0s autopkgtest [22:30:49]: starting date and time: 2024-04-08 22:30:49+0000 0s autopkgtest [22:30:49]: git checkout: 43bc6cdf gitlab-ci: do not include the salsa pipeline 0s autopkgtest [22:30:49]: host juju-7f2275-prod-proposed-migration-environment-2; command line: /home/ubuntu/autopkgtest/runner/autopkgtest --output-dir /tmp/autopkgtest-work.w4i89xm2/out --timeout-copy=6000 --setup-commands /home/ubuntu/autopkgtest-cloud/worker-config-production/setup-canonical.sh --apt-pocket=proposed=src:curl --apt-upgrade sssd --timeout-short=300 --timeout-copy=20000 --timeout-build=20000 --env=ADT_TEST_TRIGGERS=curl/8.5.0-2ubuntu10 -- ssh -s /home/ubuntu/autopkgtest/ssh-setup/nova -- --flavor autopkgtest --security-groups autopkgtest-juju-7f2275-prod-proposed-migration-environment-2@bos01-ppc64el-21.secgroup --name adt-noble-ppc64el-sssd-20240408-223048-juju-7f2275-prod-proposed-migration-environment-2-8c8da996-6a0d-4ca7-b743-e9bad15c2810 --image adt/ubuntu-noble-ppc64el-server --keyname testbed-juju-7f2275-prod-proposed-migration-environment-2 --net-id=net_prod-proposed-migration -e TERM=linux -e ''"'"'http_proxy=http://squid.internal:3128'"'"'' -e ''"'"'https_proxy=http://squid.internal:3128'"'"'' -e ''"'"'no_proxy=127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com'"'"'' --mirror=http://us.ports.ubuntu.com/ubuntu-ports/ 135s autopkgtest [22:33:04]: testbed dpkg architecture: ppc64el 135s autopkgtest [22:33:04]: testbed apt version: 2.7.14build2 135s autopkgtest [22:33:04]: @@@@@@@@@@@@@@@@@@@@ test bed setup 136s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 136s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [360 kB] 137s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [10.6 kB] 137s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [831 kB] 137s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [6004 B] 137s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el Packages [347 kB] 137s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el c-n-f Metadata [3116 B] 137s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el Packages [1192 B] 137s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el c-n-f Metadata [116 B] 137s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el Packages [1001 kB] 137s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el c-n-f Metadata [8652 B] 137s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el Packages [9108 B] 137s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el c-n-f Metadata [116 B] 140s Fetched 2696 kB in 1s (2237 kB/s) 140s Reading package lists... 142s Reading package lists... 142s Building dependency tree... 142s Reading state information... 142s Calculating upgrade... 143s The following packages will be upgraded: 143s bash curl grub-common grub-ieee1275 grub-ieee1275-bin grub2-common 143s libcurl3t64-gnutls libcurl4t64 libpython3.12-minimal libpython3.12-stdlib 143s python3-gi python3.12 python3.12-minimal 143s 13 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 143s Need to get 12.3 MB of archives. 143s After this operation, 570 kB disk space will be freed. 143s Get:1 http://ftpmaster.internal/ubuntu noble/main ppc64el bash ppc64el 5.2.21-2ubuntu4 [977 kB] 143s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el python3.12 ppc64el 3.12.2-5ubuntu3 [644 kB] 143s Get:3 http://ftpmaster.internal/ubuntu noble/main ppc64el libpython3.12-stdlib ppc64el 3.12.2-5ubuntu3 [2123 kB] 143s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el python3.12-minimal ppc64el 3.12.2-5ubuntu3 [2495 kB] 144s Get:5 http://ftpmaster.internal/ubuntu noble/main ppc64el libpython3.12-minimal ppc64el 3.12.2-5ubuntu3 [834 kB] 144s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el python3-gi ppc64el 3.48.2-1 [262 kB] 144s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el curl ppc64el 8.5.0-2ubuntu10 [235 kB] 144s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libcurl4t64 ppc64el 8.5.0-2ubuntu10 [428 kB] 144s Get:9 http://ftpmaster.internal/ubuntu noble/main ppc64el grub-ieee1275 ppc64el 2.12-1ubuntu7 [63.1 kB] 144s Get:10 http://ftpmaster.internal/ubuntu noble/main ppc64el grub2-common ppc64el 2.12-1ubuntu7 [752 kB] 144s Get:11 http://ftpmaster.internal/ubuntu noble/main ppc64el grub-ieee1275-bin ppc64el 2.12-1ubuntu7 [687 kB] 144s Get:12 http://ftpmaster.internal/ubuntu noble/main ppc64el grub-common ppc64el 2.12-1ubuntu7 [2356 kB] 144s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libcurl3t64-gnutls ppc64el 8.5.0-2ubuntu10 [419 kB] 144s Preconfiguring packages ... 144s Fetched 12.3 MB in 1s (9143 kB/s) 144s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 103388 files and directories currently installed.) 144s Preparing to unpack .../bash_5.2.21-2ubuntu4_ppc64el.deb ... 144s Unpacking bash (5.2.21-2ubuntu4) over (5.2.21-2ubuntu2) ... 144s Setting up bash (5.2.21-2ubuntu4) ... 144s update-alternatives: using /usr/share/man/man7/bash-builtins.7.gz to provide /usr/share/man/man7/builtins.7.gz (builtins.7.gz) in auto mode 144s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 103388 files and directories currently installed.) 144s Preparing to unpack .../00-python3.12_3.12.2-5ubuntu3_ppc64el.deb ... 145s Unpacking python3.12 (3.12.2-5ubuntu3) over (3.12.2-4build4) ... 145s Preparing to unpack .../01-libpython3.12-stdlib_3.12.2-5ubuntu3_ppc64el.deb ... 145s Unpacking libpython3.12-stdlib:ppc64el (3.12.2-5ubuntu3) over (3.12.2-4build4) ... 145s Preparing to unpack .../02-python3.12-minimal_3.12.2-5ubuntu3_ppc64el.deb ... 145s Unpacking python3.12-minimal (3.12.2-5ubuntu3) over (3.12.2-4build4) ... 145s Preparing to unpack .../03-libpython3.12-minimal_3.12.2-5ubuntu3_ppc64el.deb ... 145s Unpacking libpython3.12-minimal:ppc64el (3.12.2-5ubuntu3) over (3.12.2-4build4) ... 145s Preparing to unpack .../04-python3-gi_3.48.2-1_ppc64el.deb ... 145s Unpacking python3-gi (3.48.2-1) over (3.48.1-1build1) ... 145s Preparing to unpack .../05-curl_8.5.0-2ubuntu10_ppc64el.deb ... 145s Unpacking curl (8.5.0-2ubuntu10) over (8.5.0-2ubuntu9) ... 145s Preparing to unpack .../06-libcurl4t64_8.5.0-2ubuntu10_ppc64el.deb ... 145s Unpacking libcurl4t64:ppc64el (8.5.0-2ubuntu10) over (8.5.0-2ubuntu9) ... 145s Preparing to unpack .../07-grub-ieee1275_2.12-1ubuntu7_ppc64el.deb ... 145s Unpacking grub-ieee1275 (2.12-1ubuntu7) over (2.12-1ubuntu6) ... 145s Preparing to unpack .../08-grub2-common_2.12-1ubuntu7_ppc64el.deb ... 145s Unpacking grub2-common (2.12-1ubuntu7) over (2.12-1ubuntu6) ... 145s Preparing to unpack .../09-grub-ieee1275-bin_2.12-1ubuntu7_ppc64el.deb ... 145s Unpacking grub-ieee1275-bin (2.12-1ubuntu7) over (2.12-1ubuntu6) ... 145s Preparing to unpack .../10-grub-common_2.12-1ubuntu7_ppc64el.deb ... 146s Unpacking grub-common (2.12-1ubuntu7) over (2.12-1ubuntu6) ... 146s Preparing to unpack .../11-libcurl3t64-gnutls_8.5.0-2ubuntu10_ppc64el.deb ... 146s Unpacking libcurl3t64-gnutls:ppc64el (8.5.0-2ubuntu10) over (8.5.0-2ubuntu9) ... 146s Setting up libcurl4t64:ppc64el (8.5.0-2ubuntu10) ... 146s Setting up libpython3.12-minimal:ppc64el (3.12.2-5ubuntu3) ... 146s Setting up libcurl3t64-gnutls:ppc64el (8.5.0-2ubuntu10) ... 146s Setting up grub-common (2.12-1ubuntu7) ... 146s Setting up python3-gi (3.48.2-1) ... 147s Setting up curl (8.5.0-2ubuntu10) ... 147s Setting up python3.12-minimal (3.12.2-5ubuntu3) ... 148s Setting up libpython3.12-stdlib:ppc64el (3.12.2-5ubuntu3) ... 148s Setting up grub2-common (2.12-1ubuntu7) ... 148s Setting up python3.12 (3.12.2-5ubuntu3) ... 149s Setting up grub-ieee1275-bin (2.12-1ubuntu7) ... 149s Setting up grub-ieee1275 (2.12-1ubuntu7) ... 149s Installing for powerpc-ieee1275 platform. 149s Installation finished. No error reported. 149s Sourcing file `/etc/default/grub' 149s Sourcing file `/etc/default/grub.d/50-cloudimg-settings.cfg' 149s Generating grub configuration file ... 149s Found linux image: /boot/vmlinux-6.8.0-22-generic 149s Found initrd image: /boot/initrd.img-6.8.0-22-generic 149s Found linux image: /boot/vmlinux-6.8.0-11-generic 150s Found initrd image: /boot/initrd.img-6.8.0-11-generic 150s Warning: os-prober will not be executed to detect other bootable partitions. 150s Systems on them will not be added to the GRUB boot configuration. 150s Check GRUB_DISABLE_OS_PROBER documentation entry. 150s Adding boot menu entry for UEFI Firmware Settings ... 150s done 150s Processing triggers for systemd (255.4-1ubuntu7) ... 150s Processing triggers for man-db (2.12.0-4build1) ... 151s Processing triggers for debianutils (5.17build1) ... 151s Processing triggers for install-info (7.1-3build2) ... 151s Processing triggers for libc-bin (2.39-0ubuntu8) ... 151s Reading package lists... 151s Building dependency tree... 151s Reading state information... 151s The following packages will be REMOVED: 151s linux-headers-6.8.0-11* linux-headers-6.8.0-11-generic* 151s linux-image-6.8.0-11-generic* linux-modules-6.8.0-11-generic* 152s 0 upgraded, 0 newly installed, 4 to remove and 0 not upgraded. 152s After this operation, 207 MB disk space will be freed. 152s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 103389 files and directories currently installed.) 152s Removing linux-headers-6.8.0-11-generic (6.8.0-11.11) ... 152s Removing linux-headers-6.8.0-11 (6.8.0-11.11) ... 153s Removing linux-image-6.8.0-11-generic (6.8.0-11.11) ... 153s I: /boot/vmlinux.old is now a symlink to vmlinux-6.8.0-22-generic 153s I: /boot/initrd.img.old is now a symlink to initrd.img-6.8.0-22-generic 153s /etc/kernel/postrm.d/initramfs-tools: 153s update-initramfs: Deleting /boot/initrd.img-6.8.0-11-generic 154s /etc/kernel/postrm.d/zz-update-grub: 154s Sourcing file `/etc/default/grub' 154s Sourcing file `/etc/default/grub.d/50-cloudimg-settings.cfg' 154s Generating grub configuration file ... 154s Found linux image: /boot/vmlinux-6.8.0-22-generic 154s Found initrd image: /boot/initrd.img-6.8.0-22-generic 154s Warning: os-prober will not be executed to detect other bootable partitions. 154s Systems on them will not be added to the GRUB boot configuration. 154s Check GRUB_DISABLE_OS_PROBER documentation entry. 154s Adding boot menu entry for UEFI Firmware Settings ... 154s done 154s Removing linux-modules-6.8.0-11-generic (6.8.0-11.11) ... 154s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72693 files and directories currently installed.) 154s Purging configuration files for linux-image-6.8.0-11-generic (6.8.0-11.11) ... 154s Purging configuration files for linux-modules-6.8.0-11-generic (6.8.0-11.11) ... 155s Hit:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease 155s Hit:2 http://ftpmaster.internal/ubuntu noble InRelease 155s Hit:3 http://ftpmaster.internal/ubuntu noble-updates InRelease 155s Hit:4 http://ftpmaster.internal/ubuntu noble-security InRelease 156s Reading package lists... 156s Reading package lists... 156s Building dependency tree... 156s Reading state information... 156s Calculating upgrade... 156s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 156s Reading package lists... 157s Building dependency tree... 157s Reading state information... 157s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 157s autopkgtest [22:33:26]: rebooting testbed after setup commands that affected boot 323s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 338s autopkgtest [22:36:27]: testbed running kernel: Linux 6.8.0-22-generic #22-Ubuntu SMP Thu Apr 4 22:47:57 UTC 2024 341s autopkgtest [22:36:30]: @@@@@@@@@@@@@@@@@@@@ apt-source sssd 355s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main sssd 2.9.4-1.1ubuntu5 (dsc) [5056 B] 355s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main sssd 2.9.4-1.1ubuntu5 (tar) [7983 kB] 355s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main sssd 2.9.4-1.1ubuntu5 (diff) [49.1 kB] 355s gpgv: Signature made Fri Apr 5 14:55:59 2024 UTC 355s gpgv: using RSA key 8AFD08D3D1B817B2DF8982F501AC4B4083590A98 355s gpgv: Can't check signature: No public key 355s dpkg-source: warning: cannot verify inline signature for ./sssd_2.9.4-1.1ubuntu5.dsc: no acceptable signature found 355s autopkgtest [22:36:44]: testing package sssd version 2.9.4-1.1ubuntu5 356s autopkgtest [22:36:45]: build not needed 361s autopkgtest [22:36:50]: test ldap-user-group-ldap-auth: preparing testbed 362s Reading package lists... 362s Building dependency tree... 362s Reading state information... 362s Starting pkgProblemResolver with broken count: 0 362s Starting 2 pkgProblemResolver with broken count: 0 362s Done 362s The following additional packages will be installed: 362s expect ldap-utils libavahi-client3 libavahi-common-data libavahi-common3 362s libbasicobjects0t64 libc-ares2 libcollection4t64 libcrack2 libdhash1t64 362s libevent-2.1-7t64 libini-config5t64 libipa-hbac-dev libipa-hbac0t64 libjose0 362s libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo libodbc2 362s libpam-pwquality libpam-sss libpath-utils1t64 libpwquality-common 362s libpwquality1 libref-array1t64 libsmbclient0 libsss-certmap-dev 362s libsss-certmap0 libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev 362s libsss-nss-idmap0 libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0t64 362s libverto-libevent1t64 libverto1t64 libwbclient0 python3-libipa-hbac 362s python3-libsss-nss-idmap python3-sss samba-libs slapd sssd sssd-ad 362s sssd-ad-common sssd-common sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 362s sssd-krb5-common sssd-ldap sssd-passkey sssd-proxy sssd-tools tcl-expect 363s tcl8.6 363s Suggested packages: 363s tk8.6 libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal 363s odbc-postgresql tdsodbc adcli libsasl2-modules-ldap tcl-tclreadline 363s Recommended packages: 363s cracklib-runtime libsasl2-modules-gssapi-mit 363s | libsasl2-modules-gssapi-heimdal 363s The following NEW packages will be installed: 363s autopkgtest-satdep expect ldap-utils libavahi-client3 libavahi-common-data 363s libavahi-common3 libbasicobjects0t64 libc-ares2 libcollection4t64 libcrack2 363s libdhash1t64 libevent-2.1-7t64 libini-config5t64 libipa-hbac-dev 363s libipa-hbac0t64 libjose0 libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss 363s libnss-sudo libodbc2 libpam-pwquality libpam-sss libpath-utils1t64 363s libpwquality-common libpwquality1 libref-array1t64 libsmbclient0 363s libsss-certmap-dev libsss-certmap0 libsss-idmap-dev libsss-idmap0 363s libsss-nss-idmap-dev libsss-nss-idmap0 libsss-sudo libtalloc2 libtcl8.6 363s libtdb1 libtevent0t64 libverto-libevent1t64 libverto1t64 libwbclient0 363s python3-libipa-hbac python3-libsss-nss-idmap python3-sss samba-libs slapd 363s sssd sssd-ad sssd-ad-common sssd-common sssd-dbus sssd-idp sssd-ipa sssd-kcm 363s sssd-krb5 sssd-krb5-common sssd-ldap sssd-passkey sssd-proxy sssd-tools 363s tcl-expect tcl8.6 363s 0 upgraded, 65 newly installed, 0 to remove and 0 not upgraded. 363s Need to get 14.3 MB/14.3 MB of archives. 363s After this operation, 70.1 MB of additional disk space will be used. 363s Get:1 /tmp/autopkgtest.ZdLqjh/1-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [868 B] 363s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el libltdl7 ppc64el 2.4.7-7 [48.0 kB] 363s Get:3 http://ftpmaster.internal/ubuntu noble/main ppc64el libodbc2 ppc64el 2.3.12-1build2 [188 kB] 363s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el slapd ppc64el 2.6.7+dfsg-1~exp1ubuntu8 [1768 kB] 363s Get:5 http://ftpmaster.internal/ubuntu noble/main ppc64el libtcl8.6 ppc64el 8.6.14+dfsg-1build1 [1204 kB] 363s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el tcl8.6 ppc64el 8.6.14+dfsg-1build1 [14.8 kB] 363s Get:7 http://ftpmaster.internal/ubuntu noble/universe ppc64el tcl-expect ppc64el 5.45.4-2build1 [112 kB] 363s Get:8 http://ftpmaster.internal/ubuntu noble/universe ppc64el expect ppc64el 5.45.4-2build1 [137 kB] 363s Get:9 http://ftpmaster.internal/ubuntu noble/main ppc64el ldap-utils ppc64el 2.6.7+dfsg-1~exp1ubuntu8 [154 kB] 363s Get:10 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common-data ppc64el 0.8-13ubuntu5 [29.6 kB] 363s Get:11 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common3 ppc64el 0.8-13ubuntu5 [26.3 kB] 363s Get:12 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-client3 ppc64el 0.8-13ubuntu5 [30.9 kB] 363s Get:13 http://ftpmaster.internal/ubuntu noble/main ppc64el libbasicobjects0t64 ppc64el 0.6.2-2.1build1 [6138 B] 363s Get:14 http://ftpmaster.internal/ubuntu noble/main ppc64el libcollection4t64 ppc64el 0.6.2-2.1build1 [36.4 kB] 363s Get:15 http://ftpmaster.internal/ubuntu noble/main ppc64el libcrack2 ppc64el 2.9.6-5.1build2 [31.1 kB] 363s Get:16 http://ftpmaster.internal/ubuntu noble/main ppc64el libdhash1t64 ppc64el 0.6.2-2.1build1 [10.4 kB] 363s Get:17 http://ftpmaster.internal/ubuntu noble/main ppc64el libevent-2.1-7t64 ppc64el 2.1.12-stable-9ubuntu2 [174 kB] 363s Get:18 http://ftpmaster.internal/ubuntu noble/main ppc64el libpath-utils1t64 ppc64el 0.6.2-2.1build1 [10.6 kB] 363s Get:19 http://ftpmaster.internal/ubuntu noble/main ppc64el libref-array1t64 ppc64el 0.6.2-2.1build1 [8160 B] 363s Get:20 http://ftpmaster.internal/ubuntu noble/main ppc64el libini-config5t64 ppc64el 0.6.2-2.1build1 [55.3 kB] 363s Get:21 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libipa-hbac0t64 ppc64el 2.9.4-1.1ubuntu5 [17.9 kB] 363s Get:22 http://ftpmaster.internal/ubuntu noble/universe ppc64el libjose0 ppc64el 11-3build2 [51.3 kB] 363s Get:23 http://ftpmaster.internal/ubuntu noble/main ppc64el libverto-libevent1t64 ppc64el 0.3.1-1.2ubuntu3 [6490 B] 363s Get:24 http://ftpmaster.internal/ubuntu noble/main ppc64el libverto1t64 ppc64el 0.3.1-1.2ubuntu3 [12.1 kB] 363s Get:25 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libkrad0 ppc64el 1.20.1-6ubuntu2 [24.8 kB] 363s Get:26 http://ftpmaster.internal/ubuntu noble/main ppc64el libtalloc2 ppc64el 2.4.2-1build2 [36.7 kB] 363s Get:27 http://ftpmaster.internal/ubuntu noble/main ppc64el libtdb1 ppc64el 1.4.10-1 [62.7 kB] 363s Get:28 http://ftpmaster.internal/ubuntu noble/main ppc64el libtevent0t64 ppc64el 0.16.1-2build1 [51.2 kB] 363s Get:29 http://ftpmaster.internal/ubuntu noble/main ppc64el libldb2 ppc64el 2:2.8.0+samba4.19.5+dfsg-4ubuntu8 [220 kB] 364s Get:30 http://ftpmaster.internal/ubuntu noble/main ppc64el libnfsidmap1 ppc64el 1:2.6.4-3ubuntu4 [54.5 kB] 364s Get:31 http://ftpmaster.internal/ubuntu noble/universe ppc64el libnss-sudo all 1.9.15p5-3ubuntu4 [15.1 kB] 364s Get:32 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality-common all 1.4.5-3 [7658 B] 364s Get:33 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality1 ppc64el 1.4.5-3 [16.9 kB] 364s Get:34 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-pwquality ppc64el 1.4.5-3 [12.5 kB] 364s Get:35 http://ftpmaster.internal/ubuntu noble/main ppc64el libwbclient0 ppc64el 2:4.19.5+dfsg-4ubuntu8 [77.3 kB] 364s Get:36 http://ftpmaster.internal/ubuntu noble/main ppc64el samba-libs ppc64el 2:4.19.5+dfsg-4ubuntu8 [6674 kB] 364s Get:37 http://ftpmaster.internal/ubuntu noble/main ppc64el libsmbclient0 ppc64el 2:4.19.5+dfsg-4ubuntu8 [70.3 kB] 364s Get:38 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libnss-sss ppc64el 2.9.4-1.1ubuntu5 [36.6 kB] 364s Get:39 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libpam-sss ppc64el 2.9.4-1.1ubuntu5 [56.8 kB] 364s Get:40 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el python3-sss ppc64el 2.9.4-1.1ubuntu5 [48.4 kB] 364s Get:41 http://ftpmaster.internal/ubuntu noble/main ppc64el libc-ares2 ppc64el 1.27.0-1 [99.0 kB] 364s Get:42 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libsss-certmap0 ppc64el 2.9.4-1.1ubuntu5 [54.0 kB] 364s Get:43 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libsss-idmap0 ppc64el 2.9.4-1.1ubuntu5 [25.0 kB] 364s Get:44 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libsss-nss-idmap0 ppc64el 2.9.4-1.1ubuntu5 [37.7 kB] 364s Get:45 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-common ppc64el 2.9.4-1.1ubuntu5 [1280 kB] 364s Get:46 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el sssd-idp ppc64el 2.9.4-1.1ubuntu5 [30.8 kB] 364s Get:47 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el sssd-passkey ppc64el 2.9.4-1.1ubuntu5 [35.3 kB] 364s Get:48 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-ad-common ppc64el 2.9.4-1.1ubuntu5 [88.6 kB] 364s Get:49 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-krb5-common ppc64el 2.9.4-1.1ubuntu5 [103 kB] 364s Get:50 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-ad ppc64el 2.9.4-1.1ubuntu5 [148 kB] 364s Get:51 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-ipa ppc64el 2.9.4-1.1ubuntu5 [240 kB] 364s Get:52 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-krb5 ppc64el 2.9.4-1.1ubuntu5 [14.4 kB] 364s Get:53 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-ldap ppc64el 2.9.4-1.1ubuntu5 [31.6 kB] 364s Get:54 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-proxy ppc64el 2.9.4-1.1ubuntu5 [47.9 kB] 364s Get:55 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd ppc64el 2.9.4-1.1ubuntu5 [4110 B] 364s Get:56 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-dbus ppc64el 2.9.4-1.1ubuntu5 [122 kB] 364s Get:57 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el sssd-kcm ppc64el 2.9.4-1.1ubuntu5 [160 kB] 364s Get:58 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-tools ppc64el 2.9.4-1.1ubuntu5 [108 kB] 364s Get:59 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libipa-hbac-dev ppc64el 2.9.4-1.1ubuntu5 [6658 B] 364s Get:60 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libsss-certmap-dev ppc64el 2.9.4-1.1ubuntu5 [5728 B] 364s Get:61 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libsss-idmap-dev ppc64el 2.9.4-1.1ubuntu5 [8378 B] 364s Get:62 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libsss-nss-idmap-dev ppc64el 2.9.4-1.1ubuntu5 [6708 B] 364s Get:63 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el libsss-sudo ppc64el 2.9.4-1.1ubuntu5 [22.8 kB] 364s Get:64 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el python3-libipa-hbac ppc64el 2.9.4-1.1ubuntu5 [19.2 kB] 364s Get:65 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el python3-libsss-nss-idmap ppc64el 2.9.4-1.1ubuntu5 [9534 B] 364s Preconfiguring packages ... 364s Fetched 14.3 MB in 2s (9218 kB/s) 364s Selecting previously unselected package libltdl7:ppc64el. 365s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72692 files and directories currently installed.) 365s Preparing to unpack .../00-libltdl7_2.4.7-7_ppc64el.deb ... 365s Unpacking libltdl7:ppc64el (2.4.7-7) ... 365s Selecting previously unselected package libodbc2:ppc64el. 365s Preparing to unpack .../01-libodbc2_2.3.12-1build2_ppc64el.deb ... 365s Unpacking libodbc2:ppc64el (2.3.12-1build2) ... 365s Selecting previously unselected package slapd. 365s Preparing to unpack .../02-slapd_2.6.7+dfsg-1~exp1ubuntu8_ppc64el.deb ... 365s Unpacking slapd (2.6.7+dfsg-1~exp1ubuntu8) ... 365s Selecting previously unselected package libtcl8.6:ppc64el. 365s Preparing to unpack .../03-libtcl8.6_8.6.14+dfsg-1build1_ppc64el.deb ... 365s Unpacking libtcl8.6:ppc64el (8.6.14+dfsg-1build1) ... 365s Selecting previously unselected package tcl8.6. 365s Preparing to unpack .../04-tcl8.6_8.6.14+dfsg-1build1_ppc64el.deb ... 365s Unpacking tcl8.6 (8.6.14+dfsg-1build1) ... 365s Selecting previously unselected package tcl-expect:ppc64el. 365s Preparing to unpack .../05-tcl-expect_5.45.4-2build1_ppc64el.deb ... 365s Unpacking tcl-expect:ppc64el (5.45.4-2build1) ... 365s Selecting previously unselected package expect. 365s Preparing to unpack .../06-expect_5.45.4-2build1_ppc64el.deb ... 365s Unpacking expect (5.45.4-2build1) ... 365s Selecting previously unselected package ldap-utils. 365s Preparing to unpack .../07-ldap-utils_2.6.7+dfsg-1~exp1ubuntu8_ppc64el.deb ... 365s Unpacking ldap-utils (2.6.7+dfsg-1~exp1ubuntu8) ... 365s Selecting previously unselected package libavahi-common-data:ppc64el. 365s Preparing to unpack .../08-libavahi-common-data_0.8-13ubuntu5_ppc64el.deb ... 365s Unpacking libavahi-common-data:ppc64el (0.8-13ubuntu5) ... 365s Selecting previously unselected package libavahi-common3:ppc64el. 365s Preparing to unpack .../09-libavahi-common3_0.8-13ubuntu5_ppc64el.deb ... 365s Unpacking libavahi-common3:ppc64el (0.8-13ubuntu5) ... 365s Selecting previously unselected package libavahi-client3:ppc64el. 365s Preparing to unpack .../10-libavahi-client3_0.8-13ubuntu5_ppc64el.deb ... 365s Unpacking libavahi-client3:ppc64el (0.8-13ubuntu5) ... 365s Selecting previously unselected package libbasicobjects0t64:ppc64el. 365s Preparing to unpack .../11-libbasicobjects0t64_0.6.2-2.1build1_ppc64el.deb ... 365s Unpacking libbasicobjects0t64:ppc64el (0.6.2-2.1build1) ... 365s Selecting previously unselected package libcollection4t64:ppc64el. 365s Preparing to unpack .../12-libcollection4t64_0.6.2-2.1build1_ppc64el.deb ... 365s Unpacking libcollection4t64:ppc64el (0.6.2-2.1build1) ... 365s Selecting previously unselected package libcrack2:ppc64el. 365s Preparing to unpack .../13-libcrack2_2.9.6-5.1build2_ppc64el.deb ... 365s Unpacking libcrack2:ppc64el (2.9.6-5.1build2) ... 365s Selecting previously unselected package libdhash1t64:ppc64el. 365s Preparing to unpack .../14-libdhash1t64_0.6.2-2.1build1_ppc64el.deb ... 365s Unpacking libdhash1t64:ppc64el (0.6.2-2.1build1) ... 365s Selecting previously unselected package libevent-2.1-7t64:ppc64el. 365s Preparing to unpack .../15-libevent-2.1-7t64_2.1.12-stable-9ubuntu2_ppc64el.deb ... 365s Unpacking libevent-2.1-7t64:ppc64el (2.1.12-stable-9ubuntu2) ... 365s Selecting previously unselected package libpath-utils1t64:ppc64el. 365s Preparing to unpack .../16-libpath-utils1t64_0.6.2-2.1build1_ppc64el.deb ... 365s Unpacking libpath-utils1t64:ppc64el (0.6.2-2.1build1) ... 365s Selecting previously unselected package libref-array1t64:ppc64el. 365s Preparing to unpack .../17-libref-array1t64_0.6.2-2.1build1_ppc64el.deb ... 365s Unpacking libref-array1t64:ppc64el (0.6.2-2.1build1) ... 365s Selecting previously unselected package libini-config5t64:ppc64el. 365s Preparing to unpack .../18-libini-config5t64_0.6.2-2.1build1_ppc64el.deb ... 365s Unpacking libini-config5t64:ppc64el (0.6.2-2.1build1) ... 365s Selecting previously unselected package libipa-hbac0t64. 365s Preparing to unpack .../19-libipa-hbac0t64_2.9.4-1.1ubuntu5_ppc64el.deb ... 365s Unpacking libipa-hbac0t64 (2.9.4-1.1ubuntu5) ... 365s Selecting previously unselected package libjose0:ppc64el. 365s Preparing to unpack .../20-libjose0_11-3build2_ppc64el.deb ... 365s Unpacking libjose0:ppc64el (11-3build2) ... 365s Selecting previously unselected package libverto-libevent1t64:ppc64el. 365s Preparing to unpack .../21-libverto-libevent1t64_0.3.1-1.2ubuntu3_ppc64el.deb ... 365s Unpacking libverto-libevent1t64:ppc64el (0.3.1-1.2ubuntu3) ... 365s Selecting previously unselected package libverto1t64:ppc64el. 365s Preparing to unpack .../22-libverto1t64_0.3.1-1.2ubuntu3_ppc64el.deb ... 365s Unpacking libverto1t64:ppc64el (0.3.1-1.2ubuntu3) ... 365s Selecting previously unselected package libkrad0:ppc64el. 365s Preparing to unpack .../23-libkrad0_1.20.1-6ubuntu2_ppc64el.deb ... 365s Unpacking libkrad0:ppc64el (1.20.1-6ubuntu2) ... 365s Selecting previously unselected package libtalloc2:ppc64el. 365s Preparing to unpack .../24-libtalloc2_2.4.2-1build2_ppc64el.deb ... 365s Unpacking libtalloc2:ppc64el (2.4.2-1build2) ... 365s Selecting previously unselected package libtdb1:ppc64el. 365s Preparing to unpack .../25-libtdb1_1.4.10-1_ppc64el.deb ... 365s Unpacking libtdb1:ppc64el (1.4.10-1) ... 365s Selecting previously unselected package libtevent0t64:ppc64el. 365s Preparing to unpack .../26-libtevent0t64_0.16.1-2build1_ppc64el.deb ... 365s Unpacking libtevent0t64:ppc64el (0.16.1-2build1) ... 365s Selecting previously unselected package libldb2:ppc64el. 365s Preparing to unpack .../27-libldb2_2%3a2.8.0+samba4.19.5+dfsg-4ubuntu8_ppc64el.deb ... 365s Unpacking libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-4ubuntu8) ... 365s Selecting previously unselected package libnfsidmap1:ppc64el. 365s Preparing to unpack .../28-libnfsidmap1_1%3a2.6.4-3ubuntu4_ppc64el.deb ... 365s Unpacking libnfsidmap1:ppc64el (1:2.6.4-3ubuntu4) ... 365s Selecting previously unselected package libnss-sudo. 365s Preparing to unpack .../29-libnss-sudo_1.9.15p5-3ubuntu4_all.deb ... 365s Unpacking libnss-sudo (1.9.15p5-3ubuntu4) ... 365s Selecting previously unselected package libpwquality-common. 365s Preparing to unpack .../30-libpwquality-common_1.4.5-3_all.deb ... 365s Unpacking libpwquality-common (1.4.5-3) ... 365s Selecting previously unselected package libpwquality1:ppc64el. 365s Preparing to unpack .../31-libpwquality1_1.4.5-3_ppc64el.deb ... 365s Unpacking libpwquality1:ppc64el (1.4.5-3) ... 365s Selecting previously unselected package libpam-pwquality:ppc64el. 365s Preparing to unpack .../32-libpam-pwquality_1.4.5-3_ppc64el.deb ... 365s Unpacking libpam-pwquality:ppc64el (1.4.5-3) ... 365s Selecting previously unselected package libwbclient0:ppc64el. 365s Preparing to unpack .../33-libwbclient0_2%3a4.19.5+dfsg-4ubuntu8_ppc64el.deb ... 365s Unpacking libwbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu8) ... 365s Selecting previously unselected package samba-libs:ppc64el. 365s Preparing to unpack .../34-samba-libs_2%3a4.19.5+dfsg-4ubuntu8_ppc64el.deb ... 365s Unpacking samba-libs:ppc64el (2:4.19.5+dfsg-4ubuntu8) ... 366s Selecting previously unselected package libsmbclient0:ppc64el. 366s Preparing to unpack .../35-libsmbclient0_2%3a4.19.5+dfsg-4ubuntu8_ppc64el.deb ... 366s Unpacking libsmbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu8) ... 366s Selecting previously unselected package libnss-sss:ppc64el. 366s Preparing to unpack .../36-libnss-sss_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking libnss-sss:ppc64el (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package libpam-sss:ppc64el. 366s Preparing to unpack .../37-libpam-sss_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking libpam-sss:ppc64el (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package python3-sss. 366s Preparing to unpack .../38-python3-sss_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking python3-sss (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package libc-ares2:ppc64el. 366s Preparing to unpack .../39-libc-ares2_1.27.0-1_ppc64el.deb ... 366s Unpacking libc-ares2:ppc64el (1.27.0-1) ... 366s Selecting previously unselected package libsss-certmap0. 366s Preparing to unpack .../40-libsss-certmap0_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking libsss-certmap0 (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package libsss-idmap0. 366s Preparing to unpack .../41-libsss-idmap0_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking libsss-idmap0 (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package libsss-nss-idmap0. 366s Preparing to unpack .../42-libsss-nss-idmap0_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking libsss-nss-idmap0 (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package sssd-common. 366s Preparing to unpack .../43-sssd-common_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking sssd-common (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package sssd-idp. 366s Preparing to unpack .../44-sssd-idp_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking sssd-idp (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package sssd-passkey. 366s Preparing to unpack .../45-sssd-passkey_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking sssd-passkey (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package sssd-ad-common. 366s Preparing to unpack .../46-sssd-ad-common_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking sssd-ad-common (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package sssd-krb5-common. 366s Preparing to unpack .../47-sssd-krb5-common_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking sssd-krb5-common (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package sssd-ad. 366s Preparing to unpack .../48-sssd-ad_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking sssd-ad (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package sssd-ipa. 366s Preparing to unpack .../49-sssd-ipa_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking sssd-ipa (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package sssd-krb5. 366s Preparing to unpack .../50-sssd-krb5_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking sssd-krb5 (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package sssd-ldap. 366s Preparing to unpack .../51-sssd-ldap_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking sssd-ldap (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package sssd-proxy. 366s Preparing to unpack .../52-sssd-proxy_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking sssd-proxy (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package sssd. 366s Preparing to unpack .../53-sssd_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking sssd (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package sssd-dbus. 366s Preparing to unpack .../54-sssd-dbus_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking sssd-dbus (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package sssd-kcm. 366s Preparing to unpack .../55-sssd-kcm_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking sssd-kcm (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package sssd-tools. 366s Preparing to unpack .../56-sssd-tools_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking sssd-tools (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package libipa-hbac-dev. 366s Preparing to unpack .../57-libipa-hbac-dev_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking libipa-hbac-dev (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package libsss-certmap-dev. 366s Preparing to unpack .../58-libsss-certmap-dev_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking libsss-certmap-dev (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package libsss-idmap-dev. 366s Preparing to unpack .../59-libsss-idmap-dev_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking libsss-idmap-dev (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package libsss-nss-idmap-dev. 366s Preparing to unpack .../60-libsss-nss-idmap-dev_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking libsss-nss-idmap-dev (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package libsss-sudo. 366s Preparing to unpack .../61-libsss-sudo_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking libsss-sudo (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package python3-libipa-hbac. 366s Preparing to unpack .../62-python3-libipa-hbac_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking python3-libipa-hbac (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package python3-libsss-nss-idmap. 366s Preparing to unpack .../63-python3-libsss-nss-idmap_2.9.4-1.1ubuntu5_ppc64el.deb ... 366s Unpacking python3-libsss-nss-idmap (2.9.4-1.1ubuntu5) ... 366s Selecting previously unselected package autopkgtest-satdep. 366s Preparing to unpack .../64-1-autopkgtest-satdep.deb ... 366s Unpacking autopkgtest-satdep (0) ... 366s Setting up libpwquality-common (1.4.5-3) ... 366s Setting up libnfsidmap1:ppc64el (1:2.6.4-3ubuntu4) ... 366s Setting up libsss-idmap0 (2.9.4-1.1ubuntu5) ... 366s Setting up libbasicobjects0t64:ppc64el (0.6.2-2.1build1) ... 366s Setting up libipa-hbac0t64 (2.9.4-1.1ubuntu5) ... 366s Setting up libsss-idmap-dev (2.9.4-1.1ubuntu5) ... 366s Setting up libref-array1t64:ppc64el (0.6.2-2.1build1) ... 366s Setting up libipa-hbac-dev (2.9.4-1.1ubuntu5) ... 366s Setting up libtdb1:ppc64el (1.4.10-1) ... 366s Setting up libcollection4t64:ppc64el (0.6.2-2.1build1) ... 366s Setting up libevent-2.1-7t64:ppc64el (2.1.12-stable-9ubuntu2) ... 366s Setting up libc-ares2:ppc64el (1.27.0-1) ... 366s Setting up ldap-utils (2.6.7+dfsg-1~exp1ubuntu8) ... 366s Setting up libjose0:ppc64el (11-3build2) ... 366s Setting up libwbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu8) ... 366s Setting up libtalloc2:ppc64el (2.4.2-1build2) ... 366s Setting up libpath-utils1t64:ppc64el (0.6.2-2.1build1) ... 366s Setting up libavahi-common-data:ppc64el (0.8-13ubuntu5) ... 366s Setting up libdhash1t64:ppc64el (0.6.2-2.1build1) ... 366s Setting up libtcl8.6:ppc64el (8.6.14+dfsg-1build1) ... 366s Setting up libltdl7:ppc64el (2.4.7-7) ... 366s Setting up libcrack2:ppc64el (2.9.6-5.1build2) ... 366s Setting up libodbc2:ppc64el (2.3.12-1build2) ... 366s Setting up python3-libipa-hbac (2.9.4-1.1ubuntu5) ... 366s Setting up libnss-sudo (1.9.15p5-3ubuntu4) ... 366s Setting up libsss-nss-idmap0 (2.9.4-1.1ubuntu5) ... 366s Setting up libini-config5t64:ppc64el (0.6.2-2.1build1) ... 366s Setting up libtevent0t64:ppc64el (0.16.1-2build1) ... 366s Setting up libnss-sss:ppc64el (2.9.4-1.1ubuntu5) ... 366s Setting up slapd (2.6.7+dfsg-1~exp1ubuntu8) ... 367s Creating new user openldap... done. 367s Creating initial configuration... done. 367s Creating LDAP directory... done. 367s Setting up tcl8.6 (8.6.14+dfsg-1build1) ... 367s Setting up libsss-sudo (2.9.4-1.1ubuntu5) ... 367s Setting up libsss-nss-idmap-dev (2.9.4-1.1ubuntu5) ... 367s Setting up libavahi-common3:ppc64el (0.8-13ubuntu5) ... 367s Setting up tcl-expect:ppc64el (5.45.4-2build1) ... 367s Setting up libsss-certmap0 (2.9.4-1.1ubuntu5) ... 367s Setting up libpwquality1:ppc64el (1.4.5-3) ... 367s Setting up python3-libsss-nss-idmap (2.9.4-1.1ubuntu5) ... 367s Setting up libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-4ubuntu8) ... 367s Setting up libavahi-client3:ppc64el (0.8-13ubuntu5) ... 367s Setting up expect (5.45.4-2build1) ... 367s Setting up libpam-pwquality:ppc64el (1.4.5-3) ... 367s Setting up samba-libs:ppc64el (2:4.19.5+dfsg-4ubuntu8) ... 367s Setting up libsss-certmap-dev (2.9.4-1.1ubuntu5) ... 367s Setting up python3-sss (2.9.4-1.1ubuntu5) ... 367s Setting up libsmbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu8) ... 367s Setting up libpam-sss:ppc64el (2.9.4-1.1ubuntu5) ... 