2:c5:7f:0a:f9:8f:1f:f2:bb:0c: 537s 0e:0f:82:92:0c:53:50:04:4b 537s Exponent: 65537 (0x10001) 537s X509v3 extensions: 537s X509v3 Authority Key Identifier: 537s 96:42:62:62:C7:9C:95:D6:39:4B:F3:42:1E:24:D2:E5:56:A1:10:64 537s X509v3 Basic Constraints: 537s CA:FALSE 537s Netscape Cert Type: 537s SSL Client, S/MIME 537s Netscape Comment: 537s Test Organization Root CA trusted Certificate 537s X509v3 Subject Key Identifier: 537s F2:E8:88:68:14:75:55:18:9F:D4:E1:73:80:4B:8F:B3:91:68:39:9A 537s X509v3 Key Usage: critical 537s Digital Signature, Non Repudiation, Key Encipherment 537s X509v3 Extended Key Usage: 537s TLS Web Client Authentication, E-mail Protection 537s X509v3 Subject Alternative Name: 537s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 537s Signature Algorithm: sha256WithRSAEncryption 537s Signature Value: 537s 3e:51:99:f7:9f:cb:69:2d:8b:fb:34:87:71:da:ac:3c:af:50: 537s a5:a4:b2:06:34:d1:8b:bb:9a:d3:04:02:e8:59:48:28:e8:ee: 537s 8d:7e:91:01:c1:1e:59:25:47:94:e5:0d:20:51:01:e2:ca:3c: 537s af:b4:07:af:d4:67:be:81:0d:3a:7b:07:4f:ab:ac:7f:ad:36: 537s 44:26:71:d6:ae:e1:a8:8e:f2:d3:b2:3a:aa:41:48:d8:6f:37: 537s 0e:f9:23:c0:aa:0e:90:19:71:7a:6d:f6:db:9f:ff:5c:d0:16: 537s 10:f1:30:80:67:8d:73:c7:16:b0:7d:9c:ef:13:21:cd:48:8c: 537s 32:af 537s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 537s + expected_md5=Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B 537s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-1269.pem 537s + found_md5=Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B 537s + '[' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B '!=' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B ']' 537s + output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-1269-auth.output 537s ++ basename /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-1269-auth.output .output 537s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-1269-auth.pem 537s + echo -n 053350 537s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 537s [p11_child[2293]] [main] (0x0400): p11_child started. 537s [p11_child[2293]] [main] (0x2000): Running in [auth] mode. 537s [p11_child[2293]] [main] (0x2000): Running with effective IDs: [0][0]. 537s [p11_child[2293]] [main] (0x2000): Running with real IDs [0][0]. 537s [p11_child[2293]] [do_card] (0x4000): Module List: 537s [p11_child[2293]] [do_card] (0x4000): common name: [softhsm2]. 537s [p11_child[2293]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 537s [p11_child[2293]] [do_card] (0x4000): Description [SoftHSM slot ID 0x441f7ddf] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 537s [p11_child[2293]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 537s [p11_child[2293]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x441f7ddf][1142914527] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 537s [p11_child[2293]] [do_card] (0x4000): Login required. 537s [p11_child[2293]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 537s [p11_child[2293]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 537s [p11_child[2293]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 537s [p11_child[2293]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x441f7ddf;slot-manufacturer=SoftHSM%20project;slot-id=1142914527;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=84bd0eefc41f7ddf;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 537s [p11_child[2293]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 537s [p11_child[2293]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 537s [p11_child[2293]] [do_card] (0x4000): Certificate verified and validated. 537s [p11_child[2293]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 537s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-1269-auth.output 537s + echo '-----BEGIN CERTIFICATE-----' 537s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-1269-auth.output 537s + echo '-----END CERTIFICATE-----' 537s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-1269-auth.pem 537s Certificate: 537s Data: 537s Version: 3 (0x2) 537s Serial Number: 3 (0x3) 537s Signature Algorithm: sha256WithRSAEncryption 537s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 537s Validity 537s Not Before: Mar 14 16:05:57 2024 GMT 537s Not After : Mar 14 16:05:57 2025 GMT 537s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 537s Subject Public Key Info: 537s Public Key Algorithm: rsaEncryption 537s Public-Key: (1024 bit) 537s Modulus: 537s 00:bd:b4:7f:e0:c9:c6:c2:95:2f:4e:9b:cd:bf:23: 537s e5:d6:ce:1d:f0:f0:44:c4:1e:a0:61:83:74:da:58: 537s 60:8b:59:da:57:69:24:f6:c6:41:e7:12:bf:0b:65: 537s ed:00:b6:65:24:10:28:bd:86:c1:f9:f6:89:2e:0c: 537s 63:96:13:88:cc:47:d2:19:db:0b:76:24:8e:8e:63: 537s 65:37:9e:08:55:8f:50:e8:cb:88:67:25:8d:31:74: 537s 70:8f:79:02:43:f5:19:6e:b3:55:71:06:ea:e3:5a: 537s 99:a4:f1:65:92:b2:c5:7f:0a:f9:8f:1f:f2:bb:0c: 537s 0e:0f:82:92:0c:53:50:04:4b 537s Exponent: 65537 (0x10001) 537s X509v3 extensions: 537s X509v3 Authority Key Identifier: 537s 96:42:62:62:C7:9C:95:D6:39:4B:F3:42:1E:24:D2:E5:56:A1:10:64 537s X509v3 Basic Constraints: 537s CA:FALSE 537s Netscape Cert Type: 537s SSL Client, S/MIME 537s Netscape Comment: 537s Test Organization Root CA trusted Certificate 537s X509v3 Subject Key Identifier: 537s F2:E8:88:68:14:75:55:18:9F:D4:E1:73:80:4B:8F:B3:91:68:39:9A 537s X509v3 Key Usage: critical 537s Digital Signature, Non Repudiation, Key Encipherment 537s X509v3 Extended Key Usage: 537s TLS Web Client Authentication, E-mail Protection 537s X509v3 Subject Alternative Name: 537s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 537s Signature Algorithm: sha256WithRSAEncryption 537s Signature Value: 537s 3e:51:99:f7:9f:cb:69:2d:8b:fb:34:87:71:da:ac:3c:af:50: 537s a5:a4:b2:06:34:d1:8b:bb:9a:d3:04:02:e8:59:48:28:e8:ee: 537s 8d:7e:91:01:c1:1e:59:25:47:94:e5:0d:20:51:01:e2:ca:3c: 537s af:b4:07:af:d4:67:be:81:0d:3a:7b:07:4f:ab:ac:7f:ad:36: 537s 44:26:71:d6:ae:e1:a8:8e:f2:d3:b2:3a:aa:41:48:d8:6f:37: 537s 0e:f9:23:c0:aa:0e:90:19:71:7a:6d:f6:db:9f:ff:5c:d0:16: 537s 10:f1:30:80:67:8d:73:c7:16:b0:7d:9c:ef:13:21:cd:48:8c: 537s 32:af 537s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-1269-auth.pem 537s + found_md5=Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B 537s + '[' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B '!=' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B ']' 537s + valid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem partial_chain 537s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem partial_chain 537s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 537s + local key_pass=pass:random-root-ca-trusted-cert-0001-28382 537s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 537s + local verify_option=partial_chain 537s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 537s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 537s + local key_pass=pass:random-root-ca-trusted-cert-0001-28382 537s + local key_cn 537s + local key_name 537s + local tokens_dir 537s + local output_cert_file 537s + token_name= 537s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem .pem 537s + key_name=test-root-CA-trusted-certificate-0001 537s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 537s ++ sed -n 's/ *commonName *= //p' 537s + key_cn='Test Organization Root Trusted Certificate 0001' 537s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 537s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf 537s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf 537s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 537s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001 537s + token_name='Test Organization Root Tr Token' 537s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 537s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001 ']' 537s + echo 'Test Organization Root Tr Token' 537s + '[' -n partial_chain ']' 537s + local verify_arg=--verify=partial_chain 537s + local output_base_name=SSSD-child-28372 537s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28372.output 537s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28372.pem 537s Test Organization Root Tr Token 537s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 537s [p11_child[2303]] [main] (0x0400): p11_child started. 537s [p11_child[2303]] [main] (0x2000): Running in [pre-auth] mode. 537s [p11_child[2303]] [main] (0x2000): Running with effective IDs: [0][0]. 537s [p11_child[2303]] [main] (0x2000): Running with real IDs [0][0]. 537s [p11_child[2303]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 537s [p11_child[2303]] [do_card] (0x4000): Module List: 537s [p11_child[2303]] [do_card] (0x4000): common name: [softhsm2]. 537s [p11_child[2303]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 537s [p11_child[2303]] [do_card] (0x4000): Description [SoftHSM slot ID 0x441f7ddf] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 537s [p11_child[2303]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 537s [p11_child[2303]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x441f7ddf][1142914527] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 537s [p11_child[2303]] [do_card] (0x4000): Login NOT required. 537s [p11_child[2303]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 537s [p11_child[2303]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 537s [p11_child[2303]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 537s [p11_child[2303]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x441f7ddf;slot-manufacturer=SoftHSM%20project;slot-id=1142914527;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=84bd0eefc41f7ddf;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 537s [p11_child[2303]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 537s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28372.output 537s + echo '-----BEGIN CERTIFICATE-----' 537s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28372.output 537s + echo '-----END CERTIFICATE-----' 537s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28372.pem 538s + local found_md5 expected_md5 538s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 538s Certificate: 538s Data: 538s Version: 3 (0x2) 538s Serial Number: 3 (0x3) 538s Signature Algorithm: sha256WithRSAEncryption 538s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 538s Validity 538s Not Before: Mar 14 16:05:57 2024 GMT 538s Not After : Mar 14 16:05:57 2025 GMT 538s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 538s Subject Public Key Info: 538s Public Key Algorithm: rsaEncryption 538s Public-Key: (1024 bit) 538s Modulus: 538s 00:bd:b4:7f:e0:c9:c6:c2:95:2f:4e:9b:cd:bf:23: 538s e5:d6:ce:1d:f0:f0:44:c4:1e:a0:61:83:74:da:58: 538s 60:8b:59:da:57:69:24:f6:c6:41:e7:12:bf:0b:65: 538s ed:00:b6:65:24:10:28:bd:86:c1:f9:f6:89:2e:0c: 538s 63:96:13:88:cc:47:d2:19:db:0b:76:24:8e:8e:63: 538s 65:37:9e:08:55:8f:50:e8:cb:88:67:25:8d:31:74: 538s 70:8f:79:02:43:f5:19:6e:b3:55:71:06:ea:e3:5a: 538s 99:a4:f1:65:92:b2:c5:7f:0a:f9:8f:1f:f2:bb:0c: 538s 0e:0f:82:92:0c:53:50:04:4b 538s Exponent: 65537 (0x10001) 538s X509v3 extensions: 538s X509v3 Authority Key Identifier: 538s 96:42:62:62:C7:9C:95:D6:39:4B:F3:42:1E:24:D2:E5:56:A1:10:64 538s X509v3 Basic Constraints: 538s CA:FALSE 538s Netscape Cert Type: 538s SSL Client, S/MIME 538s Netscape Comment: 538s Test Organization Root CA trusted Certificate 538s X509v3 Subject Key Identifier: 538s F2:E8:88:68:14:75:55:18:9F:D4:E1:73:80:4B:8F:B3:91:68:39:9A 538s X509v3 Key Usage: critical 538s Digital Signature, Non Repudiation, Key Encipherment 538s X509v3 Extended Key Usage: 538s TLS Web Client Authentication, E-mail Protection 538s X509v3 Subject Alternative Name: 538s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 538s Signature Algorithm: sha256WithRSAEncryption 538s Signature Value: 538s 3e:51:99:f7:9f:cb:69:2d:8b:fb:34:87:71:da:ac:3c:af:50: 538s a5:a4:b2:06:34:d1:8b:bb:9a:d3:04:02:e8:59:48:28:e8:ee: 538s 8d:7e:91:01:c1:1e:59:25:47:94:e5:0d:20:51:01:e2:ca:3c: 538s af:b4:07:af:d4:67:be:81:0d:3a:7b:07:4f:ab:ac:7f:ad:36: 538s 44:26:71:d6:ae:e1:a8:8e:f2:d3:b2:3a:aa:41:48:d8:6f:37: 538s 0e:f9:23:c0:aa:0e:90:19:71:7a:6d:f6:db:9f:ff:5c:d0:16: 538s 10:f1:30:80:67:8d:73:c7:16:b0:7d:9c:ef:13:21:cd:48:8c: 538s 32:af 538s + expected_md5=Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B 538s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28372.pem 538s Certificate: 538s Data: 538s Version: 3 (0x2) 538s Serial Number: 3 (0x3) 538s Signature Algorithm: sha256WithRSAEncryption 538s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 538s Validity 538s Not Before: Mar 14 16:05:57 2024 GMT 538s Not After : Mar 14 16:05:57 2025 GMT 538s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 538s Subject Public Key Info: 538s Public Key Algorithm: rsaEncryption 538s Public-Key: (1024 bit) 538s Modulus: 538s 00:bd:b4:7f:e0:c9:c6:c2:95:2f:4e:9b:cd:bf:23: 538s e5:d6:ce:1d:f0:f0:44:c4:1e:a0:61:83:74:da:58: 538s 60:8b:59:da:57:69:24:f6:c6:41:e7:12:bf:0b:65: 538s ed:00:b6:65:24:10:28:bd:86:c1:f9:f6:89:2e:0c: 538s 63:96:13:88:cc:47:d2:19:db:0b:76:24:8e:8e:63: 538s 65:37:9e:08:55:8f:50:e8:cb:88:67:25:8d:31:74: 538s 70:8f:79:02:43:f5:19:6e:b3:55:71:06:ea:e3:5a: 538s 99:a4:f1:65:92:b2:c5:7f:0a:f9:8f:1f:f2:bb:0c: 538s 0e:0f:82:92:0c:53:50:04:4b 538s Exponent: 65537 (0x10001) 538s X509v3 extensions: 538s X509v3 Authority Key Identifier: 538s 96:42:62:62:C7:9C:95:D6:39:4B:F3:42:1E:24:D2:E5:56:A1:10:64 538s X509v3 Basic Constraints: 538s CA:FALSE 538s Netscape Cert Type: 538s SSL Client, S/MIME 538s Netscape Comment: 538s Test Organization Root CA trusted Certificate 538s X509v3 Subject Key Identifier: 538s F2:E8:88:68:14:75:55:18:9F:D4:E1:73:80:4B:8F:B3:91:68:39:9A 538s X509v3 Key Usage: critical 538s Digital Signature, Non Repudiation, Key Encipherment 538s X509v3 Extended Key Usage: 538s TLS Web Client Authentication, E-mail Protection 538s X509v3 Subject Alternative Name: 538s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 538s Signature Algorithm: sha256WithRSAEncryption 538s Signature Value: 538s 3e:51:99:f7:9f:cb:69:2d:8b:fb:34:87:71:da:ac:3c:af:50: 538s a5:a4:b2:06:34:d1:8b:bb:9a:d3:04:02:e8:59:48:28:e8:ee: 538s 8d:7e:91:01:c1:1e:59:25:47:94:e5:0d:20:51:01:e2:ca:3c: 538s af:b4:07:af:d4:67:be:81:0d:3a:7b:07:4f:ab:ac:7f:ad:36: 538s 44:26:71:d6:ae:e1:a8:8e:f2:d3:b2:3a:aa:41:48:d8:6f:37: 538s 0e:f9:23:c0:aa:0e:90:19:71:7a:6d:f6:db:9f:ff:5c:d0:16: 538s 10:f1:30:80:67:8d:73:c7:16:b0:7d:9c:ef:13:21:cd:48:8c: 538s 32:af 538s Test Organization Root Tr Token 538s Test Organization Root Tr Token 538s Slot 0 has a free/uninitialized token. 538s The token has been initialized and is reassigned to slot 2041221934 538s Available slots: 538s Slot 2041221934 538s Slot info: 538s Description: SoftHSM slot ID 0x79aa932e 538s Manufacturer ID: SoftHSM project 538s Hardware version: 2.6 538s Firmware version: 2.6 538s Token present: yes 538s Token info: 538s Manufacturer ID: SoftHSM project 538s Model: SoftHSM v2 538s Hardware version: 2.6 538s Firmware version: 2.6 538s Serial number: 4651e5fb79aa932e 538s Initialized: yes 538s User PIN init.: yes 538s Label: Test Organization Interme Token 538s Slot 1 538s Slot info: 538s Description: SoftHSM slot ID 0x1 538s Manufacturer ID: SoftHSM project 538s Hardware version: 2.6 538s Firmware version: 2.6 538s Token present: yes 538s Token info: 538s Manufacturer ID: SoftHSM project 538s Model: SoftHSM v2 538s Hardware version: 2.6 538s Firmware version: 2.6 538s Serial number: 538s Initialized: no 538s User PIN init.: no 538s Label: 538s + found_md5=Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B 538s + '[' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B '!=' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B ']' 538s + output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28372-auth.output 538s ++ basename /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28372-auth.output .output 538s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28372-auth.pem 538s + echo -n 053350 538s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 538s [p11_child[2311]] [main] (0x0400): p11_child started. 538s [p11_child[2311]] [main] (0x2000): Running in [auth] mode. 538s [p11_child[2311]] [main] (0x2000): Running with effective IDs: [0][0]. 538s [p11_child[2311]] [main] (0x2000): Running with real IDs [0][0]. 538s [p11_child[2311]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 538s [p11_child[2311]] [do_card] (0x4000): Module List: 538s [p11_child[2311]] [do_card] (0x4000): common name: [softhsm2]. 538s [p11_child[2311]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 538s [p11_child[2311]] [do_card] (0x4000): Description [SoftHSM slot ID 0x441f7ddf] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 538s [p11_child[2311]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 538s [p11_child[2311]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x441f7ddf][1142914527] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 538s [p11_child[2311]] [do_card] (0x4000): Login required. 538s [p11_child[2311]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 538s [p11_child[2311]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 538s [p11_child[2311]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 538s [p11_child[2311]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x441f7ddf;slot-manufacturer=SoftHSM%20project;slot-id=1142914527;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=84bd0eefc41f7ddf;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 538s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 538s [p11_child[2311]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 538s [p11_child[2311]] [do_card] (0x4000): Certificate verified and validated. 538s [p11_child[2311]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 538s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28372-auth.output 538s + echo '-----BEGIN CERTIFICATE-----' 538s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28372-auth.output 538s + echo '-----END CERTIFICATE-----' 538s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28372-auth.pem 538s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28372-auth.pem 538s + found_md5=Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B 538s + '[' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B '!=' Modulus=BDB47FE0C9C6C2952F4E9BCDBF23E5D6CE1DF0F044C41EA0618374DA58608B59DA576924F6C641E712BF0B65ED00B665241028BD86C1F9F6892E0C63961388CC47D219DB0B76248E8E6365379E08558F50E8CB8867258D3174708F790243F5196EB3557106EAE35A99A4F16592B2C57F0AF98F1FF2BB0C0E0F82920C5350044B ']' 538s + invalid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem 538s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem 538s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 538s + local key_pass=pass:random-root-ca-trusted-cert-0001-28382 538s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem 538s + local verify_option= 538s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 538s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 538s + local key_pass=pass:random-root-ca-trusted-cert-0001-28382 538s + local key_cn 538s + local key_name 538s + local tokens_dir 538s + local output_cert_file 538s + token_name= 538s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem .pem 538s + key_name=test-root-CA-trusted-certificate-0001 538s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 538s ++ sed -n 's/ *commonName *= //p' 538s + key_cn='Test Organization Root Trusted Certificate 0001' 538s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 538s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf 538s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf 538s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 538s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001 538s + token_name='Test Organization Root Tr Token' 538s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 538s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001 ']' 538s + echo 'Test Organization Root Tr Token' 538s + '[' -n '' ']' 538s + local output_base_name=SSSD-child-25468 538s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25468.output 538s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25468.pem 538s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem 538s [p11_child[2321]] [main] (0x0400): p11_child started. 538s [p11_child[2321]] [main] (0x2000): Running in [pre-auth] mode. 538s [p11_child[2321]] [main] (0x2000): Running with effective IDs: [0][0]. 538s [p11_child[2321]] [main] (0x2000): Running with real IDs [0][0]. 538s [p11_child[2321]] [do_card] (0x4000): Module List: 538s [p11_child[2321]] [do_card] (0x4000): common name: [softhsm2]. 538s [p11_child[2321]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 538s [p11_child[2321]] [do_card] (0x4000): Description [SoftHSM slot ID 0x441f7ddf] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 538s [p11_child[2321]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 538s [p11_child[2321]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x441f7ddf][1142914527] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 538s [p11_child[2321]] [do_card] (0x4000): Login NOT required. 538s [p11_child[2321]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 538s [p11_child[2321]] [do_verification] (0x0040): X509_verify_cert failed [0]. 538s [p11_child[2321]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 538s [p11_child[2321]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 538s [p11_child[2321]] [do_card] (0x4000): No certificate found. 538s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25468.output 538s + return 2 538s + invalid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem partial_chain 538s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem partial_chain 538s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 538s + local key_pass=pass:random-root-ca-trusted-cert-0001-28382 538s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem 538s + local verify_option=partial_chain 538s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28382 538s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 538s + local key_pass=pass:random-root-ca-trusted-cert-0001-28382 538s + local key_cn 538s + local key_name 538s + local tokens_dir 538s + local output_cert_file 538s + token_name= 538s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem .pem 538s + key_name=test-root-CA-trusted-certificate-0001 538s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-root-CA-trusted-certificate-0001.pem 538s ++ sed -n 's/ *commonName *= //p' 538s + key_cn='Test Organization Root Trusted Certificate 0001' 538s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 538s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf 538s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf 538s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 538s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001 538s + token_name='Test Organization Root Tr Token' 538s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 538s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-root-CA-trusted-certificate-0001 ']' 538s + echo 'Test Organization Root Tr Token' 538s + '[' -n partial_chain ']' 538s + local verify_arg=--verify=partial_chain 538s + local output_base_name=SSSD-child-12305 538s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-12305.output 538s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-12305.pem 538s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem 538s [p11_child[2328]] [main] (0x0400): p11_child started. 538s [p11_child[2328]] [main] (0x2000): Running in [pre-auth] mode. 538s [p11_child[2328]] [main] (0x2000): Running with effective IDs: [0][0]. 538s [p11_child[2328]] [main] (0x2000): Running with real IDs [0][0]. 538s [p11_child[2328]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 538s [p11_child[2328]] [do_card] (0x4000): Module List: 538s [p11_child[2328]] [do_card] (0x4000): common name: [softhsm2]. 538s [p11_child[2328]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 538s [p11_child[2328]] [do_card] (0x4000): Description [SoftHSM slot ID 0x441f7ddf] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 538s [p11_child[2328]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 538s [p11_child[2328]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x441f7ddf][1142914527] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 538s [p11_child[2328]] [do_card] (0x4000): Login NOT required. 538s [p11_child[2328]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 538s [p11_child[2328]] [do_verification] (0x0040): X509_verify_cert failed [0]. 538s [p11_child[2328]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 538s [p11_child[2328]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 538s [p11_child[2328]] [do_card] (0x4000): No certificate found. 