368s Setting up sssd-common (2.9.4-1.1ubuntu5) ... 368s Creating SSSD system user & group... 368s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 368s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 368s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 368s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 368s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 368s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 369s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 369s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 369s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 369s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 370s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 370s sssd-autofs.service is a disabled or a static unit, not starting it. 370s sssd-nss.service is a disabled or a static unit, not starting it. 370s sssd-pam.service is a disabled or a static unit, not starting it. 370s sssd-ssh.service is a disabled or a static unit, not starting it. 370s sssd-sudo.service is a disabled or a static unit, not starting it. 370s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 370s Setting up sssd-proxy (2.9.4-1.1ubuntu5) ... 370s Setting up sssd-kcm (2.9.4-1.1ubuntu5) ... 370s Created symlink /etc/systemd/system/sockets.target.wants/sssd-kcm.socket → /usr/lib/systemd/system/sssd-kcm.socket. 371s sssd-kcm.service is a disabled or a static unit, not starting it. 371s Setting up sssd-dbus (2.9.4-1.1ubuntu5) ... 371s sssd-ifp.service is a disabled or a static unit, not starting it. 371s Setting up sssd-ad-common (2.9.4-1.1ubuntu5) ... 371s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 372s sssd-pac.service is a disabled or a static unit, not starting it. 372s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 372s Setting up sssd-krb5-common (2.9.4-1.1ubuntu5) ... 372s Setting up sssd-krb5 (2.9.4-1.1ubuntu5) ... 372s Setting up sssd-ldap (2.9.4-1.1ubuntu5) ... 372s Setting up sssd-ad (2.9.4-1.1ubuntu5) ... 372s Setting up sssd-tools (2.9.4-1.1ubuntu5) ... 372s Setting up sssd-ipa (2.9.4-1.1ubuntu5) ... 372s Setting up sssd (2.9.4-1.1ubuntu5) ... 372s Setting up libverto-libevent1t64:ppc64el (0.3.1-1.2ubuntu3) ... 372s Setting up libverto1t64:ppc64el (0.3.1-1.2ubuntu3) ... 372s Setting up libkrad0:ppc64el (1.20.1-6ubuntu2) ... 372s Setting up sssd-passkey (2.9.4-1.1ubuntu5) ... 372s Setting up sssd-idp (2.9.4-1.1ubuntu5) ... 372s Setting up autopkgtest-satdep (0) ... 372s Processing triggers for libc-bin (2.39-0ubuntu8) ... 372s Processing triggers for ufw (0.36.2-5) ... 372s Processing triggers for man-db (2.12.0-4build1) ... 373s Processing triggers for dbus (1.14.10-4ubuntu3) ... 382s (Reading database ... 73986 files and directories currently installed.) 382s Removing autopkgtest-satdep (0) ... 382s autopkgtest [22:37:11]: test ldap-user-group-ldap-auth: [----------------------- 383s + . debian/tests/util 383s + . debian/tests/common-tests 383s + mydomain=example.com 383s + myhostname=ldap.example.com 383s + mysuffix=dc=example,dc=com 383s + admin_dn=cn=admin,dc=example,dc=com 383s + admin_pw=secret 383s + ldap_user=testuser1 383s + ldap_user_pw=testuser1secret 383s + ldap_group=ldapusers 383s + adjust_hostname ldap.example.com 383s + local myhostname=ldap.example.com 383s + echo ldap.example.com 383s + hostname ldap.example.com 383s + grep -qE ldap.example.com /etc/hosts 383s + echo 127.0.1.10 ldap.example.com 383s + reconfigure_slapd 383s + debconf-set-selections 383s + rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb 383s + dpkg-reconfigure -fnoninteractive -pcritical slapd 383s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8... done. 383s Moving old database directory to /var/backups: 383s - directory unknown... done. 383s Creating initial configuration... done. 383s Creating LDAP directory... done. 384s + generate_certs ldap.example.com 384s + local cn=ldap.example.com 384s + local cert=/etc/ldap/server.pem 384s + local key=/etc/ldap/server.key 384s + local cnf=/etc/ldap/openssl.cnf 384s + cat 384s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 384s .......................................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 384s .........................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 384s ----- 384s + chmod 0640 /etc/ldap/server.key 384s + chgrp openldap /etc/ldap/server.key 384s + [ ! -f /etc/ldap/server.pem ] 384s + [ ! -f /etc/ldap/server.key ] 384s + enable_ldap_ssl 384s + cat 384s + cat 384s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 384s + populate_ldap_rfc2307 384s + + catldapadd 384s -x -D cn=admin,dc=example,dc=com -w secret 384s + configure_sssd_ldap_rfc2307 384s + cat 384s + chmod 0600 /etc/sssd/sssd.conf 384s + systemctl restart sssd 384s modifying entry "cn=config" 384s 384s adding new entry "ou=People,dc=example,dc=com" 384s 384s adding new entry "ou=Group,dc=example,dc=com" 384s 384s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 384s 384s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 384s 384s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 384s 384s + enable_pam_mkhomedir 384s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 384s + echo session optional pam_mkhomedir.so 384s + run_common_tests 384s + echo Assert local user databases do not have our LDAP test data 384s + Assert local user databases do not have our LDAP test data 384s check_local_user testuser1 384s + local local_user=testuser1 384s + grep -q ^testuser1 /etc/passwd 384s + check_local_group testuser1 384s + local local_group=testuser1 384s + grep -q ^testuser1 /etc/group 384s + check_local_group ldapusers 384s + local local_group=ldapusers 384s + grep -q ^ldapusers /etc/group 384s + echo The LDAP user is known to the system via getent 384s + check_getent_user testuser1 384s + local getent_user=testuser1 384s + local output 384s + The LDAP user is known to the system via getent 384s getent passwd testuser1 384s The LDAP user's private group is known to the system via getent 384s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 384s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 384s + echo The LDAP user's private group is known to the system via getent 384s + check_getent_group testuser1 384s + local getent_group=testuser1 384s + local output 384s + getent group testuser1 384s + output=testuser1:*:10001:testuser1 384s + [ -z testuser1:*:10001:testuser1 ] 384s + echo The LDAP group ldapusers is known to the system via getent 384s + check_getent_group ldapusers 384s + local getent_group=ldapusers 384s + local output 384s + getent group ldapusers 384s The LDAP group ldapusers is known to the system via getent 384s The id(1) command can resolve the group membership of the LDAP user 384s + output=ldapusers:*:10100:testuser1 384s + [ -z ldapusers:*:10100:testuser1 ] 384s + echo The id(1) command can resolve the group membership of the LDAP user 384s + id -Gn testuser1 384s + output=testuser1 ldapusers 384s + [ testuser1 ldapusers != testuser1 ldapusers ] 384s + echo The LDAP user can login on a terminal 384s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1secret 384s The LDAP user can login on a terminal 384s spawn login 384s ldap.example.com login: testuser1 384s Password: 384s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-22-generic ppc64le) 384s 384s * Documentation: https://help.ubuntu.com 384s * Management: https://landscape.canonical.com 384s * Support: https://ubuntu.com/pro 384s 384s * Strictly confined Kubernetes makes edge and IoT secure. Learn how MicroK8s 384s just raised the bar for easy, resilient and secure K8s cluster deployment. 384s 384s https://ubuntu.com/engage/secure-kubernetes-at-the-edge 384s 384s The programs included with the Ubuntu system are free software; 384s the exact distribution terms for each program are described in the 384s individual files in /usr/share/doc/*/copyright. 384s 384s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 384s applicable law. 384s 384s 384s The programs included with the Ubuntu system are free software; 384s the exact distribution terms for each program are described in the 384s individual files in /usr/share/doc/*/copyright. 384s 384s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 384s applicable law. 384s 384s Creating directory '/home/testuser1'. 384s [?2004htestuser1@ldap:~$ id -un 384s [?2004l testuser1 384s [?2004htestuser1@ldap:~$ autopkgtest [22:37:13]: test ldap-user-group-ldap-auth: -----------------------] 385s autopkgtest [22:37:14]: test ldap-user-group-ldap-auth: - - - - - - - - - - results - - - - - - - - - - 385s ldap-user-group-ldap-auth PASS 385s autopkgtest [22:37:14]: test ldap-user-group-krb5-auth: preparing testbed 390s Reading package lists... 390s Building dependency tree... 390s Reading state information... 390s Starting pkgProblemResolver with broken count: 0 390s Starting 2 pkgProblemResolver with broken count: 0 390s Done 390s The following additional packages will be installed: 390s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4t64 390s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10t64 390s Suggested packages: 390s krb5-kdc-ldap krb5-kpropd krb5-k5tls krb5-doc 390s The following NEW packages will be installed: 390s autopkgtest-satdep krb5-admin-server krb5-config krb5-kdc krb5-user 390s libgssrpc4t64 libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10t64 390s 0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded. 390s Need to get 678 kB/679 kB of archives. 390s After this operation, 3110 kB of additional disk space will be used. 390s Get:1 /tmp/autopkgtest.ZdLqjh/2-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [888 B] 390s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el krb5-config all 2.7 [22.0 kB] 390s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libgssrpc4t64 ppc64el 1.20.1-6ubuntu2 [65.9 kB] 390s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libkadm5clnt-mit12 ppc64el 1.20.1-6ubuntu2 [44.5 kB] 391s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libkdb5-10t64 ppc64el 1.20.1-6ubuntu2 [47.4 kB] 391s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libkadm5srv-mit12 ppc64el 1.20.1-6ubuntu2 [61.6 kB] 391s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el krb5-user ppc64el 1.20.1-6ubuntu2 [118 kB] 391s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el krb5-kdc ppc64el 1.20.1-6ubuntu2 [210 kB] 391s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el krb5-admin-server ppc64el 1.20.1-6ubuntu2 [109 kB] 391s Preconfiguring packages ... 391s Fetched 678 kB in 1s (1181 kB/s) 391s Selecting previously unselected package krb5-config. 391s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 73986 files and directories currently installed.) 391s Preparing to unpack .../0-krb5-config_2.7_all.deb ... 391s Unpacking krb5-config (2.7) ... 391s Selecting previously unselected package libgssrpc4t64:ppc64el. 391s Preparing to unpack .../1-libgssrpc4t64_1.20.1-6ubuntu2_ppc64el.deb ... 391s Unpacking libgssrpc4t64:ppc64el (1.20.1-6ubuntu2) ... 391s Selecting previously unselected package libkadm5clnt-mit12:ppc64el. 391s Preparing to unpack .../2-libkadm5clnt-mit12_1.20.1-6ubuntu2_ppc64el.deb ... 391s Unpacking libkadm5clnt-mit12:ppc64el (1.20.1-6ubuntu2) ... 391s Selecting previously unselected package libkdb5-10t64:ppc64el. 391s Preparing to unpack .../3-libkdb5-10t64_1.20.1-6ubuntu2_ppc64el.deb ... 391s Unpacking libkdb5-10t64:ppc64el (1.20.1-6ubuntu2) ... 391s Selecting previously unselected package libkadm5srv-mit12:ppc64el. 391s Preparing to unpack .../4-libkadm5srv-mit12_1.20.1-6ubuntu2_ppc64el.deb ... 391s Unpacking libkadm5srv-mit12:ppc64el (1.20.1-6ubuntu2) ... 391s Selecting previously unselected package krb5-user. 391s Preparing to unpack .../5-krb5-user_1.20.1-6ubuntu2_ppc64el.deb ... 391s Unpacking krb5-user (1.20.1-6ubuntu2) ... 391s Selecting previously unselected package krb5-kdc. 391s Preparing to unpack .../6-krb5-kdc_1.20.1-6ubuntu2_ppc64el.deb ... 391s Unpacking krb5-kdc (1.20.1-6ubuntu2) ... 391s Selecting previously unselected package krb5-admin-server. 391s Preparing to unpack .../7-krb5-admin-server_1.20.1-6ubuntu2_ppc64el.deb ... 391s Unpacking krb5-admin-server (1.20.1-6ubuntu2) ... 391s Selecting previously unselected package autopkgtest-satdep. 391s Preparing to unpack .../8-2-autopkgtest-satdep.deb ... 391s Unpacking autopkgtest-satdep (0) ... 391s Setting up libgssrpc4t64:ppc64el (1.20.1-6ubuntu2) ... 391s Setting up krb5-config (2.7) ... 392s Setting up libkadm5clnt-mit12:ppc64el (1.20.1-6ubuntu2) ... 392s Setting up libkdb5-10t64:ppc64el (1.20.1-6ubuntu2) ... 392s Setting up libkadm5srv-mit12:ppc64el (1.20.1-6ubuntu2) ... 392s Setting up krb5-user (1.20.1-6ubuntu2) ... 392s update-alternatives: using /usr/bin/kinit.mit to provide /usr/bin/kinit (kinit) in auto mode 392s update-alternatives: using /usr/bin/klist.mit to provide /usr/bin/klist (klist) in auto mode 392s update-alternatives: using /usr/bin/kswitch.mit to provide /usr/bin/kswitch (kswitch) in auto mode 392s update-alternatives: using /usr/bin/ksu.mit to provide /usr/bin/ksu (ksu) in auto mode 392s update-alternatives: using /usr/bin/kpasswd.mit to provide /usr/bin/kpasswd (kpasswd) in auto mode 392s update-alternatives: using /usr/bin/kdestroy.mit to provide /usr/bin/kdestroy (kdestroy) in auto mode 392s update-alternatives: using /usr/bin/kadmin.mit to provide /usr/bin/kadmin (kadmin) in auto mode 392s update-alternatives: using /usr/bin/ktutil.mit to provide /usr/bin/ktutil (ktutil) in auto mode 392s Setting up krb5-kdc (1.20.1-6ubuntu2) ... 392s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-kdc.service → /usr/lib/systemd/system/krb5-kdc.service. 393s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 393s Setting up krb5-admin-server (1.20.1-6ubuntu2) ... 393s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-admin-server.service → /usr/lib/systemd/system/krb5-admin-server.service. 394s Setting up autopkgtest-satdep (0) ... 394s Processing triggers for man-db (2.12.0-4build1) ... 394s Processing triggers for libc-bin (2.39-0ubuntu8) ... 402s (Reading database ... 74081 files and directories currently installed.) 402s Removing autopkgtest-satdep (0) ... 402s autopkgtest [22:37:31]: test ldap-user-group-krb5-auth: [----------------------- 403s + . debian/tests/util 403s + . debian/tests/common-tests 403s + mydomain=example.com 403s + myhostname=ldap.example.com 403s + mysuffix=dc=example,dc=com 403s + myrealm=EXAMPLE.COM 403s + admin_dn=cn=admin,dc=example,dc=com 403s + admin_pw=secret 403s + ldap_user=testuser1 403s + ldap_user_pw=testuser1secret 403s + kerberos_principal_pw=testuser1kerberos 403s + ldap_group=ldapusers 403s + adjust_hostname ldap.example.com 403s + local myhostname=ldap.example.com 403s + echo ldap.example.com 403s + hostname ldap.example.com 403s + grep -qE ldap.example.com /etc/hosts 403s + reconfigure_slapd 403s + debconf-set-selections 403s + rm -rf /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8 /var/backups/unknown-2.6.7+dfsg-1~exp1ubuntu8-20240408-223712.ldapdb 403s + dpkg-reconfigure -fnoninteractive -pcritical slapd 403s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8... done. 403s Moving old database directory to /var/backups: 403s - directory unknown... done. 403s Creating initial configuration... done. 403s Creating LDAP directory... done. 403s + generate_certs ldap.example.com 403s + local cn=ldap.example.com 403s + local cert=/etc/ldap/server.pem 403s + local key=/etc/ldap/server.key 403s + local cnf=/etc/ldap/openssl.cnf 403s + cat 403s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 404s ..........++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 404s ...++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 404s ----- 404s + chmod 0640 /etc/ldap/server.key 404s + chgrp openldap /etc/ldap/server.key 404s + [ ! -f /etc/ldap/server.pem ] 404s + [ ! -f /etc/ldap/server.key ] 404s + enable_ldap_ssl 404s + cat 404s + cat 404s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 404s + populate_ldap_rfc2307 404s + + cat 404s ldapadd -x -D cn=admin,dc=example,dc=com -w secret 404s + create_realm EXAMPLE.COM ldap.example.com 404s + local realm_name=EXAMPLE.COM 404s + local kerberos_server=ldap.example.com 404s + rm -rf /var/lib/krb5kdc/* 404s + rm -rf /etc/krb5kdc/kdc.conf 404s + rm -f /etc/krb5.keytab 404s + cat 404s + cat 404s + echo # */admin * 404s + kdb5_util create -s -P secretpassword 404s + systemctl restart krb5-kdc.service krb5-admin-server.service 404s modifying entry "cn=config" 404s 404s adding new entry "ou=People,dc=example,dc=com" 404s 404s adding new entry "ou=Group,dc=example,dc=com" 404s 404s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 404s 404s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 404s 404s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 404s 404s Initializing database '/var/lib/krb5kdc/principal' for realm 'EXAMPLE.COM', 404s master key name 'K/M@EXAMPLE.COM' 404s + create_krb_principal testuser1 testuser1kerberos 404s + local principal=testuser1 404s + local password=testuser1kerberos 404s + kadmin.local -q addprinc -pw testuser1kerberos testuser1 404s No policy specified for testuser1@EXAMPLE.COM; defaulting to no policy 404s Authenticating as principal root/admin@EXAMPLE.COM with password. 404s Principal "testuser1@EXAMPLE.COM" created. 404s + configure_sssd_ldap_rfc2307_krb5_auth 404s + cat 404s + chmod 0600 /etc/sssd/sssd.conf 404s + systemctl restart sssd 404s + enable_pam_mkhomedir 404s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 404s + run_common_tests 404s + echo Assert local user databases do not have our LDAP test dataAssert local user databases do not have our LDAP test data 404s 404s + check_local_user testuser1 404s + local local_user=testuser1 404s + grep -q ^testuser1 /etc/passwd 404s + check_local_group testuser1 404s + local local_group=testuser1 404s + grep -q ^testuser1 /etc/group 404s + check_local_group ldapusers 404s + local local_group=ldapusers 404s + grep -q ^ldapusers /etc/group 404s + echo The LDAP user is known to the system via getent 404s + check_getent_user testuser1 404s + local getent_user=testuser1 404s + local output 404s + The LDAP user is known to the system via getent 404s getent passwd testuser1 404s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 404s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 404s + echo The LDAP user's private group is known to the system via getent 404s + check_getent_group testuser1 404s + local getent_group=testuser1 404s + local output 404s The LDAP user's private group is known to the system via getent 404s + getent group testuser1 404s The LDAP group ldapusers is known to the system via getent 404s + output=testuser1:*:10001:testuser1 404s + [ -z testuser1:*:10001:testuser1 ] 404s + echo The LDAP group ldapusers is known to the system via getent 404s + check_getent_group ldapusers 404s + local getent_group=ldapusers 404s + local output 404s + getent group ldapusers 404s + output=ldapusers:*:10100:testuser1 404s + [ -z ldapusers:*:10100:testuser1 ] 404s + echo The id(1) command can resolve the group membership of the LDAP user 404s + id -Gn testuser1 404s + output=testuser1 ldapusers 404s + [ testuser1 ldapusers != testuser1 ldapusers ] 404s + echo The Kerberos principal can login on a terminal 404s + kdestroy 404s The id(1) command can resolve the group membership of the LDAP user 404s The Kerberos principal can login on a terminal 404s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1kerberos testuser1@EXAMPLE.COM 404s spawn login 404s ldap.example.com login: testuser1 404s Password: 404s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-22-generic ppc64le) 404s 404s * Documentation: https://help.ubuntu.com 404s * Management: https://landscape.canonical.com 404s * Support: https://ubuntu.com/pro 404s 404s * Strictly confined Kubernetes makes edge and IoT secure. Learn how MicroK8s 404s just raised the bar for easy, resilient and secure K8s cluster deployment. 404s 404s https://ubuntu.com/engage/secure-kubernetes-at-the-edge 404s 404s The programs included with the Ubuntu system are free software; 404s the exact distribution terms for each program are described in the 404s individual files in /usr/share/doc/*/copyright. 404s 404s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 404s applicable law. 404s 404s [?2004htestuser1@ldap:~$ id -un 404s [?2004l testuser1 404s [?2004htestuser1@ldap:~$ klist 404s [?2004l Ticket cache: FILE:/tmp/krb5cc_10001_WxMJIl 404s Default principal: testuser1@EXAMPLE.COMautopkgtest [22:37:33]: test ldap-user-group-krb5-auth: -----------------------] 405s autopkgtest [22:37:34]: test ldap-user-group-krb5-auth: - - - - - - - - - - results - - - - - - - - - - 405s ldap-user-group-krb5-auth PASS 405s autopkgtest [22:37:34]: test sssd-softhism2-certificates-tests.sh: preparing testbed 602s autopkgtest [22:40:51]: testbed dpkg architecture: ppc64el 602s autopkgtest [22:40:51]: testbed apt version: 2.7.14build2 602s autopkgtest [22:40:51]: @@@@@@@@@@@@@@@@@@@@ test bed setup 603s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 604s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [10.6 kB] 604s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [831 kB] 604s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [360 kB] 604s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [6004 B] 604s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el Packages [347 kB] 604s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el c-n-f Metadata [3116 B] 604s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el Packages [1192 B] 604s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el c-n-f Metadata [116 B] 604s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el Packages [1001 kB] 604s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el c-n-f Metadata [8652 B] 604s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el Packages [9108 B] 604s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el c-n-f Metadata [116 B] 607s Fetched 2696 kB in 1s (2035 kB/s) 607s Reading package lists... 609s Reading package lists... 609s Building dependency tree... 609s Reading state information... 610s Calculating upgrade... 610s The following packages will be upgraded: 610s bash curl grub-common grub-ieee1275 grub-ieee1275-bin grub2-common 610s libcurl3t64-gnutls libcurl4t64 libpython3.12-minimal libpython3.12-stdlib 610s python3-gi python3.12 python3.12-minimal 610s 13 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 610s Need to get 12.3 MB of archives. 610s After this operation, 570 kB disk space will be freed. 610s Get:1 http://ftpmaster.internal/ubuntu noble/main ppc64el bash ppc64el 5.2.21-2ubuntu4 [977 kB] 610s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el python3.12 ppc64el 3.12.2-5ubuntu3 [644 kB] 610s Get:3 http://ftpmaster.internal/ubuntu noble/main ppc64el libpython3.12-stdlib ppc64el 3.12.2-5ubuntu3 [2123 kB] 611s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el python3.12-minimal ppc64el 3.12.2-5ubuntu3 [2495 kB] 611s Get:5 http://ftpmaster.internal/ubuntu noble/main ppc64el libpython3.12-minimal ppc64el 3.12.2-5ubuntu3 [834 kB] 611s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el python3-gi ppc64el 3.48.2-1 [262 kB] 611s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el curl ppc64el 8.5.0-2ubuntu10 [235 kB] 611s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libcurl4t64 ppc64el 8.5.0-2ubuntu10 [428 kB] 611s Get:9 http://ftpmaster.internal/ubuntu noble/main ppc64el grub-ieee1275 ppc64el 2.12-1ubuntu7 [63.1 kB] 611s Get:10 http://ftpmaster.internal/ubuntu noble/main ppc64el grub2-common ppc64el 2.12-1ubuntu7 [752 kB] 611s Get:11 http://ftpmaster.internal/ubuntu noble/main ppc64el grub-ieee1275-bin ppc64el 2.12-1ubuntu7 [687 kB] 611s Get:12 http://ftpmaster.internal/ubuntu noble/main ppc64el grub-common ppc64el 2.12-1ubuntu7 [2356 kB] 612s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libcurl3t64-gnutls ppc64el 8.5.0-2ubuntu10 [419 kB] 612s Preconfiguring packages ... 612s Fetched 12.3 MB in 2s (6328 kB/s) 612s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 103388 files and directories currently installed.) 612s Preparing to unpack .../bash_5.2.21-2ubuntu4_ppc64el.deb ... 612s Unpacking bash (5.2.21-2ubuntu4) over (5.2.21-2ubuntu2) ... 612s Setting up bash (5.2.21-2ubuntu4) ... 612s update-alternatives: using /usr/share/man/man7/bash-builtins.7.gz to provide /usr/share/man/man7/builtins.7.gz (builtins.7.gz) in auto mode 612s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 103388 files and directories currently installed.) 612s Preparing to unpack .../00-python3.12_3.12.2-5ubuntu3_ppc64el.deb ... 612s Unpacking python3.12 (3.12.2-5ubuntu3) over (3.12.2-4build4) ... 612s Preparing to unpack .../01-libpython3.12-stdlib_3.12.2-5ubuntu3_ppc64el.deb ... 612s Unpacking libpython3.12-stdlib:ppc64el (3.12.2-5ubuntu3) over (3.12.2-4build4) ... 613s Preparing to unpack .../02-python3.12-minimal_3.12.2-5ubuntu3_ppc64el.deb ... 613s Unpacking python3.12-minimal (3.12.2-5ubuntu3) over (3.12.2-4build4) ... 613s Preparing to unpack .../03-libpython3.12-minimal_3.12.2-5ubuntu3_ppc64el.deb ... 613s Unpacking libpython3.12-minimal:ppc64el (3.12.2-5ubuntu3) over (3.12.2-4build4) ... 613s Preparing to unpack .../04-python3-gi_3.48.2-1_ppc64el.deb ... 613s Unpacking python3-gi (3.48.2-1) over (3.48.1-1build1) ... 613s Preparing to unpack .../05-curl_8.5.0-2ubuntu10_ppc64el.deb ... 613s Unpacking curl (8.5.0-2ubuntu10) over (8.5.0-2ubuntu9) ... 613s Preparing to unpack .../06-libcurl4t64_8.5.0-2ubuntu10_ppc64el.deb ... 613s Unpacking libcurl4t64:ppc64el (8.5.0-2ubuntu10) over (8.5.0-2ubuntu9) ... 613s Preparing to unpack .../07-grub-ieee1275_2.12-1ubuntu7_ppc64el.deb ... 613s Unpacking grub-ieee1275 (2.12-1ubuntu7) over (2.12-1ubuntu6) ... 613s Preparing to unpack .../08-grub2-common_2.12-1ubuntu7_ppc64el.deb ... 613s Unpacking grub2-common (2.12-1ubuntu7) over (2.12-1ubuntu6) ... 613s Preparing to unpack .../09-grub-ieee1275-bin_2.12-1ubuntu7_ppc64el.deb ... 613s Unpacking grub-ieee1275-bin (2.12-1ubuntu7) over (2.12-1ubuntu6) ... 613s Preparing to unpack .../10-grub-common_2.12-1ubuntu7_ppc64el.deb ... 613s Unpacking grub-common (2.12-1ubuntu7) over (2.12-1ubuntu6) ... 613s Preparing to unpack .../11-libcurl3t64-gnutls_8.5.0-2ubuntu10_ppc64el.deb ... 613s Unpacking libcurl3t64-gnutls:ppc64el (8.5.0-2ubuntu10) over (8.5.0-2ubuntu9) ... 613s Setting up libcurl4t64:ppc64el (8.5.0-2ubuntu10) ... 613s Setting up libpython3.12-minimal:ppc64el (3.12.2-5ubuntu3) ... 613s Setting up libcurl3t64-gnutls:ppc64el (8.5.0-2ubuntu10) ... 613s Setting up grub-common (2.12-1ubuntu7) ... 614s Setting up python3-gi (3.48.2-1) ... 614s Setting up curl (8.5.0-2ubuntu10) ... 614s Setting up python3.12-minimal (3.12.2-5ubuntu3) ... 615s Setting up libpython3.12-stdlib:ppc64el (3.12.2-5ubuntu3) ... 615s Setting up grub2-common (2.12-1ubuntu7) ... 615s Setting up python3.12 (3.12.2-5ubuntu3) ... 616s Setting up grub-ieee1275-bin (2.12-1ubuntu7) ... 616s Setting up grub-ieee1275 (2.12-1ubuntu7) ... 617s Installing for powerpc-ieee1275 platform. 617s Installation finished. No error reported. 617s Sourcing file `/etc/default/grub' 617s Sourcing file `/etc/default/grub.d/50-cloudimg-settings.cfg' 617s Generating grub configuration file ... 617s Found linux image: /boot/vmlinux-6.8.0-22-generic 617s Found initrd image: /boot/initrd.img-6.8.0-22-generic 617s Found linux image: /boot/vmlinux-6.8.0-11-generic 617s Found initrd image: /boot/initrd.img-6.8.0-11-generic 617s Warning: os-prober will not be executed to detect other bootable partitions. 617s Systems on them will not be added to the GRUB boot configuration. 617s Check GRUB_DISABLE_OS_PROBER documentation entry. 617s Adding boot menu entry for UEFI Firmware Settings ... 617s done 617s Processing triggers for systemd (255.4-1ubuntu7) ... 617s Processing triggers for man-db (2.12.0-4build1) ... 618s Processing triggers for debianutils (5.17build1) ... 618s Processing triggers for install-info (7.1-3build2) ... 618s Processing triggers for libc-bin (2.39-0ubuntu8) ... 618s Reading package lists... 619s Building dependency tree... 619s Reading state information... 619s The following packages will be REMOVED: 619s linux-headers-6.8.0-11* linux-headers-6.8.0-11-generic* 619s linux-image-6.8.0-11-generic* linux-modules-6.8.0-11-generic* 619s 0 upgraded, 0 newly installed, 4 to remove and 0 not upgraded. 619s After this operation, 207 MB disk space will be freed. 619s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 103389 files and directories currently installed.) 619s Removing linux-headers-6.8.0-11-generic (6.8.0-11.11) ... 619s Removing linux-headers-6.8.0-11 (6.8.0-11.11) ... 621s Removing linux-image-6.8.0-11-generic (6.8.0-11.11) ... 621s I: /boot/vmlinux.old is now a symlink to vmlinux-6.8.0-22-generic 621s I: /boot/initrd.img.old is now a symlink to initrd.img-6.8.0-22-generic 621s /etc/kernel/postrm.d/initramfs-tools: 621s update-initramfs: Deleting /boot/initrd.img-6.8.0-11-generic 621s /etc/kernel/postrm.d/zz-update-grub: 621s Sourcing file `/etc/default/grub' 621s Sourcing file `/etc/default/grub.d/50-cloudimg-settings.cfg' 621s Generating grub configuration file ... 621s Found linux image: /boot/vmlinux-6.8.0-22-generic 621s Found initrd image: /boot/initrd.img-6.8.0-22-generic 621s Warning: os-prober will not be executed to detect other bootable partitions. 621s Systems on them will not be added to the GRUB boot configuration. 621s Check GRUB_DISABLE_OS_PROBER documentation entry. 621s Adding boot menu entry for UEFI Firmware Settings ... 621s done 621s Removing linux-modules-6.8.0-11-generic (6.8.0-11.11) ... 622s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72693 files and directories currently installed.) 622s Purging configuration files for linux-image-6.8.0-11-generic (6.8.0-11.11) ... 622s Purging configuration files for linux-modules-6.8.0-11-generic (6.8.0-11.11) ... 622s Hit:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease 622s Hit:2 http://ftpmaster.internal/ubuntu noble InRelease 622s Hit:3 http://ftpmaster.internal/ubuntu noble-updates InRelease 622s Hit:4 http://ftpmaster.internal/ubuntu noble-security InRelease 623s Reading package lists... 623s Reading package lists... 624s Building dependency tree... 624s Reading state information... 624s Calculating upgrade... 624s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 624s Reading package lists... 624s Building dependency tree... 624s Reading state information... 624s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 624s autopkgtest [22:41:13]: rebooting testbed after setup commands that affected boot 792s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 815s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 837s Reading package lists... 837s Building dependency tree... 837s Reading state information... 837s Starting pkgProblemResolver with broken count: 0 837s Starting 2 pkgProblemResolver with broken count: 0 837s Done 837s The following additional packages will be installed: 837s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 837s libbasicobjects0t64 libc-ares2 libcollection4t64 libcrack2 libdhash1t64 837s libevent-2.1-7t64 libgnutls-dane0t64 libini-config5t64 libipa-hbac0t64 837s libldb2 libnfsidmap1 libnss-sss libpam-pwquality libpam-sss 837s libpath-utils1t64 libpwquality-common libpwquality1 libref-array1t64 837s libsmbclient0 libsofthsm2 libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 837s libtalloc2 libtdb1 libtevent0t64 libunbound8 libwbclient0 python3-sss 837s samba-libs softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common 837s sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy 837s Suggested packages: 837s dns-root-data adcli libsss-sudo sssd-tools libsasl2-modules-ldap 837s Recommended packages: 837s cracklib-runtime libsasl2-modules-gssapi-mit 837s | libsasl2-modules-gssapi-heimdal ldap-utils 837s The following NEW packages will be installed: 837s autopkgtest-satdep gnutls-bin libavahi-client3 libavahi-common-data 837s libavahi-common3 libbasicobjects0t64 libc-ares2 libcollection4t64 libcrack2 837s libdhash1t64 libevent-2.1-7t64 libgnutls-dane0t64 libini-config5t64 837s libipa-hbac0t64 libldb2 libnfsidmap1 libnss-sss libpam-pwquality libpam-sss 837s libpath-utils1t64 libpwquality-common libpwquality1 libref-array1t64 837s libsmbclient0 libsofthsm2 libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 837s libtalloc2 libtdb1 libtevent0t64 libunbound8 libwbclient0 python3-sss 837s samba-libs softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common 837s sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy 837s 0 upgraded, 46 newly installed, 0 to remove and 0 not upgraded. 837s Need to get 11.4 MB/11.4 MB of archives. 837s After this operation, 57.1 MB of additional disk space will be used. 837s Get:1 /tmp/autopkgtest.ZdLqjh/3-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [748 B] 837s Get:2 http://ftpmaster.internal/ubuntu noble/main ppc64el libevent-2.1-7t64 ppc64el 2.1.12-stable-9ubuntu2 [174 kB] 838s Get:3 http://ftpmaster.internal/ubuntu noble/main ppc64el libunbound8 ppc64el 1.19.2-1ubuntu3 [537 kB] 838s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el libgnutls-dane0t64 ppc64el 3.8.3-1.1ubuntu3 [24.7 kB] 838s Get:5 http://ftpmaster.internal/ubuntu noble/universe ppc64el gnutls-bin ppc64el 3.8.3-1.1ubuntu3 [290 kB] 838s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common-data ppc64el 0.8-13ubuntu5 [29.6 kB] 838s Get:7 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common3 ppc64el 0.8-13ubuntu5 [26.3 kB] 838s Get:8 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-client3 ppc64el 0.8-13ubuntu5 [30.9 kB] 838s Get:9 http://ftpmaster.internal/ubuntu noble/main ppc64el libbasicobjects0t64 ppc64el 0.6.2-2.1build1 [6138 B] 838s Get:10 http://ftpmaster.internal/ubuntu noble/main ppc64el libcollection4t64 ppc64el 0.6.2-2.1build1 [36.4 kB] 838s Get:11 http://ftpmaster.internal/ubuntu noble/main ppc64el libcrack2 ppc64el 2.9.6-5.1build2 [31.1 kB] 838s Get:12 http://ftpmaster.internal/ubuntu noble/main ppc64el libdhash1t64 ppc64el 0.6.2-2.1build1 [10.4 kB] 838s Get:13 http://ftpmaster.internal/ubuntu noble/main ppc64el libpath-utils1t64 ppc64el 0.6.2-2.1build1 [10.6 kB] 838s Get:14 http://ftpmaster.internal/ubuntu noble/main ppc64el libref-array1t64 ppc64el 0.6.2-2.1build1 [8160 B] 838s Get:15 http://ftpmaster.internal/ubuntu noble/main ppc64el libini-config5t64 ppc64el 0.6.2-2.1build1 [55.3 kB] 838s Get:16 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libipa-hbac0t64 ppc64el 2.9.4-1.1ubuntu5 [17.9 kB] 838s Get:17 http://ftpmaster.internal/ubuntu noble/main ppc64el libtalloc2 ppc64el 2.4.2-1build2 [36.7 kB] 838s Get:18 http://ftpmaster.internal/ubuntu noble/main ppc64el libtdb1 ppc64el 1.4.10-1 [62.7 kB] 838s Get:19 http://ftpmaster.internal/ubuntu noble/main ppc64el libtevent0t64 ppc64el 0.16.1-2build1 [51.2 kB] 838s Get:20 http://ftpmaster.internal/ubuntu noble/main ppc64el libldb2 ppc64el 2:2.8.0+samba4.19.5+dfsg-4ubuntu8 [220 kB] 838s Get:21 http://ftpmaster.internal/ubuntu noble/main ppc64el libnfsidmap1 ppc64el 1:2.6.4-3ubuntu4 [54.5 kB] 838s Get:22 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality-common all 1.4.5-3 [7658 B] 838s Get:23 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality1 ppc64el 1.4.5-3 [16.9 kB] 838s Get:24 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-pwquality ppc64el 1.4.5-3 [12.5 kB] 838s Get:25 http://ftpmaster.internal/ubuntu noble/main ppc64el libwbclient0 ppc64el 2:4.19.5+dfsg-4ubuntu8 [77.3 kB] 838s Get:26 http://ftpmaster.internal/ubuntu noble/main ppc64el samba-libs ppc64el 2:4.19.5+dfsg-4ubuntu8 [6674 kB] 839s Get:27 http://ftpmaster.internal/ubuntu noble/main ppc64el libsmbclient0 ppc64el 2:4.19.5+dfsg-4ubuntu8 [70.3 kB] 839s Get:28 http://ftpmaster.internal/ubuntu noble/universe ppc64el softhsm2-common ppc64el 2.6.1-2.2ubuntu3 [6198 B] 839s Get:29 http://ftpmaster.internal/ubuntu noble/universe ppc64el libsofthsm2 ppc64el 2.6.1-2.2ubuntu3 [296 kB] 839s Get:30 http://ftpmaster.internal/ubuntu noble/universe ppc64el softhsm2 ppc64el 2.6.1-2.2ubuntu3 [200 kB] 839s Get:31 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el python3-sss ppc64el 2.9.4-1.1ubuntu5 [48.4 kB] 839s Get:32 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libsss-idmap0 ppc64el 2.9.4-1.1ubuntu5 [25.0 kB] 839s Get:33 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libnss-sss ppc64el 2.9.4-1.1ubuntu5 [36.6 kB] 839s Get:34 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libpam-sss ppc64el 2.9.4-1.1ubuntu5 [56.8 kB] 839s Get:35 http://ftpmaster.internal/ubuntu noble/main ppc64el libc-ares2 ppc64el 1.27.0-1 [99.0 kB] 839s Get:36 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libsss-certmap0 ppc64el 2.9.4-1.1ubuntu5 [54.0 kB] 839s Get:37 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el libsss-nss-idmap0 ppc64el 2.9.4-1.1ubuntu5 [37.7 kB] 839s Get:38 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-common ppc64el 2.9.4-1.1ubuntu5 [1280 kB] 839s Get:39 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-ad-common ppc64el 2.9.4-1.1ubuntu5 [88.6 kB] 839s Get:40 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-krb5-common ppc64el 2.9.4-1.1ubuntu5 [103 kB] 839s Get:41 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-ad ppc64el 2.9.4-1.1ubuntu5 [148 kB] 839s Get:42 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-ipa ppc64el 2.9.4-1.1ubuntu5 [240 kB] 839s Get:43 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-krb5 ppc64el 2.9.4-1.1ubuntu5 [14.4 kB] 839s Get:44 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-ldap ppc64el 2.9.4-1.1ubuntu5 [31.6 kB] 839s Get:45 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd-proxy ppc64el 2.9.4-1.1ubuntu5 [47.9 kB] 839s Get:46 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el sssd ppc64el 2.9.4-1.1ubuntu5 [4110 B] 839s Fetched 11.4 MB in 2s (6370 kB/s) 839s Selecting previously unselected package libevent-2.1-7t64:ppc64el. 840s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72692 files and directories currently installed.) 840s Preparing to unpack .../00-libevent-2.1-7t64_2.1.12-stable-9ubuntu2_ppc64el.deb ... 840s Unpacking libevent-2.1-7t64:ppc64el (2.1.12-stable-9ubuntu2) ... 840s Selecting previously unselected package libunbound8:ppc64el. 840s Preparing to unpack .../01-libunbound8_1.19.2-1ubuntu3_ppc64el.deb ... 840s Unpacking libunbound8:ppc64el (1.19.2-1ubuntu3) ... 840s Selecting previously unselected package libgnutls-dane0t64:ppc64el. 840s Preparing to unpack .../02-libgnutls-dane0t64_3.8.3-1.1ubuntu3_ppc64el.deb ... 840s Unpacking libgnutls-dane0t64:ppc64el (3.8.3-1.1ubuntu3) ... 840s Selecting previously unselected package gnutls-bin. 840s Preparing to unpack .../03-gnutls-bin_3.8.3-1.1ubuntu3_ppc64el.deb ... 840s Unpacking gnutls-bin (3.8.3-1.1ubuntu3) ... 840s Selecting previously unselected package libavahi-common-data:ppc64el. 840s Preparing to unpack .../04-libavahi-common-data_0.8-13ubuntu5_ppc64el.deb ... 840s Unpacking libavahi-common-data:ppc64el (0.8-13ubuntu5) ... 840s Selecting previously unselected package libavahi-common3:ppc64el. 840s Preparing to unpack .../05-libavahi-common3_0.8-13ubuntu5_ppc64el.deb ... 840s Unpacking libavahi-common3:ppc64el (0.8-13ubuntu5) ... 840s Selecting previously unselected package libavahi-client3:ppc64el. 840s Preparing to unpack .../06-libavahi-client3_0.8-13ubuntu5_ppc64el.deb ... 840s Unpacking libavahi-client3:ppc64el (0.8-13ubuntu5) ... 840s Selecting previously unselected package libbasicobjects0t64:ppc64el. 840s Preparing to unpack .../07-libbasicobjects0t64_0.6.2-2.1build1_ppc64el.deb ... 840s Unpacking libbasicobjects0t64:ppc64el (0.6.2-2.1build1) ... 840s Selecting previously unselected package libcollection4t64:ppc64el. 840s Preparing to unpack .../08-libcollection4t64_0.6.2-2.1build1_ppc64el.deb ... 840s Unpacking libcollection4t64:ppc64el (0.6.2-2.1build1) ... 840s Selecting previously unselected package libcrack2:ppc64el. 840s Preparing to unpack .../09-libcrack2_2.9.6-5.1build2_ppc64el.deb ... 840s Unpacking libcrack2:ppc64el (2.9.6-5.1build2) ... 840s Selecting previously unselected package libdhash1t64:ppc64el. 840s Preparing to unpack .../10-libdhash1t64_0.6.2-2.1build1_ppc64el.deb ... 840s Unpacking libdhash1t64:ppc64el (0.6.2-2.1build1) ... 840s Selecting previously unselected package libpath-utils1t64:ppc64el. 840s Preparing to unpack .../11-libpath-utils1t64_0.6.2-2.1build1_ppc64el.deb ... 840s Unpacking libpath-utils1t64:ppc64el (0.6.2-2.1build1) ... 840s Selecting previously unselected package libref-array1t64:ppc64el. 840s Preparing to unpack .../12-libref-array1t64_0.6.2-2.1build1_ppc64el.deb ... 840s Unpacking libref-array1t64:ppc64el (0.6.2-2.1build1) ... 840s Selecting previously unselected package libini-config5t64:ppc64el. 840s Preparing to unpack .../13-libini-config5t64_0.6.2-2.1build1_ppc64el.deb ... 840s Unpacking libini-config5t64:ppc64el (0.6.2-2.1build1) ... 840s Selecting previously unselected package libipa-hbac0t64. 840s Preparing to unpack .../14-libipa-hbac0t64_2.9.4-1.1ubuntu5_ppc64el.deb ... 840s Unpacking libipa-hbac0t64 (2.9.4-1.1ubuntu5) ... 840s Selecting previously unselected package libtalloc2:ppc64el. 840s Preparing to unpack .../15-libtalloc2_2.4.2-1build2_ppc64el.deb ... 840s Unpacking libtalloc2:ppc64el (2.4.2-1build2) ... 840s Selecting previously unselected package libtdb1:ppc64el. 840s Preparing to unpack .../16-libtdb1_1.4.10-1_ppc64el.deb ... 840s Unpacking libtdb1:ppc64el (1.4.10-1) ... 840s Selecting previously unselected package libtevent0t64:ppc64el. 840s Preparing to unpack .../17-libtevent0t64_0.16.1-2build1_ppc64el.deb ... 840s Unpacking libtevent0t64:ppc64el (0.16.1-2build1) ... 840s Selecting previously unselected package libldb2:ppc64el. 840s Preparing to unpack .../18-libldb2_2%3a2.8.0+samba4.19.5+dfsg-4ubuntu8_ppc64el.deb ... 840s Unpacking libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-4ubuntu8) ... 840s Selecting previously unselected package libnfsidmap1:ppc64el. 840s Preparing to unpack .../19-libnfsidmap1_1%3a2.6.4-3ubuntu4_ppc64el.deb ... 840s Unpacking libnfsidmap1:ppc64el (1:2.6.4-3ubuntu4) ... 840s Selecting previously unselected package libpwquality-common. 840s Preparing to unpack .../20-libpwquality-common_1.4.5-3_all.deb ... 840s Unpacking libpwquality-common (1.4.5-3) ... 840s Selecting previously unselected package libpwquality1:ppc64el. 840s Preparing to unpack .../21-libpwquality1_1.4.5-3_ppc64el.deb ... 840s Unpacking libpwquality1:ppc64el (1.4.5-3) ... 840s Selecting previously unselected package libpam-pwquality:ppc64el. 840s Preparing to unpack .../22-libpam-pwquality_1.4.5-3_ppc64el.deb ... 840s Unpacking libpam-pwquality:ppc64el (1.4.5-3) ... 840s Selecting previously unselected package libwbclient0:ppc64el. 840s Preparing to unpack .../23-libwbclient0_2%3a4.19.5+dfsg-4ubuntu8_ppc64el.deb ... 840s Unpacking libwbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu8) ... 840s Selecting previously unselected package samba-libs:ppc64el. 840s Preparing to unpack .../24-samba-libs_2%3a4.19.5+dfsg-4ubuntu8_ppc64el.deb ... 840s Unpacking samba-libs:ppc64el (2:4.19.5+dfsg-4ubuntu8) ... 840s Selecting previously unselected package libsmbclient0:ppc64el. 840s Preparing to unpack .../25-libsmbclient0_2%3a4.19.5+dfsg-4ubuntu8_ppc64el.deb ... 840s Unpacking libsmbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu8) ... 840s Selecting previously unselected package softhsm2-common. 840s Preparing to unpack .../26-softhsm2-common_2.6.1-2.2ubuntu3_ppc64el.deb ... 840s Unpacking softhsm2-common (2.6.1-2.2ubuntu3) ... 840s Selecting previously unselected package libsofthsm2. 840s Preparing to unpack .../27-libsofthsm2_2.6.1-2.2ubuntu3_ppc64el.deb ... 840s Unpacking libsofthsm2 (2.6.1-2.2ubuntu3) ... 840s Selecting previously unselected package softhsm2. 840s Preparing to unpack .../28-softhsm2_2.6.1-2.2ubuntu3_ppc64el.deb ... 840s Unpacking softhsm2 (2.6.1-2.2ubuntu3) ... 840s Selecting previously unselected package python3-sss. 840s Preparing to unpack .../29-python3-sss_2.9.4-1.1ubuntu5_ppc64el.deb ... 840s Unpacking python3-sss (2.9.4-1.1ubuntu5) ... 840s Selecting previously unselected package libsss-idmap0. 840s Preparing to unpack .../30-libsss-idmap0_2.9.4-1.1ubuntu5_ppc64el.deb ... 840s Unpacking libsss-idmap0 (2.9.4-1.1ubuntu5) ... 840s Selecting previously unselected package libnss-sss:ppc64el. 840s Preparing to unpack .../31-libnss-sss_2.9.4-1.1ubuntu5_ppc64el.deb ... 840s Unpacking libnss-sss:ppc64el (2.9.4-1.1ubuntu5) ... 840s Selecting previously unselected package libpam-sss:ppc64el. 840s Preparing to unpack .../32-libpam-sss_2.9.4-1.1ubuntu5_ppc64el.deb ... 840s Unpacking libpam-sss:ppc64el (2.9.4-1.1ubuntu5) ... 840s Selecting previously unselected package libc-ares2:ppc64el. 840s Preparing to unpack .../33-libc-ares2_1.27.0-1_ppc64el.deb ... 840s Unpacking libc-ares2:ppc64el (1.27.0-1) ... 840s Selecting previously unselected package libsss-certmap0. 840s Preparing to unpack .../34-libsss-certmap0_2.9.4-1.1ubuntu5_ppc64el.deb ... 840s Unpacking libsss-certmap0 (2.9.4-1.1ubuntu5) ... 840s Selecting previously unselected package libsss-nss-idmap0. 840s Preparing to unpack .../35-libsss-nss-idmap0_2.9.4-1.1ubuntu5_ppc64el.deb ... 840s Unpacking libsss-nss-idmap0 (2.9.4-1.1ubuntu5) ... 840s Selecting previously unselected package sssd-common. 840s Preparing to unpack .../36-sssd-common_2.9.4-1.1ubuntu5_ppc64el.deb ... 840s Unpacking sssd-common (2.9.4-1.1ubuntu5) ... 840s Selecting previously unselected package sssd-ad-common. 840s Preparing to unpack .../37-sssd-ad-common_2.9.4-1.1ubuntu5_ppc64el.deb ... 840s Unpacking sssd-ad-common (2.9.4-1.1ubuntu5) ... 840s Selecting previously unselected package sssd-krb5-common. 840s Preparing to unpack .../38-sssd-krb5-common_2.9.4-1.1ubuntu5_ppc64el.deb ... 840s Unpacking sssd-krb5-common (2.9.4-1.1ubuntu5) ... 840s Selecting previously unselected package sssd-ad. 840s Preparing to unpack .../39-sssd-ad_2.9.4-1.1ubuntu5_ppc64el.deb ... 840s Unpacking sssd-ad (2.9.4-1.1ubuntu5) ... 841s Selecting previously unselected package sssd-ipa. 841s Preparing to unpack .../40-sssd-ipa_2.9.4-1.1ubuntu5_ppc64el.deb ... 841s Unpacking sssd-ipa (2.9.4-1.1ubuntu5) ... 841s Selecting previously unselected package sssd-krb5. 841s Preparing to unpack .../41-sssd-krb5_2.9.4-1.1ubuntu5_ppc64el.deb ... 841s Unpacking sssd-krb5 (2.9.4-1.1ubuntu5) ... 841s Selecting previously unselected package sssd-ldap. 841s Preparing to unpack .../42-sssd-ldap_2.9.4-1.1ubuntu5_ppc64el.deb ... 841s Unpacking sssd-ldap (2.9.4-1.1ubuntu5) ... 841s Selecting previously unselected package sssd-proxy. 841s Preparing to unpack .../43-sssd-proxy_2.9.4-1.1ubuntu5_ppc64el.deb ... 841s Unpacking sssd-proxy (2.9.4-1.1ubuntu5) ... 841s Selecting previously unselected package sssd. 841s Preparing to unpack .../44-sssd_2.9.4-1.1ubuntu5_ppc64el.deb ... 841s Unpacking sssd (2.9.4-1.1ubuntu5) ... 841s Selecting previously unselected package autopkgtest-satdep. 841s Preparing to unpack .../45-3-autopkgtest-satdep.deb ... 841s Unpacking autopkgtest-satdep (0) ... 841s Setting up libpwquality-common (1.4.5-3) ... 841s Setting up softhsm2-common (2.6.1-2.2ubuntu3) ... 841s 841s Creating config file /etc/softhsm/softhsm2.conf with new version 841s Setting up libnfsidmap1:ppc64el (1:2.6.4-3ubuntu4) ... 841s Setting up libsss-idmap0 (2.9.4-1.1ubuntu5) ... 841s Setting up libbasicobjects0t64:ppc64el (0.6.2-2.1build1) ... 841s Setting up libipa-hbac0t64 (2.9.4-1.1ubuntu5) ... 841s Setting up libref-array1t64:ppc64el (0.6.2-2.1build1) ... 841s Setting up libtdb1:ppc64el (1.4.10-1) ... 841s Setting up libcollection4t64:ppc64el (0.6.2-2.1build1) ... 841s Setting up libevent-2.1-7t64:ppc64el (2.1.12-stable-9ubuntu2) ... 841s Setting up libc-ares2:ppc64el (1.27.0-1) ... 841s Setting up libwbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu8) ... 841s Setting up libtalloc2:ppc64el (2.4.2-1build2) ... 841s Setting up libpath-utils1t64:ppc64el (0.6.2-2.1build1) ... 841s Setting up libunbound8:ppc64el (1.19.2-1ubuntu3) ... 841s Setting up libgnutls-dane0t64:ppc64el (3.8.3-1.1ubuntu3) ... 841s Setting up libavahi-common-data:ppc64el (0.8-13ubuntu5) ... 841s Setting up libdhash1t64:ppc64el (0.6.2-2.1build1) ... 841s Setting up libcrack2:ppc64el (2.9.6-5.1build2) ... 841s Setting up libsss-nss-idmap0 (2.9.4-1.1ubuntu5) ... 841s Setting up libini-config5t64:ppc64el (0.6.2-2.1build1) ... 841s Setting up libtevent0t64:ppc64el (0.16.1-2build1) ... 841s Setting up libnss-sss:ppc64el (2.9.4-1.1ubuntu5) ... 841s Setting up gnutls-bin (3.8.3-1.1ubuntu3) ... 841s Setting up libsofthsm2 (2.6.1-2.2ubuntu3) ... 841s Setting up softhsm2 (2.6.1-2.2ubuntu3) ... 841s Setting up libavahi-common3:ppc64el (0.8-13ubuntu5) ... 841s Setting up libsss-certmap0 (2.9.4-1.1ubuntu5) ... 841s Setting up libpwquality1:ppc64el (1.4.5-3) ... 841s Setting up libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-4ubuntu8) ... 841s Setting up libavahi-client3:ppc64el (0.8-13ubuntu5) ... 841s Setting up libpam-pwquality:ppc64el (1.4.5-3) ... 841s Setting up samba-libs:ppc64el (2:4.19.5+dfsg-4ubuntu8) ... 841s Setting up python3-sss (2.9.4-1.1ubuntu5) ... 841s Setting up libsmbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu8) ... 841s Setting up libpam-sss:ppc64el (2.9.4-1.1ubuntu5) ... 841s Setting up sssd-common (2.9.4-1.1ubuntu5) ... 841s Creating SSSD system user & group... 841s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 841s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 841s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 841s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 842s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 842s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 843s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 843s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 843s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 843s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 843s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 844s sssd-autofs.service is a disabled or a static unit, not starting it. 844s sssd-nss.service is a disabled or a static unit, not starting it. 844s sssd-pam.service is a disabled or a static unit, not starting it. 844s sssd-ssh.service is a disabled or a static unit, not starting it. 844s sssd-sudo.service is a disabled or a static unit, not starting it. 844s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 844s Setting up sssd-proxy (2.9.4-1.1ubuntu5) ... 844s Setting up sssd-ad-common (2.9.4-1.1ubuntu5) ... 844s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 845s sssd-pac.service is a disabled or a static unit, not starting it. 845s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 845s Setting up sssd-krb5-common (2.9.4-1.1ubuntu5) ... 845s Setting up sssd-krb5 (2.9.4-1.1ubuntu5) ... 845s Setting up sssd-ldap (2.9.4-1.1ubuntu5) ... 845s Setting up sssd-ad (2.9.4-1.1ubuntu5) ... 845s Setting up sssd-ipa (2.9.4-1.1ubuntu5) ... 845s Setting up sssd (2.9.4-1.1ubuntu5) ... 845s Setting up autopkgtest-satdep (0) ... 845s Processing triggers for man-db (2.12.0-4build1) ... 846s Processing triggers for libc-bin (2.39-0ubuntu8) ... 849s (Reading database ... 73289 files and directories currently installed.) 849s Removing autopkgtest-satdep (0) ... 859s autopkgtest [22:45:08]: test sssd-softhism2-certificates-tests.sh: [----------------------- 860s + '[' -z ubuntu ']' 860s + required_tools=(p11tool openssl softhsm2-util) 860s + for cmd in "${required_tools[@]}" 860s + command -v p11tool 860s + for cmd in "${required_tools[@]}" 860s + command -v openssl 860s + for cmd in "${required_tools[@]}" 860s + command -v softhsm2-util 860s + PIN=053350 860s +++ find /usr/lib/softhsm/libsofthsm2.so 860s +++ head -n 1 860s ++ realpath /usr/lib/softhsm/libsofthsm2.so 860s + SOFTHSM2_MODULE=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 860s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 860s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 860s + '[' '!' -v NO_SSSD_TESTS ']' 860s + '[' '!' -x /usr/libexec/sssd/p11_child ']' 860s + ca_db_arg=ca_db 860s ++ /usr/libexec/sssd/p11_child --help 860s + p11_child_help='Usage: p11_child [OPTION...] 860s -d, --debug-level=INT Debug level 860s --debug-timestamps=INT Add debug timestamps 860s --debug-microseconds=INT Show timestamps with microseconds 860s --dumpable=INT Allow core dumps 860s --debug-fd=INT An open file descriptor for the debug 860s logs 860s --logger=stderr|files|journald Set logger 860s --auth Run in auth mode 860s --pre Run in pre-auth mode 860s --wait_for_card Wait until card is available 860s --verification Run in verification mode 860s --pin Expect PIN on stdin 860s --keypad Expect PIN on keypad 860s --verify=STRING Tune validation 860s --ca_db=STRING CA DB to use 860s --module_name=STRING Module name for authentication 860s --token_name=STRING Token name for authentication 860s --key_id=STRING Key ID for authentication 860s --label=STRING Label for authentication 860s --certificate=STRING certificate to verify, base64 encoded 860s --uri=STRING PKCS#11 URI to restrict selection 860s --chain-id=LONG Tevent chain ID used for logging 860s purposes 860s 860s Help options: 860s -?, --help Show this help message 860s --usage Display brief usage message' 860s + echo 'Usage: p11_child [OPTION...] 860s -d, --debug-level=INT Debug level 860s --debug-timestamps=INT Add debug timestamps 860s --debug-microseconds=INT Show timestamps with microseconds 860s --dumpable=INT Allow core dumps 860s --debug-fd=INT An open file descriptor for the debug 860s logs 860s --logger=stderr|files|journald Set logger 860s --auth Run in auth mode 860s --pre Run in pre-auth mode 860s --wait_for_card Wait until card is available 860s --verification Run in verification mode 860s --pin Expect PIN on stdin 860s --keypad Expect PIN on keypad 860s --verify=STRING Tune validation 860s --ca_db=STRING CA DB to use 860s --module_name=STRING Module name for authentication 860s --token_name=STRING Token name for authentication 860s --key_id=STRING Key ID for authentication 860s --label=STRING Label for authentication 860s --certificate=STRING certificate to verify, base64 encoded 860s --uri=STRING PKCS#11 URI to restrict selection 860s --chain-id=LONG Tevent chain ID used for logging 860s purposes 860s 860s Help options: 860s -?, --help Show this help message 860s --usage Display brief usage message' 860s + grep nssdb -qs 860s + echo 'Usage: p11_child [OPTION...] 860s -d, --debug-level=INT Debug level 860s + grep -qs -- --ca_db 860s --debug-timestamps=INT Add debug timestamps 860s --debug-microseconds=INT Show timestamps with microseconds 860s --dumpable=INT Allow core dumps 860s --debug-fd=INT An open file descriptor for the debug 860s logs 860s --logger=stderr|files|journald Set logger 860s --auth Run in auth mode 860s --pre Run in pre-auth mode 860s --wait_for_card Wait until card is available 860s --verification Run in verification mode 860s --pin Expect PIN on stdin 860s --keypad Expect PIN on keypad 860s --verify=STRING Tune validation 860s --ca_db=STRING CA DB to use 860s --module_name=STRING Module name for authentication 860s --token_name=STRING Token name for authentication 860s --key_id=STRING Key ID for authentication 860s --label=STRING Label for authentication 860s --certificate=STRING certificate to verify, base64 encoded 860s --uri=STRING PKCS#11 URI to restrict selection 860s --chain-id=LONG Tevent chain ID used for logging 860s purposes 860s 860s Help options: 860s -?, --help Show this help message 860s --usage Display brief usage message' 860s + '[' '!' -e /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so ']' 860s ++ mktemp -d -t sssd-softhsm2-XXXXXX 860s + tmpdir=/tmp/sssd-softhsm2-iVXKsv 860s + keys_size=1024 860s + [[ ! -v KEEP_TEMPORARY_FILES ]] 860s + trap 'rm -rf "$tmpdir"' EXIT 860s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 860s + echo -n 01 860s + touch /tmp/sssd-softhsm2-iVXKsv/index.txt 860s + mkdir -p /tmp/sssd-softhsm2-iVXKsv/new_certs 860s + cat 860s + root_ca_key_pass=pass:random-root-CA-password-7512 860s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-iVXKsv/test-root-CA-key.pem -passout pass:random-root-CA-password-7512 1024 860s + openssl req -passin pass:random-root-CA-password-7512 -batch -config /tmp/sssd-softhsm2-iVXKsv/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-iVXKsv/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 860s + openssl x509 -noout -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 860s + cat 860s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-4000 860s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-4000 1024 860s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-4000 -config /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.config -key /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-7512 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-certificate-request.pem 860s + openssl req -text -noout -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-certificate-request.pem 860s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-iVXKsv/test-root-CA.config -passin pass:random-root-CA-password-7512 -keyfile /tmp/sssd-softhsm2-iVXKsv/test-root-CA-key.pem -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem 860s Certificate Request: 860s Data: 860s Version: 1 (0x0) 860s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 860s Subject Public Key Info: 860s Public Key Algorithm: rsaEncryption 860s Public-Key: (1024 bit) 860s Modulus: 860s 00:c0:ae:58:8d:e3:44:0b:cb:1e:09:7b:31:90:51: 860s 89:33:81:d4:1e:cc:87:44:d2:1c:07:4e:f8:51:00: 860s d1:f8:b6:3c:7c:1f:4c:87:64:75:fc:7c:64:cf:b7: 860s ec:e5:5c:31:87:8e:4c:b9:30:b7:c6:93:25:0b:bb: 860s ca:16:02:52:3a:9d:0e:34:32:70:fc:14:74:7c:1e: 860s 16:38:2c:91:8a:39:a6:d7:5a:c3:ba:55:25:92:c0: 860s 92:19:5e:e6:b1:dc:02:83:68:0e:53:e3:cf:b8:a7: 860s 34:d3:33:3c:5c:74:c9:0a:3c:48:f4:79:d7:ce:af: 860s 4d:08:07:eb:62:e7:a2:3f:2b 860s Exponent: 65537 (0x10001) 860s Attributes: 860s (none) 860s Requested Extensions: 860s Signature Algorithm: sha256WithRSAEncryption 860s Signature Value: 860s 91:51:9c:3e:7a:5e:df:8b:bc:42:87:2a:fa:ca:b9:2e:82:db: 860s 0a:e3:63:59:b7:54:dd:e6:3e:a3:f9:43:62:08:f8:6b:f2:ad: 860s 45:59:04:28:d7:6e:2a:9d:56:a7:44:2c:c7:02:3e:72:ad:6a: 860s c9:bd:ea:f0:6e:fc:b6:68:6f:31:d1:d1:dd:18:67:46:38:8b: 860s 4b:87:04:0f:b6:d7:d6:fb:63:27:98:29:72:bf:48:fd:42:22: 860s 40:f6:6c:55:a2:42:23:67:2b:85:0d:bd:20:17:ca:55:6e:38: 860s 30:9c:1d:b3:45:4e:21:56:9e:87:b1:bf:87:a0:bb:23:22:04: 860s 59:e0 860s Using configuration from /tmp/sssd-softhsm2-iVXKsv/test-root-CA.config 860s Check that the request matches the signature 860s Signature ok 860s Certificate Details: 860s Serial Number: 1 (0x1) 860s Validity 860s Not Before: Apr 8 22:45:09 2024 GMT 860s Not After : Apr 8 22:45:09 2025 GMT 860s Subject: 860s organizationName = Test Organization 860s organizationalUnitName = Test Organization Unit 860s commonName = Test Organization Intermediate CA 860s X509v3 extensions: 860s X509v3 Subject Key Identifier: 860s B0:36:9B:C0:F3:DC:AB:B4:A7:0F:F5:C3:3D:07:6D:FB:3F:29:9F:8C 860s X509v3 Authority Key Identifier: 860s keyid:7B:24:FA:27:4A:A6:E7:9C:7D:E5:95:3C:30:81:E8:07:D1:38:F1:43 860s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 860s serial:00 860s X509v3 Basic Constraints: 860s CA:TRUE 860s X509v3 Key Usage: critical 860s Digital Signature, Certificate Sign, CRL Sign 860s Certificate is to be certified until Apr 8 22:45:09 2025 GMT (365 days) 860s 860s Write out database with 1 new entries 860s Database updated 860s + openssl x509 -noout -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem 860s + openssl verify -CAfile /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem 860s + cat 860s /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem: OK 860s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-26084 860s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-26084 1024 860s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-26084 -config /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-4000 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-certificate-request.pem 860s + openssl req -text -noout -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-certificate-request.pem 860s Certificate Request: 860s Data: 860s Version: 1 (0x0) 860s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 860s Subject Public Key Info: 860s Public Key Algorithm: rsaEncryption 860s Public-Key: (1024 bit) 860s Modulus: 860s 00:b6:d2:69:0a:3b:2b:7f:67:df:6e:48:d7:20:7a: 860s 73:84:17:26:54:90:81:d8:c6:33:bb:bf:17:e1:0c: 860s b5:e5:05:00:60:37:5c:b3:5a:5d:0b:3b:38:32:fd: 860s 43:81:97:f5:ef:45:93:94:eb:5d:4c:a0:b0:03:b3: 860s a3:53:bf:44:b7:a6:a5:d8:42:6a:ae:4b:77:5c:5d: 860s a3:9f:83:db:6d:1a:64:61:b1:37:20:3e:c8:b0:52: 860s 9e:8e:61:d6:f5:f7:fc:7a:82:5b:f6:a2:c4:fc:17: 860s fa:e8:43:2c:dd:5d:eb:f6:a7:5c:b8:93:e7:46:2b: 860s 94:6f:c5:7d:7e:dc:47:89:7b 860s Exponent: 65537 (0x10001) 860s Attributes: 860s (none) 860s Requested Extensions: 860s Signature Algorithm: sha256WithRSAEncryption 860s Signature Value: 860s 7a:e6:21:bd:75:97:90:82:c9:ee:10:cf:bd:f8:90:47:b7:ec: 860s d6:3a:cd:9a:18:64:6c:c3:5a:a4:cb:b0:b4:1c:7d:f4:e4:9b: 860s 97:41:ff:25:23:3d:a1:25:53:52:c1:f6:9b:16:87:d8:87:67: 860s 93:b6:9e:ac:5c:02:a0:78:e4:0f:96:6c:9a:24:33:e7:62:f6: 860s b1:30:88:77:af:20:87:22:0a:fb:48:8a:7a:0d:3b:9c:01:27: 860s a7:5f:0c:b5:27:9a:11:94:ba:23:c5:2c:6b:dd:9e:8f:5b:f4: 860s 57:f9:eb:df:c4:ab:af:a5:68:8e:62:10:03:1a:5a:fe:fc:0f: 860s 0e:75 860s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-4000 -keyfile /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem 860s Using configuration from /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.config 860s Check that the request matches the signature 860s Signature ok 860s Certificate Details: 860s Serial Number: 2 (0x2) 860s Validity 860s Not Before: Apr 8 22:45:09 2024 GMT 860s Not After : Apr 8 22:45:09 2025 GMT 860s Subject: 860s organizationName = Test Organization 860s organizationalUnitName = Test Organization Unit 860s commonName = Test Organization Sub Intermediate CA 860s X509v3 extensions: 860s X509v3 Subject Key Identifier: 860s 67:2B:97:7B:E4:A0:4A:F4:42:7D:DC:53:FD:9F:B8:75:39:7D:55:4F 860s X509v3 Authority Key Identifier: 860s keyid:B0:36:9B:C0:F3:DC:AB:B4:A7:0F:F5:C3:3D:07:6D:FB:3F:29:9F:8C 860s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 860s serial:01 860s X509v3 Basic Constraints: 860s CA:TRUE 860s X509v3 Key Usage: critical 860s Digital Signature, Certificate Sign, CRL Sign 860s Certificate is to be certified until Apr 8 22:45:09 2025 GMT (365 days) 860s 860s Write out database with 1 new entries 860s Database updated 860s + openssl x509 -noout -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem 860s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem 860s /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem: OK 860s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem 860s + local cmd=openssl 860s + shift 860s + openssl verify -CAfile /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem 860s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 860s error 20 at 0 depth lookup: unable to get local issuer certificate 860s error /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem: verification failed 860s + cat 860s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-9558 860s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-9558 1024 860s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-9558 -key /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001-request.pem 860s + openssl req -text -noout -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001-request.pem 860s Certificate Request: 860s Data: 860s Version: 1 (0x0) 860s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 860s Subject Public Key Info: 860s Public Key Algorithm: rsaEncryption 860s Public-Key: (1024 bit) 860s Modulus: 860s 00:e2:c4:65:c0:09:21:6b:e3:ab:3e:b0:d5:b7:82: 860s 2f:95:ea:96:bf:7b:8e:13:dd:a1:09:12:0d:6d:55: 860s ad:b1:dd:fc:df:08:78:21:4d:54:9d:5d:33:46:12: 860s 12:d0:e3:fc:1c:e9:fd:18:52:b6:f0:61:0e:83:f0: 860s 99:01:9c:89:7d:e5:98:ea:b3:bb:c4:52:68:2c:2f: 860s 23:4c:eb:8e:17:c4:a0:fd:04:b3:3e:94:ed:d1:62: 860s 22:60:ad:7f:6d:7f:12:45:e3:8c:b7:93:89:2a:49: 860s 9c:cb:e3:6d:94:70:0b:88:12:0c:b5:f4:dd:d2:f3: 860s dd:77:21:ec:f2:aa:3f:69:f3 860s Exponent: 65537 (0x10001) 860s Attributes: 860s Requested Extensions: 860s X509v3 Basic Constraints: 860s CA:FALSE 860s Netscape Cert Type: 860s SSL Client, S/MIME 860s Netscape Comment: 860s Test Organization Root CA trusted Certificate 860s X509v3 Subject Key Identifier: 860s F0:0C:48:56:83:82:46:45:5E:AE:55:9A:7F:1B:79:6F:FA:EB:B7:CB 860s X509v3 Key Usage: critical 860s Digital Signature, Non Repudiation, Key Encipherment 860s X509v3 Extended Key Usage: 860s TLS Web Client Authentication, E-mail Protection 860s X509v3 Subject Alternative Name: 860s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 860s Signature Algorithm: sha256WithRSAEncryption 860s Signature Value: 860s be:67:fd:b0:69:0d:01:84:15:32:c9:ab:db:91:aa:cf:39:8c: 860s a6:a3:56:8f:13:62:9a:cc:d5:cf:09:e7:60:de:ee:66:02:c0: 860s fd:50:5a:cb:6c:56:5a:9f:07:23:45:13:10:4a:fe:5b:b2:97: 860s e9:46:e3:f5:40:2f:be:a0:90:9a:39:15:17:02:a9:1a:26:7c: 860s 18:73:ac:a3:ce:1d:93:3a:62:48:04:2c:f7:95:1c:2b:1c:bf: 860s 39:8b:8e:01:26:7d:0e:6b:ae:a6:65:8d:f8:20:aa:ad:10:29: 860s 66:af:a5:e0:79:01:4c:5b:c7:a8:e4:96:3c:e1:77:f2:0c:7a: 860s 3f:33 860s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-iVXKsv/test-root-CA.config -passin pass:random-root-CA-password-7512 -keyfile /tmp/sssd-softhsm2-iVXKsv/test-root-CA-key.pem -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 860s Using configuration from /tmp/sssd-softhsm2-iVXKsv/test-root-CA.config 860s Check that the request matches the signature 860s Signature ok 860s Certificate Details: 860s Serial Number: 3 (0x3) 860s Validity 860s Not Before: Apr 8 22:45:09 2024 GMT 860s Not After : Apr 8 22:45:09 2025 GMT 860s Subject: 860s organizationName = Test Organization 860s organizationalUnitName = Test Organization Unit 860s commonName = Test Organization Root Trusted Certificate 0001 860s X509v3 extensions: 860s X509v3 Authority Key Identifier: 860s 7B:24:FA:27:4A:A6:E7:9C:7D:E5:95:3C:30:81:E8:07:D1:38:F1:43 860s X509v3 Basic Constraints: 860s CA:FALSE 860s Netscape Cert Type: 860s SSL Client, S/MIME 860s Netscape Comment: 860s Test Organization Root CA trusted Certificate 860s X509v3 Subject Key Identifier: 860s F0:0C:48:56:83:82:46:45:5E:AE:55:9A:7F:1B:79:6F:FA:EB:B7:CB 860s X509v3 Key Usage: critical 860s Digital Signature, Non Repudiation, Key Encipherment 860s X509v3 Extended Key Usage: 860s TLS Web Client Authentication, E-mail Protection 860s X509v3 Subject Alternative Name: 860s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 860s Certificate is to be certified until Apr 8 22:45:09 2025 GMT (365 days) 860s 860s Write out database with 1 new entries 860s Database updated 860s + openssl x509 -noout -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 860s + openssl verify -CAfile /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 860s /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem: OK 860s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 860s + local cmd=openssl 860s + shift 860s + openssl verify -CAfile /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 860s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 860s error 20 at 0 depth lookup: unable to get local issuer certificate 860s error /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem: verification failed 860s + cat 860s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-5212 860s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-5212 1024 860s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-5212 -key /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001-request.pem 860s + openssl req -text -noout -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001-request.pem 860s Certificate Request: 860s Data: 860s Version: 1 (0x0) 860s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 860s Subject Public Key Info: 860s Public Key Algorithm: rsaEncryption 860s Public-Key: (1024 bit) 860s Modulus: 860s 00:b4:29:69:ec:fd:c4:f7:c0:dc:56:83:e5:20:dc: 860s 4a:25:e2:25:9a:94:6e:cb:2f:05:58:7c:89:b9:71: 860s 7a:e3:74:5d:73:88:fa:4d:ad:80:e2:e1:6d:f8:42: 860s 12:2e:13:de:84:ec:6e:5f:ed:1b:02:5b:93:21:42: 860s ff:90:99:d1:59:ab:95:55:38:1b:c0:34:3d:46:e4: 860s ba:97:80:61:b4:8c:37:07:33:ae:82:4a:be:46:ea: 860s dd:1c:9d:ad:14:52:b2:4b:9e:90:49:90:82:22:fb: 860s b7:51:ab:94:ec:2c:75:fe:8e:86:94:11:af:93:66: 860s a3:5a:6d:3b:b1:5b:10:d0:fb 860s Exponent: 65537 (0x10001) 860s Attributes: 860s Requested Extensions: 860s X509v3 Basic Constraints: 860s CA:FALSE 860s Netscape Cert Type: 860s SSL Client, S/MIME 860s Netscape Comment: 860s Test Organization Intermediate CA trusted Certificate 860s X509v3 Subject Key Identifier: 860s 27:EF:A7:36:A7:2E:DD:A4:C3:29:D4:04:24:D0:62:C1:CC:36:F5:81 860s X509v3 Key Usage: critical 860s Digital Signature, Non Repudiation, Key Encipherment 860s X509v3 Extended Key Usage: 860s TLS Web Client Authentication, E-mail Protection 860s X509v3 Subject Alternative Name: 860s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 860s Signature Algorithm: sha256WithRSAEncryption 860s Signature Value: 860s 8d:f8:0d:23:c4:3d:0f:56:8f:8d:45:41:04:53:e9:8a:3e:9e: 860s 7c:13:b5:75:2e:76:fc:78:89:f1:67:88:04:78:dc:12:d7:57: 860s f3:71:98:11:3c:d6:b6:0b:1d:f9:d4:1c:d8:1a:c6:a4:57:aa: 860s cc:00:ba:fe:fa:84:34:9e:0f:90:d5:c3:2f:3f:0b:23:65:e5: 860s e6:74:e3:6d:1d:67:c1:d7:23:ce:5e:f2:6c:d8:0a:d8:6f:2d: 860s 98:3a:3b:16:a9:b6:a2:25:cd:9a:6c:e8:18:09:f8:0a:2c:45: 860s 68:dd:0e:cf:47:19:1c:67:ef:a0:ab:52:03:31:c6:37:7c:dd: 860s b3:5a 860s + openssl ca -passin pass:random-intermediate-CA-password-4000 -config /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 860s Using configuration from /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.config 860s Check that the request matches the signature 860s Signature ok 860s Certificate Details: 860s Serial Number: 4 (0x4) 860s Validity 860s Not Before: Apr 8 22:45:09 2024 GMT 860s Not After : Apr 8 22:45:09 2025 GMT 860s Subject: 860s organizationName = Test Organization 860s organizationalUnitName = Test Organization Unit 860s commonName = Test Organization Intermediate Trusted Certificate 0001 860s X509v3 extensions: 860s X509v3 Authority Key Identifier: 860s B0:36:9B:C0:F3:DC:AB:B4:A7:0F:F5:C3:3D:07:6D:FB:3F:29:9F:8C 860s X509v3 Basic Constraints: 860s CA:FALSE 860s Netscape Cert Type: 860s SSL Client, S/MIME 860s Netscape Comment: 860s Test Organization Intermediate CA trusted Certificate 860s X509v3 Subject Key Identifier: 860s 27:EF:A7:36:A7:2E:DD:A4:C3:29:D4:04:24:D0:62:C1:CC:36:F5:81 860s X509v3 Key Usage: critical 860s Digital Signature, Non Repudiation, Key Encipherment 860s X509v3 Extended Key Usage: 860s TLS Web Client Authentication, E-mail Protection 860s X509v3 Subject Alternative Name: 860s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 860s Certificate is to be certified until Apr 8 22:45:09 2025 GMT (365 days) 860s 860s Write out database with 1 new entries 860s Database updated 860s + openssl x509 -noout -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 860s + echo 'This certificate should not be trusted fully' 860s This certificate should not be trusted fully 860s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 860s + local cmd=openssl 860s + shift 860s + openssl verify -CAfile /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 860s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 860s error 2 at 1 depth lookup: unable to get issuer certificate 860s error /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 860s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 860s /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem: OK 860s + cat 860s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-25908 860s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-25908 1024 860s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-25908 -key /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 860s + openssl req -text -noout -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 860s Certificate Request: 860s Data: 860s Version: 1 (0x0) 860s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 860s Subject Public Key Info: 860s Public Key Algorithm: rsaEncryption 860s Public-Key: (1024 bit) 860s Modulus: 860s 00:d5:a7:27:3e:26:ff:2f:3d:dd:f5:b9:e1:25:9d: 860s ed:90:4c:bc:c6:48:89:8a:42:26:5f:7f:85:78:94: 860s 8e:bc:2c:cf:4e:fc:73:db:3a:20:ef:48:c5:59:c7: 860s af:d5:cb:61:01:47:3a:64:4d:a2:d2:d1:cc:4e:d0: 860s 13:91:df:4c:3a:00:98:da:89:fa:1c:9d:9e:6b:d4: 860s b5:03:ff:6c:52:97:c4:a6:90:59:76:84:1a:8a:c9: 860s 96:a7:39:04:74:91:2e:ea:78:c7:5c:50:50:3d:55: 860s b8:9c:59:c4:1c:d9:80:ae:a3:ee:5a:b8:06:fa:21: 860s 9d:4f:2d:ba:94:fc:f7:ce:a3 860s Exponent: 65537 (0x10001) 860s Attributes: 860s Requested Extensions: 860s X509v3 Basic Constraints: 860s CA:FALSE 860s Netscape Cert Type: 860s SSL Client, S/MIME 860s Netscape Comment: 860s Test Organization Sub Intermediate CA trusted Certificate 860s X509v3 Subject Key Identifier: 860s F3:31:15:D9:DC:7B:A2:2F:BD:D2:DE:F6:11:D8:37:80:53:36:5C:C2 860s X509v3 Key Usage: critical 860s Digital Signature, Non Repudiation, Key Encipherment 860s X509v3 Extended Key Usage: 860s TLS Web Client Authentication, E-mail Protection 860s X509v3 Subject Alternative Name: 860s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 860s Signature Algorithm: sha256WithRSAEncryption 860s Signature Value: 860s 11:4a:c7:5b:9e:6b:d5:80:52:1b:89:0b:40:f0:75:36:30:28: 860s 3c:af:bc:a0:64:49:5f:89:57:6d:ed:15:90:c6:b2:8a:b0:45: 860s cc:c2:33:8c:c6:8d:49:f6:47:81:07:97:73:d6:dc:d6:c7:44: 860s 11:51:4e:f1:12:a1:fc:18:c5:a3:ef:c9:23:28:54:1f:8e:ff: 860s ab:16:86:8b:98:d7:ef:34:99:1c:5a:a8:e4:2a:52:74:1c:b1: 860s 6f:e6:95:0e:48:4c:3d:1f:3c:55:aa:7e:9b:1d:33:73:9c:6d: 860s 56:5b:a2:a6:0c:51:3f:fc:33:bd:96:df:24:56:4c:64:9d:a5: 860s 07:b9 860s + openssl ca -passin pass:random-sub-intermediate-CA-password-26084 -config /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 860s Using configuration from /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.config 860s Check that the request matches the signature 860s Signature ok 860s Certificate Details: 860s Serial Number: 5 (0x5) 860s Validity 860s Not Before: Apr 8 22:45:09 2024 GMT 860s Not After : Apr 8 22:45:09 2025 GMT 860s Subject: 860s organizationName = Test Organization 860s organizationalUnitName = Test Organization Unit 860s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 860s X509v3 extensions: 860s X509v3 Authority Key Identifier: 860s 67:2B:97:7B:E4:A0:4A:F4:42:7D:DC:53:FD:9F:B8:75:39:7D:55:4F 860s X509v3 Basic Constraints: 860s CA:FALSE 860s Netscape Cert Type: 860s SSL Client, S/MIME 860s Netscape Comment: 860s Test Organization Sub Intermediate CA trusted Certificate 860s X509v3 Subject Key Identifier: 860s F3:31:15:D9:DC:7B:A2:2F:BD:D2:DE:F6:11:D8:37:80:53:36:5C:C2 860s X509v3 Key Usage: critical 860s Digital Signature, Non Repudiation, Key Encipherment 860s X509v3 Extended Key Usage: 860s TLS Web Client Authentication, E-mail Protection 860s X509v3 Subject Alternative Name: 860s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 860s Certificate is to be certified until Apr 8 22:45:09 2025 GMT (365 days) 860s 860s Write out database with 1 new entries 860s Database updated 860s + openssl x509 -noout -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 860s + echo 'This certificate should not be trusted fully' 860s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 860s + local cmd=openssl 860s + shift 860s + openssl verify -CAfile /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 860s This certificate should not be trusted fully 860s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 860s error 2 at 1 depth lookup: unable to get issuer certificate 860s error /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 860s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 860s + local cmd=openssl 860s + shift 860s + openssl verify -CAfile /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 860s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 860s error 20 at 0 depth lookup: unable to get local issuer certificate 860s error /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 860s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 860s /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 860s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 860s + local cmd=openssl 860s + shift 860s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 860s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 860s error 20 at 0 depth lookup: unable to get local issuer certificate 860s error /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 860s Building a the full-chain CA file... 860s + echo 'Building a the full-chain CA file...' 860s + cat /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem 860s + cat /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem 860s + cat /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem 860s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 860s + openssl pkcs7 -print_certs -noout 860s + openssl verify -CAfile /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem 860s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 860s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 860s 860s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 860s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 860s 860s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 860s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 860s 860s /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem: OK 860s + openssl verify -CAfile /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 860s /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem: OK 860s + openssl verify -CAfile /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 860s /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem: OK 860s + openssl verify -CAfile /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-root-intermediate-chain-CA.pem 860s /tmp/sssd-softhsm2-iVXKsv/test-root-intermediate-chain-CA.pem: OK 860s + openssl verify -CAfile /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 860s + echo 'Certificates generation completed!' 