538s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-12305.output 538s + return 2 538s + invalid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 /dev/null 538s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 /dev/null 538s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 538s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9549 538s + local key_ring=/dev/null 538s + local verify_option= 538s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 538s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 538s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9549 538s + local key_cn 538s + local key_name 538s + local tokens_dir 538s + local output_cert_file 538s + token_name= 538s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem .pem 538s + key_name=test-intermediate-CA-trusted-certificate-0001 538s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 538s ++ sed -n 's/ *commonName *= //p' 538s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 538s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 538s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 538s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 538s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 538s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001 538s + token_name='Test Organization Interme Token' 538s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 538s + local key_file 538s + local decrypted_key 538s + mkdir -p /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001 538s + key_file=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001-key.pem 538s + decrypted_key=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 538s + cat 538s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 053350 --so-pin 053350 --free 538s + softhsm2-util --show-slots 538s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 538s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-9549 -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 538s writing RSA key 538s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 538s + rm /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 538s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 538s Object 0: 538s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4651e5fb79aa932e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 538s Type: X.509 Certificate (RSA-1024) 538s Expires: Fri Mar 14 16:05:57 2025 538s Label: Test Organization Intermediate Trusted Certificate 0001 538s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 538s 538s + echo 'Test Organization Interme Token' 538s + '[' -n '' ']' 538s Test Organization Interme Token 538s + local output_base_name=SSSD-child-19172 538s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-19172.output 538s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-19172.pem 538s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 538s [p11_child[2344]] [main] (0x0400): p11_child started. 538s [p11_child[2344]] [main] (0x2000): Running in [pre-auth] mode. 538s [p11_child[2344]] [main] (0x2000): Running with effective IDs: [0][0]. 538s [p11_child[2344]] [main] (0x2000): Running with real IDs [0][0]. 538s [p11_child[2344]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 538s [p11_child[2344]] [do_work] (0x0040): init_verification failed. 538s [p11_child[2344]] [main] (0x0020): p11_child failed (5) 538s + return 2 538s + valid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 /dev/null no_verification 538s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 /dev/null no_verification 538s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 538s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9549 538s + local key_ring=/dev/null 538s + local verify_option=no_verification 538s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 538s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 538s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9549 538s + local key_cn 538s + local key_name 538s + local tokens_dir 538s + local output_cert_file 538s + token_name= 538s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem .pem 538s + key_name=test-intermediate-CA-trusted-certificate-0001 538s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 538s ++ sed -n 's/ *commonName *= //p' 538s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 538s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 538s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 538s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 538s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 538s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001 538s + token_name='Test Organization Interme Token' 538s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 538s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 538s + echo 'Test Organization Interme Token' 538s Test Organization Interme Token 538s + '[' -n no_verification ']' 538s + local verify_arg=--verify=no_verification 538s + local output_base_name=SSSD-child-5107 538s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-5107.output 538s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-5107.pem 538s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 538s [p11_child[2350]] [main] (0x0400): p11_child started. 538s [p11_child[2350]] [main] (0x2000): Running in [pre-auth] mode. 538s [p11_child[2350]] [main] (0x2000): Running with effective IDs: [0][0]. 538s [p11_child[2350]] [main] (0x2000): Running with real IDs [0][0]. 538s [p11_child[2350]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 538s [p11_child[2350]] [do_card] (0x4000): Module List: 538s [p11_child[2350]] [do_card] (0x4000): common name: [softhsm2]. 538s [p11_child[2350]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 538s [p11_child[2350]] [do_card] (0x4000): Description [SoftHSM slot ID 0x79aa932e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 538s [p11_child[2350]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 538s [p11_child[2350]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x79aa932e][2041221934] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 538s [p11_child[2350]] [do_card] (0x4000): Login NOT required. 538s [p11_child[2350]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 538s [p11_child[2350]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 538s [p11_child[2350]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x79aa932e;slot-manufacturer=SoftHSM%20project;slot-id=2041221934;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4651e5fb79aa932e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 538s [p11_child[2350]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 538s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-5107.output 538s + echo '-----BEGIN CERTIFICATE-----' 538s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-5107.output 538s + echo '-----END CERTIFICATE-----' 538s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-5107.pem 538s Certificate: 538s Data: 538s Version: 3 (0x2) 538s Serial Number: 4 (0x4) 538s Signature Algorithm: sha256WithRSAEncryption 538s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 538s Validity 538s Not Before: Mar 14 16:05:57 2024 GMT 538s Not After : Mar 14 16:05:57 2025 GMT 538s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 538s Subject Public Key Info: 538s Public Key Algorithm: rsaEncryption 538s Public-Key: (1024 bit) 538s Modulus: 538s 00:da:47:b0:94:0c:2d:9f:22:be:e8:9f:21:e3:24: 538s c5:fc:c8:e6:e4:cb:eb:65:16:d0:dd:56:5f:5a:b2: 538s e5:a1:49:64:db:6e:e1:64:53:a0:0d:16:e5:f8:75: 538s 20:72:6d:30:f2:d7:4a:2c:7f:3c:04:f1:c2:34:a0: 538s 09:80:33:9c:8e:6f:0a:24:90:88:88:ca:cb:7d:5f: 538s 1d:6b:36:0e:7a:5c:78:df:08:32:9e:0c:39:e4:f3: 538s f8:27:bf:88:06:48:62:f0:2c:33:a7:1d:1c:3f:ef: 538s f5:fd:f9:9e:7a:03:cd:1b:a0:d7:13:ec:56:13:65: 538s dd:f6:f6:ea:e2:08:0b:00:d7 538s Exponent: 65537 (0x10001) 538s X509v3 extensions: 538s X509v3 Authority Key Identifier: 538s 3F:09:E3:6B:68:8E:15:D2:C5:A3:F5:6F:5A:EC:11:7A:7B:28:1D:EF 538s X509v3 Basic Constraints: 538s CA:FALSE 538s Netscape Cert Type: 538s SSL Client, S/MIME 538s Netscape Comment: 538s Test Organization Intermediate CA trusted Certificate 538s X509v3 Subject Key Identifier: 538s 12:68:86:3E:9A:03:79:54:98:8F:CD:30:1A:41:CF:D7:B9:17:60:1B 538s X509v3 Key Usage: critical 538s Digital Signature, Non Repudiation, Key Encipherment 538s X509v3 Extended Key Usage: 538s TLS Web Client Authentication, E-mail Protection 538s X509v3 Subject Alternative Name: 538s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 538s Signature Algorithm: sha256WithRSAEncryption 538s Signature Value: 538s 02:35:f3:6f:e6:89:aa:05:35:c9:fc:84:80:02:5a:cb:ba:39: 538s e5:32:95:26:75:c3:28:9a:05:d4:85:40:14:1f:64:fb:3e:73: 538s 21:03:6e:29:3d:68:e9:c3:16:d5:de:9c:ed:62:12:74:87:a0: 538s 7b:ab:46:39:9e:b5:29:5a:4c:02:81:cf:78:37:44:47:a0:33: 538s 92:d9:dd:bc:96:d7:fd:a9:5c:1e:39:c0:7d:34:69:64:ad:86: 538s 53:41:31:50:31:0c:3a:19:f3:43:50:7f:9a:49:2a:7c:4e:23: 538s 29:0d:18:5e:e3:8d:a9:4e:e6:ce:8d:24:80:a2:c7:91:a1:f6: 538s 05:cb 538s + local found_md5 expected_md5 538s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 538s + expected_md5=Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 538s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-5107.pem 538s + found_md5=Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 538s + '[' Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 '!=' Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 ']' 538s + output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-5107-auth.output 538s ++ basename /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-5107-auth.output .output 538s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-5107-auth.pem 538s + echo -n 053350 538s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 538s [p11_child[2358]] [main] (0x0400): p11_child started. 538s [p11_child[2358]] [main] (0x2000): Running in [auth] mode. 538s [p11_child[2358]] [main] (0x2000): Running with effective IDs: [0][0]. 538s [p11_child[2358]] [main] (0x2000): Running with real IDs [0][0]. 538s [p11_child[2358]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 538s [p11_child[2358]] [do_card] (0x4000): Module List: 538s [p11_child[2358]] [do_card] (0x4000): common name: [softhsm2]. 538s [p11_child[2358]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 538s [p11_child[2358]] [do_card] (0x4000): Description [SoftHSM slot ID 0x79aa932e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 538s [p11_child[2358]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 538s [p11_child[2358]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x79aa932e][2041221934] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 538s [p11_child[2358]] [do_card] (0x4000): Login required. 538s [p11_child[2358]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 538s [p11_child[2358]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 538s [p11_child[2358]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x79aa932e;slot-manufacturer=SoftHSM%20project;slot-id=2041221934;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4651e5fb79aa932e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 538s [p11_child[2358]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 538s [p11_child[2358]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 538s [p11_child[2358]] [do_card] (0x4000): Certificate verified and validated. 538s [p11_child[2358]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 538s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-5107-auth.output 538s + echo '-----BEGIN CERTIFICATE-----' 538s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-5107-auth.output 538s + echo '-----END CERTIFICATE-----' 538s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-5107-auth.pem 538s Certificate: 538s Data: 538s Version: 3 (0x2) 538s Serial Number: 4 (0x4) 538s Signature Algorithm: sha256WithRSAEncryption 538s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 538s Validity 538s Not Before: Mar 14 16:05:57 2024 GMT 538s Not After : Mar 14 16:05:57 2025 GMT 538s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 538s Subject Public Key Info: 538s Public Key Algorithm: rsaEncryption 538s Public-Key: (1024 bit) 538s Modulus: 538s 00:da:47:b0:94:0c:2d:9f:22:be:e8:9f:21:e3:24: 538s c5:fc:c8:e6:e4:cb:eb:65:16:d0:dd:56:5f:5a:b2: 538s e5:a1:49:64:db:6e:e1:64:53:a0:0d:16:e5:f8:75: 538s 20:72:6d:30:f2:d7:4a:2c:7f:3c:04:f1:c2:34:a0: 538s 09:80:33:9c:8e:6f:0a:24:90:88:88:ca:cb:7d:5f: 538s 1d:6b:36:0e:7a:5c:78:df:08:32:9e:0c:39:e4:f3: 538s f8:27:bf:88:06:48:62:f0:2c:33:a7:1d:1c:3f:ef: 538s f5:fd:f9:9e:7a:03:cd:1b:a0:d7:13:ec:56:13:65: 538s dd:f6:f6:ea:e2:08:0b:00:d7 538s Exponent: 65537 (0x10001) 538s X509v3 extensions: 538s X509v3 Authority Key Identifier: 538s 3F:09:E3:6B:68:8E:15:D2:C5:A3:F5:6F:5A:EC:11:7A:7B:28:1D:EF 538s X509v3 Basic Constraints: 538s CA:FALSE 538s Netscape Cert Type: 538s SSL Client, S/MIME 538s Netscape Comment: 538s Test Organization Intermediate CA trusted Certificate 538s X509v3 Subject Key Identifier: 538s 12:68:86:3E:9A:03:79:54:98:8F:CD:30:1A:41:CF:D7:B9:17:60:1B 538s X509v3 Key Usage: critical 538s Digital Signature, Non Repudiation, Key Encipherment 538s X509v3 Extended Key Usage: 538s TLS Web Client Authentication, E-mail Protection 538s X509v3 Subject Alternative Name: 538s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 538s Signature Algorithm: sha256WithRSAEncryption 538s Signature Value: 538s 02:35:f3:6f:e6:89:aa:05:35:c9:fc:84:80:02:5a:cb:ba:39: 538s e5:32:95:26:75:c3:28:9a:05:d4:85:40:14:1f:64:fb:3e:73: 538s 21:03:6e:29:3d:68:e9:c3:16:d5:de:9c:ed:62:12:74:87:a0: 538s 7b:ab:46:39:9e:b5:29:5a:4c:02:81:cf:78:37:44:47:a0:33: 538s 92:d9:dd:bc:96:d7:fd:a9:5c:1e:39:c0:7d:34:69:64:ad:86: 538s 53:41:31:50:31:0c:3a:19:f3:43:50:7f:9a:49:2a:7c:4e:23: 538s 29:0d:18:5e:e3:8d:a9:4e:e6:ce:8d:24:80:a2:c7:91:a1:f6: 538s 05:cb 538s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-5107-auth.pem 538s + found_md5=Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 538s + '[' Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 '!=' Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 ']' 538s + invalid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 538s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 538s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 538s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9549 538s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 538s + local verify_option= 538s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 538s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 538s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9549 538s + local key_cn 538s + local key_name 538s + local tokens_dir 538s + local output_cert_file 538s + token_name= 538s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem .pem 538s + key_name=test-intermediate-CA-trusted-certificate-0001 538s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 538s ++ sed -n 's/ *commonName *= //p' 538s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 538s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 538s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 538s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 538s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 538s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001 538s + token_name='Test Organization Interme Token' 538s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 538s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 538s + echo 'Test Organization Interme Token' 538s Test Organization Interme Token 538s + '[' -n '' ']' 538s + local output_base_name=SSSD-child-25034 538s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25034.output 538s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25034.pem 538s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 538s [p11_child[2368]] [main] (0x0400): p11_child started. 538s [p11_child[2368]] [main] (0x2000): Running in [pre-auth] mode. 538s [p11_child[2368]] [main] (0x2000): Running with effective IDs: [0][0]. 538s [p11_child[2368]] [main] (0x2000): Running with real IDs [0][0]. 538s [p11_child[2368]] [do_card] (0x4000): Module List: 538s [p11_child[2368]] [do_card] (0x4000): common name: [softhsm2]. 538s [p11_child[2368]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 538s [p11_child[2368]] [do_card] (0x4000): Description [SoftHSM slot ID 0x79aa932e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 538s [p11_child[2368]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 538s [p11_child[2368]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x79aa932e][2041221934] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 538s [p11_child[2368]] [do_card] (0x4000): Login NOT required. 538s [p11_child[2368]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 538s [p11_child[2368]] [do_verification] (0x0040): X509_verify_cert failed [0]. 538s [p11_child[2368]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 538s [p11_child[2368]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 538s [p11_child[2368]] [do_card] (0x4000): No certificate found. 538s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25034.output 538s + return 2 538s + invalid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem partial_chain 538s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem partial_chain 538s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 538s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9549 538s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 538s + local verify_option=partial_chain 538s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 538s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 538s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9549 538s + local key_cn 538s + local key_name 538s + local tokens_dir 538s + local output_cert_file 538s + token_name= 538s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem .pem 538s + key_name=test-intermediate-CA-trusted-certificate-0001 538s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 538s ++ sed -n 's/ *commonName *= //p' 538s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 538s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 538s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 538s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 538s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 538s Test Organization Interme Token 538s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001 538s + token_name='Test Organization Interme Token' 538s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 538s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 538s + echo 'Test Organization Interme Token' 538s + '[' -n partial_chain ']' 538s + local verify_arg=--verify=partial_chain 538s + local output_base_name=SSSD-child-30364 538s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-30364.output 538s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-30364.pem 538s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 538s [p11_child[2375]] [main] (0x0400): p11_child started. 538s [p11_child[2375]] [main] (0x2000): Running in [pre-auth] mode. 538s [p11_child[2375]] [main] (0x2000): Running with effective IDs: [0][0]. 538s [p11_child[2375]] [main] (0x2000): Running with real IDs [0][0]. 538s [p11_child[2375]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 538s [p11_child[2375]] [do_card] (0x4000): Module List: 538s [p11_child[2375]] [do_card] (0x4000): common name: [softhsm2]. 538s [p11_child[2375]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 538s [p11_child[2375]] [do_card] (0x4000): Description [SoftHSM slot ID 0x79aa932e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 538s [p11_child[2375]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 538s [p11_child[2375]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x79aa932e][2041221934] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 538s [p11_child[2375]] [do_card] (0x4000): Login NOT required. 538s [p11_child[2375]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 538s [p11_child[2375]] [do_verification] (0x0040): X509_verify_cert failed [0]. 538s [p11_child[2375]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 538s [p11_child[2375]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 538s [p11_child[2375]] [do_card] (0x4000): No certificate found. 538s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-30364.output 538s + return 2 538s + valid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 538s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 538s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 538s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9549 538s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 538s + local verify_option= 538s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 538s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 538s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9549 538s + local key_cn 538s + local key_name 538s + local tokens_dir 538s + local output_cert_file 538s + token_name= 538s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem .pem 538s + key_name=test-intermediate-CA-trusted-certificate-0001 538s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 538s ++ sed -n 's/ *commonName *= //p' 539s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 539s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 539s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 539s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 539s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 539s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001 539s + token_name='Test Organization Interme Token' 539s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 539s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 539s Test Organization Interme Token 539s + echo 'Test Organization Interme Token' 539s + '[' -n '' ']' 539s + local output_base_name=SSSD-child-19242 539s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-19242.output 539s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-19242.pem 539s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 539s [p11_child[2382]] [main] (0x0400): p11_child started. 539s [p11_child[2382]] [main] (0x2000): Running in [pre-auth] mode. 539s [p11_child[2382]] [main] (0x2000): Running with effective IDs: [0][0]. 539s [p11_child[2382]] [main] (0x2000): Running with real IDs [0][0]. 539s [p11_child[2382]] [do_card] (0x4000): Module List: 539s [p11_child[2382]] [do_card] (0x4000): common name: [softhsm2]. 539s [p11_child[2382]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 539s [p11_child[2382]] [do_card] (0x4000): Description [SoftHSM slot ID 0x79aa932e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 539s [p11_child[2382]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 539s [p11_child[2382]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x79aa932e][2041221934] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 539s [p11_child[2382]] [do_card] (0x4000): Login NOT required. 539s [p11_child[2382]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 539s [p11_child[2382]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 539s [p11_child[2382]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 539s [p11_child[2382]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x79aa932e;slot-manufacturer=SoftHSM%20project;slot-id=2041221934;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4651e5fb79aa932e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 539s [p11_child[2382]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 539s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-19242.output 539s + echo '-----BEGIN CERTIFICATE-----' 539s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-19242.output 539s + echo '-----END CERTIFICATE-----' 539s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-19242.pem 539s Certificate: 539s Data: 539s Version: 3 (0x2) 539s Serial Number: 4 (0x4) 539s Signature Algorithm: sha256WithRSAEncryption 539s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 539s Validity 539s Not Before: Mar 14 16:05:57 2024 GMT 539s Not After : Mar 14 16:05:57 2025 GMT 539s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 539s Subject Public Key Info: 539s Public Key Algorithm: rsaEncryption 539s Public-Key: (1024 bit) 539s Modulus: 539s 00:da:47:b0:94:0c:2d:9f:22:be:e8:9f:21:e3:24: 539s c5:fc:c8:e6:e4:cb:eb:65:16:d0:dd:56:5f:5a:b2: 539s e5:a1:49:64:db:6e:e1:64:53:a0:0d:16:e5:f8:75: 539s 20:72:6d:30:f2:d7:4a:2c:7f:3c:04:f1:c2:34:a0: 539s 09:80:33:9c:8e:6f:0a:24:90:88:88:ca:cb:7d:5f: 539s 1d:6b:36:0e:7a:5c:78:df:08:32:9e:0c:39:e4:f3: 539s f8:27:bf:88:06:48:62:f0:2c:33:a7:1d:1c:3f:ef: 539s f5:fd:f9:9e:7a:03:cd:1b:a0:d7:13:ec:56:13:65: 539s dd:f6:f6:ea:e2:08:0b:00:d7 539s Exponent: 65537 (0x10001) 539s X509v3 extensions: 539s X509v3 Authority Key Identifier: 539s 3F:09:E3:6B:68:8E:15:D2:C5:A3:F5:6F:5A:EC:11:7A:7B:28:1D:EF 539s X509v3 Basic Constraints: 539s CA:FALSE 539s Netscape Cert Type: 539s SSL Client, S/MIME 539s Netscape Comment: 539s Test Organization Intermediate CA trusted Certificate 539s X509v3 Subject Key Identifier: 539s 12:68:86:3E:9A:03:79:54:98:8F:CD:30:1A:41:CF:D7:B9:17:60:1B 539s X509v3 Key Usage: critical 539s Digital Signature, Non Repudiation, Key Encipherment 539s X509v3 Extended Key Usage: 539s TLS Web Client Authentication, E-mail Protection 539s X509v3 Subject Alternative Name: 539s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 539s Signature Algorithm: sha256WithRSAEncryption 539s Signature Value: 539s 02:35:f3:6f:e6:89:aa:05:35:c9:fc:84:80:02:5a:cb:ba:39: 539s e5:32:95:26:75:c3:28:9a:05:d4:85:40:14:1f:64:fb:3e:73: 539s 21:03:6e:29:3d:68:e9:c3:16:d5:de:9c:ed:62:12:74:87:a0: 539s 7b:ab:46:39:9e:b5:29:5a:4c:02:81:cf:78:37:44:47:a0:33: 539s 92:d9:dd:bc:96:d7:fd:a9:5c:1e:39:c0:7d:34:69:64:ad:86: 539s 53:41:31:50:31:0c:3a:19:f3:43:50:7f:9a:49:2a:7c:4e:23: 539s 29:0d:18:5e:e3:8d:a9:4e:e6:ce:8d:24:80:a2:c7:91:a1:f6: 539s 05:cb 539s + local found_md5 expected_md5 539s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 539s + expected_md5=Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 539s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-19242.pem 539s + found_md5=Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 539s + '[' Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 '!=' Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 ']' 539s + output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-19242-auth.output 539s ++ basename /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-19242-auth.output .output 539s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-19242-auth.pem 539s + echo -n 053350 539s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 539s [p11_child[2390]] [main] (0x0400): p11_child started. 539s [p11_child[2390]] [main] (0x2000): Running in [auth] mode. 539s [p11_child[2390]] [main] (0x2000): Running with effective IDs: [0][0]. 539s [p11_child[2390]] [main] (0x2000): Running with real IDs [0][0]. 539s [p11_child[2390]] [do_card] (0x4000): Module List: 539s [p11_child[2390]] [do_card] (0x4000): common name: [softhsm2]. 539s [p11_child[2390]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 539s [p11_child[2390]] [do_card] (0x4000): Description [SoftHSM slot ID 0x79aa932e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 539s [p11_child[2390]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 539s [p11_child[2390]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x79aa932e][2041221934] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 539s [p11_child[2390]] [do_card] (0x4000): Login required. 539s [p11_child[2390]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 539s [p11_child[2390]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 539s [p11_child[2390]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 539s [p11_child[2390]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x79aa932e;slot-manufacturer=SoftHSM%20project;slot-id=2041221934;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4651e5fb79aa932e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 539s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 539s [p11_child[2390]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 539s [p11_child[2390]] [do_card] (0x4000): Certificate verified and validated. 539s [p11_child[2390]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 539s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-19242-auth.output 539s + echo '-----BEGIN CERTIFICATE-----' 539s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-19242-auth.output 539s + echo '-----END CERTIFICATE-----' 539s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-19242-auth.pem 539s Certificate: 539s Data: 539s Version: 3 (0x2) 539s Serial Number: 4 (0x4) 539s Signature Algorithm: sha256WithRSAEncryption 539s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 539s Validity 539s Not Before: Mar 14 16:05:57 2024 GMT 539s Not After : Mar 14 16:05:57 2025 GMT 539s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 539s Subject Public Key Info: 539s Public Key Algorithm: rsaEncryption 539s Public-Key: (1024 bit) 539s Modulus: 539s 00:da:47:b0:94:0c:2d:9f:22:be:e8:9f:21:e3:24: 539s c5:fc:c8:e6:e4:cb:eb:65:16:d0:dd:56:5f:5a:b2: 539s e5:a1:49:64:db:6e:e1:64:53:a0:0d:16:e5:f8:75: 539s 20:72:6d:30:f2:d7:4a:2c:7f:3c:04:f1:c2:34:a0: 539s 09:80:33:9c:8e:6f:0a:24:90:88:88:ca:cb:7d:5f: 539s 1d:6b:36:0e:7a:5c:78:df:08:32:9e:0c:39:e4:f3: 539s f8:27:bf:88:06:48:62:f0:2c:33:a7:1d:1c:3f:ef: 539s f5:fd:f9:9e:7a:03:cd:1b:a0:d7:13:ec:56:13:65: 539s dd:f6:f6:ea:e2:08:0b:00:d7 539s Exponent: 65537 (0x10001) 539s X509v3 extensions: 539s X509v3 Authority Key Identifier: 539s 3F:09:E3:6B:68:8E:15:D2:C5:A3:F5:6F:5A:EC:11:7A:7B:28:1D:EF 539s X509v3 Basic Constraints: 539s CA:FALSE 539s Netscape Cert Type: 539s SSL Client, S/MIME 539s Netscape Comment: 539s Test Organization Intermediate CA trusted Certificate 539s X509v3 Subject Key Identifier: 539s 12:68:86:3E:9A:03:79:54:98:8F:CD:30:1A:41:CF:D7:B9:17:60:1B 539s X509v3 Key Usage: critical 539s Digital Signature, Non Repudiation, Key Encipherment 539s X509v3 Extended Key Usage: 539s TLS Web Client Authentication, E-mail Protection 539s X509v3 Subject Alternative Name: 539s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 539s Signature Algorithm: sha256WithRSAEncryption 539s Signature Value: 539s 02:35:f3:6f:e6:89:aa:05:35:c9:fc:84:80:02:5a:cb:ba:39: 539s e5:32:95:26:75:c3:28:9a:05:d4:85:40:14:1f:64:fb:3e:73: 539s 21:03:6e:29:3d:68:e9:c3:16:d5:de:9c:ed:62:12:74:87:a0: 539s 7b:ab:46:39:9e:b5:29:5a:4c:02:81:cf:78:37:44:47:a0:33: 539s 92:d9:dd:bc:96:d7:fd:a9:5c:1e:39:c0:7d:34:69:64:ad:86: 539s 53:41:31:50:31:0c:3a:19:f3:43:50:7f:9a:49:2a:7c:4e:23: 539s 29:0d:18:5e:e3:8d:a9:4e:e6:ce:8d:24:80:a2:c7:91:a1:f6: 539s 05:cb 539s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-19242-auth.pem 539s + found_md5=Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 539s + '[' Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 '!=' Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 ']' 539s + valid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem partial_chain 539s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem partial_chain 539s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 539s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9549 539s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 539s + local verify_option=partial_chain 539s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 539s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 539s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9549 539s + local key_cn 539s + local key_name 539s + local tokens_dir 539s + local output_cert_file 539s + token_name= 539s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem .pem 539s + key_name=test-intermediate-CA-trusted-certificate-0001 539s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 539s ++ sed -n 's/ *commonName *= //p' 539s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 539s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 539s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 539s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 539s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 539s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001 539s + token_name='Test Organization Interme Token' 539s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 539s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 539s + echo 'Test Organization Interme Token' 539s + '[' -n partial_chain ']' 539s + local verify_arg=--verify=partial_chain 539s + local output_base_name=SSSD-child-8189 539s Test Organization Interme Token 539s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-8189.output 539s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-8189.pem 539s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 539s [p11_child[2400]] [main] (0x0400): p11_child started. 539s [p11_child[2400]] [main] (0x2000): Running in [pre-auth] mode. 539s [p11_child[2400]] [main] (0x2000): Running with effective IDs: [0][0]. 539s [p11_child[2400]] [main] (0x2000): Running with real IDs [0][0]. 539s [p11_child[2400]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 539s [p11_child[2400]] [do_card] (0x4000): Module List: 539s [p11_child[2400]] [do_card] (0x4000): common name: [softhsm2]. 539s [p11_child[2400]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 539s [p11_child[2400]] [do_card] (0x4000): Description [SoftHSM slot ID 0x79aa932e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 539s [p11_child[2400]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 539s [p11_child[2400]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x79aa932e][2041221934] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 539s [p11_child[2400]] [do_card] (0x4000): Login NOT required. 539s [p11_child[2400]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 539s [p11_child[2400]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 539s [p11_child[2400]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 539s [p11_child[2400]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x79aa932e;slot-manufacturer=SoftHSM%20project;slot-id=2041221934;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4651e5fb79aa932e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 539s [p11_child[2400]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 539s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-8189.output 539s + echo '-----BEGIN CERTIFICATE-----' 539s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-8189.output 539s + echo '-----END CERTIFICATE-----' 539s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-8189.pem 539s Certificate: 539s Data: 539s Version: 3 (0x2) 539s Serial Number: 4 (0x4) 539s Signature Algorithm: sha256WithRSAEncryption 539s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 539s Validity 539s Not Before: Mar 14 16:05:57 2024 GMT 539s Not After : Mar 14 16:05:57 2025 GMT 539s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 539s Subject Public Key Info: 539s Public Key Algorithm: rsaEncryption 539s Public-Key: (1024 bit) 539s Modulus: 539s 00:da:47:b0:94:0c:2d:9f:22:be:e8:9f:21:e3:24: 539s c5:fc:c8:e6:e4:cb:eb:65:16:d0:dd:56:5f:5a:b2: 539s e5:a1:49:64:db:6e:e1:64:53:a0:0d:16:e5:f8:75: 539s 20:72:6d:30:f2:d7:4a:2c:7f:3c:04:f1:c2:34:a0: 539s 09:80:33:9c:8e:6f:0a:24:90:88:88:ca:cb:7d:5f: 539s 1d:6b:36:0e:7a:5c:78:df:08:32:9e:0c:39:e4:f3: 539s f8:27:bf:88:06:48:62:f0:2c:33:a7:1d:1c:3f:ef: 539s f5:fd:f9:9e:7a:03:cd:1b:a0:d7:13:ec:56:13:65: 539s dd:f6:f6:ea:e2:08:0b:00:d7 539s Exponent: 65537 (0x10001) 539s X509v3 extensions: 539s X509v3 Authority Key Identifier: 539s 3F:09:E3:6B:68:8E:15:D2:C5:A3:F5:6F:5A:EC:11:7A:7B:28:1D:EF 539s X509v3 Basic Constraints: 539s CA:FALSE 539s Netscape Cert Type: 539s SSL Client, S/MIME 539s Netscape Comment: 539s Test Organization Intermediate CA trusted Certificate 539s X509v3 Subject Key Identifier: 539s 12:68:86:3E:9A:03:79:54:98:8F:CD:30:1A:41:CF:D7:B9:17:60:1B 539s X509v3 Key Usage: critical 539s Digital Signature, Non Repudiation, Key Encipherment 539s X509v3 Extended Key Usage: 539s TLS Web Client Authentication, E-mail Protection 539s X509v3 Subject Alternative Name: 539s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 539s Signature Algorithm: sha256WithRSAEncryption 539s Signature Value: 539s 02:35:f3:6f:e6:89:aa:05:35:c9:fc:84:80:02:5a:cb:ba:39: 539s e5:32:95:26:75:c3:28:9a:05:d4:85:40:14:1f:64:fb:3e:73: 539s 21:03:6e:29:3d:68:e9:c3:16:d5:de:9c:ed:62:12:74:87:a0: 539s 7b:ab:46:39:9e:b5:29:5a:4c:02:81:cf:78:37:44:47:a0:33: 539s 92:d9:dd:bc:96:d7:fd:a9:5c:1e:39:c0:7d:34:69:64:ad:86: 539s 53:41:31:50:31:0c:3a:19:f3:43:50:7f:9a:49:2a:7c:4e:23: 539s 29:0d:18:5e:e3:8d:a9:4e:e6:ce:8d:24:80:a2:c7:91:a1:f6: 539s 05:cb 539s + local found_md5 expected_md5 539s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 539s + expected_md5=Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 539s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-8189.pem 539s + found_md5=Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 539s + '[' Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 '!=' Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 ']' 539s + output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-8189-auth.output 539s ++ basename /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-8189-auth.output .output 539s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-8189-auth.pem 539s + echo -n 053350 539s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 539s [p11_child[2408]] [main] (0x0400): p11_child started. 539s [p11_child[2408]] [main] (0x2000): Running in [auth] mode. 539s [p11_child[2408]] [main] (0x2000): Running with effective IDs: [0][0]. 539s [p11_child[2408]] [main] (0x2000): Running with real IDs [0][0]. 539s [p11_child[2408]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 539s [p11_child[2408]] [do_card] (0x4000): Module List: 539s [p11_child[2408]] [do_card] (0x4000): common name: [softhsm2]. 539s [p11_child[2408]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 539s [p11_child[2408]] [do_card] (0x4000): Description [SoftHSM slot ID 0x79aa932e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 539s [p11_child[2408]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 539s [p11_child[2408]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x79aa932e][2041221934] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 539s [p11_child[2408]] [do_card] (0x4000): Login required. 539s [p11_child[2408]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 539s [p11_child[2408]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 539s [p11_child[2408]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 539s [p11_child[2408]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x79aa932e;slot-manufacturer=SoftHSM%20project;slot-id=2041221934;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4651e5fb79aa932e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 539s [p11_child[2408]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 539s [p11_child[2408]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 539s [p11_child[2408]] [do_card] (0x4000): Certificate verified and validated. 539s [p11_child[2408]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 539s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-8189-auth.output 539s + echo '-----BEGIN CERTIFICATE-----' 539s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-8189-auth.output 539s + echo '-----END CERTIFICATE-----' 539s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-8189-auth.pem 539s Certificate: 539s Data: 539s Version: 3 (0x2) 539s Serial Number: 4 (0x4) 539s Signature Algorithm: sha256WithRSAEncryption 539s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 539s Validity 539s Not Before: Mar 14 16:05:57 2024 GMT 539s Not After : Mar 14 16:05:57 2025 GMT 539s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 539s Subject Public Key Info: 539s Public Key Algorithm: rsaEncryption 539s Public-Key: (1024 bit) 539s Modulus: 539s 00:da:47:b0:94:0c:2d:9f:22:be:e8:9f:21:e3:24: 539s c5:fc:c8:e6:e4:cb:eb:65:16:d0:dd:56:5f:5a:b2: 539s e5:a1:49:64:db:6e:e1:64:53:a0:0d:16:e5:f8:75: 539s 20:72:6d:30:f2:d7:4a:2c:7f:3c:04:f1:c2:34:a0: 539s 09:80:33:9c:8e:6f:0a:24:90:88:88:ca:cb:7d:5f: 539s 1d:6b:36:0e:7a:5c:78:df:08:32:9e:0c:39:e4:f3: 539s f8:27:bf:88:06:48:62:f0:2c:33:a7:1d:1c:3f:ef: 539s f5:fd:f9:9e:7a:03:cd:1b:a0:d7:13:ec:56:13:65: 539s dd:f6:f6:ea:e2:08:0b:00:d7 539s Exponent: 65537 (0x10001) 539s X509v3 extensions: 539s X509v3 Authority Key Identifier: 539s 3F:09:E3:6B:68:8E:15:D2:C5:A3:F5:6F:5A:EC:11:7A:7B:28:1D:EF 539s X509v3 Basic Constraints: 539s CA:FALSE 539s Netscape Cert Type: 539s SSL Client, S/MIME 539s Netscape Comment: 539s Test Organization Intermediate CA trusted Certificate 539s X509v3 Subject Key Identifier: 539s 12:68:86:3E:9A:03:79:54:98:8F:CD:30:1A:41:CF:D7:B9:17:60:1B 539s X509v3 Key Usage: critical 539s Digital Signature, Non Repudiation, Key Encipherment 539s X509v3 Extended Key Usage: 539s TLS Web Client Authentication, E-mail Protection 539s X509v3 Subject Alternative Name: 539s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 539s Signature Algorithm: sha256WithRSAEncryption 539s Signature Value: 539s 02:35:f3:6f:e6:89:aa:05:35:c9:fc:84:80:02:5a:cb:ba:39: 539s e5:32:95:26:75:c3:28:9a:05:d4:85:40:14:1f:64:fb:3e:73: 539s 21:03:6e:29:3d:68:e9:c3:16:d5:de:9c:ed:62:12:74:87:a0: 539s 7b:ab:46:39:9e:b5:29:5a:4c:02:81:cf:78:37:44:47:a0:33: 539s 92:d9:dd:bc:96:d7:fd:a9:5c:1e:39:c0:7d:34:69:64:ad:86: 539s 53:41:31:50:31:0c:3a:19:f3:43:50:7f:9a:49:2a:7c:4e:23: 539s 29:0d:18:5e:e3:8d:a9:4e:e6:ce:8d:24:80:a2:c7:91:a1:f6: 539s 05:cb 539s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-8189-auth.pem 539s + found_md5=Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 539s + '[' Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 '!=' Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 ']' 539s + invalid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem 539s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem 539s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 539s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9549 539s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem 539s + local verify_option= 539s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 539s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 539s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9549 539s + local key_cn 539s + local key_name 539s + local tokens_dir 539s + local output_cert_file 539s + token_name= 539s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem .pem 539s + key_name=test-intermediate-CA-trusted-certificate-0001 539s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 539s ++ sed -n 's/ *commonName *= //p' 539s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 539s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 539s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 539s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 539s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 539s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001 539s + token_name='Test Organization Interme Token' 539s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 539s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 539s + echo 'Test Organization Interme Token' 539s Test Organization Interme Token 539s + '[' -n '' ']' 539s + local output_base_name=SSSD-child-16739 539s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-16739.output 539s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-16739.pem 539s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem 539s [p11_child[2418]] [main] (0x0400): p11_child started. 539s [p11_child[2418]] [main] (0x2000): Running in [pre-auth] mode. 539s [p11_child[2418]] [main] (0x2000): Running with effective IDs: [0][0]. 539s [p11_child[2418]] [main] (0x2000): Running with real IDs [0][0]. 539s [p11_child[2418]] [do_card] (0x4000): Module List: 539s [p11_child[2418]] [do_card] (0x4000): common name: [softhsm2]. 539s [p11_child[2418]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 539s [p11_child[2418]] [do_card] (0x4000): Description [SoftHSM slot ID 0x79aa932e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 539s [p11_child[2418]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 539s [p11_child[2418]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x79aa932e][2041221934] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 539s [p11_child[2418]] [do_card] (0x4000): Login NOT required. 539s [p11_child[2418]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 539s [p11_child[2418]] [do_verification] (0x0040): X509_verify_cert failed [0]. 539s [p11_child[2418]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 539s [p11_child[2418]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 539s [p11_child[2418]] [do_card] (0x4000): No certificate found. 539s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-16739.output 539s + return 2 539s + valid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem partial_chain 539s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem partial_chain 539s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 539s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9549 539s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem 539s + local verify_option=partial_chain 539s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9549 539s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 539s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9549 539s + local key_cn 539s + local key_name 539s + local tokens_dir 539s + local output_cert_file 539s + token_name= 539s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem .pem 539s + key_name=test-intermediate-CA-trusted-certificate-0001 539s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 539s ++ sed -n 's/ *commonName *= //p' 539s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 539s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 539s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 539s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 539s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 539s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001 539s + token_name='Test Organization Interme Token' 539s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 539s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 539s + echo 'Test Organization Interme Token' 539s + '[' -n partial_chain ']' 539s + local verify_arg=--verify=partial_chain 539s Test Organization Interme Token 539s + local output_base_name=SSSD-child-24805 539s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-24805.output 539s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-24805.pem 539s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem 539s [p11_child[2425]] [main] (0x0400): p11_child started. 539s [p11_child[2425]] [main] (0x2000): Running in [pre-auth] mode. 539s [p11_child[2425]] [main] (0x2000): Running with effective IDs: [0][0]. 539s [p11_child[2425]] [main] (0x2000): Running with real IDs [0][0]. 539s [p11_child[2425]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 539s [p11_child[2425]] [do_card] (0x4000): Module List: 539s [p11_child[2425]] [do_card] (0x4000): common name: [softhsm2]. 539s [p11_child[2425]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 539s [p11_child[2425]] [do_card] (0x4000): Description [SoftHSM slot ID 0x79aa932e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 539s [p11_child[2425]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 539s [p11_child[2425]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x79aa932e][2041221934] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 539s [p11_child[2425]] [do_card] (0x4000): Login NOT required. 539s [p11_child[2425]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 539s [p11_child[2425]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 539s [p11_child[2425]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 539s [p11_child[2425]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x79aa932e;slot-manufacturer=SoftHSM%20project;slot-id=2041221934;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4651e5fb79aa932e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 539s [p11_child[2425]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 539s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-24805.output 539s + echo '-----BEGIN CERTIFICATE-----' 539s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-24805.output 539s + echo '-----END CERTIFICATE-----' 539s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-24805.pem 539s Certificate: 539s Data: 539s Version: 3 (0x2) 539s Serial Number: 4 (0x4) 539s Signature Algorithm: sha256WithRSAEncryption 539s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 539s Validity 539s Not Before: Mar 14 16:05:57 2024 GMT 539s Not After : Mar 14 16:05:57 2025 GMT 539s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 539s Subject Public Key Info: 539s Public Key Algorithm: rsaEncryption 539s Public-Key: (1024 bit) 539s Modulus: 539s 00:da:47:b0:94:0c:2d:9f:22:be:e8:9f:21:e3:24: 539s c5:fc:c8:e6:e4:cb:eb:65:16:d0:dd:56:5f:5a:b2: 539s e5:a1:49:64:db:6e:e1:64:53:a0:0d:16:e5:f8:75: 539s 20:72:6d:30:f2:d7:4a:2c:7f:3c:04:f1:c2:34:a0: 539s 09:80:33:9c:8e:6f:0a:24:90:88:88:ca:cb:7d:5f: 539s 1d:6b:36:0e:7a:5c:78:df:08:32:9e:0c:39:e4:f3: 539s f8:27:bf:88:06:48:62:f0:2c:33:a7:1d:1c:3f:ef: 539s f5:fd:f9:9e:7a:03:cd:1b:a0:d7:13:ec:56:13:65: 539s dd:f6:f6:ea:e2:08:0b:00:d7 539s Exponent: 65537 (0x10001) 539s X509v3 extensions: 539s X509v3 Authority Key Identifier: 539s 3F:09:E3:6B:68:8E:15:D2:C5:A3:F5:6F:5A:EC:11:7A:7B:28:1D:EF 539s X509v3 Basic Constraints: 539s CA:FALSE 539s Netscape Cert Type: 539s SSL Client, S/MIME 539s Netscape Comment: 539s Test Organization Intermediate CA trusted Certificate 539s X509v3 Subject Key Identifier: 539s 12:68:86:3E:9A:03:79:54:98:8F:CD:30:1A:41:CF:D7:B9:17:60:1B 539s X509v3 Key Usage: critical 539s Digital Signature, Non Repudiation, Key Encipherment 539s X509v3 Extended Key Usage: 539s TLS Web Client Authentication, E-mail Protection 539s X509v3 Subject Alternative Name: 539s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 539s Signature Algorithm: sha256WithRSAEncryption 539s Signature Value: 539s 02:35:f3:6f:e6:89:aa:05:35:c9:fc:84:80:02:5a:cb:ba:39: 539s e5:32:95:26:75:c3:28:9a:05:d4:85:40:14:1f:64:fb:3e:73: 539s 21:03:6e:29:3d:68:e9:c3:16:d5:de:9c:ed:62:12:74:87:a0: 539s 7b:ab:46:39:9e:b5:29:5a:4c:02:81:cf:78:37:44:47:a0:33: 539s 92:d9:dd:bc:96:d7:fd:a9:5c:1e:39:c0:7d:34:69:64:ad:86: 539s 53:41:31:50:31:0c:3a:19:f3:43:50:7f:9a:49:2a:7c:4e:23: 539s 29:0d:18:5e:e3:8d:a9:4e:e6:ce:8d:24:80:a2:c7:91:a1:f6: 539s 05:cb 539s + local found_md5 expected_md5 539s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA-trusted-certificate-0001.pem 539s + expected_md5=Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 539s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-24805.pem 539s + found_md5=Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 539s + '[' Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 '!=' Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 ']' 539s + output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-24805-auth.output 539s ++ basename /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-24805-auth.output .output 539s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-24805-auth.pem 539s + echo -n 053350 539s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 539s [p11_child[2433]] [main] (0x0400): p11_child started. 539s [p11_child[2433]] [main] (0x2000): Running in [auth] mode. 539s [p11_child[2433]] [main] (0x2000): Running with effective IDs: [0][0]. 539s [p11_child[2433]] [main] (0x2000): Running with real IDs [0][0]. 539s [p11_child[2433]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 539s [p11_child[2433]] [do_card] (0x4000): Module List: 539s [p11_child[2433]] [do_card] (0x4000): common name: [softhsm2]. 539s [p11_child[2433]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 539s [p11_child[2433]] [do_card] (0x4000): Description [SoftHSM slot ID 0x79aa932e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 539s [p11_child[2433]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 539s [p11_child[2433]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x79aa932e][2041221934] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 539s [p11_child[2433]] [do_card] (0x4000): Login required. 539s [p11_child[2433]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 539s [p11_child[2433]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 539s [p11_child[2433]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 539s [p11_child[2433]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x79aa932e;slot-manufacturer=SoftHSM%20project;slot-id=2041221934;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4651e5fb79aa932e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 539s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 539s [p11_child[2433]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 539s [p11_child[2433]] [do_card] (0x4000): Certificate verified and validated. 539s [p11_child[2433]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 539s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-24805-auth.output 539s + echo '-----BEGIN CERTIFICATE-----' 539s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-24805-auth.output 539s + echo '-----END CERTIFICATE-----' 539s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-24805-auth.pem 539s Certificate: 539s Data: 539s Version: 3 (0x2) 539s Serial Number: 4 (0x4) 539s Signature Algorithm: sha256WithRSAEncryption 539s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 539s Validity 539s Not Before: Mar 14 16:05:57 2024 GMT 539s Not After : Mar 14 16:05:57 2025 GMT 539s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 539s Subject Public Key Info: 539s Public Key Algorithm: rsaEncryption 539s Public-Key: (1024 bit) 539s Modulus: 539s 00:da:47:b0:94:0c:2d:9f:22:be:e8:9f:21:e3:24: 539s c5:fc:c8:e6:e4:cb:eb:65:16:d0:dd:56:5f:5a:b2: 539s e5:a1:49:64:db:6e:e1:64:53:a0:0d:16:e5:f8:75: 539s 20:72:6d:30:f2:d7:4a:2c:7f:3c:04:f1:c2:34:a0: 539s 09:80:33:9c:8e:6f:0a:24:90:88:88:ca:cb:7d:5f: 539s 1d:6b:36:0e:7a:5c:78:df:08:32:9e:0c:39:e4:f3: 539s f8:27:bf:88:06:48:62:f0:2c:33:a7:1d:1c:3f:ef: 539s f5:fd:f9:9e:7a:03:cd:1b:a0:d7:13:ec:56:13:65: 539s dd:f6:f6:ea:e2:08:0b:00:d7 539s Exponent: 65537 (0x10001) 539s X509v3 extensions: 539s X509v3 Authority Key Identifier: 539s 3F:09:E3:6B:68:8E:15:D2:C5:A3:F5:6F:5A:EC:11:7A:7B:28:1D:EF 539s X509v3 Basic Constraints: 539s CA:FALSE 539s Netscape Cert Type: 539s SSL Client, S/MIME 539s Netscape Comment: 539s Test Organization Intermediate CA trusted Certificate 539s X509v3 Subject Key Identifier: 539s 12:68:86:3E:9A:03:79:54:98:8F:CD:30:1A:41:CF:D7:B9:17:60:1B 539s X509v3 Key Usage: critical 539s Digital Signature, Non Repudiation, Key Encipherment 539s X509v3 Extended Key Usage: 539s TLS Web Client Authentication, E-mail Protection 539s X509v3 Subject Alternative Name: 539s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 539s Signature Algorithm: sha256WithRSAEncryption 539s Signature Value: 539s 02:35:f3:6f:e6:89:aa:05:35:c9:fc:84:80:02:5a:cb:ba:39: 539s e5:32:95:26:75:c3:28:9a:05:d4:85:40:14:1f:64:fb:3e:73: 539s 21:03:6e:29:3d:68:e9:c3:16:d5:de:9c:ed:62:12:74:87:a0: 539s 7b:ab:46:39:9e:b5:29:5a:4c:02:81:cf:78:37:44:47:a0:33: 539s 92:d9:dd:bc:96:d7:fd:a9:5c:1e:39:c0:7d:34:69:64:ad:86: 539s 53:41:31:50:31:0c:3a:19:f3:43:50:7f:9a:49:2a:7c:4e:23: 539s 29:0d:18:5e:e3:8d:a9:4e:e6:ce:8d:24:80:a2:c7:91:a1:f6: 539s 05:cb 539s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-24805-auth.pem 540s + found_md5=Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 540s + '[' Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 '!=' Modulus=DA47B0940C2D9F22BEE89F21E324C5FCC8E6E4CBEB6516D0DD565F5AB2E5A14964DB6EE16453A00D16E5F87520726D30F2D74A2C7F3C04F1C234A00980339C8E6F0A24908888CACB7D5F1D6B360E7A5C78DF08329E0C39E4F3F827BF88064862F02C33A71D1C3FEFF5FDF99E7A03CD1BA0D713EC561365DDF6F6EAE2080B00D7 ']' 540s + invalid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 540s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 540s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 540s + local verify_option= 540s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local key_cn 540s + local key_name 540s + local tokens_dir 540s + local output_cert_file 540s + token_name= 540s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 540s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 540s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s ++ sed -n 's/ *commonName *= //p' 540s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 540s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 540s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 540s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 540s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 540s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 540s + token_name='Test Organization Sub Int Token' 540s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 540s + local key_file 540s + local decrypted_key 540s + mkdir -p /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 540s + key_file=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 540s + decrypted_key=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 540s + cat 540s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 053350 --so-pin 053350 --free 540s Slot 0 has a free/uninitialized token. 540s The token has been initialized and is reassigned to slot 124594915 540s + softhsm2-util --show-slots 540s Available slots: 540s Slot 124594915 540s Slot info: 540s Description: SoftHSM slot ID 0x76d2ae3 540s Manufacturer ID: SoftHSM project 540s Hardware version: 2.6 540s Firmware version: 2.6 540s Token present: yes 540s Token info: 540s Manufacturer ID: SoftHSM project 540s Model: SoftHSM v2 540s Hardware version: 2.6 540s Firmware version: 2.6 540s Serial number: 8373773f876d2ae3 540s Initialized: yes 540s User PIN init.: yes 540s Label: Test Organization Sub Int Token 540s Slot 1 540s Slot info: 540s Description: SoftHSM slot ID 0x1 540s Manufacturer ID: SoftHSM project 540s Hardware version: 2.6 540s Firmware version: 2.6 540s Token present: yes 540s Token info: 540s Manufacturer ID: SoftHSM project 540s Model: SoftHSM v2 540s Hardware version: 2.6 540s Firmware version: 2.6 540s Serial number: 540s Initialized: no 540s User PIN init.: no 540s Label: 540s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 540s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-31373 -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 540s writing RSA key 540s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 540s + rm /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 540s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 540s Object 0: 540s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8373773f876d2ae3;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 540s Type: X.509 Certificate (RSA-1024) 540s Expires: Fri Mar 14 16:05:57 2025 540s Label: Test Organization Sub Intermediate Trusted Certificate 0001 540s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 540s 540s Test Organization Sub Int Token 540s + echo 'Test Organization Sub Int Token' 540s + '[' -n '' ']' 540s + local output_base_name=SSSD-child-17920 540s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-17920.output 540s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-17920.pem 540s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 540s [p11_child[2452]] [main] (0x0400): p11_child started. 540s [p11_child[2452]] [main] (0x2000): Running in [pre-auth] mode. 540s [p11_child[2452]] [main] (0x2000): Running with effective IDs: [0][0]. 540s [p11_child[2452]] [main] (0x2000): Running with real IDs [0][0]. 540s [p11_child[2452]] [do_card] (0x4000): Module List: 540s [p11_child[2452]] [do_card] (0x4000): common name: [softhsm2]. 540s [p11_child[2452]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 540s [p11_child[2452]] [do_card] (0x4000): Description [SoftHSM slot ID 0x76d2ae3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 540s [p11_child[2452]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 540s [p11_child[2452]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x76d2ae3][124594915] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 540s [p11_child[2452]] [do_card] (0x4000): Login NOT required. 540s [p11_child[2452]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 540s [p11_child[2452]] [do_verification] (0x0040): X509_verify_cert failed [0]. 540s [p11_child[2452]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 540s [p11_child[2452]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 540s [p11_child[2452]] [do_card] (0x4000): No certificate found. 540s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-17920.output 540s + return 2 540s + invalid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem partial_chain 540s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 /tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem partial_chain 540s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 540s + local verify_option=partial_chain 540s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local key_cn 540s + local key_name 540s + local tokens_dir 540s + local output_cert_file 540s + token_name= 540s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 540s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 540s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s ++ sed -n 's/ *commonName *= //p' 540s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 540s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 540s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 540s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 540s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 540s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 540s + token_name='Test Organization Sub Int Token' 540s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 540s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 540s + echo 'Test Organization Sub Int Token' 540s + '[' -n partial_chain ']' 540s + local verify_arg=--verify=partial_chain 540s + local output_base_name=SSSD-child-12739 540s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-12739.output 540s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-12739.pem 540s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-root-CA.pem 540s Test Organization Sub Int Token 540s [p11_child[2459]] [main] (0x0400): p11_child started. 540s [p11_child[2459]] [main] (0x2000): Running in [pre-auth] mode. 540s [p11_child[2459]] [main] (0x2000): Running with effective IDs: [0][0]. 540s [p11_child[2459]] [main] (0x2000): Running with real IDs [0][0]. 540s [p11_child[2459]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 540s [p11_child[2459]] [do_card] (0x4000): Module List: 540s [p11_child[2459]] [do_card] (0x4000): common name: [softhsm2]. 540s [p11_child[2459]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 540s [p11_child[2459]] [do_card] (0x4000): Description [SoftHSM slot ID 0x76d2ae3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 540s [p11_child[2459]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 540s [p11_child[2459]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x76d2ae3][124594915] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 540s [p11_child[2459]] [do_card] (0x4000): Login NOT required. 540s [p11_child[2459]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 540s [p11_child[2459]] [do_verification] (0x0040): X509_verify_cert failed [0]. 540s [p11_child[2459]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 540s [p11_child[2459]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 540s [p11_child[2459]] [do_card] (0x4000): No certificate found. 540s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-12739.output 540s + return 2 540s + valid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 540s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 540s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 540s + local verify_option= 540s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local key_cn 540s + local key_name 540s + local tokens_dir 540s + local output_cert_file 540s + token_name= 540s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 540s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 540s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s ++ sed -n 's/ *commonName *= //p' 540s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 540s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 540s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 540s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 540s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 540s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 540s + token_name='Test Organization Sub Int Token' 540s Test Organization Sub Int Token 540s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 540s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 540s + echo 'Test Organization Sub Int Token' 540s + '[' -n '' ']' 540s + local output_base_name=SSSD-child-25117 540s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25117.output 540s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25117.pem 540s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 540s [p11_child[2466]] [main] (0x0400): p11_child started. 540s [p11_child[2466]] [main] (0x2000): Running in [pre-auth] mode. 540s [p11_child[2466]] [main] (0x2000): Running with effective IDs: [0][0]. 540s [p11_child[2466]] [main] (0x2000): Running with real IDs [0][0]. 540s [p11_child[2466]] [do_card] (0x4000): Module List: 540s [p11_child[2466]] [do_card] (0x4000): common name: [softhsm2]. 540s [p11_child[2466]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 540s [p11_child[2466]] [do_card] (0x4000): Description [SoftHSM slot ID 0x76d2ae3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 540s [p11_child[2466]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 540s [p11_child[2466]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x76d2ae3][124594915] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 540s [p11_child[2466]] [do_card] (0x4000): Login NOT required. 540s [p11_child[2466]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 540s [p11_child[2466]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 540s [p11_child[2466]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 540s [p11_child[2466]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x76d2ae3;slot-manufacturer=SoftHSM%20project;slot-id=124594915;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8373773f876d2ae3;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 540s [p11_child[2466]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 540s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25117.output 540s + echo '-----BEGIN CERTIFICATE-----' 540s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25117.output 540s + echo '-----END CERTIFICATE-----' 540s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25117.pem 540s Certificate: 540s Data: 540s Version: 3 (0x2) 540s Serial Number: 5 (0x5) 540s Signature Algorithm: sha256WithRSAEncryption 540s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 540s Validity 540s Not Before: Mar 14 16:05:57 2024 GMT 540s Not After : Mar 14 16:05:57 2025 GMT 540s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 540s Subject Public Key Info: 540s Public Key Algorithm: rsaEncryption 540s Public-Key: (1024 bit) 540s Modulus: 540s 00:d3:bb:ac:29:39:7f:64:c2:8b:3c:aa:ec:97:d1: 540s 7e:05:28:8b:84:04:61:8b:2f:5a:98:59:50:e1:9e: 540s 2d:c3:de:7d:d8:34:12:38:7c:38:48:a7:3d:02:55: 540s e8:46:b3:43:32:2a:fe:bc:41:59:13:5f:af:5e:b9: 540s 72:3b:99:da:c5:97:4a:b8:11:8f:82:88:e4:13:0a: 540s 19:37:e7:8d:75:14:c7:e9:8a:7d:e0:8a:ee:0e:18: 540s 10:a7:1c:bb:06:ac:f4:6c:7b:d3:ef:54:6a:25:cb: 540s 5c:51:c1:1c:9f:76:c0:43:44:32:60:3a:0c:97:a6: 540s 65:4d:8e:e4:55:4e:11:4d:87 540s Exponent: 65537 (0x10001) 540s X509v3 extensions: 540s X509v3 Authority Key Identifier: 540s BE:E0:30:2D:FC:7F:41:9D:4F:4A:1F:A5:52:1A:9A:7E:4C:C3:1B:B6 540s X509v3 Basic Constraints: 540s CA:FALSE 540s Netscape Cert Type: 540s SSL Client, S/MIME 540s Netscape Comment: 540s Test Organization Sub Intermediate CA trusted Certificate 540s X509v3 Subject Key Identifier: 540s 12:76:52:0B:53:5A:E6:17:9E:C0:CF:DF:55:97:AD:47:27:1C:7A:C2 540s X509v3 Key Usage: critical 540s Digital Signature, Non Repudiation, Key Encipherment 540s X509v3 Extended Key Usage: 540s TLS Web Client Authentication, E-mail Protection 540s X509v3 Subject Alternative Name: 540s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 540s Signature Algorithm: sha256WithRSAEncryption 540s Signature Value: 540s b7:04:70:c6:74:39:92:31:45:d1:63:38:cf:49:5c:56:66:c9: 540s ff:71:3e:5e:b5:8e:cd:db:70:5e:ef:74:49:96:fd:a4:0f:00: 540s da:41:a5:79:33:8b:3c:86:1c:62:2e:fb:eb:c6:20:7b:f3:7c: 540s 4e:67:32:44:77:44:b3:f3:59:f9:8f:c7:7b:53:f7:3c:0b:f4: 540s 5f:16:4d:31:6f:d1:c4:4d:87:04:27:36:02:cd:e2:01:e6:da: 540s b4:3f:ae:ef:04:4a:89:84:66:34:d3:b6:55:4c:09:5f:97:42: 540s 86:89:b4:b5:1a:14:28:a3:91:1e:e3:86:ef:72:80:3c:58:7c: 540s 29:82 540s + local found_md5 expected_md5 540s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s + expected_md5=Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 540s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25117.pem 540s + found_md5=Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 540s + '[' Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 '!=' Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 ']' 540s + output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25117-auth.output 540s ++ basename /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25117-auth.output .output 540s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25117-auth.pem 540s + echo -n 053350 540s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 540s [p11_child[2474]] [main] (0x0400): p11_child started. 540s [p11_child[2474]] [main] (0x2000): Running in [auth] mode. 540s [p11_child[2474]] [main] (0x2000): Running with effective IDs: [0][0]. 540s [p11_child[2474]] [main] (0x2000): Running with real IDs [0][0]. 540s [p11_child[2474]] [do_card] (0x4000): Module List: 540s [p11_child[2474]] [do_card] (0x4000): common name: [softhsm2]. 540s [p11_child[2474]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 540s [p11_child[2474]] [do_card] (0x4000): Description [SoftHSM slot ID 0x76d2ae3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 540s [p11_child[2474]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 540s [p11_child[2474]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x76d2ae3][124594915] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 540s [p11_child[2474]] [do_card] (0x4000): Login required. 540s [p11_child[2474]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 540s [p11_child[2474]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 540s [p11_child[2474]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 540s [p11_child[2474]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x76d2ae3;slot-manufacturer=SoftHSM%20project;slot-id=124594915;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8373773f876d2ae3;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 540s [p11_child[2474]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 540s [p11_child[2474]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 540s [p11_child[2474]] [do_card] (0x4000): Certificate verified and validated. 540s [p11_child[2474]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 540s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25117-auth.output 540s + echo '-----BEGIN CERTIFICATE-----' 540s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25117-auth.output 540s + echo '-----END CERTIFICATE-----' 540s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25117-auth.pem 540s Certificate: 540s Data: 540s Version: 3 (0x2) 540s Serial Number: 5 (0x5) 540s Signature Algorithm: sha256WithRSAEncryption 540s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 540s Validity 540s Not Before: Mar 14 16:05:57 2024 GMT 540s Not After : Mar 14 16:05:57 2025 GMT 540s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 540s Subject Public Key Info: 540s Public Key Algorithm: rsaEncryption 540s Public-Key: (1024 bit) 540s Modulus: 540s 00:d3:bb:ac:29:39:7f:64:c2:8b:3c:aa:ec:97:d1: 540s 7e:05:28:8b:84:04:61:8b:2f:5a:98:59:50:e1:9e: 540s 2d:c3:de:7d:d8:34:12:38:7c:38:48:a7:3d:02:55: 540s e8:46:b3:43:32:2a:fe:bc:41:59:13:5f:af:5e:b9: 540s 72:3b:99:da:c5:97:4a:b8:11:8f:82:88:e4:13:0a: 540s 19:37:e7:8d:75:14:c7:e9:8a:7d:e0:8a:ee:0e:18: 540s 10:a7:1c:bb:06:ac:f4:6c:7b:d3:ef:54:6a:25:cb: 540s 5c:51:c1:1c:9f:76:c0:43:44:32:60:3a:0c:97:a6: 540s 65:4d:8e:e4:55:4e:11:4d:87 540s Exponent: 65537 (0x10001) 540s X509v3 extensions: 540s X509v3 Authority Key Identifier: 540s BE:E0:30:2D:FC:7F:41:9D:4F:4A:1F:A5:52:1A:9A:7E:4C:C3:1B:B6 540s X509v3 Basic Constraints: 540s CA:FALSE 540s Netscape Cert Type: 540s SSL Client, S/MIME 540s Netscape Comment: 540s Test Organization Sub Intermediate CA trusted Certificate 540s X509v3 Subject Key Identifier: 540s 12:76:52:0B:53:5A:E6:17:9E:C0:CF:DF:55:97:AD:47:27:1C:7A:C2 540s X509v3 Key Usage: critical 540s Digital Signature, Non Repudiation, Key Encipherment 540s X509v3 Extended Key Usage: 540s TLS Web Client Authentication, E-mail Protection 540s X509v3 Subject Alternative Name: 540s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 540s Signature Algorithm: sha256WithRSAEncryption 540s Signature Value: 540s b7:04:70:c6:74:39:92:31:45:d1:63:38:cf:49:5c:56:66:c9: 540s ff:71:3e:5e:b5:8e:cd:db:70:5e:ef:74:49:96:fd:a4:0f:00: 540s da:41:a5:79:33:8b:3c:86:1c:62:2e:fb:eb:c6:20:7b:f3:7c: 540s 4e:67:32:44:77:44:b3:f3:59:f9:8f:c7:7b:53:f7:3c:0b:f4: 540s 5f:16:4d:31:6f:d1:c4:4d:87:04:27:36:02:cd:e2:01:e6:da: 540s b4:3f:ae:ef:04:4a:89:84:66:34:d3:b6:55:4c:09:5f:97:42: 540s 86:89:b4:b5:1a:14:28:a3:91:1e:e3:86:ef:72:80:3c:58:7c: 540s 29:82 540s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-25117-auth.pem 540s + found_md5=Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 540s + '[' Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 '!=' Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 ']' 540s + valid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem partial_chain 540s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 /tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem partial_chain 540s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 540s + local verify_option=partial_chain 540s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local key_cn 540s + local key_name 540s + local tokens_dir 540s + local output_cert_file 540s + token_name= 540s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 540s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 540s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s ++ sed -n 's/ *commonName *= //p' 540s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 540s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 540s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 540s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 540s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 540s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 540s + token_name='Test Organization Sub Int Token' 540s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 540s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 540s Test Organization Sub Int Token 540s + echo 'Test Organization Sub Int Token' 540s + '[' -n partial_chain ']' 540s + local verify_arg=--verify=partial_chain 540s + local output_base_name=SSSD-child-21869 540s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21869.output 540s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21869.pem 540s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem 540s [p11_child[2484]] [main] (0x0400): p11_child started. 540s [p11_child[2484]] [main] (0x2000): Running in [pre-auth] mode. 540s [p11_child[2484]] [main] (0x2000): Running with effective IDs: [0][0]. 540s [p11_child[2484]] [main] (0x2000): Running with real IDs [0][0]. 540s [p11_child[2484]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 540s [p11_child[2484]] [do_card] (0x4000): Module List: 540s [p11_child[2484]] [do_card] (0x4000): common name: [softhsm2]. 540s [p11_child[2484]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 540s [p11_child[2484]] [do_card] (0x4000): Description [SoftHSM slot ID 0x76d2ae3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 540s [p11_child[2484]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 540s [p11_child[2484]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x76d2ae3][124594915] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 540s [p11_child[2484]] [do_card] (0x4000): Login NOT required. 540s [p11_child[2484]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 540s [p11_child[2484]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 540s [p11_child[2484]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 540s [p11_child[2484]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x76d2ae3;slot-manufacturer=SoftHSM%20project;slot-id=124594915;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8373773f876d2ae3;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 540s [p11_child[2484]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 540s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21869.output 540s + echo '-----BEGIN CERTIFICATE-----' 540s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21869.output 540s + echo '-----END CERTIFICATE-----' 540s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21869.pem 540s Certificate: 540s Data: 540s Version: 3 (0x2) 540s Serial Number: 5 (0x5) 540s Signature Algorithm: sha256WithRSAEncryption 540s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 540s Validity 540s Not Before: Mar 14 16:05:57 2024 GMT 540s Not After : Mar 14 16:05:57 2025 GMT 540s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 540s Subject Public Key Info: 540s Public Key Algorithm: rsaEncryption 540s Public-Key: (1024 bit) 540s Modulus: 540s 00:d3:bb:ac:29:39:7f:64:c2:8b:3c:aa:ec:97:d1: 540s 7e:05:28:8b:84:04:61:8b:2f:5a:98:59:50:e1:9e: 540s 2d:c3:de:7d:d8:34:12:38:7c:38:48:a7:3d:02:55: 540s e8:46:b3:43:32:2a:fe:bc:41:59:13:5f:af:5e:b9: 540s 72:3b:99:da:c5:97:4a:b8:11:8f:82:88:e4:13:0a: 540s 19:37:e7:8d:75:14:c7:e9:8a:7d:e0:8a:ee:0e:18: 540s 10:a7:1c:bb:06:ac:f4:6c:7b:d3:ef:54:6a:25:cb: 540s 5c:51:c1:1c:9f:76:c0:43:44:32:60:3a:0c:97:a6: 540s 65:4d:8e:e4:55:4e:11:4d:87 540s Exponent: 65537 (0x10001) 540s X509v3 extensions: 540s X509v3 Authority Key Identifier: 540s BE:E0:30:2D:FC:7F:41:9D:4F:4A:1F:A5:52:1A:9A:7E:4C:C3:1B:B6 540s X509v3 Basic Constraints: 540s CA:FALSE 540s Netscape Cert Type: 540s SSL Client, S/MIME 540s Netscape Comment: 540s Test Organization Sub Intermediate CA trusted Certificate 540s X509v3 Subject Key Identifier: 540s 12:76:52:0B:53:5A:E6:17:9E:C0:CF:DF:55:97:AD:47:27:1C:7A:C2 540s X509v3 Key Usage: critical 540s Digital Signature, Non Repudiation, Key Encipherment 540s X509v3 Extended Key Usage: 540s TLS Web Client Authentication, E-mail Protection 540s X509v3 Subject Alternative Name: 540s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 540s Signature Algorithm: sha256WithRSAEncryption 540s Signature Value: 540s b7:04:70:c6:74:39:92:31:45:d1:63:38:cf:49:5c:56:66:c9: 540s ff:71:3e:5e:b5:8e:cd:db:70:5e:ef:74:49:96:fd:a4:0f:00: 540s da:41:a5:79:33:8b:3c:86:1c:62:2e:fb:eb:c6:20:7b:f3:7c: 540s 4e:67:32:44:77:44:b3:f3:59:f9:8f:c7:7b:53:f7:3c:0b:f4: 540s 5f:16:4d:31:6f:d1:c4:4d:87:04:27:36:02:cd:e2:01:e6:da: 540s b4:3f:ae:ef:04:4a:89:84:66:34:d3:b6:55:4c:09:5f:97:42: 540s 86:89:b4:b5:1a:14:28:a3:91:1e:e3:86:ef:72:80:3c:58:7c: 540s 29:82 540s + local found_md5 expected_md5 540s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s + expected_md5=Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 540s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21869.pem 540s + found_md5=Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 540s + '[' Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 '!=' Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 ']' 540s + output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21869-auth.output 540s ++ basename /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21869-auth.output .output 540s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21869-auth.pem 540s + echo -n 053350 540s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 540s [p11_child[2492]] [main] (0x0400): p11_child started. 540s [p11_child[2492]] [main] (0x2000): Running in [auth] mode. 540s [p11_child[2492]] [main] (0x2000): Running with effective IDs: [0][0]. 540s [p11_child[2492]] [main] (0x2000): Running with real IDs [0][0]. 540s [p11_child[2492]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 540s [p11_child[2492]] [do_card] (0x4000): Module List: 540s [p11_child[2492]] [do_card] (0x4000): common name: [softhsm2]. 540s [p11_child[2492]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 540s [p11_child[2492]] [do_card] (0x4000): Description [SoftHSM slot ID 0x76d2ae3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 540s [p11_child[2492]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 540s [p11_child[2492]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x76d2ae3][124594915] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 540s [p11_child[2492]] [do_card] (0x4000): Login required. 540s [p11_child[2492]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 540s [p11_child[2492]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 540s [p11_child[2492]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 540s [p11_child[2492]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x76d2ae3;slot-manufacturer=SoftHSM%20project;slot-id=124594915;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8373773f876d2ae3;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 540s [p11_child[2492]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 540s [p11_child[2492]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 540s [p11_child[2492]] [do_card] (0x4000): Certificate verified and validated. 540s [p11_child[2492]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 540s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21869-auth.output 540s + echo '-----BEGIN CERTIFICATE-----' 540s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21869-auth.output 540s + echo '-----END CERTIFICATE-----' 540s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21869-auth.pem 540s Certificate: 540s Data: 540s Version: 3 (0x2) 540s Serial Number: 5 (0x5) 540s Signature Algorithm: sha256WithRSAEncryption 540s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 540s Validity 540s Not Before: Mar 14 16:05:57 2024 GMT 540s Not After : Mar 14 16:05:57 2025 GMT 540s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 540s Subject Public Key Info: 540s Public Key Algorithm: rsaEncryption 540s Public-Key: (1024 bit) 540s Modulus: 540s 00:d3:bb:ac:29:39:7f:64:c2:8b:3c:aa:ec:97:d1: 540s 7e:05:28:8b:84:04:61:8b:2f:5a:98:59:50:e1:9e: 540s 2d:c3:de:7d:d8:34:12:38:7c:38:48:a7:3d:02:55: 540s e8:46:b3:43:32:2a:fe:bc:41:59:13:5f:af:5e:b9: 540s 72:3b:99:da:c5:97:4a:b8:11:8f:82:88:e4:13:0a: 540s 19:37:e7:8d:75:14:c7:e9:8a:7d:e0:8a:ee:0e:18: 540s 10:a7:1c:bb:06:ac:f4:6c:7b:d3:ef:54:6a:25:cb: 540s 5c:51:c1:1c:9f:76:c0:43:44:32:60:3a:0c:97:a6: 540s 65:4d:8e:e4:55:4e:11:4d:87 540s Exponent: 65537 (0x10001) 540s X509v3 extensions: 540s X509v3 Authority Key Identifier: 540s BE:E0:30:2D:FC:7F:41:9D:4F:4A:1F:A5:52:1A:9A:7E:4C:C3:1B:B6 540s X509v3 Basic Constraints: 540s CA:FALSE 540s Netscape Cert Type: 540s SSL Client, S/MIME 540s Netscape Comment: 540s Test Organization Sub Intermediate CA trusted Certificate 540s X509v3 Subject Key Identifier: 540s 12:76:52:0B:53:5A:E6:17:9E:C0:CF:DF:55:97:AD:47:27:1C:7A:C2 540s X509v3 Key Usage: critical 540s Digital Signature, Non Repudiation, Key Encipherment 540s X509v3 Extended Key Usage: 540s TLS Web Client Authentication, E-mail Protection 540s X509v3 Subject Alternative Name: 540s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 540s Signature Algorithm: sha256WithRSAEncryption 540s Signature Value: 540s b7:04:70:c6:74:39:92:31:45:d1:63:38:cf:49:5c:56:66:c9: 540s ff:71:3e:5e:b5:8e:cd:db:70:5e:ef:74:49:96:fd:a4:0f:00: 540s da:41:a5:79:33:8b:3c:86:1c:62:2e:fb:eb:c6:20:7b:f3:7c: 540s 4e:67:32:44:77:44:b3:f3:59:f9:8f:c7:7b:53:f7:3c:0b:f4: 540s 5f:16:4d:31:6f:d1:c4:4d:87:04:27:36:02:cd:e2:01:e6:da: 540s b4:3f:ae:ef:04:4a:89:84:66:34:d3:b6:55:4c:09:5f:97:42: 540s 86:89:b4:b5:1a:14:28:a3:91:1e:e3:86:ef:72:80:3c:58:7c: 540s 29:82 540s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-21869-auth.pem 540s + found_md5=Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 540s + '[' Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 '!=' Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 ']' 540s + invalid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem 540s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem 540s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem 540s + local verify_option= 540s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local key_cn 540s + local key_name 540s + local tokens_dir 540s + local output_cert_file 540s + token_name= 540s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 540s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 540s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s ++ sed -n 's/ *commonName *= //p' 540s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 540s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 540s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 540s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 540s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 540s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 540s + token_name='Test Organization Sub Int Token' 540s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 540s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 540s + echo 'Test Organization Sub Int Token' 540s Test Organization Sub Int Token 540s + '[' -n '' ']' 540s + local output_base_name=SSSD-child-6094 540s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-6094.output 540s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-6094.pem 540s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem 540s [p11_child[2502]] [main] (0x0400): p11_child started. 540s [p11_child[2502]] [main] (0x2000): Running in [pre-auth] mode. 540s [p11_child[2502]] [main] (0x2000): Running with effective IDs: [0][0]. 540s [p11_child[2502]] [main] (0x2000): Running with real IDs [0][0]. 540s [p11_child[2502]] [do_card] (0x4000): Module List: 540s [p11_child[2502]] [do_card] (0x4000): common name: [softhsm2]. 540s [p11_child[2502]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 540s [p11_child[2502]] [do_card] (0x4000): Description [SoftHSM slot ID 0x76d2ae3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 540s [p11_child[2502]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 540s [p11_child[2502]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x76d2ae3][124594915] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 540s [p11_child[2502]] [do_card] (0x4000): Login NOT required. 540s [p11_child[2502]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 540s [p11_child[2502]] [do_verification] (0x0040): X509_verify_cert failed [0]. 540s [p11_child[2502]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 540s [p11_child[2502]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 540s [p11_child[2502]] [do_card] (0x4000): No certificate found. 540s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-6094.output 540s + return 2 540s + invalid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 /tmp/sssd-softhsm2-E1Fh0L/test-root-intermediate-chain-CA.pem partial_chain 540s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 /tmp/sssd-softhsm2-E1Fh0L/test-root-intermediate-chain-CA.pem partial_chain 540s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-root-intermediate-chain-CA.pem 540s + local verify_option=partial_chain 540s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-31373 540s + local key_cn 540s + local key_name 540s + local tokens_dir 540s + local output_cert_file 540s + token_name= 540s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 540s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 540s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 540s ++ sed -n 's/ *commonName *= //p' 540s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 540s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 540s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 540s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 540s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 540s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 540s + token_name='Test Organization Sub Int Token' 540s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 540s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 540s Test Organization Sub Int Token 540s + echo 'Test Organization Sub Int Token' 540s + '[' -n partial_chain ']' 540s + local verify_arg=--verify=partial_chain 540s + local output_base_name=SSSD-child-27541 540s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-27541.output 540s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-27541.pem 540s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-root-intermediate-chain-CA.pem 540s [p11_child[2509]] [main] (0x0400): p11_child started. 540s [p11_child[2509]] [main] (0x2000): Running in [pre-auth] mode. 540s [p11_child[2509]] [main] (0x2000): Running with effective IDs: [0][0]. 540s [p11_child[2509]] [main] (0x2000): Running with real IDs [0][0]. 540s [p11_child[2509]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 540s [p11_child[2509]] [do_card] (0x4000): Module List: 540s [p11_child[2509]] [do_card] (0x4000): common name: [softhsm2]. 540s [p11_child[2509]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 540s [p11_child[2509]] [do_card] (0x4000): Description [SoftHSM slot ID 0x76d2ae3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 540s [p11_child[2509]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 540s [p11_child[2509]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x76d2ae3][124594915] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 540s [p11_child[2509]] [do_card] (0x4000): Login NOT required. 540s [p11_child[2509]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 540s [p11_child[2509]] [do_verification] (0x0040): X509_verify_cert failed [0]. 540s [p11_child[2509]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 540s [p11_child[2509]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 540s [p11_child[2509]] [do_card] (0x4000): No certificate found. 540s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-27541.output 541s + return 2 541s + valid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem partial_chain 541s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem partial_chain 541s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 541s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-31373 541s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem 541s + local verify_option=partial_chain 541s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 541s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 541s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-31373 541s + local key_cn 541s + local key_name 541s + local tokens_dir 541s + local output_cert_file 541s + token_name= 541s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 541s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 541s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 541s ++ sed -n 's/ *commonName *= //p' 541s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 541s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 541s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 541s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 541s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 541s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 541s + token_name='Test Organization Sub Int Token' 541s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 541s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 541s + echo 'Test Organization Sub Int Token' 541s Test Organization Sub Int Token 541s + '[' -n partial_chain ']' 541s + local verify_arg=--verify=partial_chain 541s + local output_base_name=SSSD-child-20636 541s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-20636.output 541s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-20636.pem 541s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem 541s [p11_child[2516]] [main] (0x0400): p11_child started. 541s [p11_child[2516]] [main] (0x2000): Running in [pre-auth] mode. 541s [p11_child[2516]] [main] (0x2000): Running with effective IDs: [0][0]. 541s [p11_child[2516]] [main] (0x2000): Running with real IDs [0][0]. 541s [p11_child[2516]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 541s [p11_child[2516]] [do_card] (0x4000): Module List: 541s [p11_child[2516]] [do_card] (0x4000): common name: [softhsm2]. 541s [p11_child[2516]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 541s [p11_child[2516]] [do_card] (0x4000): Description [SoftHSM slot ID 0x76d2ae3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 541s [p11_child[2516]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 541s [p11_child[2516]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x76d2ae3][124594915] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 541s [p11_child[2516]] [do_card] (0x4000): Login NOT required. 541s [p11_child[2516]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 541s [p11_child[2516]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 541s [p11_child[2516]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 541s [p11_child[2516]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x76d2ae3;slot-manufacturer=SoftHSM%20project;slot-id=124594915;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8373773f876d2ae3;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 541s [p11_child[2516]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 541s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-20636.output 541s + echo '-----BEGIN CERTIFICATE-----' 541s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-20636.output 541s + echo '-----END CERTIFICATE-----' 541s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-20636.pem 541s Certificate: 541s Data: 541s Version: 3 (0x2) 541s Serial Number: 5 (0x5) 541s Signature Algorithm: sha256WithRSAEncryption 541s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 541s Validity 541s Not Before: Mar 14 16:05:57 2024 GMT 541s Not After : Mar 14 16:05:57 2025 GMT 541s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 541s Subject Public Key Info: 541s Public Key Algorithm: rsaEncryption 541s Public-Key: (1024 bit) 541s Modulus: 541s 00:d3:bb:ac:29:39:7f:64:c2:8b:3c:aa:ec:97:d1: 541s 7e:05:28:8b:84:04:61:8b:2f:5a:98:59:50:e1:9e: 541s 2d:c3:de:7d:d8:34:12:38:7c:38:48:a7:3d:02:55: 541s e8:46:b3:43:32:2a:fe:bc:41:59:13:5f:af:5e:b9: 541s 72:3b:99:da:c5:97:4a:b8:11:8f:82:88:e4:13:0a: 541s 19:37:e7:8d:75:14:c7:e9:8a:7d:e0:8a:ee:0e:18: 541s 10:a7:1c:bb:06:ac:f4:6c:7b:d3:ef:54:6a:25:cb: 541s 5c:51:c1:1c:9f:76:c0:43:44:32:60:3a:0c:97:a6: 541s 65:4d:8e:e4:55:4e:11:4d:87 541s Exponent: 65537 (0x10001) 541s X509v3 extensions: 541s X509v3 Authority Key Identifier: 541s BE:E0:30:2D:FC:7F:41:9D:4F:4A:1F:A5:52:1A:9A:7E:4C:C3:1B:B6 541s X509v3 Basic Constraints: 541s CA:FALSE 541s Netscape Cert Type: 541s SSL Client, S/MIME 541s Netscape Comment: 541s Test Organization Sub Intermediate CA trusted Certificate 541s X509v3 Subject Key Identifier: 541s 12:76:52:0B:53:5A:E6:17:9E:C0:CF:DF:55:97:AD:47:27:1C:7A:C2 541s X509v3 Key Usage: critical 541s Digital Signature, Non Repudiation, Key Encipherment 541s X509v3 Extended Key Usage: 541s TLS Web Client Authentication, E-mail Protection 541s X509v3 Subject Alternative Name: 541s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 541s Signature Algorithm: sha256WithRSAEncryption 541s Signature Value: 541s b7:04:70:c6:74:39:92:31:45:d1:63:38:cf:49:5c:56:66:c9: 541s ff:71:3e:5e:b5:8e:cd:db:70:5e:ef:74:49:96:fd:a4:0f:00: 541s da:41:a5:79:33:8b:3c:86:1c:62:2e:fb:eb:c6:20:7b:f3:7c: 541s 4e:67:32:44:77:44:b3:f3:59:f9:8f:c7:7b:53:f7:3c:0b:f4: 541s 5f:16:4d:31:6f:d1:c4:4d:87:04:27:36:02:cd:e2:01:e6:da: 541s b4:3f:ae:ef:04:4a:89:84:66:34:d3:b6:55:4c:09:5f:97:42: 541s 86:89:b4:b5:1a:14:28:a3:91:1e:e3:86:ef:72:80:3c:58:7c: 541s 29:82 541s + local found_md5 expected_md5 541s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 541s + expected_md5=Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 541s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-20636.pem 541s + found_md5=Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 541s + '[' Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 '!=' Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 ']' 541s + output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-20636-auth.output 541s ++ basename /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-20636-auth.output .output 541s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-20636-auth.pem 541s + echo -n 053350 541s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 541s [p11_child[2524]] [main] (0x0400): p11_child started. 541s [p11_child[2524]] [main] (0x2000): Running in [auth] mode. 541s [p11_child[2524]] [main] (0x2000): Running with effective IDs: [0][0]. 541s [p11_child[2524]] [main] (0x2000): Running with real IDs [0][0]. 541s [p11_child[2524]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 541s [p11_child[2524]] [do_card] (0x4000): Module List: 541s [p11_child[2524]] [do_card] (0x4000): common name: [softhsm2]. 541s [p11_child[2524]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 541s [p11_child[2524]] [do_card] (0x4000): Description [SoftHSM slot ID 0x76d2ae3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 541s [p11_child[2524]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 541s [p11_child[2524]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x76d2ae3][124594915] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 541s [p11_child[2524]] [do_card] (0x4000): Login required. 541s [p11_child[2524]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 541s [p11_child[2524]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 541s [p11_child[2524]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 541s [p11_child[2524]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x76d2ae3;slot-manufacturer=SoftHSM%20project;slot-id=124594915;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8373773f876d2ae3;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 541s [p11_child[2524]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 541s [p11_child[2524]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 541s [p11_child[2524]] [do_card] (0x4000): Certificate verified and validated. 541s [p11_child[2524]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 541s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-20636-auth.output 541s + echo '-----BEGIN CERTIFICATE-----' 541s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-20636-auth.output 541s + echo '-----END CERTIFICATE-----' 541s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-20636-auth.pem 541s Certificate: 541s Data: 541s Version: 3 (0x2) 541s Serial Number: 5 (0x5) 541s Signature Algorithm: sha256WithRSAEncryption 541s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 541s Validity 541s Not Before: Mar 14 16:05:57 2024 GMT 541s Not After : Mar 14 16:05:57 2025 GMT 541s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 541s Subject Public Key Info: 541s Public Key Algorithm: rsaEncryption 541s Public-Key: (1024 bit) 541s Modulus: 541s 00:d3:bb:ac:29:39:7f:64:c2:8b:3c:aa:ec:97:d1: 541s 7e:05:28:8b:84:04:61:8b:2f:5a:98:59:50:e1:9e: 541s 2d:c3:de:7d:d8:34:12:38:7c:38:48:a7:3d:02:55: 541s e8:46:b3:43:32:2a:fe:bc:41:59:13:5f:af:5e:b9: 541s 72:3b:99:da:c5:97:4a:b8:11:8f:82:88:e4:13:0a: 541s 19:37:e7:8d:75:14:c7:e9:8a:7d:e0:8a:ee:0e:18: 541s 10:a7:1c:bb:06:ac:f4:6c:7b:d3:ef:54:6a:25:cb: 541s 5c:51:c1:1c:9f:76:c0:43:44:32:60:3a:0c:97:a6: 541s 65:4d:8e:e4:55:4e:11:4d:87 541s Exponent: 65537 (0x10001) 541s X509v3 extensions: 541s X509v3 Authority Key Identifier: 541s BE:E0:30:2D:FC:7F:41:9D:4F:4A:1F:A5:52:1A:9A:7E:4C:C3:1B:B6 541s X509v3 Basic Constraints: 541s CA:FALSE 541s Netscape Cert Type: 541s SSL Client, S/MIME 541s Netscape Comment: 541s Test Organization Sub Intermediate CA trusted Certificate 541s X509v3 Subject Key Identifier: 541s 12:76:52:0B:53:5A:E6:17:9E:C0:CF:DF:55:97:AD:47:27:1C:7A:C2 541s X509v3 Key Usage: critical 541s Digital Signature, Non Repudiation, Key Encipherment 541s X509v3 Extended Key Usage: 541s TLS Web Client Authentication, E-mail Protection 541s X509v3 Subject Alternative Name: 541s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 541s Signature Algorithm: sha256WithRSAEncryption 541s Signature Value: 541s b7:04:70:c6:74:39:92:31:45:d1:63:38:cf:49:5c:56:66:c9: 541s ff:71:3e:5e:b5:8e:cd:db:70:5e:ef:74:49:96:fd:a4:0f:00: 541s da:41:a5:79:33:8b:3c:86:1c:62:2e:fb:eb:c6:20:7b:f3:7c: 541s 4e:67:32:44:77:44:b3:f3:59:f9:8f:c7:7b:53:f7:3c:0b:f4: 541s 5f:16:4d:31:6f:d1:c4:4d:87:04:27:36:02:cd:e2:01:e6:da: 541s b4:3f:ae:ef:04:4a:89:84:66:34:d3:b6:55:4c:09:5f:97:42: 541s 86:89:b4:b5:1a:14:28:a3:91:1e:e3:86:ef:72:80:3c:58:7c: 541s 29:82 541s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-20636-auth.pem 541s + found_md5=Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 541s + '[' Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 '!=' Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 ']' 541s + valid_certificate /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-sub-chain-CA.pem partial_chain 541s + check_certificate /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 /tmp/sssd-softhsm2-E1Fh0L/test-intermediate-sub-chain-CA.pem partial_chain 541s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 541s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-31373 541s + local key_ring=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-sub-chain-CA.pem 541s + local verify_option=partial_chain 541s + prepare_softhsm2_card /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-31373 541s + local certificate=/tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 541s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-31373 541s + local key_cn 541s + local key_name 541s + local tokens_dir 541s + local output_cert_file 541s + token_name= 541s ++ basename /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 541s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 541s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 541s ++ sed -n 's/ *commonName *= //p' 541s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 541s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 541s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 541s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 541s ++ basename /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 541s + tokens_dir=/tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 541s + token_name='Test Organization Sub Int Token' 541s + '[' '!' -e /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 541s + '[' '!' -d /tmp/sssd-softhsm2-E1Fh0L/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 541s + echo 'Test Organization Sub Int Token' 541s + '[' -n partial_chain ']' 541s Test Organization Sub Int Token 541s + local verify_arg=--verify=partial_chain 541s + local output_base_name=SSSD-child-28296 541s + local output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28296.output 541s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28296.pem 541s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-sub-chain-CA.pem 541s [p11_child[2534]] [main] (0x0400): p11_child started. 541s [p11_child[2534]] [main] (0x2000): Running in [pre-auth] mode. 541s [p11_child[2534]] [main] (0x2000): Running with effective IDs: [0][0]. 541s [p11_child[2534]] [main] (0x2000): Running with real IDs [0][0]. 541s [p11_child[2534]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 541s [p11_child[2534]] [do_card] (0x4000): Module List: 541s [p11_child[2534]] [do_card] (0x4000): common name: [softhsm2]. 541s [p11_child[2534]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 541s [p11_child[2534]] [do_card] (0x4000): Description [SoftHSM slot ID 0x76d2ae3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 541s [p11_child[2534]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 541s [p11_child[2534]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x76d2ae3][124594915] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 541s [p11_child[2534]] [do_card] (0x4000): Login NOT required. 541s [p11_child[2534]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 541s [p11_child[2534]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 541s [p11_child[2534]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 541s [p11_child[2534]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x76d2ae3;slot-manufacturer=SoftHSM%20project;slot-id=124594915;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8373773f876d2ae3;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 541s [p11_child[2534]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 541s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28296.output 541s + echo '-----BEGIN CERTIFICATE-----' 541s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28296.output 541s + echo '-----END CERTIFICATE-----' 541s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28296.pem 541s + local found_md5 expected_md5 541s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/test-sub-intermediate-CA-trusted-certificate-0001.pem 541s Certificate: 541s Data: 541s Version: 3 (0x2) 541s Serial Number: 5 (0x5) 541s Signature Algorithm: sha256WithRSAEncryption 541s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 541s Validity 541s Not Before: Mar 14 16:05:57 2024 GMT 541s Not After : Mar 14 16:05:57 2025 GMT 541s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 541s Subject Public Key Info: 541s Public Key Algorithm: rsaEncryption 541s Public-Key: (1024 bit) 541s Modulus: 541s 00:d3:bb:ac:29:39:7f:64:c2:8b:3c:aa:ec:97:d1: 541s 7e:05:28:8b:84:04:61:8b:2f:5a:98:59:50:e1:9e: 541s 2d:c3:de:7d:d8:34:12:38:7c:38:48:a7:3d:02:55: 541s e8:46:b3:43:32:2a:fe:bc:41:59:13:5f:af:5e:b9: 541s 72:3b:99:da:c5:97:4a:b8:11:8f:82:88:e4:13:0a: 541s 19:37:e7:8d:75:14:c7:e9:8a:7d:e0:8a:ee:0e:18: 541s 10:a7:1c:bb:06:ac:f4:6c:7b:d3:ef:54:6a:25:cb: 541s 5c:51:c1:1c:9f:76:c0:43:44:32:60:3a:0c:97:a6: 541s 65:4d:8e:e4:55:4e:11:4d:87 541s Exponent: 65537 (0x10001) 541s X509v3 extensions: 541s X509v3 Authority Key Identifier: 541s BE:E0:30:2D:FC:7F:41:9D:4F:4A:1F:A5:52:1A:9A:7E:4C:C3:1B:B6 541s X509v3 Basic Constraints: 541s CA:FALSE 541s Netscape Cert Type: 541s SSL Client, S/MIME 541s Netscape Comment: 541s Test Organization Sub Intermediate CA trusted Certificate 541s X509v3 Subject Key Identifier: 541s 12:76:52:0B:53:5A:E6:17:9E:C0:CF:DF:55:97:AD:47:27:1C:7A:C2 541s X509v3 Key Usage: critical 541s Digital Signature, Non Repudiation, Key Encipherment 541s X509v3 Extended Key Usage: 541s TLS Web Client Authentication, E-mail Protection 541s X509v3 Subject Alternative Name: 541s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 541s Signature Algorithm: sha256WithRSAEncryption 541s Signature Value: 541s b7:04:70:c6:74:39:92:31:45:d1:63:38:cf:49:5c:56:66:c9: 541s ff:71:3e:5e:b5:8e:cd:db:70:5e:ef:74:49:96:fd:a4:0f:00: 541s da:41:a5:79:33:8b:3c:86:1c:62:2e:fb:eb:c6:20:7b:f3:7c: 541s 4e:67:32:44:77:44:b3:f3:59:f9:8f:c7:7b:53:f7:3c:0b:f4: 541s 5f:16:4d:31:6f:d1:c4:4d:87:04:27:36:02:cd:e2:01:e6:da: 541s b4:3f:ae:ef:04:4a:89:84:66:34:d3:b6:55:4c:09:5f:97:42: 541s 86:89:b4:b5:1a:14:28:a3:91:1e:e3:86:ef:72:80:3c:58:7c: 541s 29:82 541s + expected_md5=Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 541s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28296.pem 541s + found_md5=Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 541s + '[' Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 '!=' Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 ']' 541s + output_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28296-auth.output 541s ++ basename /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28296-auth.output .output 541s + output_cert_file=/tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28296-auth.pem 541s + echo -n 053350 541s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-E1Fh0L/test-intermediate-sub-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 541s [p11_child[2542]] [main] (0x0400): p11_child started. 541s [p11_child[2542]] [main] (0x2000): Running in [auth] mode. 541s [p11_child[2542]] [main] (0x2000): Running with effective IDs: [0][0]. 541s [p11_child[2542]] [main] (0x2000): Running with real IDs [0][0]. 541s [p11_child[2542]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 541s [p11_child[2542]] [do_card] (0x4000): Module List: 541s [p11_child[2542]] [do_card] (0x4000): common name: [softhsm2]. 541s [p11_child[2542]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 541s [p11_child[2542]] [do_card] (0x4000): Description [SoftHSM slot ID 0x76d2ae3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 541s [p11_child[2542]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 541s [p11_child[2542]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x76d2ae3][124594915] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 541s [p11_child[2542]] [do_card] (0x4000): Login required. 541s [p11_child[2542]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 541s [p11_child[2542]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 541s [p11_child[2542]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 541s [p11_child[2542]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x76d2ae3;slot-manufacturer=SoftHSM%20project;slot-id=124594915;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8373773f876d2ae3;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 541s [p11_child[2542]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 541s [p11_child[2542]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 541s [p11_child[2542]] [do_card] (0x4000): Certificate verified and validated. 541s [p11_child[2542]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 541s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28296-auth.output 541s + echo '-----BEGIN CERTIFICATE-----' 541s + tail -n1 /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28296-auth.output 541s + echo '-----END CERTIFICATE-----' 541s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28296-auth.pem 541s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-E1Fh0L/SSSD-child-28296-auth.pem 541s Certificate: 541s Data: 541s Version: 3 (0x2) 541s Serial Number: 5 (0x5) 541s Signature Algorithm: sha256WithRSAEncryption 541s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 541s Validity 541s Not Before: Mar 14 16:05:57 2024 GMT 541s Not After : Mar 14 16:05:57 2025 GMT 541s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 541s Subject Public Key Info: 541s Public Key Algorithm: rsaEncryption 541s Public-Key: (1024 bit) 541s Modulus: 541s 00:d3:bb:ac:29:39:7f:64:c2:8b:3c:aa:ec:97:d1: 541s 7e:05:28:8b:84:04:61:8b:2f:5a:98:59:50:e1:9e: 541s 2d:c3:de:7d:d8:34:12:38:7c:38:48:a7:3d:02:55: 541s e8:46:b3:43:32:2a:fe:bc:41:59:13:5f:af:5e:b9: 541s 72:3b:99:da:c5:97:4a:b8:11:8f:82:88:e4:13:0a: 541s 19:37:e7:8d:75:14:c7:e9:8a:7d:e0:8a:ee:0e:18: 541s 10:a7:1c:bb:06:ac:f4:6c:7b:d3:ef:54:6a:25:cb: 541s 5c:51:c1:1c:9f:76:c0:43:44:32:60:3a:0c:97:a6: 541s 65:4d:8e:e4:55:4e:11:4d:87 541s Exponent: 65537 (0x10001) 541s X509v3 extensions: 541s X509v3 Authority Key Identifier: 541s BE:E0:30:2D:FC:7F:41:9D:4F:4A:1F:A5:52:1A:9A:7E:4C:C3:1B:B6 541s X509v3 Basic Constraints: 541s CA:FALSE 541s Netscape Cert Type: 541s SSL Client, S/MIME 541s Netscape Comment: 541s Test Organization Sub Intermediate CA trusted Certificate 541s X509v3 Subject Key Identifier: 541s 12:76:52:0B:53:5A:E6:17:9E:C0:CF:DF:55:97:AD:47:27:1C:7A:C2 541s X509v3 Key Usage: critical 541s Digital Signature, Non Repudiation, Key Encipherment 541s X509v3 Extended Key Usage: 541s TLS Web Client Authentication, E-mail Protection 541s X509v3 Subject Alternative Name: 541s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 541s Signature Algorithm: sha256WithRSAEncryption 541s Signature Value: 541s b7:04:70:c6:74:39:92:31:45:d1:63:38:cf:49:5c:56:66:c9: 541s ff:71:3e:5e:b5:8e:cd:db:70:5e:ef:74:49:96:fd:a4:0f:00: 541s da:41:a5:79:33:8b:3c:86:1c:62:2e:fb:eb:c6:20:7b:f3:7c: 541s 4e:67:32:44:77:44:b3:f3:59:f9:8f:c7:7b:53:f7:3c:0b:f4: 541s 5f:16:4d:31:6f:d1:c4:4d:87:04:27:36:02:cd:e2:01:e6:da: 541s b4:3f:ae:ef:04:4a:89:84:66:34:d3:b6:55:4c:09:5f:97:42: 541s 86:89:b4:b5:1a:14:28:a3:91:1e:e3:86:ef:72:80:3c:58:7c: 541s 29:82 541s + found_md5=Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 541s 541s Test completed, Root CA and intermediate issued certificates verified! 541s + '[' Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 '!=' Modulus=D3BBAC29397F64C28B3CAAEC97D17E05288B8404618B2F5A985950E19E2DC3DE7DD83412387C3848A73D0255E846B343322AFEBC4159135FAF5EB9723B99DAC5974AB8118F8288E4130A1937E78D7514C7E98A7DE08AEE0E1810A71CBB06ACF46C7BD3EF546A25CB5C51C11C9F76C0434432603A0C97A6654D8EE4554E114D87 ']' 541s + set +x 542s autopkgtest [16:06:03]: test sssd-softhism2-certificates-tests.sh: -----------------------] 542s autopkgtest [16:06:03]: test sssd-softhism2-certificates-tests.sh: - - - - - - - - - - results - - - - - - - - - - 542s sssd-softhism2-certificates-tests.sh PASS 543s autopkgtest [16:06:04]: test sssd-smart-card-pam-auth-configs: preparing testbed 550s Reading package lists... 550s Building dependency tree... 550s Reading state information... 550s Starting pkgProblemResolver with broken count: 0 550s Starting 2 pkgProblemResolver with broken count: 0 550s Done 551s The following additional packages will be installed: 551s pamtester 551s The following NEW packages will be installed: 551s autopkgtest-satdep pamtester 551s 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. 551s Need to get 14.6 kB/15.4 kB of archives. 551s After this operation, 86.0 kB of additional disk space will be used. 551s Get:1 /tmp/autopkgtest.5IM9ed/4-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [764 B] 551s Get:2 http://ftpmaster.internal/ubuntu noble/universe ppc64el pamtester ppc64el 0.1.2-4 [14.6 kB] 551s Fetched 14.6 kB in 0s (68.3 kB/s) 551s Selecting previously unselected package pamtester. 551s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 70693 files and directories currently installed.) 551s Preparing to unpack .../pamtester_0.1.2-4_ppc64el.deb ... 551s Unpacking pamtester (0.1.2-4) ... 551s Selecting previously unselected package autopkgtest-satdep. 551s Preparing to unpack .../4-autopkgtest-satdep.deb ... 551s Unpacking autopkgtest-satdep (0) ... 551s Setting up pamtester (0.1.2-4) ... 551s Setting up autopkgtest-satdep (0) ... 551s Processing triggers for man-db (2.12.0-3) ... 554s (Reading database ... 70699 files and directories currently installed.) 554s Removing autopkgtest-satdep (0) ... 554s autopkgtest [16:06:15]: test sssd-smart-card-pam-auth-configs: env OFFLINE_MODE=1 bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 554s autopkgtest [16:06:15]: test sssd-smart-card-pam-auth-configs: [----------------------- 554s + '[' -z ubuntu ']' 554s + export DEBIAN_FRONTEND=noninteractive 554s + DEBIAN_FRONTEND=noninteractive 554s + required_tools=(pamtester softhsm2-util sssd) 554s + [[ ! -v OFFLINE_MODE ]] 554s + for cmd in "${required_tools[@]}" 554s + command -v pamtester 554s + for cmd in "${required_tools[@]}" 554s + command -v softhsm2-util 554s + for cmd in "${required_tools[@]}" 554s + command -v sssd 554s + PIN=123456 554s ++ mktemp -d -t sssd-softhsm2-certs-XXXXXX 554s + tmpdir=/tmp/sssd-softhsm2-certs-k989UM 554s + backupsdir= 554s + alternative_pam_configs=(sss-smart-card-optional sss-smart-card-required) 554s + declare -a restore_paths 554s + declare -a delete_paths 554s + trap handle_exit EXIT 554s ++ dirname debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 555s + tester=debian/tests/sssd-softhism2-certificates-tests.sh 555s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 555s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 555s + export PIN TEST_TMPDIR=/tmp/sssd-softhsm2-certs-k989UM GENERATE_SMART_CARDS=1 KEEP_TEMPORARY_FILES=1 NO_SSSD_TESTS=1 555s + TEST_TMPDIR=/tmp/sssd-softhsm2-certs-k989UM 555s + GENERATE_SMART_CARDS=1 555s + KEEP_TEMPORARY_FILES=1 555s + NO_SSSD_TESTS=1 555s + bash debian/tests/sssd-softhism2-certificates-tests.sh 555s + '[' -z ubuntu ']' 555s + required_tools=(p11tool openssl softhsm2-util) 555s + for cmd in "${required_tools[@]}" 555s + command -v p11tool 555s + for cmd in "${required_tools[@]}" 555s + command -v openssl 555s + for cmd in "${required_tools[@]}" 555s + command -v softhsm2-util 555s + PIN=123456 555s +++ find /usr/lib/softhsm/libsofthsm2.so 555s +++ head -n 1 555s ++ realpath /usr/lib/softhsm/libsofthsm2.so 555s + SOFTHSM2_MODULE=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 555s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 555s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 555s + '[' '!' -v NO_SSSD_TESTS ']' 555s + '[' '!' -e /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so ']' 555s + tmpdir=/tmp/sssd-softhsm2-certs-k989UM 555s + keys_size=1024 555s + [[ ! -v KEEP_TEMPORARY_FILES ]] 555s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 555s + echo -n 01 555s + touch /tmp/sssd-softhsm2-certs-k989UM/index.txt 555s + mkdir -p /tmp/sssd-softhsm2-certs-k989UM/new_certs 555s + cat 555s + root_ca_key_pass=pass:random-root-CA-password-29071 555s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-key.pem -passout pass:random-root-CA-password-29071 1024 555s + openssl req -passin pass:random-root-CA-password-29071 -batch -config /tmp/sssd-softhsm2-certs-k989UM/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-k989UM/test-root-CA.pem 555s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-k989UM/test-root-CA.pem 555s + cat 555s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-16240 555s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-16240 1024 555s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-16240 -config /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-29071 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-certificate-request.pem 555s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-certificate-request.pem 555s Certificate Request: 555s Data: 555s Version: 1 (0x0) 555s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 555s Subject Public Key Info: 555s Public Key Algorithm: rsaEncryption 555s Public-Key: (1024 bit) 555s Modulus: 555s 00:b9:b4:ff:6b:4f:ff:cf:f1:f6:63:a5:00:0a:ed: 555s 97:33:09:33:ad:95:b8:51:72:31:ae:3a:d4:09:81: 555s e9:09:d6:58:7b:36:4a:aa:b1:02:c3:e1:55:3d:54: 555s c7:67:65:15:ab:1f:a6:a8:d5:4f:02:3d:f6:bd:0e: 555s 0b:2d:06:75:ae:42:74:ce:68:96:70:bd:d0:a3:09: 555s 9b:ad:14:51:dc:c3:d0:7c:52:42:4c:01:a8:a8:d9: 555s 61:b2:56:de:77:2b:63:20:52:d7:7c:f3:ec:98:dc: 555s 91:c1:63:c7:e2:0b:7c:49:82:37:f0:cb:2a:be:fa: 555s 28:03:41:d6:f5:c0:01:20:e5 555s Exponent: 65537 (0x10001) 555s Attributes: 555s (none) 555s Requested Extensions: 555s Signature Algorithm: sha256WithRSAEncryption 555s Signature Value: 555s 7e:62:5e:30:31:ed:d5:02:1f:e0:3b:be:94:cc:49:50:a2:32: 555s 38:e9:80:b2:06:69:1f:b6:89:d6:e2:f1:ef:5c:54:fb:af:b6: 555s 61:36:14:5d:51:d5:c7:0b:aa:41:eb:31:92:f6:6c:10:b1:9a: 555s 33:93:96:93:50:12:7e:15:32:5d:92:d7:3e:07:c2:86:f4:07: 555s 93:38:55:ab:e9:63:48:d0:5e:be:75:5c:5e:3b:b9:16:4e:88: 555s cb:e7:1a:d4:db:c9:9b:1a:81:dd:31:f8:e2:02:63:b9:63:45: 555s 02:6a:94:53:f4:c7:d9:ff:c7:5b:14:b4:ba:01:b8:60:5e:02: 555s a7:7b 555s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-k989UM/test-root-CA.config -passin pass:random-root-CA-password-29071 -keyfile /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem 555s Using configuration from /tmp/sssd-softhsm2-certs-k989UM/test-root-CA.config 555s Check that the request matches the signature 555s Signature ok 555s Certificate Details: 555s Serial Number: 1 (0x1) 555s Validity 555s Not Before: Mar 14 16:06:16 2024 GMT 555s Not After : Mar 14 16:06:16 2025 GMT 555s Subject: 555s organizationName /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem: OK 555s = Test Organization 555s organizationalUnitName = Test Organization Unit 555s commonName = Test Organization Intermediate CA 555s X509v3 extensions: 555s X509v3 Subject Key Identifier: 555s E6:4E:5A:43:63:FD:2C:60:8B:EE:77:2B:EF:55:1A:09:AE:8D:7B:D7 555s X509v3 Authority Key Identifier: 555s keyid:91:76:4F:E3:68:C6:DA:86:EA:F5:AE:F9:44:80:C7:A8:6D:E8:67:D8 555s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 555s serial:00 555s X509v3 Basic Constraints: 555s CA:TRUE 555s X509v3 Key Usage: critical 555s Digital Signature, Certificate Sign, CRL Sign 555s Certificate is to be certified until Mar 14 16:06:16 2025 GMT (365 days) 555s 555s Write out database with 1 new entries 555s Database updated 555s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem 555s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-root-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem 555s + cat 555s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-22712 555s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-22712 1024 555s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-22712 -config /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-16240 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-certificate-request.pem 555s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-certificate-request.pem 555s Certificate Request: 555s Data: 555s Version: 1 (0x0) 555s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 555s Subject Public Key Info: 555s Public Key Algorithm: rsaEncryption 555s Public-Key: (1024 bit) 555s Modulus: 555s 00:d7:83:24:f6:3f:67:c5:ff:69:7f:45:5b:53:06: 555s 96:55:d0:07:23:6b:ce:e5:c8:ff:19:3b:98:9c:8b: 555s e6:d5:fc:7e:5b:dc:8f:01:4f:8c:df:9c:16:99:d2: 555s d6:cc:2a:d1:08:80:4f:d7:7b:65:b9:45:8e:05:90: 555s 07:30:e6:73:ad:2a:47:df:11:71:a2:ab:bb:be:3c: 555s e7:a4:33:1c:f7:14:52:4d:8e:bf:e6:2e:94:15:cb: 555s 9f:a1:59:9b:c7:35:33:92:31:b4:6a:9b:cc:78:da: 555s b7:00:b0:83:c1:c3:e4:b2:ee:f6:6e:a1:83:41:75: 555s f3:65:ac:7d:02:4e:93:4c:29 555s Exponent: 65537 (0x10001) 555s Attributes: 555s (none) 555s Requested Extensions: 555s Signature Algorithm: sha256WithRSAEncryption 555s Signature Value: 555s 42:ca:9e:d3:85:9a:31:0f:6c:b7:ac:58:3a:e2:92:05:a2:c9: 555s 3c:0b:2b:13:28:b2:10:41:53:4e:9c:34:78:38:4b:c7:dd:9f: 555s 1a:74:50:05:3d:ff:f7:16:6d:71:ba:9c:1d:9f:e8:df:0e:d6: 555s 9d:b0:60:a2:bf:39:18:fd:8e:91:ae:64:4d:b8:d1:1b:5e:53: 555s d3:5b:03:6d:b9:23:36:8c:47:db:14:da:34:cc:13:35:6c:09: 555s 89:f4:0d:b8:3f:5a:49:17:c5:ac:bf:12:62:51:da:03:bf:19: 555s f6:d1:33:49:f7:c1:b0:1d:2f:b4:f5:a7:5c:60:06:3d:14:57: 555s 9a:41 555s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-16240 -keyfile /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.pem 555s Using configuration from /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.config 555s Check that the request matches the signature 555s Signature ok 555s Certificate Details: 555s Serial Number: 2 (0x2) 555s Validity 555s Not Before: Mar 14 16:06:16 2024 GMT 555s Not After : Mar 14 16:06:16 2025 GMT 555s Subject: 555s organizationName = Test Organization 555s organizationalUnitName = Test Organization Unit 555s commonName = Test Organization Sub Intermediate CA 555s X509v3 extensions: 555s X509v3 Subject Key Identifier: 555s C6:0E:30:99:D5:8B:02:F5:C6:80:6C:A0:76:3A:1A:E9:D5:BB:2B:53 555s X509v3 Authority Key Identifier: 555s keyid:E6:4E:5A:43:63:FD:2C:60:8B:EE:77:2B:EF:55:1A:09:AE:8D:7B:D7 555s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 555s serial:01 555s X509v3 Basic Constraints: 555s CA:TRUE 555s X509v3 Key Usage: critical 555s Digital Signature, Certificate Sign, CRL Sign 555s Certificate is to be certified until Mar 14 16:06:16 2025 GMT (365 days) 555s 555s Write out database with 1 new entries 555s Database updated 555s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.pem 555s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.pem 555s /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.pem: OK 555s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-root-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.pem 555s + local cmd=openssl 555s + shift 555s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-root-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.pem 555s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 555s error 20 at 0 depth lookup: unable to get local issuer certificate 555s error /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.pem: verification failed 555s + cat 555s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-28491 555s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-28491 1024 555s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-28491 -key /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001-request.pem 555s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001-request.pem 555s Certificate Request: 555s Data: 555s Version: 1 (0x0) 555s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 555s Subject Public Key Info: 555s Public Key Algorithm: rsaEncryption 555s Public-Key: (1024 bit) 555s Modulus: 555s 00:cf:c6:34:74:47:73:c4:7f:64:ef:82:4b:57:3b: 555s 1f:d9:b5:3e:df:dd:98:8e:69:99:f5:b4:1b:9b:8e: 555s e7:67:9c:60:12:2e:95:a8:c0:af:6c:70:fa:71:b4: 555s c4:70:77:33:8a:c2:7a:30:15:a9:2b:c1:b0:8b:11: 555s ff:ec:5b:e4:39:af:2b:30:41:9a:01:05:04:fe:44: 555s 4a:2c:7d:33:8c:32:7b:65:92:91:2d:9f:cd:91:29: 555s f2:dd:fb:8f:10:30:14:26:69:d0:f0:82:de:76:2a: 555s 92:e0:f5:17:a5:dc:77:3b:ac:83:9f:17:84:43:cf: 555s 46:63:ee:67:16:57:e4:4f:3f 555s Exponent: 65537 (0x10001) 555s Attributes: 555s Requested Extensions: 555s X509v3 Basic Constraints: 555s CA:FALSE 555s Netscape Cert Type: 555s SSL Client, S/MIME 555s Netscape Comment: 555s Test Organization Root CA trusted Certificate 555s X509v3 Subject Key Identifier: 555s 59:FF:11:F1:0E:08:B2:C6:87:A3:62:A8:EA:20:94:AB:D1:EB:56:A4 555s X509v3 Key Usage: critical 555s Digital Signature, Non Repudiation, Key Encipherment 555s X509v3 Extended Key Usage: 555s TLS Web Client Authentication, E-mail Protection 555s X509v3 Subject Alternative Name: 555s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 555s Signature Algorithm: sha256WithRSAEncryption 555s Signature Value: 555s 3f:b3:10:25:53:66:ee:2f:de:5c:bb:e5:07:06:29:7b:15:d2: 555s 