860s /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 860s Certificates generation completed! 860s + [[ -v NO_SSSD_TESTS ]] 860s + invalid_certificate /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 /dev/null 860s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 /dev/null 860s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 860s + local key_pass=pass:random-root-ca-trusted-cert-0001-9558 860s + local key_ring=/dev/null 860s + local verify_option= 860s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 860s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 860s + local key_pass=pass:random-root-ca-trusted-cert-0001-9558 860s + local key_cn 860s + local key_name 860s + local tokens_dir 860s + local output_cert_file 860s + token_name= 860s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem .pem 860s + key_name=test-root-CA-trusted-certificate-0001 860s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 860s ++ sed -n 's/ *commonName *= //p' 860s + key_cn='Test Organization Root Trusted Certificate 0001' 860s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 860s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf 860s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf 860s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 860s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001 860s + token_name='Test Organization Root Tr Token' 860s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 860s + local key_file 860s + local decrypted_key 860s + mkdir -p /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001 860s + key_file=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001-key.pem 860s + decrypted_key=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001-key-decrypted.pem 860s + cat 860s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 053350 --so-pin 053350 --free 860s Slot 0 has a free/uninitialized token. 860s The token has been initialized and is reassigned to slot 1208047880 860s + softhsm2-util --show-slots 860s Available slots: 860s Slot 1208047880 860s Slot info: 860s Description: SoftHSM slot ID 0x48015908 860s Manufacturer ID: SoftHSM project 860s Hardware version: 2.6 860s Firmware version: 2.6 860s Token present: yes 860s Token info: 860s Manufacturer ID: SoftHSM project 860s Model: SoftHSM v2 860s Hardware version: 2.6 860s Firmware version: 2.6 860s Serial number: 20f1907148015908 860s Initialized: yes 860s User PIN init.: yes 860s Label: Test Organization Root Tr Token 860s Slot 1 860s Slot info: 860s Description: SoftHSM slot ID 0x1 860s Manufacturer ID: SoftHSM project 860s Hardware version: 2.6 860s Firmware version: 2.6 860s Token present: yes 860s Token info: 860s Manufacturer ID: SoftHSM project 860s Model: SoftHSM v2 860s Hardware version: 2.6 860s Firmware version: 2.6 860s Serial number: 860s Initialized: no 860s User PIN init.: no 860s Label: 860s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 860s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-9558 -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001-key-decrypted.pem 860s writing RSA key 860s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 860s + rm /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001-key-decrypted.pem 860s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 860s + echo 'Test Organization Root Tr Token' 860s + '[' -n '' ']' 860s + local output_base_name=SSSD-child-15516 860s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-15516.output 860s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-15516.pem 860s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 860s Object 0: 860s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=20f1907148015908;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 860s Type: X.509 Certificate (RSA-1024) 860s Expires: Tue Apr 8 22:45:09 2025 860s Label: Test Organization Root Trusted Certificate 0001 860s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 860s 860s Test Organization Root Tr Token 860s [p11_child[2263]] [main] (0x0400): p11_child started. 860s [p11_child[2263]] [main] (0x2000): Running in [pre-auth] mode. 860s [p11_child[2263]] [main] (0x2000): Running with effective IDs: [0][0]. 860s [p11_child[2263]] [main] (0x2000): Running with real IDs [0][0]. 860s [p11_child[2263]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 860s [p11_child[2263]] [do_work] (0x0040): init_verification failed. 860s [p11_child[2263]] [main] (0x0020): p11_child failed (5) 860s + return 2 860s + valid_certificate /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 /dev/null no_verification 860s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 /dev/null no_verification 860s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 860s + local key_pass=pass:random-root-ca-trusted-cert-0001-9558 860s + local key_ring=/dev/null 860s + local verify_option=no_verification 860s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 860s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 860s + local key_pass=pass:random-root-ca-trusted-cert-0001-9558 860s + local key_cn 860s + local key_name 860s + local tokens_dir 860s + local output_cert_file 860s + token_name= 860s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem .pem 860s + key_name=test-root-CA-trusted-certificate-0001 860s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 860s ++ sed -n 's/ *commonName *= //p' 860s + key_cn='Test Organization Root Trusted Certificate 0001' 860s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 860s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf 860s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf 860s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 860s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001 860s + token_name='Test Organization Root Tr Token' 860s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 860s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001 ']' 860s Test Organization Root Tr Token 860s + echo 'Test Organization Root Tr Token' 860s + '[' -n no_verification ']' 860s + local verify_arg=--verify=no_verification 860s + local output_base_name=SSSD-child-17556 860s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-17556.output 860s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-17556.pem 860s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 860s [p11_child[2269]] [main] (0x0400): p11_child started. 860s [p11_child[2269]] [main] (0x2000): Running in [pre-auth] mode. 860s [p11_child[2269]] [main] (0x2000): Running with effective IDs: [0][0]. 860s [p11_child[2269]] [main] (0x2000): Running with real IDs [0][0]. 860s [p11_child[2269]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 860s [p11_child[2269]] [do_card] (0x4000): Module List: 860s [p11_child[2269]] [do_card] (0x4000): common name: [softhsm2]. 860s [p11_child[2269]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 860s [p11_child[2269]] [do_card] (0x4000): Description [SoftHSM slot ID 0x48015908] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 860s [p11_child[2269]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 860s [p11_child[2269]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x48015908][1208047880] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 860s [p11_child[2269]] [do_card] (0x4000): Login NOT required. 860s [p11_child[2269]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 860s [p11_child[2269]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 860s [p11_child[2269]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x48015908;slot-manufacturer=SoftHSM%20project;slot-id=1208047880;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=20f1907148015908;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 860s [p11_child[2269]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 860s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-17556.output 860s + echo '-----BEGIN CERTIFICATE-----' 860s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-17556.output 860s + echo '-----END CERTIFICATE-----' 860s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-17556.pem 861s Certificate: 861s Data: 861s Version: 3 (0x2) 861s Serial Number: 3 (0x3) 861s Signature Algorithm: sha256WithRSAEncryption 861s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 861s Validity 861s Not Before: Apr 8 22:45:09 2024 GMT 861s Not After : Apr 8 22:45:09 2025 GMT 861s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 861s Subject Public Key Info: 861s Public Key Algorithm: rsaEncryption 861s Public-Key: (1024 bit) 861s Modulus: 861s 00:e2:c4:65:c0:09:21:6b:e3:ab:3e:b0:d5:b7:82: 861s 2f:95:ea:96:bf:7b:8e:13:dd:a1:09:12:0d:6d:55: 861s ad:b1:dd:fc:df:08:78:21:4d:54:9d:5d:33:46:12: 861s 12:d0:e3:fc:1c:e9:fd:18:52:b6:f0:61:0e:83:f0: 861s 99:01:9c:89:7d:e5:98:ea:b3:bb:c4:52:68:2c:2f: 861s 23:4c:eb:8e:17:c4:a0:fd:04:b3:3e:94:ed:d1:62: 861s 22:60:ad:7f:6d:7f:12:45:e3:8c:b7:93:89:2a:49: 861s 9c:cb:e3:6d:94:70:0b:88:12:0c:b5:f4:dd:d2:f3: 861s dd:77:21:ec:f2:aa:3f:69:f3 861s Exponent: 65537 (0x10001) 861s X509v3 extensions: 861s X509v3 Authority Key Identifier: 861s 7B:24:FA:27:4A:A6:E7:9C:7D:E5:95:3C:30:81:E8:07:D1:38:F1:43 861s X509v3 Basic Constraints: 861s CA:FALSE 861s Netscape Cert Type: 861s SSL Client, S/MIME 861s Netscape Comment: 861s Test Organization Root CA trusted Certificate 861s X509v3 Subject Key Identifier: 861s F0:0C:48:56:83:82:46:45:5E:AE:55:9A:7F:1B:79:6F:FA:EB:B7:CB 861s X509v3 Key Usage: critical 861s Digital Signature, Non Repudiation, Key Encipherment 861s X509v3 Extended Key Usage: 861s TLS Web Client Authentication, E-mail Protection 861s X509v3 Subject Alternative Name: 861s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 861s Signature Algorithm: sha256WithRSAEncryption 861s Signature Value: 861s 7f:b5:8b:52:c6:71:48:bc:20:14:52:df:5f:d4:f6:d1:f9:09: 861s 96:52:c8:58:dd:34:8b:5b:6d:fc:59:66:5a:7c:c3:6e:17:f0: 861s 7d:0e:12:c1:e7:51:03:e5:3c:79:e3:97:08:4e:ae:6a:23:c0: 861s 1e:e5:6d:2b:4f:21:e6:bc:9b:db:73:fe:2c:96:dd:70:ca:4e: 861s dc:b8:9f:4f:16:18:88:9c:dd:52:99:a0:51:7b:c0:81:1c:4e: 861s 73:3c:37:11:10:64:c7:e3:b2:02:66:c2:18:24:3a:7c:e5:1e: 861s 1f:84:b8:9f:8b:91:3d:3c:4a:aa:d3:1d:f8:9b:03:ba:ab:17: 861s 58:b5 861s + local found_md5 expected_md5 861s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 861s + expected_md5=Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 861s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-17556.pem 861s + found_md5=Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 861s + '[' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 '!=' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 ']' 861s + output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-17556-auth.output 861s ++ basename /tmp/sssd-softhsm2-iVXKsv/SSSD-child-17556-auth.output .output 861s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-17556-auth.pem 861s + echo -n 053350 861s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 861s [p11_child[2277]] [main] (0x0400): p11_child started. 861s [p11_child[2277]] [main] (0x2000): Running in [auth] mode. 861s [p11_child[2277]] [main] (0x2000): Running with effective IDs: [0][0]. 861s [p11_child[2277]] [main] (0x2000): Running with real IDs [0][0]. 861s [p11_child[2277]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 861s [p11_child[2277]] [do_card] (0x4000): Module List: 861s [p11_child[2277]] [do_card] (0x4000): common name: [softhsm2]. 861s [p11_child[2277]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 861s [p11_child[2277]] [do_card] (0x4000): Description [SoftHSM slot ID 0x48015908] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 861s [p11_child[2277]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 861s [p11_child[2277]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x48015908][1208047880] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 861s [p11_child[2277]] [do_card] (0x4000): Login required. 861s [p11_child[2277]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 861s [p11_child[2277]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 861s [p11_child[2277]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x48015908;slot-manufacturer=SoftHSM%20project;slot-id=1208047880;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=20f1907148015908;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 861s [p11_child[2277]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 861s [p11_child[2277]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 861s [p11_child[2277]] [do_card] (0x4000): Certificate verified and validated. 861s [p11_child[2277]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 861s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-17556-auth.output 861s + echo '-----BEGIN CERTIFICATE-----' 861s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-17556-auth.output 861s + echo '-----END CERTIFICATE-----' 861s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-17556-auth.pem 861s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-17556-auth.pem 861s Certificate: 861s Data: 861s Version: 3 (0x2) 861s Serial Number: 3 (0x3) 861s Signature Algorithm: sha256WithRSAEncryption 861s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 861s Validity 861s Not Before: Apr 8 22:45:09 2024 GMT 861s Not After : Apr 8 22:45:09 2025 GMT 861s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 861s Subject Public Key Info: 861s Public Key Algorithm: rsaEncryption 861s Public-Key: (1024 bit) 861s Modulus: 861s 00:e2:c4:65:c0:09:21:6b:e3:ab:3e:b0:d5:b7:82: 861s 2f:95:ea:96:bf:7b:8e:13:dd:a1:09:12:0d:6d:55: 861s ad:b1:dd:fc:df:08:78:21:4d:54:9d:5d:33:46:12: 861s 12:d0:e3:fc:1c:e9:fd:18:52:b6:f0:61:0e:83:f0: 861s 99:01:9c:89:7d:e5:98:ea:b3:bb:c4:52:68:2c:2f: 861s 23:4c:eb:8e:17:c4:a0:fd:04:b3:3e:94:ed:d1:62: 861s 22:60:ad:7f:6d:7f:12:45:e3:8c:b7:93:89:2a:49: 861s 9c:cb:e3:6d:94:70:0b:88:12:0c:b5:f4:dd:d2:f3: 861s dd:77:21:ec:f2:aa:3f:69:f3 861s Exponent: 65537 (0x10001) 861s X509v3 extensions: 861s X509v3 Authority Key Identifier: 861s 7B:24:FA:27:4A:A6:E7:9C:7D:E5:95:3C:30:81:E8:07:D1:38:F1:43 861s X509v3 Basic Constraints: 861s CA:FALSE 861s Netscape Cert Type: 861s SSL Client, S/MIME 861s Netscape Comment: 861s Test Organization Root CA trusted Certificate 861s X509v3 Subject Key Identifier: 861s F0:0C:48:56:83:82:46:45:5E:AE:55:9A:7F:1B:79:6F:FA:EB:B7:CB 861s X509v3 Key Usage: critical 861s Digital Signature, Non Repudiation, Key Encipherment 861s X509v3 Extended Key Usage: 861s TLS Web Client Authentication, E-mail Protection 861s X509v3 Subject Alternative Name: 861s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 861s Signature Algorithm: sha256WithRSAEncryption 861s Signature Value: 861s 7f:b5:8b:52:c6:71:48:bc:20:14:52:df:5f:d4:f6:d1:f9:09: 861s 96:52:c8:58:dd:34:8b:5b:6d:fc:59:66:5a:7c:c3:6e:17:f0: 861s 7d:0e:12:c1:e7:51:03:e5:3c:79:e3:97:08:4e:ae:6a:23:c0: 861s 1e:e5:6d:2b:4f:21:e6:bc:9b:db:73:fe:2c:96:dd:70:ca:4e: 861s dc:b8:9f:4f:16:18:88:9c:dd:52:99:a0:51:7b:c0:81:1c:4e: 861s 73:3c:37:11:10:64:c7:e3:b2:02:66:c2:18:24:3a:7c:e5:1e: 861s 1f:84:b8:9f:8b:91:3d:3c:4a:aa:d3:1d:f8:9b:03:ba:ab:17: 861s 58:b5 861s + found_md5=Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 861s + '[' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 '!=' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 ']' 861s + valid_certificate /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 861s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 861s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 861s + local key_pass=pass:random-root-ca-trusted-cert-0001-9558 861s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 861s + local verify_option= 861s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 861s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 861s + local key_pass=pass:random-root-ca-trusted-cert-0001-9558 861s + local key_cn 861s + local key_name 861s + local tokens_dir 861s + local output_cert_file 861s + token_name= 861s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem .pem 861s + key_name=test-root-CA-trusted-certificate-0001 861s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 861s ++ sed -n 's/ *commonName *= //p' 861s + key_cn='Test Organization Root Trusted Certificate 0001' 861s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 861s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf 861s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf 861s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 861s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001 861s + token_name='Test Organization Root Tr Token' 861s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 861s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001 ']' 861s + echo 'Test Organization Root Tr Token' 861s Test Organization Root Tr Token 861s + '[' -n '' ']' 861s + local output_base_name=SSSD-child-20853 861s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-20853.output 861s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-20853.pem 861s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 861s [p11_child[2287]] [main] (0x0400): p11_child started. 861s [p11_child[2287]] [main] (0x2000): Running in [pre-auth] mode. 861s [p11_child[2287]] [main] (0x2000): Running with effective IDs: [0][0]. 861s [p11_child[2287]] [main] (0x2000): Running with real IDs [0][0]. 861s [p11_child[2287]] [do_card] (0x4000): Module List: 861s [p11_child[2287]] [do_card] (0x4000): common name: [softhsm2]. 861s [p11_child[2287]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 861s [p11_child[2287]] [do_card] (0x4000): Description [SoftHSM slot ID 0x48015908] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 861s [p11_child[2287]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 861s [p11_child[2287]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x48015908][1208047880] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 861s [p11_child[2287]] [do_card] (0x4000): Login NOT required. 861s [p11_child[2287]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 861s [p11_child[2287]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 861s [p11_child[2287]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 861s [p11_child[2287]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x48015908;slot-manufacturer=SoftHSM%20project;slot-id=1208047880;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=20f1907148015908;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 861s [p11_child[2287]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 861s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-20853.output 861s + echo '-----BEGIN CERTIFICATE-----' 861s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-20853.output 861s + echo '-----END CERTIFICATE-----' 861s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-20853.pem 861s Certificate: 861s Data: 861s Version: 3 (0x2) 861s Serial Number: 3 (0x3) 861s Signature Algorithm: sha256WithRSAEncryption 861s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 861s Validity 861s Not Before: Apr 8 22:45:09 2024 GMT 861s Not After : Apr 8 22:45:09 2025 GMT 861s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 861s Subject Public Key Info: 861s Public Key Algorithm: rsaEncryption 861s Public-Key: (1024 bit) 861s Modulus: 861s 00:e2:c4:65:c0:09:21:6b:e3:ab:3e:b0:d5:b7:82: 861s 2f:95:ea:96:bf:7b:8e:13:dd:a1:09:12:0d:6d:55: 861s ad:b1:dd:fc:df:08:78:21:4d:54:9d:5d:33:46:12: 861s 12:d0:e3:fc:1c:e9:fd:18:52:b6:f0:61:0e:83:f0: 861s 99:01:9c:89:7d:e5:98:ea:b3:bb:c4:52:68:2c:2f: 861s 23:4c:eb:8e:17:c4:a0:fd:04:b3:3e:94:ed:d1:62: 861s 22:60:ad:7f:6d:7f:12:45:e3:8c:b7:93:89:2a:49: 861s 9c:cb:e3:6d:94:70:0b:88:12:0c:b5:f4:dd:d2:f3: 861s dd:77:21:ec:f2:aa:3f:69:f3 861s Exponent: 65537 (0x10001) 861s X509v3 extensions: 861s X509v3 Authority Key Identifier: 861s 7B:24:FA:27:4A:A6:E7:9C:7D:E5:95:3C:30:81:E8:07:D1:38:F1:43 861s X509v3 Basic Constraints: 861s CA:FALSE 861s Netscape Cert Type: 861s SSL Client, S/MIME 861s Netscape Comment: 861s Test Organization Root CA trusted Certificate 861s X509v3 Subject Key Identifier: 861s F0:0C:48:56:83:82:46:45:5E:AE:55:9A:7F:1B:79:6F:FA:EB:B7:CB 861s X509v3 Key Usage: critical 861s Digital Signature, Non Repudiation, Key Encipherment 861s X509v3 Extended Key Usage: 861s TLS Web Client Authentication, E-mail Protection 861s X509v3 Subject Alternative Name: 861s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 861s Signature Algorithm: sha256WithRSAEncryption 861s Signature Value: 861s 7f:b5:8b:52:c6:71:48:bc:20:14:52:df:5f:d4:f6:d1:f9:09: 861s 96:52:c8:58:dd:34:8b:5b:6d:fc:59:66:5a:7c:c3:6e:17:f0: 861s 7d:0e:12:c1:e7:51:03:e5:3c:79:e3:97:08:4e:ae:6a:23:c0: 861s 1e:e5:6d:2b:4f:21:e6:bc:9b:db:73:fe:2c:96:dd:70:ca:4e: 861s dc:b8:9f:4f:16:18:88:9c:dd:52:99:a0:51:7b:c0:81:1c:4e: 861s 73:3c:37:11:10:64:c7:e3:b2:02:66:c2:18:24:3a:7c:e5:1e: 861s 1f:84:b8:9f:8b:91:3d:3c:4a:aa:d3:1d:f8:9b:03:ba:ab:17: 861s 58:b5 861s + local found_md5 expected_md5 861s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 861s + expected_md5=Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 861s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-20853.pem 861s + found_md5=Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 861s + '[' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 '!=' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 ']' 861s + output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-20853-auth.output 861s ++ basename /tmp/sssd-softhsm2-iVXKsv/SSSD-child-20853-auth.output .output 861s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-20853-auth.pem 861s + echo -n 053350 861s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 861s [p11_child[2295]] [main] (0x0400): p11_child started. 861s [p11_child[2295]] [main] (0x2000): Running in [auth] mode. 861s [p11_child[2295]] [main] (0x2000): Running with effective IDs: [0][0]. 861s [p11_child[2295]] [main] (0x2000): Running with real IDs [0][0]. 861s [p11_child[2295]] [do_card] (0x4000): Module List: 861s [p11_child[2295]] [do_card] (0x4000): common name: [softhsm2]. 861s [p11_child[2295]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 861s [p11_child[2295]] [do_card] (0x4000): Description [SoftHSM slot ID 0x48015908] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 861s [p11_child[2295]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 861s [p11_child[2295]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x48015908][1208047880] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 861s [p11_child[2295]] [do_card] (0x4000): Login required. 861s [p11_child[2295]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 861s [p11_child[2295]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 861s [p11_child[2295]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 861s [p11_child[2295]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x48015908;slot-manufacturer=SoftHSM%20project;slot-id=1208047880;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=20f1907148015908;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 861s [p11_child[2295]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 861s [p11_child[2295]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 861s [p11_child[2295]] [do_card] (0x4000): Certificate verified and validated. 861s [p11_child[2295]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 861s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-20853-auth.output 861s + echo '-----BEGIN CERTIFICATE-----' 861s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-20853-auth.output 861s + echo '-----END CERTIFICATE-----' 861s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-20853-auth.pem 861s Certificate: 861s Data: 861s Version: 3 (0x2) 861s Serial Number: 3 (0x3) 861s Signature Algorithm: sha256WithRSAEncryption 861s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 861s Validity 861s Not Before: Apr 8 22:45:09 2024 GMT 861s Not After : Apr 8 22:45:09 2025 GMT 861s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 861s Subject Public Key Info: 861s Public Key Algorithm: rsaEncryption 861s Public-Key: (1024 bit) 861s Modulus: 861s 00:e2:c4:65:c0:09:21:6b:e3:ab:3e:b0:d5:b7:82: 861s 2f:95:ea:96:bf:7b:8e:13:dd:a1:09:12:0d:6d:55: 861s ad:b1:dd:fc:df:08:78:21:4d:54:9d:5d:33:46:12: 861s 12:d0:e3:fc:1c:e9:fd:18:52:b6:f0:61:0e:83:f0: 861s 99:01:9c:89:7d:e5:98:ea:b3:bb:c4:52:68:2c:2f: 861s 23:4c:eb:8e:17:c4:a0:fd:04:b3:3e:94:ed:d1:62: 861s 22:60:ad:7f:6d:7f:12:45:e3:8c:b7:93:89:2a:49: 861s 9c:cb:e3:6d:94:70:0b:88:12:0c:b5:f4:dd:d2:f3: 861s dd:77:21:ec:f2:aa:3f:69:f3 861s Exponent: 65537 (0x10001) 861s X509v3 extensions: 861s X509v3 Authority Key Identifier: 861s 7B:24:FA:27:4A:A6:E7:9C:7D:E5:95:3C:30:81:E8:07:D1:38:F1:43 861s X509v3 Basic Constraints: 861s CA:FALSE 861s Netscape Cert Type: 861s SSL Client, S/MIME 861s Netscape Comment: 861s Test Organization Root CA trusted Certificate 861s X509v3 Subject Key Identifier: 861s F0:0C:48:56:83:82:46:45:5E:AE:55:9A:7F:1B:79:6F:FA:EB:B7:CB 861s X509v3 Key Usage: critical 861s Digital Signature, Non Repudiation, Key Encipherment 861s X509v3 Extended Key Usage: 861s TLS Web Client Authentication, E-mail Protection 861s X509v3 Subject Alternative Name: 861s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 861s Signature Algorithm: sha256WithRSAEncryption 861s Signature Value: 861s 7f:b5:8b:52:c6:71:48:bc:20:14:52:df:5f:d4:f6:d1:f9:09: 861s 96:52:c8:58:dd:34:8b:5b:6d:fc:59:66:5a:7c:c3:6e:17:f0: 861s 7d:0e:12:c1:e7:51:03:e5:3c:79:e3:97:08:4e:ae:6a:23:c0: 861s 1e:e5:6d:2b:4f:21:e6:bc:9b:db:73:fe:2c:96:dd:70:ca:4e: 861s dc:b8:9f:4f:16:18:88:9c:dd:52:99:a0:51:7b:c0:81:1c:4e: 861s 73:3c:37:11:10:64:c7:e3:b2:02:66:c2:18:24:3a:7c:e5:1e: 861s 1f:84:b8:9f:8b:91:3d:3c:4a:aa:d3:1d:f8:9b:03:ba:ab:17: 861s 58:b5 861s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-20853-auth.pem 861s + found_md5=Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 861s + '[' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 '!=' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 ']' 861s + valid_certificate /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem partial_chain 861s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem partial_chain 861s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 861s + local key_pass=pass:random-root-ca-trusted-cert-0001-9558 861s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 861s + local verify_option=partial_chain 861s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 861s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 861s + local key_pass=pass:random-root-ca-trusted-cert-0001-9558 861s + local key_cn 861s + local key_name 861s + local tokens_dir 861s + local output_cert_file 861s + token_name= 861s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem .pem 861s + key_name=test-root-CA-trusted-certificate-0001 861s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 861s ++ sed -n 's/ *commonName *= //p' 861s + key_cn='Test Organization Root Trusted Certificate 0001' 861s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 861s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf 861s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf 861s Test Organization Root Tr Token 861s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 861s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001 861s + token_name='Test Organization Root Tr Token' 861s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 861s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001 ']' 861s + echo 'Test Organization Root Tr Token' 861s + '[' -n partial_chain ']' 861s + local verify_arg=--verify=partial_chain 861s + local output_base_name=SSSD-child-27916 861s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-27916.output 861s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-27916.pem 861s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 861s [p11_child[2305]] [main] (0x0400): p11_child started. 861s [p11_child[2305]] [main] (0x2000): Running in [pre-auth] mode. 861s [p11_child[2305]] [main] (0x2000): Running with effective IDs: [0][0]. 861s [p11_child[2305]] [main] (0x2000): Running with real IDs [0][0]. 861s [p11_child[2305]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 861s [p11_child[2305]] [do_card] (0x4000): Module List: 861s [p11_child[2305]] [do_card] (0x4000): common name: [softhsm2]. 861s [p11_child[2305]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 861s [p11_child[2305]] [do_card] (0x4000): Description [SoftHSM slot ID 0x48015908] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 861s [p11_child[2305]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 861s [p11_child[2305]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x48015908][1208047880] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 861s [p11_child[2305]] [do_card] (0x4000): Login NOT required. 861s [p11_child[2305]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 861s [p11_child[2305]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 861s [p11_child[2305]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 861s [p11_child[2305]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x48015908;slot-manufacturer=SoftHSM%20project;slot-id=1208047880;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=20f1907148015908;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 861s [p11_child[2305]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 861s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-27916.output 861s + echo '-----BEGIN CERTIFICATE-----' 861s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-27916.output 861s + echo '-----END CERTIFICATE-----' 861s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-27916.pem 861s Certificate: 861s Data: 861s Version: 3 (0x2) 861s Serial Number: 3 (0x3) 861s Signature Algorithm: sha256WithRSAEncryption 861s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 861s Validity 861s Not Before: Apr 8 22:45:09 2024 GMT 861s Not After : Apr 8 22:45:09 2025 GMT 861s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 861s Subject Public Key Info: 861s Public Key Algorithm: rsaEncryption 861s Public-Key: (1024 bit) 861s Modulus: 861s 00:e2:c4:65:c0:09:21:6b:e3:ab:3e:b0:d5:b7:82: 861s 2f:95:ea:96:bf:7b:8e:13:dd:a1:09:12:0d:6d:55: 861s ad:b1:dd:fc:df:08:78:21:4d:54:9d:5d:33:46:12: 861s 12:d0:e3:fc:1c:e9:fd:18:52:b6:f0:61:0e:83:f0: 861s 99:01:9c:89:7d:e5:98:ea:b3:bb:c4:52:68:2c:2f: 861s 23:4c:eb:8e:17:c4:a0:fd:04:b3:3e:94:ed:d1:62: 861s 22:60:ad:7f:6d:7f:12:45:e3:8c:b7:93:89:2a:49: 861s 9c:cb:e3:6d:94:70:0b:88:12:0c:b5:f4:dd:d2:f3: 861s dd:77:21:ec:f2:aa:3f:69:f3 861s Exponent: 65537 (0x10001) 861s X509v3 extensions: 861s X509v3 Authority Key Identifier: 861s 7B:24:FA:27:4A:A6:E7:9C:7D:E5:95:3C:30:81:E8:07:D1:38:F1:43 861s X509v3 Basic Constraints: 861s CA:FALSE 861s Netscape Cert Type: 861s SSL Client, S/MIME 861s Netscape Comment: 861s Test Organization Root CA trusted Certificate 861s X509v3 Subject Key Identifier: 861s F0:0C:48:56:83:82:46:45:5E:AE:55:9A:7F:1B:79:6F:FA:EB:B7:CB 861s X509v3 Key Usage: critical 861s Digital Signature, Non Repudiation, Key Encipherment 861s X509v3 Extended Key Usage: 861s TLS Web Client Authentication, E-mail Protection 861s X509v3 Subject Alternative Name: 861s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 861s Signature Algorithm: sha256WithRSAEncryption 861s Signature Value: 861s 7f:b5:8b:52:c6:71:48:bc:20:14:52:df:5f:d4:f6:d1:f9:09: 861s 96:52:c8:58:dd:34:8b:5b:6d:fc:59:66:5a:7c:c3:6e:17:f0: 861s 7d:0e:12:c1:e7:51:03:e5:3c:79:e3:97:08:4e:ae:6a:23:c0: 861s 1e:e5:6d:2b:4f:21:e6:bc:9b:db:73:fe:2c:96:dd:70:ca:4e: 861s dc:b8:9f:4f:16:18:88:9c:dd:52:99:a0:51:7b:c0:81:1c:4e: 861s 73:3c:37:11:10:64:c7:e3:b2:02:66:c2:18:24:3a:7c:e5:1e: 861s 1f:84:b8:9f:8b:91:3d:3c:4a:aa:d3:1d:f8:9b:03:ba:ab:17: 861s 58:b5 861s + local found_md5 expected_md5 861s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 861s + expected_md5=Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 861s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-27916.pem 861s + found_md5=Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 861s + '[' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 '!=' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 ']' 861s + output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-27916-auth.output 861s ++ basename /tmp/sssd-softhsm2-iVXKsv/SSSD-child-27916-auth.output .output 861s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-27916-auth.pem 861s + echo -n 053350 861s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 861s [p11_child[2313]] [main] (0x0400): p11_child started. 861s [p11_child[2313]] [main] (0x2000): Running in [auth] mode. 861s [p11_child[2313]] [main] (0x2000): Running with effective IDs: [0][0]. 861s [p11_child[2313]] [main] (0x2000): Running with real IDs [0][0]. 861s [p11_child[2313]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 861s [p11_child[2313]] [do_card] (0x4000): Module List: 861s [p11_child[2313]] [do_card] (0x4000): common name: [softhsm2]. 861s [p11_child[2313]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 861s [p11_child[2313]] [do_card] (0x4000): Description [SoftHSM slot ID 0x48015908] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 861s [p11_child[2313]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 861s [p11_child[2313]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x48015908][1208047880] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 861s [p11_child[2313]] [do_card] (0x4000): Login required. 861s [p11_child[2313]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 861s [p11_child[2313]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 861s [p11_child[2313]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 861s [p11_child[2313]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x48015908;slot-manufacturer=SoftHSM%20project;slot-id=1208047880;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=20f1907148015908;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 861s [p11_child[2313]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 861s [p11_child[2313]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 861s [p11_child[2313]] [do_card] (0x4000): Certificate verified and validated. 861s [p11_child[2313]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 861s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-27916-auth.output 861s + echo '-----BEGIN CERTIFICATE-----' 861s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-27916-auth.output 861s + echo '-----END CERTIFICATE-----' 861s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-27916-auth.pem 861s Certificate: 861s Data: 861s Version: 3 (0x2) 861s Serial Number: 3 (0x3) 861s Signature Algorithm: sha256WithRSAEncryption 861s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 861s Validity 861s Not Before: Apr 8 22:45:09 2024 GMT 861s Not After : Apr 8 22:45:09 2025 GMT 861s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 861s Subject Public Key Info: 861s Public Key Algorithm: rsaEncryption 861s Public-Key: (1024 bit) 861s Modulus: 861s 00:e2:c4:65:c0:09:21:6b:e3:ab:3e:b0:d5:b7:82: 861s 2f:95:ea:96:bf:7b:8e:13:dd:a1:09:12:0d:6d:55: 861s ad:b1:dd:fc:df:08:78:21:4d:54:9d:5d:33:46:12: 861s 12:d0:e3:fc:1c:e9:fd:18:52:b6:f0:61:0e:83:f0: 861s 99:01:9c:89:7d:e5:98:ea:b3:bb:c4:52:68:2c:2f: 861s 23:4c:eb:8e:17:c4:a0:fd:04:b3:3e:94:ed:d1:62: 861s 22:60:ad:7f:6d:7f:12:45:e3:8c:b7:93:89:2a:49: 861s 9c:cb:e3:6d:94:70:0b:88:12:0c:b5:f4:dd:d2:f3: 861s dd:77:21:ec:f2:aa:3f:69:f3 861s Exponent: 65537 (0x10001) 861s X509v3 extensions: 861s X509v3 Authority Key Identifier: 861s 7B:24:FA:27:4A:A6:E7:9C:7D:E5:95:3C:30:81:E8:07:D1:38:F1:43 861s X509v3 Basic Constraints: 861s CA:FALSE 861s Netscape Cert Type: 861s SSL Client, S/MIME 861s Netscape Comment: 861s Test Organization Root CA trusted Certificate 861s X509v3 Subject Key Identifier: 861s F0:0C:48:56:83:82:46:45:5E:AE:55:9A:7F:1B:79:6F:FA:EB:B7:CB 861s X509v3 Key Usage: critical 861s Digital Signature, Non Repudiation, Key Encipherment 861s X509v3 Extended Key Usage: 861s TLS Web Client Authentication, E-mail Protection 861s X509v3 Subject Alternative Name: 861s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 861s Signature Algorithm: sha256WithRSAEncryption 861s Signature Value: 861s 7f:b5:8b:52:c6:71:48:bc:20:14:52:df:5f:d4:f6:d1:f9:09: 861s 96:52:c8:58:dd:34:8b:5b:6d:fc:59:66:5a:7c:c3:6e:17:f0: 861s 7d:0e:12:c1:e7:51:03:e5:3c:79:e3:97:08:4e:ae:6a:23:c0: 861s 1e:e5:6d:2b:4f:21:e6:bc:9b:db:73:fe:2c:96:dd:70:ca:4e: 861s dc:b8:9f:4f:16:18:88:9c:dd:52:99:a0:51:7b:c0:81:1c:4e: 861s 73:3c:37:11:10:64:c7:e3:b2:02:66:c2:18:24:3a:7c:e5:1e: 861s 1f:84:b8:9f:8b:91:3d:3c:4a:aa:d3:1d:f8:9b:03:ba:ab:17: 861s 58:b5 861s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-27916-auth.pem 861s + found_md5=Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 861s + '[' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 '!=' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 ']' 861s + valid_certificate /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 861s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 861s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 861s + local key_pass=pass:random-root-ca-trusted-cert-0001-9558 861s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 861s + local verify_option= 861s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 861s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 861s + local key_pass=pass:random-root-ca-trusted-cert-0001-9558 861s + local key_cn 861s + local key_name 861s + local tokens_dir 861s + local output_cert_file 861s + token_name= 861s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem .pem 861s + key_name=test-root-CA-trusted-certificate-0001 861s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 861s ++ sed -n 's/ *commonName *= //p' 862s + key_cn='Test Organization Root Trusted Certificate 0001' 862s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 862s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf 862s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf 862s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 862s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001 862s + token_name='Test Organization Root Tr Token' 862s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 862s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001 ']' 862s Test Organization Root Tr Token 862s + echo 'Test Organization Root Tr Token' 862s + '[' -n '' ']' 862s + local output_base_name=SSSD-child-21541 862s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-21541.output 862s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-21541.pem 862s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 862s [p11_child[2323]] [main] (0x0400): p11_child started. 862s [p11_child[2323]] [main] (0x2000): Running in [pre-auth] mode. 862s [p11_child[2323]] [main] (0x2000): Running with effective IDs: [0][0]. 862s [p11_child[2323]] [main] (0x2000): Running with real IDs [0][0]. 862s [p11_child[2323]] [do_card] (0x4000): Module List: 862s [p11_child[2323]] [do_card] (0x4000): common name: [softhsm2]. 862s [p11_child[2323]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 862s [p11_child[2323]] [do_card] (0x4000): Description [SoftHSM slot ID 0x48015908] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 862s [p11_child[2323]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 862s [p11_child[2323]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x48015908][1208047880] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 862s [p11_child[2323]] [do_card] (0x4000): Login NOT required. 862s [p11_child[2323]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 862s [p11_child[2323]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 862s [p11_child[2323]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 862s [p11_child[2323]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x48015908;slot-manufacturer=SoftHSM%20project;slot-id=1208047880;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=20f1907148015908;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 862s [p11_child[2323]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 862s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21541.output 862s + echo '-----BEGIN CERTIFICATE-----' 862s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21541.output 862s + echo '-----END CERTIFICATE-----' 862s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21541.pem 862s Certificate: 862s Data: 862s Version: 3 (0x2) 862s Serial Number: 3 (0x3) 862s Signature Algorithm: sha256WithRSAEncryption 862s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 862s Validity 862s Not Before: Apr 8 22:45:09 2024 GMT 862s Not After : Apr 8 22:45:09 2025 GMT 862s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 862s Subject Public Key Info: 862s Public Key Algorithm: rsaEncryption 862s Public-Key: (1024 bit) 862s Modulus: 862s 00:e2:c4:65:c0:09:21:6b:e3:ab:3e:b0:d5:b7:82: 862s 2f:95:ea:96:bf:7b:8e:13:dd:a1:09:12:0d:6d:55: 862s ad:b1:dd:fc:df:08:78:21:4d:54:9d:5d:33:46:12: 862s 12:d0:e3:fc:1c:e9:fd:18:52:b6:f0:61:0e:83:f0: 862s 99:01:9c:89:7d:e5:98:ea:b3:bb:c4:52:68:2c:2f: 862s 23:4c:eb:8e:17:c4:a0:fd:04:b3:3e:94:ed:d1:62: 862s 22:60:ad:7f:6d:7f:12:45:e3:8c:b7:93:89:2a:49: 862s 9c:cb:e3:6d:94:70:0b:88:12:0c:b5:f4:dd:d2:f3: 862s dd:77:21:ec:f2:aa:3f:69:f3 862s Exponent: 65537 (0x10001) 862s X509v3 extensions: 862s X509v3 Authority Key Identifier: 862s 7B:24:FA:27:4A:A6:E7:9C:7D:E5:95:3C:30:81:E8:07:D1:38:F1:43 862s X509v3 Basic Constraints: 862s CA:FALSE 862s Netscape Cert Type: 862s SSL Client, S/MIME 862s Netscape Comment: 862s Test Organization Root CA trusted Certificate 862s X509v3 Subject Key Identifier: 862s F0:0C:48:56:83:82:46:45:5E:AE:55:9A:7F:1B:79:6F:FA:EB:B7:CB 862s X509v3 Key Usage: critical 862s Digital Signature, Non Repudiation, Key Encipherment 862s X509v3 Extended Key Usage: 862s TLS Web Client Authentication, E-mail Protection 862s X509v3 Subject Alternative Name: 862s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 862s Signature Algorithm: sha256WithRSAEncryption 862s Signature Value: 862s 7f:b5:8b:52:c6:71:48:bc:20:14:52:df:5f:d4:f6:d1:f9:09: 862s 96:52:c8:58:dd:34:8b:5b:6d:fc:59:66:5a:7c:c3:6e:17:f0: 862s 7d:0e:12:c1:e7:51:03:e5:3c:79:e3:97:08:4e:ae:6a:23:c0: 862s 1e:e5:6d:2b:4f:21:e6:bc:9b:db:73:fe:2c:96:dd:70:ca:4e: 862s dc:b8:9f:4f:16:18:88:9c:dd:52:99:a0:51:7b:c0:81:1c:4e: 862s 73:3c:37:11:10:64:c7:e3:b2:02:66:c2:18:24:3a:7c:e5:1e: 862s 1f:84:b8:9f:8b:91:3d:3c:4a:aa:d3:1d:f8:9b:03:ba:ab:17: 862s 58:b5 862s + local found_md5 expected_md5 862s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 862s + expected_md5=Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 862s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21541.pem 862s Certificate: 862s Data: 862s Version: 3 (0x2) 862s Serial Number: 3 (0x3) 862s Signature Algorithm: sha256WithRSAEncryption 862s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 862s Validity 862s Not Before: Apr 8 22:45:09 2024 GMT 862s Not After : Apr 8 22:45:09 2025 GMT 862s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 862s Subject Public Key Info: 862s Public Key Algorithm: rsaEncryption 862s Public-Key: (1024 bit) 862s Modulus: 862s 00:e2:c4:65:c0:09:21:6b:e3:ab:3e:b0:d5:b7:82: 862s 2f:95:ea:96:bf:7b:8e:13:dd:a1:09:12:0d:6d:55: 862s ad:b1:dd:fc:df:08:78:21:4d:54:9d:5d:33:46:12: 862s 12:d0:e3:fc:1c:e9:fd:18:52:b6:f0:61:0e:83:f0: 862s 99:01:9c:89:7d:e5:98:ea:b3:bb:c4:52:68:2c:2f: 862s 23:4c:eb:8e:17:c4:a0:fd:04:b3:3e:94:ed:d1:62: 862s 22:60:ad:7f:6d:7f:12:45:e3:8c:b7:93:89:2a:49: 862s 9c:cb:e3:6d:94:70:0b:88:12:0c:b5:f4:dd:d2:f3: 862s dd:77:21:ec:f2:aa:3f:69:f3 862s Exponent: 65537 (0x10001) 862s X509v3 extensions: 862s X509v3 Authority Key Identifier: 862s 7B:24:FA:27:4A:A6:E7:9C:7D:E5:95:3C:30:81:E8:07:D1:38:F1:43 862s X509v3 Basic Constraints: 862s CA:FALSE 862s Netscape Cert Type: 862s SSL Client, S/MIME 862s Netscape Comment: 862s Test Organization Root CA trusted Certificate 862s X509v3 Subject Key Identifier: 862s F0:0C:48:56:83:82:46:45:5E:AE:55:9A:7F:1B:79:6F:FA:EB:B7:CB 862s X509v3 Key Usage: critical 862s Digital Signature, Non Repudiation, Key Encipherment 862s X509v3 Extended Key Usage: 862s TLS Web Client Authentication, E-mail Protection 862s X509v3 Subject Alternative Name: 862s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 862s Signature Algorithm: sha256WithRSAEncryption 862s Signature Value: 862s 7f:b5:8b:52:c6:71:48:bc:20:14:52:df:5f:d4:f6:d1:f9:09: 862s 96:52:c8:58:dd:34:8b:5b:6d:fc:59:66:5a:7c:c3:6e:17:f0: 862s 7d:0e:12:c1:e7:51:03:e5:3c:79:e3:97:08:4e:ae:6a:23:c0: 862s 1e:e5:6d:2b:4f:21:e6:bc:9b:db:73:fe:2c:96:dd:70:ca:4e: 862s dc:b8:9f:4f:16:18:88:9c:dd:52:99:a0:51:7b:c0:81:1c:4e: 862s 73:3c:37:11:10:64:c7:e3:b2:02:66:c2:18:24:3a:7c:e5:1e: 862s 1f:84:b8:9f:8b:91:3d:3c:4a:aa:d3:1d:f8:9b:03:ba:ab:17: 862s 58:b5 862s Test Organization Root Tr Token 862s Certificate: 862s Data: 862s Version: 3 (0x2) 862s Serial Number: 3 (0x3) 862s Signature Algorithm: sha256WithRSAEncryption 862s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 862s Validity 862s Not Before: Apr 8 22:45:09 2024 GMT 862s Not After : Apr 8 22:45:09 2025 GMT 862s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 862s Subject Public Key Info: 862s Public Key Algorithm: rsaEncryption 862s Public-Key: (1024 bit) 862s Modulus: 862s 00:e2:c4:65:c0:09:21:6b:e3:ab:3e:b0:d5:b7:82: 862s 2f:95:ea:96:bf:7b:8e:13:dd:a1:09:12:0d:6d:55: 862s ad:b1:dd:fc:df:08:78:21:4d:54:9d:5d:33:46:12: 862s 12:d0:e3:fc:1c:e9:fd:18:52:b6:f0:61:0e:83:f0: 862s 99:01:9c:89:7d:e5:98:ea:b3:bb:c4:52:68:2c:2f: 862s 23:4c:eb:8e:17:c4:a0:fd:04:b3:3e:94:ed:d1:62: 862s 22:60:ad:7f:6d:7f:12:45:e3:8c:b7:93:89:2a:49: 862s 9c:cb:e3:6d:94:70:0b:88:12:0c:b5:f4:dd:d2:f3: 862s dd:77:21:ec:f2:aa:3f:69:f3 862s Exponent: 65537 (0x10001) 862s X509v3 extensions: 862s X509v3 Authority Key Identifier: 862s 7B:24:FA:27:4A:A6:E7:9C:7D:E5:95:3C:30:81:E8:07:D1:38:F1:43 862s X509v3 Basic Constraints: 862s CA:FALSE 862s Netscape Cert Type: 862s SSL Client, S/MIME 862s Netscape Comment: 862s Test Organization Root CA trusted Certificate 862s X509v3 Subject Key Identifier: 862s F0:0C:48:56:83:82:46:45:5E:AE:55:9A:7F:1B:79:6F:FA:EB:B7:CB 862s X509v3 Key Usage: critical 862s Digital Signature, Non Repudiation, Key Encipherment 862s X509v3 Extended Key Usage: 862s TLS Web Client Authentication, E-mail Protection 862s X509v3 Subject Alternative Name: 862s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 862s Signature Algorithm: sha256WithRSAEncryption 862s Signature Value: 862s 7f:b5:8b:52:c6:71:48:bc:20:14:52:df:5f:d4:f6:d1:f9:09: 862s 96:52:c8:58:dd:34:8b:5b:6d:fc:59:66:5a:7c:c3:6e:17:f0: 862s 7d:0e:12:c1:e7:51:03:e5:3c:79:e3:97:08:4e:ae:6a:23:c0: 862s 1e:e5:6d:2b:4f:21:e6:bc:9b:db:73:fe:2c:96:dd:70:ca:4e: 862s dc:b8:9f:4f:16:18:88:9c:dd:52:99:a0:51:7b:c0:81:1c:4e: 862s 73:3c:37:11:10:64:c7:e3:b2:02:66:c2:18:24:3a:7c:e5:1e: 862s 1f:84:b8:9f:8b:91:3d:3c:4a:aa:d3:1d:f8:9b:03:ba:ab:17: 862s 58:b5 862s + found_md5=Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 862s + '[' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 '!=' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 ']' 862s + output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-21541-auth.output 862s ++ basename /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21541-auth.output .output 862s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-21541-auth.pem 862s + echo -n 053350 862s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 862s [p11_child[2331]] [main] (0x0400): p11_child started. 862s [p11_child[2331]] [main] (0x2000): Running in [auth] mode. 862s [p11_child[2331]] [main] (0x2000): Running with effective IDs: [0][0]. 862s [p11_child[2331]] [main] (0x2000): Running with real IDs [0][0]. 862s [p11_child[2331]] [do_card] (0x4000): Module List: 862s [p11_child[2331]] [do_card] (0x4000): common name: [softhsm2]. 862s [p11_child[2331]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 862s [p11_child[2331]] [do_card] (0x4000): Description [SoftHSM slot ID 0x48015908] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 862s [p11_child[2331]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 862s [p11_child[2331]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x48015908][1208047880] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 862s [p11_child[2331]] [do_card] (0x4000): Login required. 862s [p11_child[2331]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 862s [p11_child[2331]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 862s [p11_child[2331]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 862s [p11_child[2331]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x48015908;slot-manufacturer=SoftHSM%20project;slot-id=1208047880;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=20f1907148015908;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 862s [p11_child[2331]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 862s [p11_child[2331]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 862s [p11_child[2331]] [do_card] (0x4000): Certificate verified and validated. 862s [p11_child[2331]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 862s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21541-auth.output 862s + echo '-----BEGIN CERTIFICATE-----' 862s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21541-auth.output 862s + echo '-----END CERTIFICATE-----' 862s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21541-auth.pem 862s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21541-auth.pem 862s + found_md5=Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 862s + '[' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 '!=' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 ']' 862s + valid_certificate /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem partial_chain 862s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem partial_chain 862s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 862s + local key_pass=pass:random-root-ca-trusted-cert-0001-9558 862s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 862s + local verify_option=partial_chain 862s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 862s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 862s + local key_pass=pass:random-root-ca-trusted-cert-0001-9558 862s + local key_cn 862s + local key_name 862s + local tokens_dir 862s + local output_cert_file 862s + token_name= 862s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem .pem 862s + key_name=test-root-CA-trusted-certificate-0001 862s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 862s ++ sed -n 's/ *commonName *= //p' 862s + key_cn='Test Organization Root Trusted Certificate 0001' 862s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 862s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf 862s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf 862s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 862s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001 862s + token_name='Test Organization Root Tr Token' 862s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 862s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001 ']' 862s + echo 'Test Organization Root Tr Token' 862s + '[' -n partial_chain ']' 862s + local verify_arg=--verify=partial_chain 862s + local output_base_name=SSSD-child-28073 862s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-28073.output 862s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-28073.pem 862s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 862s [p11_child[2341]] [main] (0x0400): p11_child started. 862s [p11_child[2341]] [main] (0x2000): Running in [pre-auth] mode. 862s [p11_child[2341]] [main] (0x2000): Running with effective IDs: [0][0]. 862s [p11_child[2341]] [main] (0x2000): Running with real IDs [0][0]. 862s [p11_child[2341]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 862s [p11_child[2341]] [do_card] (0x4000): Module List: 862s [p11_child[2341]] [do_card] (0x4000): common name: [softhsm2]. 862s [p11_child[2341]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 862s [p11_child[2341]] [do_card] (0x4000): Description [SoftHSM slot ID 0x48015908] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 862s [p11_child[2341]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 862s [p11_child[2341]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x48015908][1208047880] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 862s [p11_child[2341]] [do_card] (0x4000): Login NOT required. 862s [p11_child[2341]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 862s [p11_child[2341]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 862s [p11_child[2341]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 862s [p11_child[2341]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x48015908;slot-manufacturer=SoftHSM%20project;slot-id=1208047880;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=20f1907148015908;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 862s [p11_child[2341]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 862s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-28073.output 862s + echo '-----BEGIN CERTIFICATE-----' 862s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-28073.output 862s + echo '-----END CERTIFICATE-----' 862s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-28073.pem 862s + local found_md5 expected_md5 862s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 862s + expected_md5=Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 862s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-28073.pem 862s + found_md5=Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 862s + '[' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 '!=' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 ']' 862s + output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-28073-auth.output 862s ++ basename /tmp/sssd-softhsm2-iVXKsv/SSSD-child-28073-auth.output .output 862s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-28073-auth.pem 862s + echo -n 053350 862s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 862s [p11_child[2349]] [main] (0x0400): p11_child started. 862s [p11_child[2349]] [main] (0x2000): Running in [auth] mode. 862s [p11_child[2349]] [main] (0x2000): Running with effective IDs: [0][0]. 862s [p11_child[2349]] [main] (0x2000): Running with real IDs [0][0]. 862s [p11_child[2349]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 862s [p11_child[2349]] [do_card] (0x4000): Module List: 862s [p11_child[2349]] [do_card] (0x4000): common name: [softhsm2]. 862s [p11_child[2349]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 862s [p11_child[2349]] [do_card] (0x4000): Description [SoftHSM slot ID 0x48015908] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 862s [p11_child[2349]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 862s [p11_child[2349]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x48015908][1208047880] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 862s [p11_child[2349]] [do_card] (0x4000): Login required. 862s [p11_child[2349]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 862s [p11_child[2349]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 862s [p11_child[2349]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 862s [p11_child[2349]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x48015908;slot-manufacturer=SoftHSM%20project;slot-id=1208047880;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=20f1907148015908;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 862s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 862s [p11_child[2349]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 862s [p11_child[2349]] [do_card] (0x4000): Certificate verified and validated. 862s [p11_child[2349]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 862s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-28073-auth.output 862s + echo '-----BEGIN CERTIFICATE-----' 862s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-28073-auth.output 862s + echo '-----END CERTIFICATE-----' 862s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-28073-auth.pem 862s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-28073-auth.pem 862s Certificate: 862s Data: 862s Version: 3 (0x2) 862s Serial Number: 3 (0x3) 862s Signature Algorithm: sha256WithRSAEncryption 862s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 862s Validity 862s Not Before: Apr 8 22:45:09 2024 GMT 862s Not After : Apr 8 22:45:09 2025 GMT 862s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 862s Subject Public Key Info: 862s Public Key Algorithm: rsaEncryption 862s Public-Key: (1024 bit) 862s Modulus: 862s 00:e2:c4:65:c0:09:21:6b:e3:ab:3e:b0:d5:b7:82: 862s 2f:95:ea:96:bf:7b:8e:13:dd:a1:09:12:0d:6d:55: 862s ad:b1:dd:fc:df:08:78:21:4d:54:9d:5d:33:46:12: 862s 12:d0:e3:fc:1c:e9:fd:18:52:b6:f0:61:0e:83:f0: 862s 99:01:9c:89:7d:e5:98:ea:b3:bb:c4:52:68:2c:2f: 862s 23:4c:eb:8e:17:c4:a0:fd:04:b3:3e:94:ed:d1:62: 862s 22:60:ad:7f:6d:7f:12:45:e3:8c:b7:93:89:2a:49: 862s 9c:cb:e3:6d:94:70:0b:88:12:0c:b5:f4:dd:d2:f3: 862s dd:77:21:ec:f2:aa:3f:69:f3 862s Exponent: 65537 (0x10001) 862s X509v3 extensions: 862s X509v3 Authority Key Identifier: 862s 7B:24:FA:27:4A:A6:E7:9C:7D:E5:95:3C:30:81:E8:07:D1:38:F1:43 862s X509v3 Basic Constraints: 862s CA:FALSE 862s Netscape Cert Type: 862s SSL Client, S/MIME 862s Netscape Comment: 862s Test Organization Root CA trusted Certificate 862s X509v3 Subject Key Identifier: 862s F0:0C:48:56:83:82:46:45:5E:AE:55:9A:7F:1B:79:6F:FA:EB:B7:CB 862s X509v3 Key Usage: critical 862s Digital Signature, Non Repudiation, Key Encipherment 862s X509v3 Extended Key Usage: 862s TLS Web Client Authentication, E-mail Protection 862s X509v3 Subject Alternative Name: 862s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 862s Signature Algorithm: sha256WithRSAEncryption 862s Signature Value: 862s 7f:b5:8b:52:c6:71:48:bc:20:14:52:df:5f:d4:f6:d1:f9:09: 862s 96:52:c8:58:dd:34:8b:5b:6d:fc:59:66:5a:7c:c3:6e:17:f0: 862s 7d:0e:12:c1:e7:51:03:e5:3c:79:e3:97:08:4e:ae:6a:23:c0: 862s 1e:e5:6d:2b:4f:21:e6:bc:9b:db:73:fe:2c:96:dd:70:ca:4e: 862s dc:b8:9f:4f:16:18:88:9c:dd:52:99:a0:51:7b:c0:81:1c:4e: 862s 73:3c:37:11:10:64:c7:e3:b2:02:66:c2:18:24:3a:7c:e5:1e: 862s 1f:84:b8:9f:8b:91:3d:3c:4a:aa:d3:1d:f8:9b:03:ba:ab:17: 862s 58:b5 862s + found_md5=Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 862s + '[' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 '!=' Modulus=E2C465C009216BE3AB3EB0D5B7822F95EA96BF7B8E13DDA109120D6D55ADB1DDFCDF0878214D549D5D33461212D0E3FC1CE9FD1852B6F0610E83F099019C897DE598EAB3BBC452682C2F234CEB8E17C4A0FD04B33E94EDD1622260AD7F6D7F1245E38CB793892A499CCBE36D94700B88120CB5F4DDD2F3DD7721ECF2AA3F69F3 ']' 862s + invalid_certificate /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem 862s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem 862s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 862s + local key_pass=pass:random-root-ca-trusted-cert-0001-9558 862s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem 862s + local verify_option= 862s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 862s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 862s + local key_pass=pass:random-root-ca-trusted-cert-0001-9558 862s + local key_cn 862s + local key_name 862s + local tokens_dir 862s + local output_cert_file 862s + token_name= 862s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem .pem 862s + key_name=test-root-CA-trusted-certificate-0001 862s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 862s ++ sed -n 's/ *commonName *= //p' 862s + key_cn='Test Organization Root Trusted Certificate 0001' 862s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 862s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf 862s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf 862s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 862s Test Organization Root Tr Token 862s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001 862s + token_name='Test Organization Root Tr Token' 862s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 862s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001 ']' 862s + echo 'Test Organization Root Tr Token' 862s + '[' -n '' ']' 862s + local output_base_name=SSSD-child-12956 862s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-12956.output 862s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-12956.pem 862s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem 862s [p11_child[2359]] [main] (0x0400): p11_child started. 862s [p11_child[2359]] [main] (0x2000): Running in [pre-auth] mode. 862s [p11_child[2359]] [main] (0x2000): Running with effective IDs: [0][0]. 862s [p11_child[2359]] [main] (0x2000): Running with real IDs [0][0]. 862s [p11_child[2359]] [do_card] (0x4000): Module List: 862s [p11_child[2359]] [do_card] (0x4000): common name: [softhsm2]. 862s [p11_child[2359]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 862s [p11_child[2359]] [do_card] (0x4000): Description [SoftHSM slot ID 0x48015908] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 862s [p11_child[2359]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 862s [p11_child[2359]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x48015908][1208047880] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 862s [p11_child[2359]] [do_card] (0x4000): Login NOT required. 862s [p11_child[2359]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 862s [p11_child[2359]] [do_verification] (0x0040): X509_verify_cert failed [0]. 862s [p11_child[2359]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 862s [p11_child[2359]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 862s [p11_child[2359]] [do_card] (0x4000): No certificate found. 862s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-12956.output 862s + return 2 862s + invalid_certificate /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem partial_chain 862s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem partial_chain 862s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 862s + local key_pass=pass:random-root-ca-trusted-cert-0001-9558 862s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem 862s + local verify_option=partial_chain 862s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9558 862s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 862s + local key_pass=pass:random-root-ca-trusted-cert-0001-9558 862s + local key_cn 862s + local key_name 862s + local tokens_dir 862s + local output_cert_file 862s + token_name= 862s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem .pem 862s + key_name=test-root-CA-trusted-certificate-0001 862s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-root-CA-trusted-certificate-0001.pem 862s ++ sed -n 's/ *commonName *= //p' 862s + key_cn='Test Organization Root Trusted Certificate 0001' 862s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 862s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf 862s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf 862s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 862s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001 862s + token_name='Test Organization Root Tr Token' 862s Test Organization Root Tr Token 862s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 862s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-root-CA-trusted-certificate-0001 ']' 862s + echo 'Test Organization Root Tr Token' 862s + '[' -n partial_chain ']' 862s + local verify_arg=--verify=partial_chain 862s + local output_base_name=SSSD-child-16721 862s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-16721.output 862s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-16721.pem 862s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem 862s [p11_child[2366]] [main] (0x0400): p11_child started. 862s [p11_child[2366]] [main] (0x2000): Running in [pre-auth] mode. 862s [p11_child[2366]] [main] (0x2000): Running with effective IDs: [0][0]. 862s [p11_child[2366]] [main] (0x2000): Running with real IDs [0][0]. 862s [p11_child[2366]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 862s [p11_child[2366]] [do_card] (0x4000): Module List: 862s [p11_child[2366]] [do_card] (0x4000): common name: [softhsm2]. 862s [p11_child[2366]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 862s [p11_child[2366]] [do_card] (0x4000): Description [SoftHSM slot ID 0x48015908] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 862s [p11_child[2366]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 862s [p11_child[2366]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x48015908][1208047880] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 862s [p11_child[2366]] [do_card] (0x4000): Login NOT required. 862s [p11_child[2366]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 862s [p11_child[2366]] [do_verification] (0x0040): X509_verify_cert failed [0]. 862s [p11_child[2366]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 862s [p11_child[2366]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 862s [p11_child[2366]] [do_card] (0x4000): No certificate found. 862s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-16721.output 862s + return 2 862s + invalid_certificate /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 /dev/null 862s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 /dev/null 862s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 862s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5212 862s + local key_ring=/dev/null 862s + local verify_option= 862s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 862s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 862s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5212 862s + local key_cn 862s + local key_name 862s + local tokens_dir 862s + local output_cert_file 862s + token_name= 862s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem .pem 862s + key_name=test-intermediate-CA-trusted-certificate-0001 862s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 862s ++ sed -n 's/ *commonName *= //p' 862s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 862s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 862s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 862s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 862s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 862s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001 862s + token_name='Test Organization Interme Token' 862s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 862s + local key_file 862s + local decrypted_key 862s + mkdir -p /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001 862s + key_file=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001-key.pem 862s + decrypted_key=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 862s + cat 862s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 053350 --so-pin 053350 --free 862s Slot 0 has a free/uninitialized token. 862s The token has been initialized and is reassigned to slot 1191368997 862s + softhsm2-util --show-slots 862s Available slots: 862s Slot 1191368997 862s Slot info: 862s Description: SoftHSM slot ID 0x4702d925 862s Manufacturer ID: SoftHSM project 862s Hardware version: 2.6 862s Firmware version: 2.6 862s Token present: yes 862s Token info: 862s Manufacturer ID: SoftHSM project 862s Model: SoftHSM v2 862s Hardware version: 2.6 862s Firmware version: 2.6 862s Serial number: 678edc1b4702d925 862s Initialized: yes 862s User PIN init.: yes 862s Label: Test Organization Interme Token 862s Slot 1 862s Slot info: 862s Description: SoftHSM slot ID 0x1 862s Manufacturer ID: SoftHSM project 862s Hardware version: 2.6 862s Firmware version: 2.6 862s Token present: yes 862s Token info: 862s Manufacturer ID: SoftHSM project 862s Model: SoftHSM v2 862s Hardware version: 2.6 862s Firmware version: 2.6 862s Serial number: 862s Initialized: no 862s User PIN init.: no 862s Label: 862s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 862s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-5212 -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 862s writing RSA key 862s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 862s + rm /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 862s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 862s Object 0: 862s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=678edc1b4702d925;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 862s Type: X.509 Certificate (RSA-1024) 862s Expires: Tue Apr 8 22:45:09 2025 862s Label: Test Organization Intermediate Trusted Certificate 0001 862s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 862s 862s Test Organization Interme Token 862s + echo 'Test Organization Interme Token' 862s + '[' -n '' ']' 862s + local output_base_name=SSSD-child-21288 862s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-21288.output 862s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-21288.pem 862s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 862s [p11_child[2382]] [main] (0x0400): p11_child started. 862s [p11_child[2382]] [main] (0x2000): Running in [pre-auth] mode. 862s [p11_child[2382]] [main] (0x2000): Running with effective IDs: [0][0]. 862s [p11_child[2382]] [main] (0x2000): Running with real IDs [0][0]. 862s [p11_child[2382]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 862s [p11_child[2382]] [do_work] (0x0040): init_verification failed. 862s [p11_child[2382]] [main] (0x0020): p11_child failed (5) 862s + return 2 862s + valid_certificate /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 /dev/null no_verification 862s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 /dev/null no_verification 862s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 862s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5212 862s + local key_ring=/dev/null 862s + local verify_option=no_verification 862s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 862s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 862s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5212 862s + local key_cn 862s + local key_name 862s + local tokens_dir 862s + local output_cert_file 862s + token_name= 862s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem .pem 862s + key_name=test-intermediate-CA-trusted-certificate-0001 862s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 862s ++ sed -n 's/ *commonName *= //p' 862s Test Organization Interme Token 862s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 862s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 862s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 862s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 862s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 862s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001 862s + token_name='Test Organization Interme Token' 862s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 862s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 862s + echo 'Test Organization Interme Token' 862s + '[' -n no_verification ']' 862s + local verify_arg=--verify=no_verification 862s + local output_base_name=SSSD-child-5574 862s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-5574.output 862s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-5574.pem 862s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 862s [p11_child[2388]] [main] (0x0400): p11_child started. 862s [p11_child[2388]] [main] (0x2000): Running in [pre-auth] mode. 862s [p11_child[2388]] [main] (0x2000): Running with effective IDs: [0][0]. 862s [p11_child[2388]] [main] (0x2000): Running with real IDs [0][0]. 862s [p11_child[2388]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 863s [p11_child[2388]] [do_card] (0x4000): Module List: 863s [p11_child[2388]] [do_card] (0x4000): common name: [softhsm2]. 863s [p11_child[2388]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 863s [p11_child[2388]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4702d925] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 863s [p11_child[2388]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 863s [p11_child[2388]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4702d925][1191368997] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 863s [p11_child[2388]] [do_card] (0x4000): Login NOT required. 