88:41:4f:8d:0d:b3:95:87:bf:8d:14:1a:a1:e7:5d:27:ea:98: 555s 84:a9:ee:88:fa:f0:bd:09:d0:0f:1d:3f:d9:21:bf:06:4c:12: 555s 32:ef:b5:72:ba:92:e9:a9:e3:a3:66:53:26:50:94:46:d5:7b: 555s 6d:52:a3:c0:71:56:44:b0:e9:31:95:5d:26:3b:58:8f:84:2a: 555s 87:6a:eb:96:3c:8d:e4:9f:94:16:ca:cd:23:16:26:63:b1:d6: 555s e0:44:a7:b2:24:6f:d7:d5:ff:30:93:a0:59:c4:77:98:0c:5b: 555s a1:08 555s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-k989UM/test-root-CA.config -passin pass:random-root-CA-password-29071 -keyfile /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001.pem 555s Using configuration from /tmp/sssd-softhsm2-certs-k989UM/test-root-CA.config 555s Check that the request matches the signature 555s Signature ok 555s Certificate Details: 555s Serial Number: 3 (0x3) 555s Validity 555s Not Before: Mar 14 16:06:16 2024 GMT 555s Not After : Mar 14 16:06:16 2025 GMT 555s Subject: 555s organizationName = Test Organization 555s organizationalUnitName = Test Organization Unit 555s commonName = Test Organization Root Trusted Certificate 0001 555s X509v3 extensions: 555s X509v3 Authority Key Identifier: 555s 91:76:4F:E3:68:C6:DA:86:EA:F5:AE:F9:44:80:C7:A8:6D:E8:67:D8 555s X509v3 Basic Constraints: 555s CA:FALSE 555s Netscape Cert Type: 555s SSL Client, S/MIME 555s Netscape Comment: 555s Test Organization Root CA trusted Certificate 555s X509v3 Subject Key Identifier: 555s 59:FF:11:F1:0E:08:B2:C6:87:A3:62:A8:EA:20:94:AB:D1:EB:56:A4 555s X509v3 Key Usage: critical 555s Digital Signature, Non Repudiation, Key Encipherment 555s X509v3 Extended Key Usage: 555s TLS Web Client Authentication, E-mail Protection 555s X509v3 Subject Alternative Name: 555s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 555s Certificate is to be certified until Mar 14 16:06:16 2025 GMT (365 days) 555s 555s Write out database with 1 new entries 555s Database updated 555s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001.pem 555s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-root-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001.pem 555s /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001.pem: OK 555s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001.pem 555s + local cmd=openssl 555s + shift 555s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001.pem 555s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 555s error 20 at 0 depth lookup: unable to get local issuer certificate 555s error /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001.pem: verification failed 555s + cat 555s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-17602 555s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-17602 1024 555s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-17602 -key /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001-request.pem 555s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001-request.pem 555s Certificate Request: 555s Data: 555s Version: 1 (0x0) 555s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 555s Subject Public Key Info: 555s Public Key Algorithm: rsaEncryption 555s Public-Key: (1024 bit) 555s Modulus: 555s 00:bf:f6:b3:88:b5:ad:f1:53:b2:af:dc:d9:39:fd: 555s 4b:c8:c4:22:d4:6f:ec:f0:1e:41:49:5d:69:52:32: 555s 22:da:4b:5d:fa:f2:d3:7d:ec:82:cd:ed:41:82:8d: 555s ef:d7:cc:21:e4:47:40:e2:96:bd:82:0a:e1:9c:2c: 555s 75:8d:09:52:f3:81:b0:23:59:6a:fd:28:d4:aa:bb: 555s d4:ef:55:9b:2c:d3:17:46:b8:4b:af:6d:77:fe:a6: 555s 2c:d9:e5:09:e4:d6:a8:a0:82:8a:d2:c1:91:73:9a: 555s c8:5d:59:93:33:f3:ac:d7:07:42:13:93:2a:9f:15: 555s 31:78:83:53:64:ea:90:24:6b 555s Exponent: 65537 (0x10001) 555s Attributes: 555s Requested Extensions: 555s X509v3 Basic Constraints: 555s CA:FALSE 555s Netscape Cert Type: 555s SSL Client, S/MIME 555s Netscape Comment: 555s Test Organization Intermediate CA trusted Certificate 555s X509v3 Subject Key Identifier: 555s 84:95:C8:FC:3C:83:2D:06:38:39:43:42:04:44:FD:FB:61:BC:6A:D1 555s X509v3 Key Usage: critical 555s Digital Signature, Non Repudiation, Key Encipherment 555s X509v3 Extended Key Usage: 555s TLS Web Client Authentication, E-mail Protection 555s X509v3 Subject Alternative Name: 555s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 555s Signature Algorithm: sha256WithRSAEncryption 555s Signature Value: 555s 24:a8:b5:5c:25:b3:42:4b:7f:b7:4b:c4:d3:e8:c4:72:1d:59: 555s d6:c1:98:96:d5:8e:50:fb:80:3a:ad:00:d2:78:fe:c1:21:ca: 555s fd:ff:4f:8c:e9:51:26:eb:ce:45:77:b9:83:a4:02:3e:40:5d: 555s 3e:ea:c4:7e:19:66:af:dc:4d:dc:d8:d9:80:55:5b:41:a4:3a: 555s 5b:f0:ca:c5:08:39:98:e7:5e:28:76:7c:5b:cc:8b:bd:10:f3: 555s c0:3b:63:d3:14:21:d6:bf:1d:cc:c4:1a:d4:2a:f9:08:71:32: 555s 4e:51:4b:e8:5b:17:19:ab:9e:8c:f6:4e:f1:cf:c1:e6:fc:61: 555s bc:d9 555s + openssl ca -passin pass:random-intermediate-CA-password-16240 -config /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001.pem 555s Using configuration from /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.config 555s Check that the request matches the signature 555s Signature ok 555s Certificate Details: 555s Serial Number: 4 (0x4) 555s Validity 555s Not Before: Mar 14 16:06:16 2024 GMT 555s Not After : Mar 14 16:06:16 2025 GMT 555s Subject: 555s organizationName = Test Organization 555s organizationalUnitName = Test Organization Unit 555s commonName = Test Organization Intermediate Trusted Certificate 0001 555s X509v3 extensions: 555s X509v3 Authority Key Identifier: 555s E6:4E:5A:43:63:FD:2C:60:8B:EE:77:2B:EF:55:1A:09:AE:8D:7B:D7 555s X509v3 Basic Constraints: 555s CA:FALSE 555s Netscape Cert Type: 555s SSL Client, S/MIME 555s Netscape Comment: 555s Test Organization Intermediate CA trusted Certificate 555s X509v3 Subject Key Identifier: 555s 84:95:C8:FC:3C:83:2D:06:38:39:43:42:04:44:FD:FB:61:BC:6A:D1 555s X509v3 Key Usage: critical 555s Digital Signature, Non Repudiation, Key Encipherment 555s X509v3 Extended Key Usage: 555s TLS Web Client Authentication, E-mail Protection 555s X509v3 Subject Alternative Name: 555s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 555s Certificate is to be certified until Mar 14 16:06:16 2025 GMT (365 days) 555s 555s Write out database with 1 new entries 555s Database updated 555s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001.pem 555s + echo 'This certificate should not be trusted fully' 555s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001.pem 555s This certificate should not be trusted fully 555s + local cmd=openssl 555s + shift 555s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001.pem 555s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 555s error 2 at 1 depth lookup: unable to get issuer certificate 555s error /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 555s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001.pem 555s + cat 555s /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001.pem: OK 555s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-15055 555s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-15055 1024 555s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-15055 -key /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 555s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 555s Certificate Request: 555s Data: 555s Version: 1 (0x0) 555s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 555s Subject Public Key Info: 555s Public Key Algorithm: rsaEncryption 555s Public-Key: (1024 bit) 555s Modulus: 555s 00:d0:e3:e1:47:09:ab:b2:81:11:94:a1:d4:2c:41: 555s 8e:1c:99:df:d4:3d:74:ef:b6:f1:34:50:e5:94:13: 555s ec:98:2f:64:8b:5a:8c:39:a3:b7:9c:29:3f:68:ae: 555s 8e:dd:fc:7e:32:de:05:3c:a7:e3:c5:fa:0d:f9:f6: 555s 3c:3d:d5:85:55:b9:fc:1b:2f:a0:d0:6a:1b:93:d4: 555s 48:c5:d7:4b:1e:24:66:14:eb:bc:5d:44:2f:da:e4: 555s fe:39:89:47:f4:49:65:47:44:74:25:d8:c4:2c:93: 555s 55:c9:d3:b9:44:e2:bf:ff:29:94:38:23:94:3a:db: 555s 69:23:85:27:2f:d5:f9:26:dd 555s Exponent: 65537 (0x10001) 555s Attributes: 555s Requested Extensions: 555s X509v3 Basic Constraints: 555s CA:FALSE 555s Netscape Cert Type: 555s SSL Client, S/MIME 555s Netscape Comment: 555s Test Organization Sub Intermediate CA trusted Certificate 555s X509v3 Subject Key Identifier: 555s B9:4F:B4:04:7A:51:A5:07:0F:D0:93:78:4A:68:1A:21:A7:09:C8:46 555s X509v3 Key Usage: critical 555s Digital Signature, Non Repudiation, Key Encipherment 555s X509v3 Extended Key Usage: 555s TLS Web Client Authentication, E-mail Protection 555s X509v3 Subject Alternative Name: 555s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 555s Signature Algorithm: sha256WithRSAEncryption 555s Signature Value: 555s 7d:07:ee:e0:cf:b8:ea:7f:1c:ca:64:00:6c:e9:eb:bf:50:26: 555s a2:00:ba:97:e8:b5:bf:7b:e5:6a:e7:d2:71:54:d8:37:09:5d: 555s 09:47:53:56:22:80:ef:0b:cb:9d:b8:93:11:e2:2f:5b:2d:b6: 555s e8:9d:d2:5b:8d:12:76:30:21:a5:0f:47:72:d5:5e:e7:db:13: 555s 0d:bf:79:e5:33:72:0f:c1:73:1a:a2:f1:57:3b:b8:4f:f0:69: 555s 2d:61:33:1d:e0:90:b9:96:44:69:b7:89:32:86:2c:75:11:f6: 555s 76:b2:8a:06:0f:c6:4d:61:27:2b:15:58:3f:55:be:11:c9:5f: 555s 39:e6 555s + openssl ca -passin pass:random-sub-intermediate-CA-password-22712 -config /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem 555s Using configuration from /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.config 555s Check that the request matches the signature 555s Signature ok 555s Certificate Details: 555s Serial Number: 5 (0x5) 555s Validity 555s Not Before: Mar 14 16:06:16 2024 GMT 555s Not After : Mar 14 16:06:16 2025 GMT 555s Subject: 555s organizationName = Test Organization 555s organizationalUnitName = Test Organization Unit 555s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 555s X509v3 extensions: 555s X509v3 Authority Key Identifier: 555s C6:0E:30:99:D5:8B:02:F5:C6:80:6C:A0:76:3A:1A:E9:D5:BB:2B:53 555s X509v3 Basic Constraints: 555s CA:FALSE 555s Netscape Cert Type: 555s SSL Client, S/MIME 555s Netscape Comment: 555s Test Organization Sub Intermediate CA trusted Certificate 555s X509v3 Subject Key Identifier: 555s B9:4F:B4:04:7A:51:A5:07:0F:D0:93:78:4A:68:1A:21:A7:09:C8:46 555s X509v3 Key Usage: critical 555s Digital Signature, Non Repudiation, Key Encipherment 555s X509v3 Extended Key Usage: 555s TLS Web Client Authentication, E-mail Protection 555s X509v3 Subject Alternative Name: 555s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 555s Certificate is to be certified until Mar 14 16:06:16 2025 GMT (365 days) 555s 555s Write out database with 1 new entries 555s Database updated 555s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem 555s This certificate should not be trusted fully 555s + echo 'This certificate should not be trusted fully' 555s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem 555s + local cmd=openssl 555s + shift 555s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem 555s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 555s error 2 at 1 depth lookup: unable to get issuer certificate 555s error /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 555s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem 555s + local cmd=openssl 555s + shift 555s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem 555s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 555s error 20 at 0 depth lookup: unable to get local issuer certificate 555s error /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 555s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem 555s /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 555s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem 555s + local cmd=openssl 555s + shift 555s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem 555s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 555s error 20 at 0 depth lookup: unable to get local issuer certificate 555s error /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 555s + echo 'Building a the full-chain CA file...' 555s Building a the full-chain CA file... 555s + cat /tmp/sssd-softhsm2-certs-k989UM/test-root-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.pem 555s + cat /tmp/sssd-softhsm2-certs-k989UM/test-root-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem 555s + cat /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.pem 555s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-certs-k989UM/test-full-chain-CA.pem 555s + openssl pkcs7 -print_certs -noout 555s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 555s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 555s 555s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 555s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 555s 555s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 555s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 555s 555s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem 555s /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA.pem: OK 555s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001.pem 555s /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001.pem: OK 555s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001.pem 555s /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001.pem: OK 555s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-root-intermediate-chain-CA.pem 555s /tmp/sssd-softhsm2-certs-k989UM/test-root-intermediate-chain-CA.pem: OK 555s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-k989UM/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem 555s /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 555s Certificates generation completed! 555s + echo 'Certificates generation completed!' 555s + [[ -v NO_SSSD_TESTS ]] 555s + [[ -v GENERATE_SMART_CARDS ]] 555s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-28491 555s + local certificate=/tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001.pem 555s + local key_pass=pass:random-root-ca-trusted-cert-0001-28491 555s + local key_cn 555s + local key_name 555s + local tokens_dir 555s + local output_cert_file 555s + token_name= 555s ++ basename /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001.pem .pem 555s + key_name=test-root-CA-trusted-certificate-0001 555s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001.pem 555s ++ sed -n 's/ *commonName *= //p' 555s + key_cn='Test Organization Root Trusted Certificate 0001' 555s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 555s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-root-CA-trusted-certificate-0001.conf 555s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-root-CA-trusted-certificate-0001.conf 555s ++ basename /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 555s + tokens_dir=/tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-root-CA-trusted-certificate-0001 555s + token_name='Test Organization Root Tr Token' 555s + '[' '!' -e /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 555s + local key_file 555s + local decrypted_key 555s + mkdir -p /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-root-CA-trusted-certificate-0001 555s + key_file=/tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001-key.pem 555s + decrypted_key=/tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001-key-decrypted.pem 555s + cat 555s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 123456 --so-pin 123456 --free 555s Slot 0 has a free/uninitialized token. 555s The token has been initialized and is reassigned to slot 1840466242 555s + softhsm2-util --show-slots 555s Available slots: 555s Slot 1840466242 555s Slot info: 555s Description: SoftHSM slot ID 0x6db34942 555s Manufacturer ID: SoftHSM project 555s Hardware version: 2.6 555s Firmware version: 2.6 555s Token present: yes 555s Token info: 555s Manufacturer ID: SoftHSM project 555s Model: SoftHSM v2 555s Hardware version: 2.6 555s Firmware version: 2.6 555s Serial number: 89c110d1edb34942 555s Initialized: yes 555s User PIN init.: yes 555s Label: Test Organization Root Tr Token 555s Slot 1 555s Slot info: 555s Description: SoftHSM slot ID 0x1 555s Manufacturer ID: SoftHSM project 555s Hardware version: 2.6 555s Firmware version: 2.6 555s Token present: yes 555s Token info: 555s Manufacturer ID: SoftHSM project 555s Model: SoftHSM v2 555s Hardware version: 2.6 555s Firmware version: 2.6 555s Serial number: 555s Initialized: no 555s User PIN init.: no 555s Label: 555s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 555s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-28491 -in /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001-key-decrypted.pem 555s writing RSA key 555s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 555s + rm /tmp/sssd-softhsm2-certs-k989UM/test-root-CA-trusted-certificate-0001-key-decrypted.pem 555s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 555s Object 0: 555s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=89c110d1edb34942;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 555s Type: X.509 Certificate (RSA-1024) 555s Expires: Fri Mar 14 16:06:16 2025 555s Label: Test Organization Root Trusted Certificate 0001 555s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 555s 555s + echo 'Test Organization Root Tr Token' 555s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17602 555s + local certificate=/tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001.pem 555s Test Organization Root Tr Token 555s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-17602 555s + local key_cn 555s + local key_name 555s + local tokens_dir 555s + local output_cert_file 555s + token_name= 555s ++ basename /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001.pem .pem 555s + key_name=test-intermediate-CA-trusted-certificate-0001 555s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001.pem 555s ++ sed -n 's/ *commonName *= //p' 555s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 555s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 555s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 555s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 555s ++ basename /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 555s + tokens_dir=/tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-intermediate-CA-trusted-certificate-0001 555s + token_name='Test Organization Interme Token' 555s + '[' '!' -e /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 555s + local key_file 555s + local decrypted_key 555s + mkdir -p /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-intermediate-CA-trusted-certificate-0001 555s + key_file=/tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001-key.pem 555s + decrypted_key=/tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 555s + cat 555s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 123456 --so-pin 123456 --free 555s Slot 0 has a free/uninitialized token. 555s The token has been initialized and is reassigned to slot 620606144 555s + softhsm2-util --show-slots 555s Available slots: 555s Slot 620606144 555s Slot info: 555s Description: SoftHSM slot ID 0x24fdb2c0 555s Manufacturer ID: SoftHSM project 555s Hardware version: 2.6 555s Firmware version: 2.6 555s Token present: yes 555s Token info: 555s Manufacturer ID: SoftHSM project 555s Model: SoftHSM v2 555s Hardware version: 2.6 555s Firmware version: 2.6 555s Serial number: 5073270524fdb2c0 555s Initialized: yes 555s User PIN init.: yes 555s Label: Test Organization Interme Token 555s Slot 1 555s Slot info: 555s Description: SoftHSM slot ID 0x1 555s Manufacturer ID: SoftHSM project 555s Hardware version: 2.6 555s Firmware version: 2.6 555s Token present: yes 555s Token info: 555s Manufacturer ID: SoftHSM project 555s Model: SoftHSM v2 555s Hardware version: 2.6 555s Firmware version: 2.6 555s Serial number: 555s Initialized: no 555s User PIN init.: no 555s Label: 555s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 555s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-17602 -in /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 555s writing RSA key 555s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 555s + rm /tmp/sssd-softhsm2-certs-k989UM/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 555s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 555s Object 0: 555s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5073270524fdb2c0;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 555s Type: X.509 Certificate (RSA-1024) 555s Expires: Fri Mar 14 16:06:16 2025 555s Label: Test Organization Intermediate Trusted Certificate 0001 555s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 555s 555s Test Organization Interme Token 555s + echo 'Test Organization Interme Token' 555s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-15055 555s + local certificate=/tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem 555s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-15055 555s + local key_cn 555s + local key_name 555s + local tokens_dir 555s + local output_cert_file 555s + token_name= 555s ++ basename /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 555s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 555s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem 555s ++ sed -n 's/ *commonName *= //p' 556s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 556s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 556s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 556s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 556s ++ basename /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 556s + tokens_dir=/tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 556s + token_name='Test Organization Sub Int Token' 556s + '[' '!' -e /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 556s + local key_file 556s + local decrypted_key 556s + mkdir -p /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 556s + key_file=/tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 556s + decrypted_key=/tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 556s + cat 556s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 123456 --so-pin 123456 --free 556s Slot 0 has a free/uninitialized token. 556s The token has been initialized and is reassigned to slot 275472078 556s + softhsm2-util --show-slots 556s Available slots: 556s Slot 275472078 556s Slot info: 556s Description: SoftHSM slot ID 0x106b5ece 556s Manufacturer ID: SoftHSM project 556s Hardware version: 2.6 556s Firmware version: 2.6 556s Token present: yes 556s Token info: 556s Manufacturer ID: SoftHSM project 556s Model: SoftHSM v2 556s Hardware version: 2.6 556s Firmware version: 2.6 556s Serial number: 24f133b1906b5ece 556s Initialized: yes 556s User PIN init.: yes 556s Label: Test Organization Sub Int Token 556s Slot 1 556s Slot info: 556s Description: SoftHSM slot ID 0x1 556s Manufacturer ID: SoftHSM project 556s Hardware version: 2.6 556s Firmware version: 2.6 556s Token present: yes 556s Token info: 556s Manufacturer ID: SoftHSM project 556s Model: SoftHSM v2 556s Hardware version: 2.6 556s Firmware version: 2.6 556s Serial number: 556s Initialized: no 556s User PIN init.: no 556s Label: 556s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 556s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-15055 -in /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 556s writing RSA key 556s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 556s + rm /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 556s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 556s Object 0: 556s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=24f133b1906b5ece;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 556s Type: X.509 Certificate (RSA-1024) 556s Expires: Fri Mar 14 16:06:16 2025 556s Label: Test Organization Sub Intermediate Trusted Certificate 0001 556s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 556s 556s Test Organization Sub Int Token 556s + echo 'Test Organization Sub Int Token' 556s Certificates generation completed! 556s + echo 'Certificates generation completed!' 