863s [p11_child[2388]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 863s [p11_child[2388]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 863s [p11_child[2388]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4702d925;slot-manufacturer=SoftHSM%20project;slot-id=1191368997;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=678edc1b4702d925;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 863s [p11_child[2388]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 863s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-5574.output 863s + echo '-----BEGIN CERTIFICATE-----' 863s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-5574.output 863s + echo '-----END CERTIFICATE-----' 863s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-5574.pem 863s Certificate: 863s Data: 863s Version: 3 (0x2) 863s Serial Number: 4 (0x4) 863s Signature Algorithm: sha256WithRSAEncryption 863s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 863s Validity 863s Not Before: Apr 8 22:45:09 2024 GMT 863s Not After : Apr 8 22:45:09 2025 GMT 863s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 863s Subject Public Key Info: 863s Public Key Algorithm: rsaEncryption 863s Public-Key: (1024 bit) 863s Modulus: 863s 00:b4:29:69:ec:fd:c4:f7:c0:dc:56:83:e5:20:dc: 863s 4a:25:e2:25:9a:94:6e:cb:2f:05:58:7c:89:b9:71: 863s 7a:e3:74:5d:73:88:fa:4d:ad:80:e2:e1:6d:f8:42: 863s 12:2e:13:de:84:ec:6e:5f:ed:1b:02:5b:93:21:42: 863s ff:90:99:d1:59:ab:95:55:38:1b:c0:34:3d:46:e4: 863s ba:97:80:61:b4:8c:37:07:33:ae:82:4a:be:46:ea: 863s dd:1c:9d:ad:14:52:b2:4b:9e:90:49:90:82:22:fb: 863s b7:51:ab:94:ec:2c:75:fe:8e:86:94:11:af:93:66: 863s a3:5a:6d:3b:b1:5b:10:d0:fb 863s Exponent: 65537 (0x10001) 863s X509v3 extensions: 863s X509v3 Authority Key Identifier: 863s B0:36:9B:C0:F3:DC:AB:B4:A7:0F:F5:C3:3D:07:6D:FB:3F:29:9F:8C 863s X509v3 Basic Constraints: 863s CA:FALSE 863s Netscape Cert Type: 863s SSL Client, S/MIME 863s Netscape Comment: 863s Test Organization Intermediate CA trusted Certificate 863s X509v3 Subject Key Identifier: 863s 27:EF:A7:36:A7:2E:DD:A4:C3:29:D4:04:24:D0:62:C1:CC:36:F5:81 863s X509v3 Key Usage: critical 863s Digital Signature, Non Repudiation, Key Encipherment 863s X509v3 Extended Key Usage: 863s TLS Web Client Authentication, E-mail Protection 863s X509v3 Subject Alternative Name: 863s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 863s Signature Algorithm: sha256WithRSAEncryption 863s Signature Value: 863s 7f:c1:b4:b9:76:c0:17:9f:26:c2:6d:59:13:07:b5:cd:76:08: 863s 86:06:f4:07:9a:61:cd:97:c3:01:c0:9e:a7:f0:bc:9e:cb:aa: 863s ea:cd:8c:df:cd:26:09:50:ee:8c:8f:cd:f1:50:09:61:22:f3: 863s 58:1c:c3:d3:88:35:94:af:3c:e1:f4:41:cb:cf:fc:80:a6:66: 863s c6:80:3f:19:ce:d4:2a:ec:14:7d:d7:c7:e3:be:5f:e1:33:18: 863s 44:e7:f8:e6:71:cc:90:8d:1f:d7:74:fa:66:2b:03:df:70:ee: 863s 53:fb:1d:ef:32:62:a3:ab:ee:6f:10:41:2a:09:0c:d2:8f:d4: 863s 47:01 863s + local found_md5 expected_md5 863s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 863s + expected_md5=Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB 863s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-5574.pem 863s + found_md5=Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB 863s + '[' Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB '!=' Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB ']' 863s + output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-5574-auth.output 863s ++ basename /tmp/sssd-softhsm2-iVXKsv/SSSD-child-5574-auth.output .output 863s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-5574-auth.pem 863s + echo -n 053350 863s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 863s [p11_child[2396]] [main] (0x0400): p11_child started. 863s [p11_child[2396]] [main] (0x2000): Running in [auth] mode. 863s [p11_child[2396]] [main] (0x2000): Running with effective IDs: [0][0]. 863s [p11_child[2396]] [main] (0x2000): Running with real IDs [0][0]. 863s [p11_child[2396]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 863s [p11_child[2396]] [do_card] (0x4000): Module List: 863s [p11_child[2396]] [do_card] (0x4000): common name: [softhsm2]. 863s [p11_child[2396]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 863s [p11_child[2396]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4702d925] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 863s [p11_child[2396]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 863s [p11_child[2396]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4702d925][1191368997] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 863s [p11_child[2396]] [do_card] (0x4000): Login required. 863s [p11_child[2396]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 863s [p11_child[2396]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 863s [p11_child[2396]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4702d925;slot-manufacturer=SoftHSM%20project;slot-id=1191368997;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=678edc1b4702d925;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 863s [p11_child[2396]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 863s [p11_child[2396]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 863s [p11_child[2396]] [do_card] (0x4000): Certificate verified and validated. 863s [p11_child[2396]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 863s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-5574-auth.output 863s + echo '-----BEGIN CERTIFICATE-----' 863s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-5574-auth.output 863s + echo '-----END CERTIFICATE-----' 863s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-5574-auth.pem 863s Certificate: 863s Data: 863s Version: 3 (0x2) 863s Serial Number: 4 (0x4) 863s Signature Algorithm: sha256WithRSAEncryption 863s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 863s Validity 863s Not Before: Apr 8 22:45:09 2024 GMT 863s Not After : Apr 8 22:45:09 2025 GMT 863s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 863s Subject Public Key Info: 863s Public Key Algorithm: rsaEncryption 863s Public-Key: (1024 bit) 863s Modulus: 863s 00:b4:29:69:ec:fd:c4:f7:c0:dc:56:83:e5:20:dc: 863s 4a:25:e2:25:9a:94:6e:cb:2f:05:58:7c:89:b9:71: 863s 7a:e3:74:5d:73:88:fa:4d:ad:80:e2:e1:6d:f8:42: 863s 12:2e:13:de:84:ec:6e:5f:ed:1b:02:5b:93:21:42: 863s ff:90:99:d1:59:ab:95:55:38:1b:c0:34:3d:46:e4: 863s ba:97:80:61:b4:8c:37:07:33:ae:82:4a:be:46:ea: 863s dd:1c:9d:ad:14:52:b2:4b:9e:90:49:90:82:22:fb: 863s b7:51:ab:94:ec:2c:75:fe:8e:86:94:11:af:93:66: 863s a3:5a:6d:3b:b1:5b:10:d0:fb 863s Exponent: 65537 (0x10001) 863s X509v3 extensions: 863s X509v3 Authority Key Identifier: 863s B0:36:9B:C0:F3:DC:AB:B4:A7:0F:F5:C3:3D:07:6D:FB:3F:29:9F:8C 863s X509v3 Basic Constraints: 863s CA:FALSE 863s Netscape Cert Type: 863s SSL Client, S/MIME 863s Netscape Comment: 863s Test Organization Intermediate CA trusted Certificate 863s X509v3 Subject Key Identifier: 863s 27:EF:A7:36:A7:2E:DD:A4:C3:29:D4:04:24:D0:62:C1:CC:36:F5:81 863s X509v3 Key Usage: critical 863s Digital Signature, Non Repudiation, Key Encipherment 863s X509v3 Extended Key Usage: 863s TLS Web Client Authentication, E-mail Protection 863s X509v3 Subject Alternative Name: 863s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 863s Signature Algorithm: sha256WithRSAEncryption 863s Signature Value: 863s 7f:c1:b4:b9:76:c0:17:9f:26:c2:6d:59:13:07:b5:cd:76:08: 863s 86:06:f4:07:9a:61:cd:97:c3:01:c0:9e:a7:f0:bc:9e:cb:aa: 863s ea:cd:8c:df:cd:26:09:50:ee:8c:8f:cd:f1:50:09:61:22:f3: 863s 58:1c:c3:d3:88:35:94:af:3c:e1:f4:41:cb:cf:fc:80:a6:66: 863s c6:80:3f:19:ce:d4:2a:ec:14:7d:d7:c7:e3:be:5f:e1:33:18: 863s 44:e7:f8:e6:71:cc:90:8d:1f:d7:74:fa:66:2b:03:df:70:ee: 863s 53:fb:1d:ef:32:62:a3:ab:ee:6f:10:41:2a:09:0c:d2:8f:d4: 863s 47:01 863s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-5574-auth.pem 863s + found_md5=Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB 863s + '[' Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB '!=' Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB ']' 863s + invalid_certificate /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 863s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 863s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 863s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5212 863s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 863s + local verify_option= 863s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 863s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 863s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5212 863s + local key_cn 863s + local key_name 863s + local tokens_dir 863s + local output_cert_file 863s + token_name= 863s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem .pem 863s + key_name=test-intermediate-CA-trusted-certificate-0001 863s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 863s ++ sed -n 's/ *commonName *= //p' 863s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 863s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 863s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 863s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 863s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 863s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001 863s + token_name='Test Organization Interme Token' 863s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 863s Test Organization Interme Token 863s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 863s + echo 'Test Organization Interme Token' 863s + '[' -n '' ']' 863s + local output_base_name=SSSD-child-19646 863s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-19646.output 863s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-19646.pem 863s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 863s [p11_child[2406]] [main] (0x0400): p11_child started. 863s [p11_child[2406]] [main] (0x2000): Running in [pre-auth] mode. 863s [p11_child[2406]] [main] (0x2000): Running with effective IDs: [0][0]. 863s [p11_child[2406]] [main] (0x2000): Running with real IDs [0][0]. 863s [p11_child[2406]] [do_card] (0x4000): Module List: 863s [p11_child[2406]] [do_card] (0x4000): common name: [softhsm2]. 863s [p11_child[2406]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 863s [p11_child[2406]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4702d925] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 863s [p11_child[2406]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 863s [p11_child[2406]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4702d925][1191368997] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 863s [p11_child[2406]] [do_card] (0x4000): Login NOT required. 863s [p11_child[2406]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 863s [p11_child[2406]] [do_verification] (0x0040): X509_verify_cert failed [0]. 863s [p11_child[2406]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 863s [p11_child[2406]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 863s [p11_child[2406]] [do_card] (0x4000): No certificate found. 863s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-19646.output 863s + return 2 863s + invalid_certificate /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem partial_chain 863s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem partial_chain 863s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 863s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5212 863s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 863s + local verify_option=partial_chain 863s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 863s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 863s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5212 863s + local key_cn 863s + local key_name 863s + local tokens_dir 863s + local output_cert_file 863s + token_name= 863s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem .pem 863s + key_name=test-intermediate-CA-trusted-certificate-0001 863s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 863s ++ sed -n 's/ *commonName *= //p' 863s Test Organization Interme Token 863s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 863s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 863s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 863s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 863s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 863s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001 863s + token_name='Test Organization Interme Token' 863s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 863s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 863s + echo 'Test Organization Interme Token' 863s + '[' -n partial_chain ']' 863s + local verify_arg=--verify=partial_chain 863s + local output_base_name=SSSD-child-6301 863s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-6301.output 863s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-6301.pem 863s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 863s [p11_child[2413]] [main] (0x0400): p11_child started. 863s [p11_child[2413]] [main] (0x2000): Running in [pre-auth] mode. 863s [p11_child[2413]] [main] (0x2000): Running with effective IDs: [0][0]. 863s [p11_child[2413]] [main] (0x2000): Running with real IDs [0][0]. 863s [p11_child[2413]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 863s [p11_child[2413]] [do_card] (0x4000): Module List: 863s [p11_child[2413]] [do_card] (0x4000): common name: [softhsm2]. 863s [p11_child[2413]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 863s [p11_child[2413]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4702d925] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 863s [p11_child[2413]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 863s [p11_child[2413]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4702d925][1191368997] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 863s [p11_child[2413]] [do_card] (0x4000): Login NOT required. 863s [p11_child[2413]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 863s [p11_child[2413]] [do_verification] (0x0040): X509_verify_cert failed [0]. 863s [p11_child[2413]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 863s [p11_child[2413]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 863s [p11_child[2413]] [do_card] (0x4000): No certificate found. 863s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-6301.output 863s + return 2 863s + valid_certificate /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 863s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 863s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 863s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5212 863s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 863s + local verify_option= 863s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 863s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 863s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5212 863s + local key_cn 863s + local key_name 863s + local tokens_dir 863s + local output_cert_file 863s + token_name= 863s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem .pem 863s + key_name=test-intermediate-CA-trusted-certificate-0001 863s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 863s ++ sed -n 's/ *commonName *= //p' 863s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 863s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 863s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 863s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 863s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 863s Test Organization Interme Token 863s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001 863s + token_name='Test Organization Interme Token' 863s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 863s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 863s + echo 'Test Organization Interme Token' 863s + '[' -n '' ']' 863s + local output_base_name=SSSD-child-10840 863s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-10840.output 863s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-10840.pem 863s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 863s [p11_child[2420]] [main] (0x0400): p11_child started. 863s [p11_child[2420]] [main] (0x2000): Running in [pre-auth] mode. 863s [p11_child[2420]] [main] (0x2000): Running with effective IDs: [0][0]. 863s [p11_child[2420]] [main] (0x2000): Running with real IDs [0][0]. 863s [p11_child[2420]] [do_card] (0x4000): Module List: 863s [p11_child[2420]] [do_card] (0x4000): common name: [softhsm2]. 863s [p11_child[2420]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 863s [p11_child[2420]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4702d925] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 863s [p11_child[2420]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 863s [p11_child[2420]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4702d925][1191368997] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 863s [p11_child[2420]] [do_card] (0x4000): Login NOT required. 863s [p11_child[2420]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 863s [p11_child[2420]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 863s [p11_child[2420]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 863s [p11_child[2420]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4702d925;slot-manufacturer=SoftHSM%20project;slot-id=1191368997;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=678edc1b4702d925;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 863s [p11_child[2420]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 863s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-10840.output 863s + echo '-----BEGIN CERTIFICATE-----' 863s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-10840.output 863s + echo '-----END CERTIFICATE-----' 863s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-10840.pem 863s Certificate: 863s Data: 863s Version: 3 (0x2) 863s Serial Number: 4 (0x4) 863s Signature Algorithm: sha256WithRSAEncryption 863s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 863s Validity 863s Not Before: Apr 8 22:45:09 2024 GMT 863s Not After : Apr 8 22:45:09 2025 GMT 863s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 863s Subject Public Key Info: 863s Public Key Algorithm: rsaEncryption 863s Public-Key: (1024 bit) 863s Modulus: 863s 00:b4:29:69:ec:fd:c4:f7:c0:dc:56:83:e5:20:dc: 863s 4a:25:e2:25:9a:94:6e:cb:2f:05:58:7c:89:b9:71: 863s 7a:e3:74:5d:73:88:fa:4d:ad:80:e2:e1:6d:f8:42: 863s 12:2e:13:de:84:ec:6e:5f:ed:1b:02:5b:93:21:42: 863s ff:90:99:d1:59:ab:95:55:38:1b:c0:34:3d:46:e4: 863s ba:97:80:61:b4:8c:37:07:33:ae:82:4a:be:46:ea: 863s dd:1c:9d:ad:14:52:b2:4b:9e:90:49:90:82:22:fb: 863s b7:51:ab:94:ec:2c:75:fe:8e:86:94:11:af:93:66: 863s a3:5a:6d:3b:b1:5b:10:d0:fb 863s Exponent: 65537 (0x10001) 863s X509v3 extensions: 863s X509v3 Authority Key Identifier: 863s B0:36:9B:C0:F3:DC:AB:B4:A7:0F:F5:C3:3D:07:6D:FB:3F:29:9F:8C 863s X509v3 Basic Constraints: 863s CA:FALSE 863s Netscape Cert Type: 863s SSL Client, S/MIME 863s Netscape Comment: 863s Test Organization Intermediate CA trusted Certificate 863s X509v3 Subject Key Identifier: 863s 27:EF:A7:36:A7:2E:DD:A4:C3:29:D4:04:24:D0:62:C1:CC:36:F5:81 863s X509v3 Key Usage: critical 863s Digital Signature, Non Repudiation, Key Encipherment 863s X509v3 Extended Key Usage: 863s TLS Web Client Authentication, E-mail Protection 863s X509v3 Subject Alternative Name: 863s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 863s Signature Algorithm: sha256WithRSAEncryption 863s Signature Value: 863s 7f:c1:b4:b9:76:c0:17:9f:26:c2:6d:59:13:07:b5:cd:76:08: 863s 86:06:f4:07:9a:61:cd:97:c3:01:c0:9e:a7:f0:bc:9e:cb:aa: 863s ea:cd:8c:df:cd:26:09:50:ee:8c:8f:cd:f1:50:09:61:22:f3: 863s 58:1c:c3:d3:88:35:94:af:3c:e1:f4:41:cb:cf:fc:80:a6:66: 863s c6:80:3f:19:ce:d4:2a:ec:14:7d:d7:c7:e3:be:5f:e1:33:18: 863s 44:e7:f8:e6:71:cc:90:8d:1f:d7:74:fa:66:2b:03:df:70:ee: 863s 53:fb:1d:ef:32:62:a3:ab:ee:6f:10:41:2a:09:0c:d2:8f:d4: 863s 47:01 863s + local found_md5 expected_md5 863s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 863s + expected_md5=Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB 863s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-10840.pem 863s + found_md5=Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB 863s + '[' Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB '!=' Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB ']' 863s + output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-10840-auth.output 863s ++ basename /tmp/sssd-softhsm2-iVXKsv/SSSD-child-10840-auth.output .output 863s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-10840-auth.pem 863s + echo -n 053350 863s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 863s [p11_child[2428]] [main] (0x0400): p11_child started. 863s [p11_child[2428]] [main] (0x2000): Running in [auth] mode. 863s [p11_child[2428]] [main] (0x2000): Running with effective IDs: [0][0]. 863s [p11_child[2428]] [main] (0x2000): Running with real IDs [0][0]. 863s [p11_child[2428]] [do_card] (0x4000): Module List: 863s [p11_child[2428]] [do_card] (0x4000): common name: [softhsm2]. 863s [p11_child[2428]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 863s [p11_child[2428]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4702d925] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 863s [p11_child[2428]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 863s [p11_child[2428]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4702d925][1191368997] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 863s [p11_child[2428]] [do_card] (0x4000): Login required. 863s [p11_child[2428]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 863s [p11_child[2428]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 863s [p11_child[2428]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 863s [p11_child[2428]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4702d925;slot-manufacturer=SoftHSM%20project;slot-id=1191368997;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=678edc1b4702d925;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 863s [p11_child[2428]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 863s [p11_child[2428]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 863s [p11_child[2428]] [do_card] (0x4000): Certificate verified and validated. 863s [p11_child[2428]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 863s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-10840-auth.output 863s + echo '-----BEGIN CERTIFICATE-----' 863s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-10840-auth.output 863s + echo '-----END CERTIFICATE-----' 863s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-10840-auth.pem 863s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-10840-auth.pem 863s Certificate: 863s Data: 863s Version: 3 (0x2) 863s Serial Number: 4 (0x4) 863s Signature Algorithm: sha256WithRSAEncryption 863s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 863s Validity 863s Not Before: Apr 8 22:45:09 2024 GMT 863s Not After : Apr 8 22:45:09 2025 GMT 863s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 863s Subject Public Key Info: 863s Public Key Algorithm: rsaEncryption 863s Public-Key: (1024 bit) 863s Modulus: 863s 00:b4:29:69:ec:fd:c4:f7:c0:dc:56:83:e5:20:dc: 863s 4a:25:e2:25:9a:94:6e:cb:2f:05:58:7c:89:b9:71: 863s 7a:e3:74:5d:73:88:fa:4d:ad:80:e2:e1:6d:f8:42: 863s 12:2e:13:de:84:ec:6e:5f:ed:1b:02:5b:93:21:42: 863s ff:90:99:d1:59:ab:95:55:38:1b:c0:34:3d:46:e4: 863s ba:97:80:61:b4:8c:37:07:33:ae:82:4a:be:46:ea: 863s dd:1c:9d:ad:14:52:b2:4b:9e:90:49:90:82:22:fb: 863s b7:51:ab:94:ec:2c:75:fe:8e:86:94:11:af:93:66: 863s a3:5a:6d:3b:b1:5b:10:d0:fb 863s Exponent: 65537 (0x10001) 863s X509v3 extensions: 863s X509v3 Authority Key Identifier: 863s B0:36:9B:C0:F3:DC:AB:B4:A7:0F:F5:C3:3D:07:6D:FB:3F:29:9F:8C 863s X509v3 Basic Constraints: 863s CA:FALSE 863s Netscape Cert Type: 863s SSL Client, S/MIME 863s Netscape Comment: 863s Test Organization Intermediate CA trusted Certificate 863s X509v3 Subject Key Identifier: 863s 27:EF:A7:36:A7:2E:DD:A4:C3:29:D4:04:24:D0:62:C1:CC:36:F5:81 863s X509v3 Key Usage: critical 863s Digital Signature, Non Repudiation, Key Encipherment 863s X509v3 Extended Key Usage: 863s TLS Web Client Authentication, E-mail Protection 863s X509v3 Subject Alternative Name: 863s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 863s Signature Algorithm: sha256WithRSAEncryption 863s Signature Value: 863s 7f:c1:b4:b9:76:c0:17:9f:26:c2:6d:59:13:07:b5:cd:76:08: 863s 86:06:f4:07:9a:61:cd:97:c3:01:c0:9e:a7:f0:bc:9e:cb:aa: 863s ea:cd:8c:df:cd:26:09:50:ee:8c:8f:cd:f1:50:09:61:22:f3: 863s 58:1c:c3:d3:88:35:94:af:3c:e1:f4:41:cb:cf:fc:80:a6:66: 863s c6:80:3f:19:ce:d4:2a:ec:14:7d:d7:c7:e3:be:5f:e1:33:18: 863s 44:e7:f8:e6:71:cc:90:8d:1f:d7:74:fa:66:2b:03:df:70:ee: 863s 53:fb:1d:ef:32:62:a3:ab:ee:6f:10:41:2a:09:0c:d2:8f:d4: 863s 47:01 863s + found_md5=Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB 863s + '[' Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB '!=' Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB ']' 863s + valid_certificate /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem partial_chain 863s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem partial_chain 863s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 863s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5212 863s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 863s + local verify_option=partial_chain 863s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 863s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 863s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5212 863s + local key_cn 863s + local key_name 863s + local tokens_dir 863s + local output_cert_file 863s + token_name= 863s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem .pem 863s + key_name=test-intermediate-CA-trusted-certificate-0001 863s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 863s ++ sed -n 's/ *commonName *= //p' 863s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 863s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 863s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 863s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 863s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 863s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001 863s + token_name='Test Organization Interme Token' 863s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 863s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 863s Test Organization Interme Token 863s + echo 'Test Organization Interme Token' 863s + '[' -n partial_chain ']' 863s + local verify_arg=--verify=partial_chain 863s + local output_base_name=SSSD-child-21529 863s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-21529.output 863s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-21529.pem 863s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 863s [p11_child[2438]] [main] (0x0400): p11_child started. 863s [p11_child[2438]] [main] (0x2000): Running in [pre-auth] mode. 863s [p11_child[2438]] [main] (0x2000): Running with effective IDs: [0][0]. 863s [p11_child[2438]] [main] (0x2000): Running with real IDs [0][0]. 863s [p11_child[2438]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 863s [p11_child[2438]] [do_card] (0x4000): Module List: 863s [p11_child[2438]] [do_card] (0x4000): common name: [softhsm2]. 863s [p11_child[2438]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 863s [p11_child[2438]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4702d925] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 863s [p11_child[2438]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 863s [p11_child[2438]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4702d925][1191368997] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 863s [p11_child[2438]] [do_card] (0x4000): Login NOT required. 863s [p11_child[2438]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 863s [p11_child[2438]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 863s [p11_child[2438]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 863s [p11_child[2438]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4702d925;slot-manufacturer=SoftHSM%20project;slot-id=1191368997;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=678edc1b4702d925;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 863s [p11_child[2438]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 863s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21529.output 863s + echo '-----BEGIN CERTIFICATE-----' 863s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21529.output 863s + echo '-----END CERTIFICATE-----' 863s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21529.pem 863s Certificate: 863s Data: 863s Version: 3 (0x2) 863s Serial Number: 4 (0x4) 863s Signature Algorithm: sha256WithRSAEncryption 863s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 863s Validity 863s Not Before: Apr 8 22:45:09 2024 GMT 863s Not After : Apr 8 22:45:09 2025 GMT 863s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 863s Subject Public Key Info: 863s Public Key Algorithm: rsaEncryption 863s Public-Key: (1024 bit) 863s Modulus: 863s 00:b4:29:69:ec:fd:c4:f7:c0:dc:56:83:e5:20:dc: 863s 4a:25:e2:25:9a:94:6e:cb:2f:05:58:7c:89:b9:71: 863s 7a:e3:74:5d:73:88:fa:4d:ad:80:e2:e1:6d:f8:42: 863s 12:2e:13:de:84:ec:6e:5f:ed:1b:02:5b:93:21:42: 863s ff:90:99:d1:59:ab:95:55:38:1b:c0:34:3d:46:e4: 863s ba:97:80:61:b4:8c:37:07:33:ae:82:4a:be:46:ea: 863s dd:1c:9d:ad:14:52:b2:4b:9e:90:49:90:82:22:fb: 863s b7:51:ab:94:ec:2c:75:fe:8e:86:94:11:af:93:66: 863s a3:5a:6d:3b:b1:5b:10:d0:fb 863s Exponent: 65537 (0x10001) 863s X509v3 extensions: 863s X509v3 Authority Key Identifier: 863s B0:36:9B:C0:F3:DC:AB:B4:A7:0F:F5:C3:3D:07:6D:FB:3F:29:9F:8C 863s X509v3 Basic Constraints: 863s CA:FALSE 863s Netscape Cert Type: 863s SSL Client, S/MIME 863s Netscape Comment: 863s Test Organization Intermediate CA trusted Certificate 863s X509v3 Subject Key Identifier: 863s 27:EF:A7:36:A7:2E:DD:A4:C3:29:D4:04:24:D0:62:C1:CC:36:F5:81 863s X509v3 Key Usage: critical 863s Digital Signature, Non Repudiation, Key Encipherment 863s X509v3 Extended Key Usage: 863s TLS Web Client Authentication, E-mail Protection 863s X509v3 Subject Alternative Name: 863s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 863s Signature Algorithm: sha256WithRSAEncryption 863s Signature Value: 863s 7f:c1:b4:b9:76:c0:17:9f:26:c2:6d:59:13:07:b5:cd:76:08: 863s 86:06:f4:07:9a:61:cd:97:c3:01:c0:9e:a7:f0:bc:9e:cb:aa: 863s ea:cd:8c:df:cd:26:09:50:ee:8c:8f:cd:f1:50:09:61:22:f3: 863s 58:1c:c3:d3:88:35:94:af:3c:e1:f4:41:cb:cf:fc:80:a6:66: 863s c6:80:3f:19:ce:d4:2a:ec:14:7d:d7:c7:e3:be:5f:e1:33:18: 863s 44:e7:f8:e6:71:cc:90:8d:1f:d7:74:fa:66:2b:03:df:70:ee: 863s 53:fb:1d:ef:32:62:a3:ab:ee:6f:10:41:2a:09:0c:d2:8f:d4: 863s 47:01 863s + local found_md5 expected_md5 863s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 863s + expected_md5=Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB 863s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21529.pem 863s + found_md5=Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB 863s + '[' Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB '!=' Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB ']' 863s + output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-21529-auth.output 863s ++ basename /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21529-auth.output .output 863s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-21529-auth.pem 863s + echo -n 053350 863s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 863s [p11_child[2446]] [main] (0x0400): p11_child started. 863s [p11_child[2446]] [main] (0x2000): Running in [auth] mode. 863s [p11_child[2446]] [main] (0x2000): Running with effective IDs: [0][0]. 863s [p11_child[2446]] [main] (0x2000): Running with real IDs [0][0]. 863s [p11_child[2446]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 863s [p11_child[2446]] [do_card] (0x4000): Module List: 863s [p11_child[2446]] [do_card] (0x4000): common name: [softhsm2]. 863s [p11_child[2446]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 863s [p11_child[2446]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4702d925] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 863s [p11_child[2446]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 863s [p11_child[2446]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4702d925][1191368997] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 863s [p11_child[2446]] [do_card] (0x4000): Login required. 863s [p11_child[2446]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 863s [p11_child[2446]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 863s [p11_child[2446]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 863s [p11_child[2446]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4702d925;slot-manufacturer=SoftHSM%20project;slot-id=1191368997;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=678edc1b4702d925;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 863s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 863s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 864s [p11_child[2446]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 864s [p11_child[2446]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 864s [p11_child[2446]] [do_card] (0x4000): Certificate verified and validated. 864s [p11_child[2446]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 864s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21529-auth.output 864s + echo '-----BEGIN CERTIFICATE-----' 864s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21529-auth.output 864s + echo '-----END CERTIFICATE-----' 864s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21529-auth.pem 864s Certificate: 864s Data: 864s Version: 3 (0x2) 864s Serial Number: 4 (0x4) 864s Signature Algorithm: sha256WithRSAEncryption 864s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 864s Validity 864s Not Before: Apr 8 22:45:09 2024 GMT 864s Not After : Apr 8 22:45:09 2025 GMT 864s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 864s Subject Public Key Info: 864s Public Key Algorithm: rsaEncryption 864s Public-Key: (1024 bit) 864s Modulus: 864s 00:b4:29:69:ec:fd:c4:f7:c0:dc:56:83:e5:20:dc: 864s 4a:25:e2:25:9a:94:6e:cb:2f:05:58:7c:89:b9:71: 864s 7a:e3:74:5d:73:88:fa:4d:ad:80:e2:e1:6d:f8:42: 864s 12:2e:13:de:84:ec:6e:5f:ed:1b:02:5b:93:21:42: 864s ff:90:99:d1:59:ab:95:55:38:1b:c0:34:3d:46:e4: 864s ba:97:80:61:b4:8c:37:07:33:ae:82:4a:be:46:ea: 864s dd:1c:9d:ad:14:52:b2:4b:9e:90:49:90:82:22:fb: 864s b7:51:ab:94:ec:2c:75:fe:8e:86:94:11:af:93:66: 864s a3:5a:6d:3b:b1:5b:10:d0:fb 864s Exponent: 65537 (0x10001) 864s X509v3 extensions: 864s X509v3 Authority Key Identifier: 864s B0:36:9B:C0:F3:DC:AB:B4:A7:0F:F5:C3:3D:07:6D:FB:3F:29:9F:8C 864s X509v3 Basic Constraints: 864s CA:FALSE 864s Netscape Cert Type: 864s SSL Client, S/MIME 864s Netscape Comment: 864s Test Organization Intermediate CA trusted Certificate 864s X509v3 Subject Key Identifier: 864s 27:EF:A7:36:A7:2E:DD:A4:C3:29:D4:04:24:D0:62:C1:CC:36:F5:81 864s X509v3 Key Usage: critical 864s Digital Signature, Non Repudiation, Key Encipherment 864s X509v3 Extended Key Usage: 864s TLS Web Client Authentication, E-mail Protection 864s X509v3 Subject Alternative Name: 864s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 864s Signature Algorithm: sha256WithRSAEncryption 864s Signature Value: 864s 7f:c1:b4:b9:76:c0:17:9f:26:c2:6d:59:13:07:b5:cd:76:08: 864s 86:06:f4:07:9a:61:cd:97:c3:01:c0:9e:a7:f0:bc:9e:cb:aa: 864s ea:cd:8c:df:cd:26:09:50:ee:8c:8f:cd:f1:50:09:61:22:f3: 864s 58:1c:c3:d3:88:35:94:af:3c:e1:f4:41:cb:cf:fc:80:a6:66: 864s c6:80:3f:19:ce:d4:2a:ec:14:7d:d7:c7:e3:be:5f:e1:33:18: 864s 44:e7:f8:e6:71:cc:90:8d:1f:d7:74:fa:66:2b:03:df:70:ee: 864s 53:fb:1d:ef:32:62:a3:ab:ee:6f:10:41:2a:09:0c:d2:8f:d4: 864s 47:01 864s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-21529-auth.pem 864s + found_md5=Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB 864s + '[' Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB '!=' Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB ']' 864s + invalid_certificate /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem 864s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem 864s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 864s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5212 864s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem 864s + local verify_option= 864s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 864s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 864s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5212 864s + local key_cn 864s + local key_name 864s + local tokens_dir 864s + local output_cert_file 864s + token_name= 864s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem .pem 864s + key_name=test-intermediate-CA-trusted-certificate-0001 864s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 864s ++ sed -n 's/ *commonName *= //p' 864s Test Organization Interme Token 864s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 864s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 864s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 864s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 864s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 864s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001 864s + token_name='Test Organization Interme Token' 864s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 864s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 864s + echo 'Test Organization Interme Token' 864s + '[' -n '' ']' 864s + local output_base_name=SSSD-child-11978 864s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-11978.output 864s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-11978.pem 864s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem 864s [p11_child[2456]] [main] (0x0400): p11_child started. 864s [p11_child[2456]] [main] (0x2000): Running in [pre-auth] mode. 864s [p11_child[2456]] [main] (0x2000): Running with effective IDs: [0][0]. 864s [p11_child[2456]] [main] (0x2000): Running with real IDs [0][0]. 864s [p11_child[2456]] [do_card] (0x4000): Module List: 864s [p11_child[2456]] [do_card] (0x4000): common name: [softhsm2]. 864s [p11_child[2456]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 864s [p11_child[2456]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4702d925] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 864s [p11_child[2456]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 864s [p11_child[2456]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4702d925][1191368997] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 864s [p11_child[2456]] [do_card] (0x4000): Login NOT required. 864s [p11_child[2456]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 864s [p11_child[2456]] [do_verification] (0x0040): X509_verify_cert failed [0]. 864s [p11_child[2456]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 864s [p11_child[2456]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 864s [p11_child[2456]] [do_card] (0x4000): No certificate found. 864s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-11978.output 864s + return 2 864s + valid_certificate /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem partial_chain 864s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem partial_chain 864s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 864s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5212 864s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem 864s + local verify_option=partial_chain 864s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5212 864s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 864s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5212 864s + local key_cn 864s + local key_name 864s + local tokens_dir 864s + local output_cert_file 864s + token_name= 864s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem .pem 864s + key_name=test-intermediate-CA-trusted-certificate-0001 864s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 864s ++ sed -n 's/ *commonName *= //p' 864s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 864s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 864s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 864s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 864s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 864s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001 864s + token_name='Test Organization Interme Token' 864s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 864s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 864s + echo 'Test Organization Interme Token' 864s + '[' -n partial_chain ']' 864s + local verify_arg=--verify=partial_chain 864s + local output_base_name=SSSD-child-12743 864s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-12743.output 864s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-12743.pem 864s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem 864s [p11_child[2463]] [main] (0x0400): p11_child started. 864s [p11_child[2463]] [main] (0x2000): Running in [pre-auth] mode. 864s [p11_child[2463]] [main] (0x2000): Running with effective IDs: [0][0]. 864s [p11_child[2463]] [main] (0x2000): Running with real IDs [0][0]. 864s [p11_child[2463]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 864s [p11_child[2463]] [do_card] (0x4000): Module List: 864s [p11_child[2463]] [do_card] (0x4000): common name: [softhsm2]. 864s [p11_child[2463]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 864s [p11_child[2463]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4702d925] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 864s [p11_child[2463]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 864s [p11_child[2463]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4702d925][1191368997] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 864s [p11_child[2463]] [do_card] (0x4000): Login NOT required. 864s [p11_child[2463]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 864s [p11_child[2463]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 864s [p11_child[2463]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 864s [p11_child[2463]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4702d925;slot-manufacturer=SoftHSM%20project;slot-id=1191368997;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=678edc1b4702d925;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 864s [p11_child[2463]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 864s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-12743.output 864s + echo '-----BEGIN CERTIFICATE-----' 864s Test Organization Interme Token 864s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-12743.output 864s + echo '-----END CERTIFICATE-----' 864s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-12743.pem 864s Certificate: 864s Data: 864s Version: 3 (0x2) 864s Serial Number: 4 (0x4) 864s Signature Algorithm: sha256WithRSAEncryption 864s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 864s Validity 864s Not Before: Apr 8 22:45:09 2024 GMT 864s Not After : Apr 8 22:45:09 2025 GMT 864s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 864s Subject Public Key Info: 864s Public Key Algorithm: rsaEncryption 864s Public-Key: (1024 bit) 864s Modulus: 864s 00:b4:29:69:ec:fd:c4:f7:c0:dc:56:83:e5:20:dc: 864s 4a:25:e2:25:9a:94:6e:cb:2f:05:58:7c:89:b9:71: 864s 7a:e3:74:5d:73:88:fa:4d:ad:80:e2:e1:6d:f8:42: 864s 12:2e:13:de:84:ec:6e:5f:ed:1b:02:5b:93:21:42: 864s ff:90:99:d1:59:ab:95:55:38:1b:c0:34:3d:46:e4: 864s ba:97:80:61:b4:8c:37:07:33:ae:82:4a:be:46:ea: 864s dd:1c:9d:ad:14:52:b2:4b:9e:90:49:90:82:22:fb: 864s b7:51:ab:94:ec:2c:75:fe:8e:86:94:11:af:93:66: 864s a3:5a:6d:3b:b1:5b:10:d0:fb 864s Exponent: 65537 (0x10001) 864s X509v3 extensions: 864s X509v3 Authority Key Identifier: 864s B0:36:9B:C0:F3:DC:AB:B4:A7:0F:F5:C3:3D:07:6D:FB:3F:29:9F:8C 864s X509v3 Basic Constraints: 864s CA:FALSE 864s Netscape Cert Type: 864s SSL Client, S/MIME 864s Netscape Comment: 864s Test Organization Intermediate CA trusted Certificate 864s X509v3 Subject Key Identifier: 864s 27:EF:A7:36:A7:2E:DD:A4:C3:29:D4:04:24:D0:62:C1:CC:36:F5:81 864s X509v3 Key Usage: critical 864s Digital Signature, Non Repudiation, Key Encipherment 864s X509v3 Extended Key Usage: 864s TLS Web Client Authentication, E-mail Protection 864s X509v3 Subject Alternative Name: 864s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 864s Signature Algorithm: sha256WithRSAEncryption 864s Signature Value: 864s 7f:c1:b4:b9:76:c0:17:9f:26:c2:6d:59:13:07:b5:cd:76:08: 864s 86:06:f4:07:9a:61:cd:97:c3:01:c0:9e:a7:f0:bc:9e:cb:aa: 864s ea:cd:8c:df:cd:26:09:50:ee:8c:8f:cd:f1:50:09:61:22:f3: 864s 58:1c:c3:d3:88:35:94:af:3c:e1:f4:41:cb:cf:fc:80:a6:66: 864s c6:80:3f:19:ce:d4:2a:ec:14:7d:d7:c7:e3:be:5f:e1:33:18: 864s 44:e7:f8:e6:71:cc:90:8d:1f:d7:74:fa:66:2b:03:df:70:ee: 864s 53:fb:1d:ef:32:62:a3:ab:ee:6f:10:41:2a:09:0c:d2:8f:d4: 864s 47:01 864s + local found_md5 expected_md5 864s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA-trusted-certificate-0001.pem 864s + expected_md5=Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB 864s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-12743.pem 864s + found_md5=Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB 864s + '[' Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB '!=' Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB ']' 864s + output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-12743-auth.output 864s ++ basename /tmp/sssd-softhsm2-iVXKsv/SSSD-child-12743-auth.output .output 864s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-12743-auth.pem 864s + echo -n 053350 864s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 864s [p11_child[2471]] [main] (0x0400): p11_child started. 864s [p11_child[2471]] [main] (0x2000): Running in [auth] mode. 864s [p11_child[2471]] [main] (0x2000): Running with effective IDs: [0][0]. 864s [p11_child[2471]] [main] (0x2000): Running with real IDs [0][0]. 864s [p11_child[2471]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 864s [p11_child[2471]] [do_card] (0x4000): Module List: 864s [p11_child[2471]] [do_card] (0x4000): common name: [softhsm2]. 864s [p11_child[2471]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 864s [p11_child[2471]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4702d925] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 864s [p11_child[2471]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 864s [p11_child[2471]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4702d925][1191368997] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 864s [p11_child[2471]] [do_card] (0x4000): Login required. 864s [p11_child[2471]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 864s [p11_child[2471]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 864s [p11_child[2471]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 864s [p11_child[2471]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4702d925;slot-manufacturer=SoftHSM%20project;slot-id=1191368997;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=678edc1b4702d925;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 864s [p11_child[2471]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 864s [p11_child[2471]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 864s [p11_child[2471]] [do_card] (0x4000): Certificate verified and validated. 864s [p11_child[2471]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 864s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-12743-auth.output 864s + echo '-----BEGIN CERTIFICATE-----' 864s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-12743-auth.output 864s + echo '-----END CERTIFICATE-----' 864s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-12743-auth.pem 864s Certificate: 864s Data: 864s Version: 3 (0x2) 864s Serial Number: 4 (0x4) 864s Signature Algorithm: sha256WithRSAEncryption 864s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 864s Validity 864s Not Before: Apr 8 22:45:09 2024 GMT 864s Not After : Apr 8 22:45:09 2025 GMT 864s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 864s Subject Public Key Info: 864s Public Key Algorithm: rsaEncryption 864s Public-Key: (1024 bit) 864s Modulus: 864s 00:b4:29:69:ec:fd:c4:f7:c0:dc:56:83:e5:20:dc: 864s 4a:25:e2:25:9a:94:6e:cb:2f:05:58:7c:89:b9:71: 864s 7a:e3:74:5d:73:88:fa:4d:ad:80:e2:e1:6d:f8:42: 864s 12:2e:13:de:84:ec:6e:5f:ed:1b:02:5b:93:21:42: 864s ff:90:99:d1:59:ab:95:55:38:1b:c0:34:3d:46:e4: 864s ba:97:80:61:b4:8c:37:07:33:ae:82:4a:be:46:ea: 864s dd:1c:9d:ad:14:52:b2:4b:9e:90:49:90:82:22:fb: 864s b7:51:ab:94:ec:2c:75:fe:8e:86:94:11:af:93:66: 864s a3:5a:6d:3b:b1:5b:10:d0:fb 864s Exponent: 65537 (0x10001) 864s X509v3 extensions: 864s X509v3 Authority Key Identifier: 864s B0:36:9B:C0:F3:DC:AB:B4:A7:0F:F5:C3:3D:07:6D:FB:3F:29:9F:8C 864s X509v3 Basic Constraints: 864s CA:FALSE 864s Netscape Cert Type: 864s SSL Client, S/MIME 864s Netscape Comment: 864s Test Organization Intermediate CA trusted Certificate 864s X509v3 Subject Key Identifier: 864s 27:EF:A7:36:A7:2E:DD:A4:C3:29:D4:04:24:D0:62:C1:CC:36:F5:81 864s X509v3 Key Usage: critical 864s Digital Signature, Non Repudiation, Key Encipherment 864s X509v3 Extended Key Usage: 864s TLS Web Client Authentication, E-mail Protection 864s X509v3 Subject Alternative Name: 864s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 864s Signature Algorithm: sha256WithRSAEncryption 864s Signature Value: 864s 7f:c1:b4:b9:76:c0:17:9f:26:c2:6d:59:13:07:b5:cd:76:08: 864s 86:06:f4:07:9a:61:cd:97:c3:01:c0:9e:a7:f0:bc:9e:cb:aa: 864s ea:cd:8c:df:cd:26:09:50:ee:8c:8f:cd:f1:50:09:61:22:f3: 864s 58:1c:c3:d3:88:35:94:af:3c:e1:f4:41:cb:cf:fc:80:a6:66: 864s c6:80:3f:19:ce:d4:2a:ec:14:7d:d7:c7:e3:be:5f:e1:33:18: 864s 44:e7:f8:e6:71:cc:90:8d:1f:d7:74:fa:66:2b:03:df:70:ee: 864s 53:fb:1d:ef:32:62:a3:ab:ee:6f:10:41:2a:09:0c:d2:8f:d4: 864s 47:01 864s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-12743-auth.pem 864s + found_md5=Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB 864s + '[' Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB '!=' Modulus=B42969ECFDC4F7C0DC5683E520DC4A25E2259A946ECB2F05587C89B9717AE3745D7388FA4DAD80E2E16DF842122E13DE84EC6E5FED1B025B932142FF9099D159AB9555381BC0343D46E4BA978061B48C370733AE824ABE46EADD1C9DAD1452B24B9E9049908222FBB751AB94EC2C75FE8E869411AF9366A35A6D3BB15B10D0FB ']' 864s + invalid_certificate /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 864s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 864s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 864s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-25908 864s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 864s + local verify_option= 864s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 864s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 864s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-25908 864s + local key_cn 864s + local key_name 864s + local tokens_dir 864s + local output_cert_file 864s + token_name= 864s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 864s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 864s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 864s ++ sed -n 's/ *commonName *= //p' 864s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 864s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 864s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 864s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 864s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 864s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 864s + token_name='Test Organization Sub Int Token' 864s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 864s + local key_file 864s + local decrypted_key 864s + mkdir -p /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 864s + key_file=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 864s + decrypted_key=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 864s + cat 864s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 053350 --so-pin 053350 --free 864s Slot 0 has a free/uninitialized token. 864s The token has been initialized and is reassigned to slot 1399498194 864s + softhsm2-util --show-slots 864s Available slots: 864s Slot 1399498194 864s Slot info: 864s Description: SoftHSM slot ID 0x536aa5d2 864s Manufacturer ID: SoftHSM project 864s Hardware version: 2.6 864s Firmware version: 2.6 864s Token present: yes 864s Token info: 864s Manufacturer ID: SoftHSM project 864s Model: SoftHSM v2 864s Hardware version: 2.6 864s Firmware version: 2.6 864s Serial number: 27c2b99a536aa5d2 864s Initialized: yes 864s User PIN init.: yes 864s Label: Test Organization Sub Int Token 864s Slot 1 864s Slot info: 864s Description: SoftHSM slot ID 0x1 864s Manufacturer ID: SoftHSM project 864s Hardware version: 2.6 864s Firmware version: 2.6 864s Token present: yes 864s Token info: 864s Manufacturer ID: SoftHSM project 864s Model: SoftHSM v2 864s Hardware version: 2.6 864s Firmware version: 2.6 864s Serial number: 864s Initialized: no 864s User PIN init.: no 864s Label: 864s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 864s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-25908 -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 864s writing RSA key 864s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 864s + rm /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 864s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 864s Object 0: 864s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=27c2b99a536aa5d2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 864s Type: X.509 Certificate (RSA-1024) 864s Expires: Tue Apr 8 22:45:09 2025 864s Label: Test Organization Sub Intermediate Trusted Certificate 0001 864s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 864s 864s + echo 'Test Organization Sub Int Token' 864s Test Organization Sub Int Token 864s + '[' -n '' ']' 864s + local output_base_name=SSSD-child-29690 864s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-29690.output 864s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-29690.pem 864s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 864s [p11_child[2490]] [main] (0x0400): p11_child started. 864s [p11_child[2490]] [main] (0x2000): Running in [pre-auth] mode. 864s [p11_child[2490]] [main] (0x2000): Running with effective IDs: [0][0]. 864s [p11_child[2490]] [main] (0x2000): Running with real IDs [0][0]. 864s [p11_child[2490]] [do_card] (0x4000): Module List: 864s [p11_child[2490]] [do_card] (0x4000): common name: [softhsm2]. 864s [p11_child[2490]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 864s [p11_child[2490]] [do_card] (0x4000): Description [SoftHSM slot ID 0x536aa5d2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 864s [p11_child[2490]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 864s [p11_child[2490]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x536aa5d2][1399498194] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 864s [p11_child[2490]] [do_card] (0x4000): Login NOT required. 864s [p11_child[2490]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 864s [p11_child[2490]] [do_verification] (0x0040): X509_verify_cert failed [0]. 864s [p11_child[2490]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 864s [p11_child[2490]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 864s [p11_child[2490]] [do_card] (0x4000): No certificate found. 864s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-29690.output 864s + return 2 864s + invalid_certificate /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem partial_chain 864s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 /tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem partial_chain 864s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 864s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-25908 864s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 864s + local verify_option=partial_chain 864s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 864s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 864s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-25908 864s + local key_cn 864s + local key_name 864s + local tokens_dir 864s + local output_cert_file 864s + token_name= 864s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 864s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 864s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 864s ++ sed -n 's/ *commonName *= //p' 864s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 864s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 864s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 864s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 864s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 864s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 864s + token_name='Test Organization Sub Int Token' 864s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 864s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 864s + echo 'Test Organization Sub Int Token' 864s + '[' -n partial_chain ']' 864s + local verify_arg=--verify=partial_chain 864s + local output_base_name=SSSD-child-11805 864s Test Organization Sub Int Token 864s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-11805.output 864s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-11805.pem 864s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-root-CA.pem 864s [p11_child[2497]] [main] (0x0400): p11_child started. 864s [p11_child[2497]] [main] (0x2000): Running in [pre-auth] mode. 864s [p11_child[2497]] [main] (0x2000): Running with effective IDs: [0][0]. 864s [p11_child[2497]] [main] (0x2000): Running with real IDs [0][0]. 864s [p11_child[2497]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 864s [p11_child[2497]] [do_card] (0x4000): Module List: 864s [p11_child[2497]] [do_card] (0x4000): common name: [softhsm2]. 864s [p11_child[2497]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 864s [p11_child[2497]] [do_card] (0x4000): Description [SoftHSM slot ID 0x536aa5d2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 864s [p11_child[2497]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 864s [p11_child[2497]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x536aa5d2][1399498194] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 864s [p11_child[2497]] [do_card] (0x4000): Login NOT required. 864s [p11_child[2497]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 864s [p11_child[2497]] [do_verification] (0x0040): X509_verify_cert failed [0]. 864s [p11_child[2497]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 864s [p11_child[2497]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 864s [p11_child[2497]] [do_card] (0x4000): No certificate found. 864s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-11805.output 864s + return 2 864s + valid_certificate /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 864s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 864s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 864s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-25908 864s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 864s + local verify_option= 864s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 864s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 864s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-25908 864s + local key_cn 864s + local key_name 864s + local tokens_dir 864s + local output_cert_file 864s + token_name= 864s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 864s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 864s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 864s ++ sed -n 's/ *commonName *= //p' 864s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 864s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 864s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 864s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 864s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 864s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 864s + token_name='Test Organization Sub Int Token' 864s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 864s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 864s + echo 'Test Organization Sub Int Token' 864s Test Organization Sub Int Token 864s + '[' -n '' ']' 864s + local output_base_name=SSSD-child-3707 864s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-3707.output 864s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-3707.pem 864s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 864s [p11_child[2504]] [main] (0x0400): p11_child started. 864s [p11_child[2504]] [main] (0x2000): Running in [pre-auth] mode. 864s [p11_child[2504]] [main] (0x2000): Running with effective IDs: [0][0]. 864s [p11_child[2504]] [main] (0x2000): Running with real IDs [0][0]. 864s [p11_child[2504]] [do_card] (0x4000): Module List: 864s [p11_child[2504]] [do_card] (0x4000): common name: [softhsm2]. 864s [p11_child[2504]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 864s [p11_child[2504]] [do_card] (0x4000): Description [SoftHSM slot ID 0x536aa5d2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 864s [p11_child[2504]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 864s [p11_child[2504]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x536aa5d2][1399498194] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 864s [p11_child[2504]] [do_card] (0x4000): Login NOT required. 864s [p11_child[2504]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 864s [p11_child[2504]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 864s [p11_child[2504]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 864s [p11_child[2504]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x536aa5d2;slot-manufacturer=SoftHSM%20project;slot-id=1399498194;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=27c2b99a536aa5d2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 864s [p11_child[2504]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 864s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3707.output 864s + echo '-----BEGIN CERTIFICATE-----' 864s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3707.output 864s + echo '-----END CERTIFICATE-----' 864s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3707.pem 864s Certificate: 864s Data: 864s Version: 3 (0x2) 864s Serial Number: 5 (0x5) 864s Signature Algorithm: sha256WithRSAEncryption 864s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 864s Validity 864s Not Before: Apr 8 22:45:09 2024 GMT 864s Not After : Apr 8 22:45:09 2025 GMT 864s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 864s Subject Public Key Info: 864s Public Key Algorithm: rsaEncryption 864s Public-Key: (1024 bit) 864s Modulus: 864s 00:d5:a7:27:3e:26:ff:2f:3d:dd:f5:b9:e1:25:9d: 864s ed:90:4c:bc:c6:48:89:8a:42:26:5f:7f:85:78:94: 864s 8e:bc:2c:cf:4e:fc:73:db:3a:20:ef:48:c5:59:c7: 864s af:d5:cb:61:01:47:3a:64:4d:a2:d2:d1:cc:4e:d0: 864s 13:91:df:4c:3a:00:98:da:89:fa:1c:9d:9e:6b:d4: 864s b5:03:ff:6c:52:97:c4:a6:90:59:76:84:1a:8a:c9: 864s 96:a7:39:04:74:91:2e:ea:78:c7:5c:50:50:3d:55: 864s b8:9c:59:c4:1c:d9:80:ae:a3:ee:5a:b8:06:fa:21: 864s 9d:4f:2d:ba:94:fc:f7:ce:a3 864s Exponent: 65537 (0x10001) 864s X509v3 extensions: 864s X509v3 Authority Key Identifier: 864s 67:2B:97:7B:E4:A0:4A:F4:42:7D:DC:53:FD:9F:B8:75:39:7D:55:4F 864s X509v3 Basic Constraints: 864s CA:FALSE 864s Netscape Cert Type: 864s SSL Client, S/MIME 864s Netscape Comment: 864s Test Organization Sub Intermediate CA trusted Certificate 864s X509v3 Subject Key Identifier: 864s F3:31:15:D9:DC:7B:A2:2F:BD:D2:DE:F6:11:D8:37:80:53:36:5C:C2 864s X509v3 Key Usage: critical 864s Digital Signature, Non Repudiation, Key Encipherment 864s X509v3 Extended Key Usage: 864s TLS Web Client Authentication, E-mail Protection 864s X509v3 Subject Alternative Name: 864s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 864s Signature Algorithm: sha256WithRSAEncryption 864s Signature Value: 864s 67:5e:27:d2:e3:a7:99:38:45:28:9c:05:67:7d:31:d5:26:cf: 864s ca:70:e8:29:60:76:48:88:47:23:a0:c4:22:38:09:8f:e9:20: 864s 89:78:28:61:76:bf:5a:e1:59:81:89:9d:cc:fe:2e:6a:e5:89: 864s 30:2c:a9:a3:ba:10:77:30:41:51:c9:0c:84:1c:0c:77:76:02: 864s 35:16:59:f0:3b:95:64:da:1d:a7:e5:00:86:b0:de:0f:72:e1: 864s e5:67:73:d0:82:d9:00:ea:6f:86:f9:f4:1c:d2:88:73:7d:b9: 864s 2a:8b:34:e7:53:6d:9c:de:cd:5d:3e:60:be:6c:e0:23:58:77: 864s 88:52 864s + local found_md5 expected_md5 864s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 864s + expected_md5=Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 864s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3707.pem 864s + found_md5=Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 864s + '[' Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 '!=' Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 ']' 864s + output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-3707-auth.output 864s ++ basename /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3707-auth.output .output 864s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-3707-auth.pem 864s + echo -n 053350 864s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 864s [p11_child[2512]] [main] (0x0400): p11_child started. 864s [p11_child[2512]] [main] (0x2000): Running in [auth] mode. 864s [p11_child[2512]] [main] (0x2000): Running with effective IDs: [0][0]. 864s [p11_child[2512]] [main] (0x2000): Running with real IDs [0][0]. 864s [p11_child[2512]] [do_card] (0x4000): Module List: 864s [p11_child[2512]] [do_card] (0x4000): common name: [softhsm2]. 864s [p11_child[2512]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 864s [p11_child[2512]] [do_card] (0x4000): Description [SoftHSM slot ID 0x536aa5d2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 864s [p11_child[2512]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 864s [p11_child[2512]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x536aa5d2][1399498194] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 864s [p11_child[2512]] [do_card] (0x4000): Login required. 864s [p11_child[2512]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 864s [p11_child[2512]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 864s [p11_child[2512]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 864s [p11_child[2512]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x536aa5d2;slot-manufacturer=SoftHSM%20project;slot-id=1399498194;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=27c2b99a536aa5d2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 864s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 864s [p11_child[2512]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 864s [p11_child[2512]] [do_card] (0x4000): Certificate verified and validated. 864s [p11_child[2512]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 864s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3707-auth.output 864s + echo '-----BEGIN CERTIFICATE-----' 864s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3707-auth.output 864s + echo '-----END CERTIFICATE-----' 864s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3707-auth.pem 865s Certificate: 865s Data: 865s Version: 3 (0x2) 865s Serial Number: 5 (0x5) 865s Signature Algorithm: sha256WithRSAEncryption 865s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 865s Validity 865s Not Before: Apr 8 22:45:09 2024 GMT 865s Not After : Apr 8 22:45:09 2025 GMT 865s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 865s Subject Public Key Info: 865s Public Key Algorithm: rsaEncryption 865s Public-Key: (1024 bit) 865s Modulus: 865s 00:d5:a7:27:3e:26:ff:2f:3d:dd:f5:b9:e1:25:9d: 865s ed:90:4c:bc:c6:48:89:8a:42:26:5f:7f:85:78:94: 865s 8e:bc:2c:cf:4e:fc:73:db:3a:20:ef:48:c5:59:c7: 865s af:d5:cb:61:01:47:3a:64:4d:a2:d2:d1:cc:4e:d0: 865s 13:91:df:4c:3a:00:98:da:89:fa:1c:9d:9e:6b:d4: 865s b5:03:ff:6c:52:97:c4:a6:90:59:76:84:1a:8a:c9: 865s 96:a7:39:04:74:91:2e:ea:78:c7:5c:50:50:3d:55: 865s b8:9c:59:c4:1c:d9:80:ae:a3:ee:5a:b8:06:fa:21: 865s 9d:4f:2d:ba:94:fc:f7:ce:a3 865s Exponent: 65537 (0x10001) 865s X509v3 extensions: 865s X509v3 Authority Key Identifier: 865s 67:2B:97:7B:E4:A0:4A:F4:42:7D:DC:53:FD:9F:B8:75:39:7D:55:4F 865s X509v3 Basic Constraints: 865s CA:FALSE 865s Netscape Cert Type: 865s SSL Client, S/MIME 865s Netscape Comment: 865s Test Organization Sub Intermediate CA trusted Certificate 865s X509v3 Subject Key Identifier: 865s F3:31:15:D9:DC:7B:A2:2F:BD:D2:DE:F6:11:D8:37:80:53:36:5C:C2 865s X509v3 Key Usage: critical 865s Digital Signature, Non Repudiation, Key Encipherment 865s X509v3 Extended Key Usage: 865s TLS Web Client Authentication, E-mail Protection 865s X509v3 Subject Alternative Name: 865s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 865s Signature Algorithm: sha256WithRSAEncryption 865s Signature Value: 865s 67:5e:27:d2:e3:a7:99:38:45:28:9c:05:67:7d:31:d5:26:cf: 865s ca:70:e8:29:60:76:48:88:47:23:a0:c4:22:38:09:8f:e9:20: 865s 89:78:28:61:76:bf:5a:e1:59:81:89:9d:cc:fe:2e:6a:e5:89: 865s 30:2c:a9:a3:ba:10:77:30:41:51:c9:0c:84:1c:0c:77:76:02: 865s 35:16:59:f0:3b:95:64:da:1d:a7:e5:00:86:b0:de:0f:72:e1: 865s e5:67:73:d0:82:d9:00:ea:6f:86:f9:f4:1c:d2:88:73:7d:b9: 865s 2a:8b:34:e7:53:6d:9c:de:cd:5d:3e:60:be:6c:e0:23:58:77: 865s 88:52 865s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3707-auth.pem 865s + found_md5=Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 865s + '[' Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 '!=' Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 ']' 865s + valid_certificate /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem partial_chain 865s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 /tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem partial_chain 865s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 865s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-25908 865s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 865s + local verify_option=partial_chain 865s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 865s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 865s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-25908 865s + local key_cn 865s + local key_name 865s + local tokens_dir 865s + local output_cert_file 865s + token_name= 865s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 865s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 865s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 865s ++ sed -n 's/ *commonName *= //p' 865s Test Organization Sub Int Token 865s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 865s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 865s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 865s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 865s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 865s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 865s + token_name='Test Organization Sub Int Token' 865s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 865s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 865s + echo 'Test Organization Sub Int Token' 865s + '[' -n partial_chain ']' 865s + local verify_arg=--verify=partial_chain 865s + local output_base_name=SSSD-child-6344 865s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-6344.output 865s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-6344.pem 865s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem 865s [p11_child[2522]] [main] (0x0400): p11_child started. 865s [p11_child[2522]] [main] (0x2000): Running in [pre-auth] mode. 865s [p11_child[2522]] [main] (0x2000): Running with effective IDs: [0][0]. 865s [p11_child[2522]] [main] (0x2000): Running with real IDs [0][0]. 865s [p11_child[2522]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 865s [p11_child[2522]] [do_card] (0x4000): Module List: 865s [p11_child[2522]] [do_card] (0x4000): common name: [softhsm2]. 865s [p11_child[2522]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 865s [p11_child[2522]] [do_card] (0x4000): Description [SoftHSM slot ID 0x536aa5d2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 865s [p11_child[2522]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 865s [p11_child[2522]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x536aa5d2][1399498194] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 865s [p11_child[2522]] [do_card] (0x4000): Login NOT required. 865s [p11_child[2522]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 865s [p11_child[2522]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 865s [p11_child[2522]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 865s [p11_child[2522]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x536aa5d2;slot-manufacturer=SoftHSM%20project;slot-id=1399498194;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=27c2b99a536aa5d2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 865s [p11_child[2522]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 865s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-6344.output 865s + echo '-----BEGIN CERTIFICATE-----' 865s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-6344.output 865s + echo '-----END CERTIFICATE-----' 865s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-6344.pem 865s Certificate: 865s Data: 865s Version: 3 (0x2) 865s Serial Number: 5 (0x5) 865s Signature Algorithm: sha256WithRSAEncryption 865s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 865s Validity 865s Not Before: Apr 8 22:45:09 2024 GMT 865s Not After : Apr 8 22:45:09 2025 GMT 865s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 865s Subject Public Key Info: 865s Public Key Algorithm: rsaEncryption 865s Public-Key: (1024 bit) 865s Modulus: 865s 00:d5:a7:27:3e:26:ff:2f:3d:dd:f5:b9:e1:25:9d: 865s ed:90:4c:bc:c6:48:89:8a:42:26:5f:7f:85:78:94: 865s 8e:bc:2c:cf:4e:fc:73:db:3a:20:ef:48:c5:59:c7: 865s af:d5:cb:61:01:47:3a:64:4d:a2:d2:d1:cc:4e:d0: 865s 13:91:df:4c:3a:00:98:da:89:fa:1c:9d:9e:6b:d4: 865s b5:03:ff:6c:52:97:c4:a6:90:59:76:84:1a:8a:c9: 865s 96:a7:39:04:74:91:2e:ea:78:c7:5c:50:50:3d:55: 865s b8:9c:59:c4:1c:d9:80:ae:a3:ee:5a:b8:06:fa:21: 865s 9d:4f:2d:ba:94:fc:f7:ce:a3 865s Exponent: 65537 (0x10001) 865s X509v3 extensions: 865s X509v3 Authority Key Identifier: 865s 67:2B:97:7B:E4:A0:4A:F4:42:7D:DC:53:FD:9F:B8:75:39:7D:55:4F 865s X509v3 Basic Constraints: 865s CA:FALSE 865s Netscape Cert Type: 865s SSL Client, S/MIME 865s Netscape Comment: 865s Test Organization Sub Intermediate CA trusted Certificate 865s X509v3 Subject Key Identifier: 865s F3:31:15:D9:DC:7B:A2:2F:BD:D2:DE:F6:11:D8:37:80:53:36:5C:C2 865s X509v3 Key Usage: critical 865s Digital Signature, Non Repudiation, Key Encipherment 865s X509v3 Extended Key Usage: 865s TLS Web Client Authentication, E-mail Protection 865s X509v3 Subject Alternative Name: 865s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 865s Signature Algorithm: sha256WithRSAEncryption 865s Signature Value: 865s 67:5e:27:d2:e3:a7:99:38:45:28:9c:05:67:7d:31:d5:26:cf: 865s ca:70:e8:29:60:76:48:88:47:23:a0:c4:22:38:09:8f:e9:20: 865s 89:78:28:61:76:bf:5a:e1:59:81:89:9d:cc:fe:2e:6a:e5:89: 865s 30:2c:a9:a3:ba:10:77:30:41:51:c9:0c:84:1c:0c:77:76:02: 865s 35:16:59:f0:3b:95:64:da:1d:a7:e5:00:86:b0:de:0f:72:e1: 865s e5:67:73:d0:82:d9:00:ea:6f:86:f9:f4:1c:d2:88:73:7d:b9: 865s 2a:8b:34:e7:53:6d:9c:de:cd:5d:3e:60:be:6c:e0:23:58:77: 865s 88:52 865s + local found_md5 expected_md5 865s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 865s + expected_md5=Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 865s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-6344.pem 865s + found_md5=Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 865s + '[' Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 '!=' Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 ']' 865s + output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-6344-auth.output 865s ++ basename /tmp/sssd-softhsm2-iVXKsv/SSSD-child-6344-auth.output .output 865s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-6344-auth.pem 865s + echo -n 053350 865s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 865s [p11_child[2530]] [main] (0x0400): p11_child started. 865s [p11_child[2530]] [main] (0x2000): Running in [auth] mode. 865s [p11_child[2530]] [main] (0x2000): Running with effective IDs: [0][0]. 865s [p11_child[2530]] [main] (0x2000): Running with real IDs [0][0]. 865s [p11_child[2530]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 865s [p11_child[2530]] [do_card] (0x4000): Module List: 865s [p11_child[2530]] [do_card] (0x4000): common name: [softhsm2]. 865s [p11_child[2530]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 865s [p11_child[2530]] [do_card] (0x4000): Description [SoftHSM slot ID 0x536aa5d2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 865s [p11_child[2530]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 865s [p11_child[2530]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x536aa5d2][1399498194] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 865s [p11_child[2530]] [do_card] (0x4000): Login required. 