556s + exit 0 556s + find /tmp/sssd-softhsm2-certs-k989UM -type d -exec chmod 777 '{}' ';' 556s + find /tmp/sssd-softhsm2-certs-k989UM -type f -exec chmod 666 '{}' ';' 556s + backup_file /etc/sssd/sssd.conf 556s + '[' -z '' ']' 556s ++ mktemp -d -t sssd-softhsm2-backups-XXXXXX 556s + backupsdir=/tmp/sssd-softhsm2-backups-hsQ53t 556s + '[' -e /etc/sssd/sssd.conf ']' 556s + delete_paths+=("$1") 556s + rm -f /etc/sssd/sssd.conf 556s ++ runuser -u ubuntu -- sh -c 'echo ~' 556s + user_home=/home/ubuntu 556s + mkdir -p /home/ubuntu 556s + chown ubuntu:ubuntu /home/ubuntu 556s ++ runuser -u ubuntu -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}' 556s + user_config=/home/ubuntu/.config 556s + system_config=/etc 556s + softhsm2_conf_paths=("${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf" "root:$system_config/softhsm/softhsm2.conf") 556s + for path_pair in "${softhsm2_conf_paths[@]}" 556s + IFS=: 556s + read -r -a path 556s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 556s + backup_file /home/ubuntu/.config/softhsm2/softhsm2.conf 556s + '[' -z /tmp/sssd-softhsm2-backups-hsQ53t ']' 556s + '[' -e /home/ubuntu/.config/softhsm2/softhsm2.conf ']' 556s + delete_paths+=("$1") 556s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 556s + for path_pair in "${softhsm2_conf_paths[@]}" 556s + IFS=: 556s + read -r -a path 556s + path=/etc/softhsm/softhsm2.conf 556s + backup_file /etc/softhsm/softhsm2.conf 556s + '[' -z /tmp/sssd-softhsm2-backups-hsQ53t ']' 556s + '[' -e /etc/softhsm/softhsm2.conf ']' 556s ++ dirname /etc/softhsm/softhsm2.conf 556s + local back_dir=/tmp/sssd-softhsm2-backups-hsQ53t//etc/softhsm 556s ++ basename /etc/softhsm/softhsm2.conf 556s + local back_path=/tmp/sssd-softhsm2-backups-hsQ53t//etc/softhsm/softhsm2.conf 556s + '[' '!' -e /tmp/sssd-softhsm2-backups-hsQ53t//etc/softhsm/softhsm2.conf ']' 556s + mkdir -p /tmp/sssd-softhsm2-backups-hsQ53t//etc/softhsm 556s + cp -a /etc/softhsm/softhsm2.conf /tmp/sssd-softhsm2-backups-hsQ53t//etc/softhsm/softhsm2.conf 556s + restore_paths+=("$back_path") 556s + rm -f /etc/softhsm/softhsm2.conf 556s + test_authentication login /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-root-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-k989UM/test-full-chain-CA.pem 556s + pam_service=login 556s + certificate_config=/tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-root-CA-trusted-certificate-0001.conf 556s + ca_db=/tmp/sssd-softhsm2-certs-k989UM/test-full-chain-CA.pem 556s + verification_options= 556s + mkdir -p -m 700 /etc/sssd 556s Using CA DB '/tmp/sssd-softhsm2-certs-k989UM/test-full-chain-CA.pem' with verification options: '' 556s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-k989UM/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 556s + cat 556s + chmod 600 /etc/sssd/sssd.conf 556s + for path_pair in "${softhsm2_conf_paths[@]}" 556s + IFS=: 556s + read -r -a path 556s + user=ubuntu 556s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 556s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 556s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 556s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-root-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 556s + runuser -u ubuntu -- softhsm2-util --show-slots 556s + grep 'Test Organization' 556s Label: Test Organization Root Tr Token 556s + for path_pair in "${softhsm2_conf_paths[@]}" 556s + IFS=: 556s + read -r -a path 556s + user=root 556s + path=/etc/softhsm/softhsm2.conf 556s ++ dirname /etc/softhsm/softhsm2.conf 556s + runuser -u root -- mkdir -p /etc/softhsm 556s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-root-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 556s + runuser -u root -- softhsm2-util --show-slots 556s + grep 'Test Organization' 556s Label: Test Organization Root Tr Token 556s + systemctl restart sssd 556s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 556s + for alternative in "${alternative_pam_configs[@]}" 556s + pam-auth-update --enable sss-smart-card-optional 556s + cat /etc/pam.d/common-auth 556s # 556s # /etc/pam.d/common-auth - authentication settings common to all services 556s # 556s # This file is included from other service-specific PAM config files, 556s # and should contain a list of the authentication modules that define 556s # the central authentication scheme for use on the system 556s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 556s # traditional Unix authentication mechanisms. 556s # 556s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 556s # To take advantage of this, it is recommended that you configure any 556s # local modules either before or after the default block, and use 556s # pam-auth-update to manage selection of other modules. See 556s # pam-auth-update(8) for details. 556s 556s # here are the per-package modules (the "Primary" block) 556s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 556s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 556s auth [success=1 default=ignore] pam_sss.so use_first_pass 556s # here's the fallback if no module succeeds 556s auth requisite pam_deny.so 556s # prime the stack with a positive return value if there isn't one already; 556s # this avoids us returning an error just because nothing sets a success code 556s # since the modules above will each just jump around 556s auth required pam_permit.so 556s # and here are more per-package modules (the "Additional" block) 556s auth optional pam_cap.so 556s # end of pam-auth-update config 556s + echo -n -e 123456 556s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 556s pamtester: invoking pam_start(login, ubuntu, ...) 556s pamtester: performing operation - authenticate 557s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 557s + echo -n -e 123456 557s + runuser -u ubuntu -- pamtester -v login '' authenticate 557s pamtester: invoking pam_start(login, , ...) 557s pamtester: performing operation - authenticate 557s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 557s + echo -n -e wrong123456 557s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 557s pamtester: invoking pam_start(login, ubuntu, ...) 557s pamtester: performing operation - authenticate 560s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 560s + echo -n -e wrong123456 560s + runuser -u ubuntu -- pamtester -v login '' authenticate 560s pamtester: invoking pam_start(login, , ...) 560s pamtester: performing operation - authenticate 563s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 563s + echo -n -e 123456 563s + pamtester -v login root authenticate 563s pamtester: invoking pam_start(login, root, ...) 563s pamtester: performing operation - authenticate 566s Password: pamtester: Authentication failure 566s + for alternative in "${alternative_pam_configs[@]}" 566s + pam-auth-update --enable sss-smart-card-required 566s PAM configuration 566s ----------------- 566s 566s Incompatible PAM profiles selected. 566s 566s The following PAM profiles cannot be used together: 566s 566s SSS required smart card authentication, SSS optional smart card 566s authentication 566s 566s Please select a different set of modules to enable. 566s 566s + cat /etc/pam.d/common-auth 566s # 566s # /etc/pam.d/common-auth - authentication settings common to all services 566s # 566s # This file is included from other service-specific PAM config files, 566s # and should contain a list of the authentication modules that define 566s # the central authentication scheme for use on the system 566s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 566s # traditional Unix authentication mechanisms. 566s # 566s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 566s # To take advantage of this, it is recommended that you configure any 566s # local modules either before or after the default block, and use 566s # pam-auth-update to manage selection of other modules. See 566s # pam-auth-update(8) for details. 566s 566s # here are the per-package modules (the "Primary" block) 566s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 566s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 566s auth [success=1 default=ignore] pam_sss.so use_first_pass 566s # here's the fallback if no module succeeds 566s auth requisite pam_deny.so 566s # prime the stack with a positive return value if there isn't one already; 566s # this avoids us returning an error just because nothing sets a success code 566s # since the modules above will each just jump around 566s auth required pam_permit.so 566s # and here are more per-package modules (the "Additional" block) 566s auth optional pam_cap.so 566s # end of pam-auth-update config 566s + echo -n -e 123456 566s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 566s pamtester: invoking pam_start(login, ubuntu, ...) 566s pamtester: performing operation - authenticate 566s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 566s + echo -n -e 123456 566s + runuser -u ubuntu -- pamtester -v login '' authenticate 566s pamtester: invoking pam_start(login, , ...) 566s pamtester: performing operation - authenticate 566s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 566s + echo -n -e wrong123456 566s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 566s pamtester: invoking pam_start(login, ubuntu, ...) 566s pamtester: performing operation - authenticate 568s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 568s + echo -n -e wrong123456 568s + runuser -u ubuntu -- pamtester -v login '' authenticate 568s pamtester: invoking pam_start(login, , ...) 568s pamtester: performing operation - authenticate 572s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 572s + echo -n -e 123456 572s + pamtester -v login root authenticate 572s pamtester: invoking pam_start(login, root, ...) 572s pamtester: performing operation - authenticate 574s pamtester: Authentication service cannot retrieve authentication info 574s + test_authentication login /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-k989UM/test-full-chain-CA.pem 574s + pam_service=login 574s + certificate_config=/tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 574s + ca_db=/tmp/sssd-softhsm2-certs-k989UM/test-full-chain-CA.pem 574s + verification_options= 574s + mkdir -p -m 700 /etc/sssd 574s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-k989UM/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 574s Using CA DB '/tmp/sssd-softhsm2-certs-k989UM/test-full-chain-CA.pem' with verification options: '' 574s + cat 574s Label: Test Organization Sub Int Token 574s Label: Test Organization Sub Int Token 574s + chmod 600 /etc/sssd/sssd.conf 574s + for path_pair in "${softhsm2_conf_paths[@]}" 574s + IFS=: 574s + read -r -a path 574s + user=ubuntu 574s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 574s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 574s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 574s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 574s + runuser -u ubuntu -- softhsm2-util --show-slots 574s + grep 'Test Organization' 574s + for path_pair in "${softhsm2_conf_paths[@]}" 574s + IFS=: 574s + read -r -a path 574s + user=root 574s + path=/etc/softhsm/softhsm2.conf 574s ++ dirname /etc/softhsm/softhsm2.conf 574s + runuser -u root -- mkdir -p /etc/softhsm 574s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 574s + runuser -u root -- softhsm2-util --show-slots 574s + grep 'Test Organization' 574s + systemctl restart sssd 574s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 575s + for alternative in "${alternative_pam_configs[@]}" 575s + pam-auth-update --enable sss-smart-card-optional 575s + cat /etc/pam.d/common-auth 575s # 575s # /etc/pam.d/common-auth - authentication settings common to all services 575s # 575s # This file is included from other service-specific PAM config files, 575s # and should contain a list of the authentication modules that define 575s # the central authentication scheme for use on the system 575s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 575s # traditional Unix authentication mechanisms. 575s # 575s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 575s # To take advantage of this, it is recommended that you configure any 575s # local modules either before or after the default block, and use 575s # pam-auth-update to manage selection of other modules. See 575s # pam-auth-update(8) for details. 575s 575s # here are the per-package modules (the "Primary" block) 575s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 575s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 575s auth [success=1 default=ignore] pam_sss.so use_first_pass 575s # here's the fallback if no module succeeds 575s auth requisite pam_deny.so 575s # prime the stack with a positive return value if there isn't one already; 575s # this avoids us returning an error just because nothing sets a success code 575s # since the modules above will each just jump around 575s auth required pam_permit.so 575s # and here are more per-package modules (the "Additional" block) 575s auth optional pam_cap.so 575s # end of pam-auth-update config 575s + echo -n -e 123456 575s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 575s pamtester: invoking pam_start(login, ubuntu, ...) 575s pamtester: performing operation - authenticate 575s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 575s + echo -n -e 123456 575s + runuser -u ubuntu -- pamtester -v login '' authenticate 575s pamtester: invoking pam_start(login, , ...) 575s pamtester: performing operation - authenticate 575s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 575s + echo -n -e wrong123456 575s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 575s pamtester: invoking pam_start(login, ubuntu, ...) 575s pamtester: performing operation - authenticate 578s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 578s + echo -n -e wrong123456 578s + runuser -u ubuntu -- pamtester -v login '' authenticate 578s pamtester: invoking pam_start(login, , ...) 578s pamtester: performing operation - authenticate 580s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 580s + echo -n -e 123456 580s + pamtester -v login root authenticate 580s pamtester: invoking pam_start(login, root, ...) 580s pamtester: performing operation - authenticate 584s Password: pamtester: Authentication failure 584s + for alternative in "${alternative_pam_configs[@]}" 584s + pam-auth-update --enable sss-smart-card-required 584s PAM configuration 584s ----------------- 584s 584s Incompatible PAM profiles selected. 584s 584s The following PAM profiles cannot be used together: 584s 584s SSS required smart card authentication, SSS optional smart card 584s authentication 584s 584s Please select a different set of modules to enable. 584s 584s + cat /etc/pam.d/common-auth 584s # 584s # /etc/pam.d/common-auth - authentication settings common to all services 584s # 584s # This file is included from other service-specific PAM config files, 584s # and should contain a list of the authentication modules that define 584s # the central authentication scheme for use on the system 584s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 584s # traditional Unix authentication mechanisms. 584s # 584s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 584s # To take advantage of this, it is recommended that you configure any 584s # local modules either before or after the default block, and use 584s # pam-auth-update to manage selection of other modules. See 584s # pam-auth-update(8) for details. 584s 584s # here are the per-package modules (the "Primary" block) 584s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 584s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 584s auth [success=1 default=ignore] pam_sss.so use_first_pass 584s # here's the fallback if no module succeeds 584s auth requisite pam_deny.so 584s # prime the stack with a positive return value if there isn't one already; 584s # this avoids us returning an error just because nothing sets a success code 584s # since the modules above will each just jump around 584s auth required pam_permit.so 584s # and here are more per-package modules (the "Additional" block) 584s auth optional pam_cap.so 584s # end of pam-auth-update config 584s + echo -n -e 123456 584s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 584s pamtester: invoking pam_start(login, ubuntu, ...) 584s pamtester: performing operation - authenticate 584s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 584s + echo -n -e 123456 584s + runuser -u ubuntu -- pamtester -v login '' authenticate 584s pamtester: invoking pam_start(login, , ...) 584s pamtester: performing operation - authenticate 584s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 584s + echo -n -e wrong123456 584s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 584s pamtester: invoking pam_start(login, ubuntu, ...) 584s pamtester: performing operation - authenticate 586s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 586s + echo -n -e wrong123456 586s + runuser -u ubuntu -- pamtester -v login '' authenticate 586s pamtester: invoking pam_start(login, , ...) 586s pamtester: performing operation - authenticate 589s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 589s + echo -n -e 123456 589s + pamtester -v login root authenticate 589s pamtester: invoking pam_start(login, root, ...) 589s pamtester: performing operation - authenticate 591s pamtester: Authentication service cannot retrieve authentication info 591s + test_authentication login /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.pem partial_chain 591s + pam_service=login 591s + certificate_config=/tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 591s + ca_db=/tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.pem 591s + verification_options=partial_chain 591s + mkdir -p -m 700 /etc/sssd 591s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.pem'\'' with verification options: '\''partial_chain'\''' 591s Using CA DB '/tmp/sssd-softhsm2-certs-k989UM/test-sub-intermediate-CA.pem' with verification options: 'partial_chain' 591s + cat 591s + chmod 600 /etc/sssd/sssd.conf 591s + for path_pair in "${softhsm2_conf_paths[@]}" 591s + IFS=: 591s + read -r -a path 591s + user=ubuntu 591s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 591s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 591s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 591s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 591s + runuser -u ubuntu -- softhsm2-util --show-slots 591s + grep 'Test Organization' 591s + for path_pair in "${softhsm2_conf_paths[@]}" 591s + IFS=: 591s + read -r -a path 591s + user=root 591s + path=/etc/softhsm/softhsm2.conf 591s ++ dirname /etc/softhsm/softhsm2.conf 591s + runuser -u root -- mkdir -p /etc/softhsm 591s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-k989UM/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 591s + runuser -u root -- softhsm2-util --show-slots 591s + grep 'Test Organization' 591s + systemctl restart sssd 591s Label: Test Organization Sub Int Token 591s Label: Test Organization Sub Int Token 592s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 592s + for alternative in "${alternative_pam_configs[@]}" 592s + pam-auth-update --enable sss-smart-card-optional 592s + cat /etc/pam.d/common-auth 592s # 592s # /etc/pam.d/common-auth - authentication settings common to all services 592s # 592s # This file is included from other service-specific PAM config files, 592s # and should contain a list of the authentication modules that define 592s # the central authentication scheme for use on the system 592s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 592s # traditional Unix authentication mechanisms. 592s # 592s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 592s # To take advantage of this, it is recommended that you configure any 592s # local modules either before or after the default block, and use 592s # pam-auth-update to manage selection of other modules. See 592s # pam-auth-update(8) for details. 592s 592s # here are the per-package modules (the "Primary" block) 592s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 592s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 592s auth [success=1 default=ignore] pam_sss.so use_first_pass 592s # here's the fallback if no module succeeds 592s auth requisite pam_deny.so 592s # prime the stack with a positive return value if there isn't one already; 592s # this avoids us returning an error just because nothing sets a success code 592s # since the modules above will each just jump around 592s auth required pam_permit.so 592s # and here are more per-package modules (the "Additional" block) 592s auth optional pam_cap.so 592s # end of pam-auth-update config 592s + echo -n -e 123456 592s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 592s pamtester: invoking pam_start(login, ubuntu, ...) 592s pamtester: performing operation - authenticate 592s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 592s + echo -n -e 123456 592s + runuser -u ubuntu -- pamtester -v login '' authenticate 592s pamtester: invoking pam_start(login, , ...) 592s pamtester: performing operation - authenticate 592s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 592s + echo -n -e wrong123456 592s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 592s pamtester: invoking pam_start(login, ubuntu, ...) 592s pamtester: performing operation - authenticate 596s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 596s + echo -n -e wrong123456 596s + runuser -u ubuntu -- pamtester -v login '' authenticate 596s pamtester: invoking pam_start(login, , ...) 596s pamtester: performing operation - authenticate 598s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 598s + echo -n -e 123456 598s + pamtester -v login root authenticate 598s pamtester: invoking pam_start(login, root, ...) 598s pamtester: performing operation - authenticate 601s Password: pamtester: Authentication failure 601s + for alternative in "${alternative_pam_configs[@]}" 601s + pam-auth-update --enable sss-smart-card-required 601s PAM configuration 601s ----------------- 601s 601s Incompatible PAM profiles selected. 601s 601s The following PAM profiles cannot be used together: 601s 601s SSS required smart card authentication, SSS optional smart card 601s authentication 601s 601s Please select a different set of modules to enable. 601s 601s + cat /etc/pam.d/common-auth 601s # 601s # /etc/pam.d/common-auth - authentication settings common to all services 601s # 601s # This file is included from other service-specific PAM config files, 601s # and should contain a list of the authentication modules that define 601s # the central authentication scheme for use on the system 601s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 601s # traditional Unix authentication mechanisms. 601s # 601s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 601s # To take advantage of this, it is recommended that you configure any 601s # local modules either before or after the default block, and use 601s # pam-auth-update to manage selection of other modules. See 601s # pam-auth-update(8) for details. 601s 601s # here are the per-package modules (the "Primary" block) 601s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 601s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 601s auth [success=1 default=ignore] pam_sss.so use_first_pass 601s # here's the fallback if no module succeeds 601s auth requisite pam_deny.so 601s # prime the stack with a positive return value if there isn't one already; 601s # this avoids us returning an error just because nothing sets a success code 601s # since the modules above will each just jump around 601s auth required pam_permit.so 601s # and here are more per-package modules (the "Additional" block) 601s auth optional pam_cap.so 601s # end of pam-auth-update config 601s + echo -n -e 123456 601s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 601s pamtester: invoking pam_start(login, ubuntu, ...) 601s pamtester: performing operation - authenticate 601s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 601s + echo -n -e 123456 601s + runuser -u ubuntu -- pamtester -v login '' authenticate 601s pamtester: invoking pam_start(login, , ...) 601s pamtester: performing operation - authenticate 601s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 601s + echo -n -e wrong123456 601s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 601s pamtester: invoking pam_start(login, ubuntu, ...) 601s pamtester: performing operation - authenticate 604s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 604s + echo -n -e wrong123456 604s + runuser -u ubuntu -- pamtester -v login '' authenticate 604s pamtester: invoking pam_start(login, , ...) 604s pamtester: performing operation - authenticate 607s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 607s + echo -n -e 123456 607s + pamtester -v login root authenticate 607s pamtester: invoking pam_start(login, root, ...) 607s pamtester: performing operation - authenticate 612s pamtester: Authentication service cannot retrieve authentication info 612s Script completed successfully! 612s + handle_exit 612s + exit_code=0 612s + restore_changes 612s + for path in "${restore_paths[@]}" 612s + local original_path 612s ++ realpath --strip --relative-base=/tmp/sssd-softhsm2-backups-hsQ53t /tmp/sssd-softhsm2-backups-hsQ53t//etc/softhsm/softhsm2.conf 612s + original_path=/etc/softhsm/softhsm2.conf 612s + rm /etc/softhsm/softhsm2.conf 612s + mv /tmp/sssd-softhsm2-backups-hsQ53t//etc/softhsm/softhsm2.conf /etc/softhsm/softhsm2.conf 612s + for path in "${delete_paths[@]}" 612s + rm -f /etc/sssd/sssd.conf 612s + for path in "${delete_paths[@]}" 612s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 612s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 612s + '[' -e /etc/sssd/sssd.conf ']' 612s + systemctl stop sssd 612s + '[' -e /etc/softhsm/softhsm2.conf ']' 612s + chmod 600 /etc/softhsm/softhsm2.conf 612s + rm -rf /tmp/sssd-softhsm2-certs-k989UM 612s + '[' 0 = 0 ']' 612s + rm -rf /tmp/sssd-softhsm2-backups-hsQ53t 612s + set +x 612s autopkgtest [16:07:12]: test sssd-smart-card-pam-auth-configs: -----------------------] 612s sssd-smart-card-pam-auth-configs PASS 612s autopkgtest [16:07:13]: test sssd-smart-card-pam-auth-configs: - - - - - - - - - - results - - - - - - - - - - 613s autopkgtest [16:07:14]: @@@@@@@@@@@@@@@@@@@@ summary 613s ldap-user-group-ldap-auth PASS 613s ldap-user-group-krb5-auth PASS 613s sssd-softhism2-certificates-tests.sh PASS 613s sssd-smart-card-pam-auth-configs PASS 623s Creating nova instance adt-noble-ppc64el-sssd-20240314-155701-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-ppc64el-server-20240314.img (UUID a031584c-aec8-4412-bff6-4238354f4d17)... 623s Creating nova instance adt-noble-ppc64el-sssd-20240314-155701-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-ppc64el-server-20240314.img (UUID a031584c-aec8-4412-bff6-4238354f4d17)...