865s [p11_child[2530]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 865s [p11_child[2530]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 865s [p11_child[2530]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 865s [p11_child[2530]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x536aa5d2;slot-manufacturer=SoftHSM%20project;slot-id=1399498194;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=27c2b99a536aa5d2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 865s [p11_child[2530]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 865s [p11_child[2530]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 865s [p11_child[2530]] [do_card] (0x4000): Certificate verified and validated. 865s [p11_child[2530]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 865s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-6344-auth.output 865s + echo '-----BEGIN CERTIFICATE-----' 865s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-6344-auth.output 865s + echo '-----END CERTIFICATE-----' 865s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-6344-auth.pem 865s Certificate: 865s Data: 865s Version: 3 (0x2) 865s Serial Number: 5 (0x5) 865s Signature Algorithm: sha256WithRSAEncryption 865s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 865s Validity 865s Not Before: Apr 8 22:45:09 2024 GMT 865s Not After : Apr 8 22:45:09 2025 GMT 865s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 865s Subject Public Key Info: 865s Public Key Algorithm: rsaEncryption 865s Public-Key: (1024 bit) 865s Modulus: 865s 00:d5:a7:27:3e:26:ff:2f:3d:dd:f5:b9:e1:25:9d: 865s ed:90:4c:bc:c6:48:89:8a:42:26:5f:7f:85:78:94: 865s 8e:bc:2c:cf:4e:fc:73:db:3a:20:ef:48:c5:59:c7: 865s af:d5:cb:61:01:47:3a:64:4d:a2:d2:d1:cc:4e:d0: 865s 13:91:df:4c:3a:00:98:da:89:fa:1c:9d:9e:6b:d4: 865s b5:03:ff:6c:52:97:c4:a6:90:59:76:84:1a:8a:c9: 865s 96:a7:39:04:74:91:2e:ea:78:c7:5c:50:50:3d:55: 865s b8:9c:59:c4:1c:d9:80:ae:a3:ee:5a:b8:06:fa:21: 865s 9d:4f:2d:ba:94:fc:f7:ce:a3 865s Exponent: 65537 (0x10001) 865s X509v3 extensions: 865s X509v3 Authority Key Identifier: 865s 67:2B:97:7B:E4:A0:4A:F4:42:7D:DC:53:FD:9F:B8:75:39:7D:55:4F 865s X509v3 Basic Constraints: 865s CA:FALSE 865s Netscape Cert Type: 865s SSL Client, S/MIME 865s Netscape Comment: 865s Test Organization Sub Intermediate CA trusted Certificate 865s X509v3 Subject Key Identifier: 865s F3:31:15:D9:DC:7B:A2:2F:BD:D2:DE:F6:11:D8:37:80:53:36:5C:C2 865s X509v3 Key Usage: critical 865s Digital Signature, Non Repudiation, Key Encipherment 865s X509v3 Extended Key Usage: 865s TLS Web Client Authentication, E-mail Protection 865s X509v3 Subject Alternative Name: 865s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 865s Signature Algorithm: sha256WithRSAEncryption 865s Signature Value: 865s 67:5e:27:d2:e3:a7:99:38:45:28:9c:05:67:7d:31:d5:26:cf: 865s ca:70:e8:29:60:76:48:88:47:23:a0:c4:22:38:09:8f:e9:20: 865s 89:78:28:61:76:bf:5a:e1:59:81:89:9d:cc:fe:2e:6a:e5:89: 865s 30:2c:a9:a3:ba:10:77:30:41:51:c9:0c:84:1c:0c:77:76:02: 865s 35:16:59:f0:3b:95:64:da:1d:a7:e5:00:86:b0:de:0f:72:e1: 865s e5:67:73:d0:82:d9:00:ea:6f:86:f9:f4:1c:d2:88:73:7d:b9: 865s 2a:8b:34:e7:53:6d:9c:de:cd:5d:3e:60:be:6c:e0:23:58:77: 865s 88:52 865s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-6344-auth.pem 865s + found_md5=Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 865s + '[' Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 '!=' Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 ']' 865s + invalid_certificate /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem 865s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem 865s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 865s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-25908 865s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem 865s + local verify_option= 865s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 865s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 865s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-25908 865s + local key_cn 865s + local key_name 865s + local tokens_dir 865s + local output_cert_file 865s + token_name= 865s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 865s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 865s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 865s ++ sed -n 's/ *commonName *= //p' 865s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 865s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 865s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 865s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 865s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 865s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 865s + token_name='Test Organization Sub Int Token' 865s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 865s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 865s + echo 'Test Organization Sub Int Token' 865s + '[' -n '' ']' 865s + local output_base_name=SSSD-child-30178 865s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-30178.output 865s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-30178.pem 865s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem 865s Test Organization Sub Int Token 865s [p11_child[2540]] [main] (0x0400): p11_child started. 865s [p11_child[2540]] [main] (0x2000): Running in [pre-auth] mode. 865s [p11_child[2540]] [main] (0x2000): Running with effective IDs: [0][0]. 865s [p11_child[2540]] [main] (0x2000): Running with real IDs [0][0]. 865s [p11_child[2540]] [do_card] (0x4000): Module List: 865s [p11_child[2540]] [do_card] (0x4000): common name: [softhsm2]. 865s [p11_child[2540]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 865s [p11_child[2540]] [do_card] (0x4000): Description [SoftHSM slot ID 0x536aa5d2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 865s [p11_child[2540]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 865s [p11_child[2540]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x536aa5d2][1399498194] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 865s [p11_child[2540]] [do_card] (0x4000): Login NOT required. 865s [p11_child[2540]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 865s [p11_child[2540]] [do_verification] (0x0040): X509_verify_cert failed [0]. 865s [p11_child[2540]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 865s [p11_child[2540]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 865s [p11_child[2540]] [do_card] (0x4000): No certificate found. 865s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-30178.output 865s + return 2 865s + invalid_certificate /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 /tmp/sssd-softhsm2-iVXKsv/test-root-intermediate-chain-CA.pem partial_chain 865s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 /tmp/sssd-softhsm2-iVXKsv/test-root-intermediate-chain-CA.pem partial_chain 865s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 865s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-25908 865s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-root-intermediate-chain-CA.pem 865s + local verify_option=partial_chain 865s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 865s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 865s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-25908 865s + local key_cn 865s + local key_name 865s + local tokens_dir 865s + local output_cert_file 865s + token_name= 865s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 865s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 865s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 865s ++ sed -n 's/ *commonName *= //p' 865s Test Organization Sub Int Token 865s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 865s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 865s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 865s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 865s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 865s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 865s + token_name='Test Organization Sub Int Token' 865s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 865s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 865s + echo 'Test Organization Sub Int Token' 865s + '[' -n partial_chain ']' 865s + local verify_arg=--verify=partial_chain 865s + local output_base_name=SSSD-child-24679 865s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-24679.output 865s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-24679.pem 865s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-root-intermediate-chain-CA.pem 865s [p11_child[2547]] [main] (0x0400): p11_child started. 865s [p11_child[2547]] [main] (0x2000): Running in [pre-auth] mode. 865s [p11_child[2547]] [main] (0x2000): Running with effective IDs: [0][0]. 865s [p11_child[2547]] [main] (0x2000): Running with real IDs [0][0]. 865s [p11_child[2547]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 865s [p11_child[2547]] [do_card] (0x4000): Module List: 865s [p11_child[2547]] [do_card] (0x4000): common name: [softhsm2]. 865s [p11_child[2547]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 865s [p11_child[2547]] [do_card] (0x4000): Description [SoftHSM slot ID 0x536aa5d2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 865s [p11_child[2547]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 865s [p11_child[2547]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x536aa5d2][1399498194] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 865s [p11_child[2547]] [do_card] (0x4000): Login NOT required. 865s [p11_child[2547]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 865s [p11_child[2547]] [do_verification] (0x0040): X509_verify_cert failed [0]. 865s [p11_child[2547]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 865s [p11_child[2547]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 865s [p11_child[2547]] [do_card] (0x4000): No certificate found. 865s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-24679.output 865s + return 2 865s + valid_certificate /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem partial_chain 865s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem partial_chain 865s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 865s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-25908 865s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem 865s + local verify_option=partial_chain 865s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 865s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 865s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-25908 865s + local key_cn 865s + local key_name 865s + local tokens_dir 865s + local output_cert_file 865s + token_name= 865s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 865s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 865s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 865s ++ sed -n 's/ *commonName *= //p' 865s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 865s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 865s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 865s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 865s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 865s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 865s + token_name='Test Organization Sub Int Token' 865s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 865s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 865s + echo 'Test Organization Sub Int Token' 865s + '[' -n partial_chain ']' 865s Test Organization Sub Int Token 865s + local verify_arg=--verify=partial_chain 865s + local output_base_name=SSSD-child-8460 865s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-8460.output 865s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-8460.pem 865s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem 865s [p11_child[2554]] [main] (0x0400): p11_child started. 865s [p11_child[2554]] [main] (0x2000): Running in [pre-auth] mode. 865s [p11_child[2554]] [main] (0x2000): Running with effective IDs: [0][0]. 865s [p11_child[2554]] [main] (0x2000): Running with real IDs [0][0]. 865s [p11_child[2554]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 865s [p11_child[2554]] [do_card] (0x4000): Module List: 865s [p11_child[2554]] [do_card] (0x4000): common name: [softhsm2]. 865s [p11_child[2554]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 865s [p11_child[2554]] [do_card] (0x4000): Description [SoftHSM slot ID 0x536aa5d2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 865s [p11_child[2554]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 865s [p11_child[2554]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x536aa5d2][1399498194] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 865s [p11_child[2554]] [do_card] (0x4000): Login NOT required. 865s [p11_child[2554]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 865s [p11_child[2554]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 865s [p11_child[2554]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 865s [p11_child[2554]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x536aa5d2;slot-manufacturer=SoftHSM%20project;slot-id=1399498194;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=27c2b99a536aa5d2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 865s [p11_child[2554]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 865s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-8460.output 865s + echo '-----BEGIN CERTIFICATE-----' 865s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-8460.output 865s + echo '-----END CERTIFICATE-----' 865s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-8460.pem 865s Certificate: 865s Data: 865s Version: 3 (0x2) 865s Serial Number: 5 (0x5) 865s Signature Algorithm: sha256WithRSAEncryption 865s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 865s Validity 865s Not Before: Apr 8 22:45:09 2024 GMT 865s Not After : Apr 8 22:45:09 2025 GMT 865s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 865s Subject Public Key Info: 865s Public Key Algorithm: rsaEncryption 865s Public-Key: (1024 bit) 865s Modulus: 865s 00:d5:a7:27:3e:26:ff:2f:3d:dd:f5:b9:e1:25:9d: 865s ed:90:4c:bc:c6:48:89:8a:42:26:5f:7f:85:78:94: 865s 8e:bc:2c:cf:4e:fc:73:db:3a:20:ef:48:c5:59:c7: 865s af:d5:cb:61:01:47:3a:64:4d:a2:d2:d1:cc:4e:d0: 865s 13:91:df:4c:3a:00:98:da:89:fa:1c:9d:9e:6b:d4: 865s b5:03:ff:6c:52:97:c4:a6:90:59:76:84:1a:8a:c9: 865s 96:a7:39:04:74:91:2e:ea:78:c7:5c:50:50:3d:55: 865s b8:9c:59:c4:1c:d9:80:ae:a3:ee:5a:b8:06:fa:21: 865s 9d:4f:2d:ba:94:fc:f7:ce:a3 865s Exponent: 65537 (0x10001) 865s X509v3 extensions: 865s X509v3 Authority Key Identifier: 865s 67:2B:97:7B:E4:A0:4A:F4:42:7D:DC:53:FD:9F:B8:75:39:7D:55:4F 865s X509v3 Basic Constraints: 865s CA:FALSE 865s Netscape Cert Type: 865s SSL Client, S/MIME 865s Netscape Comment: 865s Test Organization Sub Intermediate CA trusted Certificate 865s X509v3 Subject Key Identifier: 865s F3:31:15:D9:DC:7B:A2:2F:BD:D2:DE:F6:11:D8:37:80:53:36:5C:C2 865s X509v3 Key Usage: critical 865s Digital Signature, Non Repudiation, Key Encipherment 865s X509v3 Extended Key Usage: 865s TLS Web Client Authentication, E-mail Protection 865s X509v3 Subject Alternative Name: 865s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 865s Signature Algorithm: sha256WithRSAEncryption 865s Signature Value: 865s 67:5e:27:d2:e3:a7:99:38:45:28:9c:05:67:7d:31:d5:26:cf: 865s ca:70:e8:29:60:76:48:88:47:23:a0:c4:22:38:09:8f:e9:20: 865s 89:78:28:61:76:bf:5a:e1:59:81:89:9d:cc:fe:2e:6a:e5:89: 865s 30:2c:a9:a3:ba:10:77:30:41:51:c9:0c:84:1c:0c:77:76:02: 865s 35:16:59:f0:3b:95:64:da:1d:a7:e5:00:86:b0:de:0f:72:e1: 865s e5:67:73:d0:82:d9:00:ea:6f:86:f9:f4:1c:d2:88:73:7d:b9: 865s 2a:8b:34:e7:53:6d:9c:de:cd:5d:3e:60:be:6c:e0:23:58:77: 865s 88:52 865s + local found_md5 expected_md5 865s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 865s + expected_md5=Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 865s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-8460.pem 865s + found_md5=Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 865s + '[' Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 '!=' Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 ']' 865s + output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-8460-auth.output 865s ++ basename /tmp/sssd-softhsm2-iVXKsv/SSSD-child-8460-auth.output .output 865s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-8460-auth.pem 865s + echo -n 053350 865s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 865s [p11_child[2562]] [main] (0x0400): p11_child started. 865s [p11_child[2562]] [main] (0x2000): Running in [auth] mode. 865s [p11_child[2562]] [main] (0x2000): Running with effective IDs: [0][0]. 865s [p11_child[2562]] [main] (0x2000): Running with real IDs [0][0]. 865s [p11_child[2562]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 865s [p11_child[2562]] [do_card] (0x4000): Module List: 865s [p11_child[2562]] [do_card] (0x4000): common name: [softhsm2]. 865s [p11_child[2562]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 865s [p11_child[2562]] [do_card] (0x4000): Description [SoftHSM slot ID 0x536aa5d2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 865s [p11_child[2562]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 865s [p11_child[2562]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x536aa5d2][1399498194] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 865s [p11_child[2562]] [do_card] (0x4000): Login required. 865s [p11_child[2562]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 865s [p11_child[2562]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 865s [p11_child[2562]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 865s [p11_child[2562]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x536aa5d2;slot-manufacturer=SoftHSM%20project;slot-id=1399498194;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=27c2b99a536aa5d2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 865s [p11_child[2562]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 865s [p11_child[2562]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 865s [p11_child[2562]] [do_card] (0x4000): Certificate verified and validated. 865s [p11_child[2562]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 865s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-8460-auth.output 865s + echo '-----BEGIN CERTIFICATE-----' 865s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-8460-auth.output 865s + echo '-----END CERTIFICATE-----' 865s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-8460-auth.pem 865s Certificate: 865s Data: 865s Version: 3 (0x2) 865s Serial Number: 5 (0x5) 865s Signature Algorithm: sha256WithRSAEncryption 865s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 865s Validity 865s Not Before: Apr 8 22:45:09 2024 GMT 865s Not After : Apr 8 22:45:09 2025 GMT 865s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 865s Subject Public Key Info: 865s Public Key Algorithm: rsaEncryption 865s Public-Key: (1024 bit) 865s Modulus: 865s 00:d5:a7:27:3e:26:ff:2f:3d:dd:f5:b9:e1:25:9d: 865s ed:90:4c:bc:c6:48:89:8a:42:26:5f:7f:85:78:94: 865s 8e:bc:2c:cf:4e:fc:73:db:3a:20:ef:48:c5:59:c7: 865s af:d5:cb:61:01:47:3a:64:4d:a2:d2:d1:cc:4e:d0: 865s 13:91:df:4c:3a:00:98:da:89:fa:1c:9d:9e:6b:d4: 865s b5:03:ff:6c:52:97:c4:a6:90:59:76:84:1a:8a:c9: 865s 96:a7:39:04:74:91:2e:ea:78:c7:5c:50:50:3d:55: 865s b8:9c:59:c4:1c:d9:80:ae:a3:ee:5a:b8:06:fa:21: 865s 9d:4f:2d:ba:94:fc:f7:ce:a3 865s Exponent: 65537 (0x10001) 865s X509v3 extensions: 865s X509v3 Authority Key Identifier: 865s 67:2B:97:7B:E4:A0:4A:F4:42:7D:DC:53:FD:9F:B8:75:39:7D:55:4F 865s X509v3 Basic Constraints: 865s CA:FALSE 865s Netscape Cert Type: 865s SSL Client, S/MIME 865s Netscape Comment: 865s Test Organization Sub Intermediate CA trusted Certificate 865s X509v3 Subject Key Identifier: 865s F3:31:15:D9:DC:7B:A2:2F:BD:D2:DE:F6:11:D8:37:80:53:36:5C:C2 865s X509v3 Key Usage: critical 865s Digital Signature, Non Repudiation, Key Encipherment 865s X509v3 Extended Key Usage: 865s TLS Web Client Authentication, E-mail Protection 865s X509v3 Subject Alternative Name: 865s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 865s Signature Algorithm: sha256WithRSAEncryption 865s Signature Value: 865s 67:5e:27:d2:e3:a7:99:38:45:28:9c:05:67:7d:31:d5:26:cf: 865s ca:70:e8:29:60:76:48:88:47:23:a0:c4:22:38:09:8f:e9:20: 865s 89:78:28:61:76:bf:5a:e1:59:81:89:9d:cc:fe:2e:6a:e5:89: 865s 30:2c:a9:a3:ba:10:77:30:41:51:c9:0c:84:1c:0c:77:76:02: 865s 35:16:59:f0:3b:95:64:da:1d:a7:e5:00:86:b0:de:0f:72:e1: 865s e5:67:73:d0:82:d9:00:ea:6f:86:f9:f4:1c:d2:88:73:7d:b9: 865s 2a:8b:34:e7:53:6d:9c:de:cd:5d:3e:60:be:6c:e0:23:58:77: 865s 88:52 865s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-8460-auth.pem 865s + found_md5=Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 865s + '[' Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 '!=' Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 ']' 865s + valid_certificate /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 /tmp/sssd-softhsm2-iVXKsv/test-intermediate-sub-chain-CA.pem partial_chain 865s + check_certificate /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 /tmp/sssd-softhsm2-iVXKsv/test-intermediate-sub-chain-CA.pem partial_chain 865s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 865s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-25908 865s + local key_ring=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-sub-chain-CA.pem 865s + local verify_option=partial_chain 865s + prepare_softhsm2_card /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-25908 865s + local certificate=/tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 865s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-25908 865s + local key_cn 865s + local key_name 865s + local tokens_dir 865s + local output_cert_file 865s + token_name= 865s ++ basename /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 865s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 865s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 865s ++ sed -n 's/ *commonName *= //p' 865s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 865s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 865s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 865s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 865s ++ basename /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 865s + tokens_dir=/tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 865s + token_name='Test Organization Sub Int Token' 865s + '[' '!' -e /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 865s + '[' '!' -d /tmp/sssd-softhsm2-iVXKsv/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 865s + echo 'Test Organization Sub Int Token' 865s + '[' -n partial_chain ']' 865s + local verify_arg=--verify=partial_chain 865s + local output_base_name=SSSD-child-3849 865s + local output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-3849.output 865s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-3849.pem 865s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-sub-chain-CA.pem 865s Test Organization Sub Int Token 865s [p11_child[2572]] [main] (0x0400): p11_child started. 865s [p11_child[2572]] [main] (0x2000): Running in [pre-auth] mode. 865s [p11_child[2572]] [main] (0x2000): Running with effective IDs: [0][0]. 865s [p11_child[2572]] [main] (0x2000): Running with real IDs [0][0]. 865s [p11_child[2572]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 865s [p11_child[2572]] [do_card] (0x4000): Module List: 865s [p11_child[2572]] [do_card] (0x4000): common name: [softhsm2]. 865s [p11_child[2572]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 865s [p11_child[2572]] [do_card] (0x4000): Description [SoftHSM slot ID 0x536aa5d2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 865s [p11_child[2572]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 865s [p11_child[2572]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x536aa5d2][1399498194] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 865s [p11_child[2572]] [do_card] (0x4000): Login NOT required. 865s [p11_child[2572]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 865s [p11_child[2572]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 865s [p11_child[2572]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 865s [p11_child[2572]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x536aa5d2;slot-manufacturer=SoftHSM%20project;slot-id=1399498194;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=27c2b99a536aa5d2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 865s [p11_child[2572]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 865s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3849.output 865s + echo '-----BEGIN CERTIFICATE-----' 865s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3849.output 865s + echo '-----END CERTIFICATE-----' 865s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3849.pem 866s Certificate: 866s Data: 866s Version: 3 (0x2) 866s Serial Number: 5 (0x5) 866s Signature Algorithm: sha256WithRSAEncryption 866s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 866s Validity 866s Not Before: Apr 8 22:45:09 2024 GMT 866s Not After : Apr 8 22:45:09 2025 GMT 866s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 866s Subject Public Key Info: 866s Public Key Algorithm: rsaEncryption 866s Public-Key: (1024 bit) 866s Modulus: 866s 00:d5:a7:27:3e:26:ff:2f:3d:dd:f5:b9:e1:25:9d: 866s ed:90:4c:bc:c6:48:89:8a:42:26:5f:7f:85:78:94: 866s 8e:bc:2c:cf:4e:fc:73:db:3a:20:ef:48:c5:59:c7: 866s af:d5:cb:61:01:47:3a:64:4d:a2:d2:d1:cc:4e:d0: 866s 13:91:df:4c:3a:00:98:da:89:fa:1c:9d:9e:6b:d4: 866s b5:03:ff:6c:52:97:c4:a6:90:59:76:84:1a:8a:c9: 866s 96:a7:39:04:74:91:2e:ea:78:c7:5c:50:50:3d:55: 866s b8:9c:59:c4:1c:d9:80:ae:a3:ee:5a:b8:06:fa:21: 866s 9d:4f:2d:ba:94:fc:f7:ce:a3 866s Exponent: 65537 (0x10001) 866s X509v3 extensions: 866s X509v3 Authority Key Identifier: 866s 67:2B:97:7B:E4:A0:4A:F4:42:7D:DC:53:FD:9F:B8:75:39:7D:55:4F 866s X509v3 Basic Constraints: 866s CA:FALSE 866s Netscape Cert Type: 866s SSL Client, S/MIME 866s Netscape Comment: 866s Test Organization Sub Intermediate CA trusted Certificate 866s X509v3 Subject Key Identifier: 866s F3:31:15:D9:DC:7B:A2:2F:BD:D2:DE:F6:11:D8:37:80:53:36:5C:C2 866s X509v3 Key Usage: critical 866s Digital Signature, Non Repudiation, Key Encipherment 866s X509v3 Extended Key Usage: 866s TLS Web Client Authentication, E-mail Protection 866s X509v3 Subject Alternative Name: 866s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 866s Signature Algorithm: sha256WithRSAEncryption 866s Signature Value: 866s 67:5e:27:d2:e3:a7:99:38:45:28:9c:05:67:7d:31:d5:26:cf: 866s ca:70:e8:29:60:76:48:88:47:23:a0:c4:22:38:09:8f:e9:20: 866s 89:78:28:61:76:bf:5a:e1:59:81:89:9d:cc:fe:2e:6a:e5:89: 866s 30:2c:a9:a3:ba:10:77:30:41:51:c9:0c:84:1c:0c:77:76:02: 866s 35:16:59:f0:3b:95:64:da:1d:a7:e5:00:86:b0:de:0f:72:e1: 866s e5:67:73:d0:82:d9:00:ea:6f:86:f9:f4:1c:d2:88:73:7d:b9: 866s 2a:8b:34:e7:53:6d:9c:de:cd:5d:3e:60:be:6c:e0:23:58:77: 866s 88:52 866s + local found_md5 expected_md5 866s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/test-sub-intermediate-CA-trusted-certificate-0001.pem 866s + expected_md5=Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 866s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3849.pem 866s + found_md5=Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 866s + '[' Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 '!=' Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 ']' 866s + output_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-3849-auth.output 866s ++ basename /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3849-auth.output .output 866s + output_cert_file=/tmp/sssd-softhsm2-iVXKsv/SSSD-child-3849-auth.pem 866s + echo -n 053350 866s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-iVXKsv/test-intermediate-sub-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 866s [p11_child[2580]] [main] (0x0400): p11_child started. 866s [p11_child[2580]] [main] (0x2000): Running in [auth] mode. 866s [p11_child[2580]] [main] (0x2000): Running with effective IDs: [0][0]. 866s [p11_child[2580]] [main] (0x2000): Running with real IDs [0][0]. 866s [p11_child[2580]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 866s [p11_child[2580]] [do_card] (0x4000): Module List: 866s [p11_child[2580]] [do_card] (0x4000): common name: [softhsm2]. 866s [p11_child[2580]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 866s [p11_child[2580]] [do_card] (0x4000): Description [SoftHSM slot ID 0x536aa5d2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 866s [p11_child[2580]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 866s [p11_child[2580]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x536aa5d2][1399498194] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 866s [p11_child[2580]] [do_card] (0x4000): Login required. 866s [p11_child[2580]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 866s [p11_child[2580]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 866s [p11_child[2580]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 866s [p11_child[2580]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x536aa5d2;slot-manufacturer=SoftHSM%20project;slot-id=1399498194;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=27c2b99a536aa5d2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 866s [p11_child[2580]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 866s [p11_child[2580]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 866s [p11_child[2580]] [do_card] (0x4000): Certificate verified and validated. 866s [p11_child[2580]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 866s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3849-auth.output 866s + echo '-----BEGIN CERTIFICATE-----' 866s + tail -n1 /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3849-auth.output 866s + echo '-----END CERTIFICATE-----' 866s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3849-auth.pem 866s Certificate: 866s Data: 866s Version: 3 (0x2) 866s Serial Number: 5 (0x5) 866s Signature Algorithm: sha256WithRSAEncryption 866s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 866s Validity 866s Not Before: Apr 8 22:45:09 2024 GMT 866s Not After : Apr 8 22:45:09 2025 GMT 866s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 866s Subject Public Key Info: 866s Public Key Algorithm: rsaEncryption 866s Public-Key: (1024 bit) 866s Modulus: 866s 00:d5:a7:27:3e:26:ff:2f:3d:dd:f5:b9:e1:25:9d: 866s ed:90:4c:bc:c6:48:89:8a:42:26:5f:7f:85:78:94: 866s 8e:bc:2c:cf:4e:fc:73:db:3a:20:ef:48:c5:59:c7: 866s af:d5:cb:61:01:47:3a:64:4d:a2:d2:d1:cc:4e:d0: 866s 13:91:df:4c:3a:00:98:da:89:fa:1c:9d:9e:6b:d4: 866s b5:03:ff:6c:52:97:c4:a6:90:59:76:84:1a:8a:c9: 866s 96:a7:39:04:74:91:2e:ea:78:c7:5c:50:50:3d:55: 866s b8:9c:59:c4:1c:d9:80:ae:a3:ee:5a:b8:06:fa:21: 866s 9d:4f:2d:ba:94:fc:f7:ce:a3 866s Exponent: 65537 (0x10001) 866s X509v3 extensions: 866s X509v3 Authority Key Identifier: 866s 67:2B:97:7B:E4:A0:4A:F4:42:7D:DC:53:FD:9F:B8:75:39:7D:55:4F 866s X509v3 Basic Constraints: 866s CA:FALSE 866s Netscape Cert Type: 866s SSL Client, S/MIME 866s Netscape Comment: 866s Test Organization Sub Intermediate CA trusted Certificate 866s X509v3 Subject Key Identifier: 866s F3:31:15:D9:DC:7B:A2:2F:BD:D2:DE:F6:11:D8:37:80:53:36:5C:C2 866s X509v3 Key Usage: critical 866s Digital Signature, Non Repudiation, Key Encipherment 866s X509v3 Extended Key Usage: 866s TLS Web Client Authentication, E-mail Protection 866s X509v3 Subject Alternative Name: 866s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 866s Signature Algorithm: sha256WithRSAEncryption 866s Signature Value: 866s 67:5e:27:d2:e3:a7:99:38:45:28:9c:05:67:7d:31:d5:26:cf: 866s ca:70:e8:29:60:76:48:88:47:23:a0:c4:22:38:09:8f:e9:20: 866s 89:78:28:61:76:bf:5a:e1:59:81:89:9d:cc:fe:2e:6a:e5:89: 866s 30:2c:a9:a3:ba:10:77:30:41:51:c9:0c:84:1c:0c:77:76:02: 866s 35:16:59:f0:3b:95:64:da:1d:a7:e5:00:86:b0:de:0f:72:e1: 866s e5:67:73:d0:82:d9:00:ea:6f:86:f9:f4:1c:d2:88:73:7d:b9: 866s 2a:8b:34:e7:53:6d:9c:de:cd:5d:3e:60:be:6c:e0:23:58:77: 866s 88:52 866s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-iVXKsv/SSSD-child-3849-auth.pem 866s + found_md5=Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 866s + '[' Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 '!=' Modulus=D5A7273E26FF2F3DDDF5B9E1259DED904CBCC648898A42265F7F8578948EBC2CCF4EFC73DB3A20EF48C559C7AFD5CB6101473A644DA2D2D1CC4ED01391DF4C3A0098DA89FA1C9D9E6BD4B503FF6C5297C4A6905976841A8AC996A7390474912EEA78C75C50503D55B89C59C41CD980AEA3EE5AB806FA219D4F2DBA94FCF7CEA3 ']' 866s + set +x 866s 866s Test completed, Root CA and intermediate issued certificates verified! 866s autopkgtest [22:45:15]: test sssd-softhism2-certificates-tests.sh: -----------------------] 867s autopkgtest [22:45:16]: test sssd-softhism2-certificates-tests.sh: - - - - - - - - - - results - - - - - - - - - - 867s sssd-softhism2-certificates-tests.sh PASS 867s autopkgtest [22:45:16]: test sssd-smart-card-pam-auth-configs: preparing testbed 869s Reading package lists... 869s Building dependency tree... 869s Reading state information... 869s Starting pkgProblemResolver with broken count: 0 869s Starting 2 pkgProblemResolver with broken count: 0 869s Done 869s The following additional packages will be installed: 869s pamtester 870s The following NEW packages will be installed: 870s autopkgtest-satdep pamtester 870s 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. 870s Need to get 14.6 kB/15.4 kB of archives. 870s After this operation, 86.0 kB of additional disk space will be used. 870s Get:1 /tmp/autopkgtest.ZdLqjh/4-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [760 B] 870s Get:2 http://ftpmaster.internal/ubuntu noble/universe ppc64el pamtester ppc64el 0.1.2-4 [14.6 kB] 870s Fetched 14.6 kB in 0s (54.4 kB/s) 870s Selecting previously unselected package pamtester. 870s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 73290 files and directories currently installed.) 870s Preparing to unpack .../pamtester_0.1.2-4_ppc64el.deb ... 870s Unpacking pamtester (0.1.2-4) ... 870s Selecting previously unselected package autopkgtest-satdep. 870s Preparing to unpack .../4-autopkgtest-satdep.deb ... 870s Unpacking autopkgtest-satdep (0) ... 870s Setting up pamtester (0.1.2-4) ... 870s Setting up autopkgtest-satdep (0) ... 870s Processing triggers for man-db (2.12.0-4build1) ... 873s (Reading database ... 73296 files and directories currently installed.) 873s Removing autopkgtest-satdep (0) ... 874s autopkgtest [22:45:23]: test sssd-smart-card-pam-auth-configs: env OFFLINE_MODE=1 bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 874s autopkgtest [22:45:23]: test sssd-smart-card-pam-auth-configs: [----------------------- 874s + '[' -z ubuntu ']' 874s + export DEBIAN_FRONTEND=noninteractive 874s + DEBIAN_FRONTEND=noninteractive 874s + required_tools=(pamtester softhsm2-util sssd) 874s + [[ ! -v OFFLINE_MODE ]] 874s + for cmd in "${required_tools[@]}" 874s + command -v pamtester 874s + for cmd in "${required_tools[@]}" 874s + command -v softhsm2-util 874s + for cmd in "${required_tools[@]}" 874s + command -v sssd 874s + PIN=123456 874s ++ mktemp -d -t sssd-softhsm2-certs-XXXXXX 874s + tmpdir=/tmp/sssd-softhsm2-certs-icKkjO 874s + backupsdir= 874s + alternative_pam_configs=(sss-smart-card-optional sss-smart-card-required) 874s + declare -a restore_paths 874s + declare -a delete_paths 874s + trap handle_exit EXIT 874s ++ dirname debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 874s + tester=debian/tests/sssd-softhism2-certificates-tests.sh 874s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 874s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 874s + export PIN TEST_TMPDIR=/tmp/sssd-softhsm2-certs-icKkjO GENERATE_SMART_CARDS=1 KEEP_TEMPORARY_FILES=1 NO_SSSD_TESTS=1 874s + TEST_TMPDIR=/tmp/sssd-softhsm2-certs-icKkjO 874s + GENERATE_SMART_CARDS=1 874s + KEEP_TEMPORARY_FILES=1 874s + NO_SSSD_TESTS=1 874s + bash debian/tests/sssd-softhism2-certificates-tests.sh 874s + '[' -z ubuntu ']' 874s + required_tools=(p11tool openssl softhsm2-util) 874s + for cmd in "${required_tools[@]}" 874s + command -v p11tool 874s + for cmd in "${required_tools[@]}" 874s + command -v openssl 874s + for cmd in "${required_tools[@]}" 874s + command -v softhsm2-util 874s + PIN=123456 874s +++ find /usr/lib/softhsm/libsofthsm2.so 874s +++ head -n 1 874s ++ realpath /usr/lib/softhsm/libsofthsm2.so 874s + SOFTHSM2_MODULE=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 874s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 874s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 874s + '[' '!' -v NO_SSSD_TESTS ']' 874s + '[' '!' -e /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so ']' 874s + tmpdir=/tmp/sssd-softhsm2-certs-icKkjO 874s + keys_size=1024 874s + [[ ! -v KEEP_TEMPORARY_FILES ]] 874s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 874s + echo -n 01 874s + touch /tmp/sssd-softhsm2-certs-icKkjO/index.txt 874s + mkdir -p /tmp/sssd-softhsm2-certs-icKkjO/new_certs 874s + cat 874s + root_ca_key_pass=pass:random-root-CA-password-26599 874s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-key.pem -passout pass:random-root-CA-password-26599 1024 874s + openssl req -passin pass:random-root-CA-password-26599 -batch -config /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA.pem 874s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA.pem 874s + cat 874s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-14983 874s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-14983 1024 874s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-14983 -config /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-26599 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-certificate-request.pem 874s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-certificate-request.pem 874s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA.config -passin pass:random-root-CA-password-26599 -keyfile /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem 874s Certificate Request: 874s Data: 874s Version: 1 (0x0) 874s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 874s Subject Public Key Info: 874s Public Key Algorithm: rsaEncryption 874s Public-Key: (1024 bit) 874s Modulus: 874s 00:e0:6d:b9:41:e3:ec:40:96:45:49:f4:c2:d6:92: 874s fd:0e:c9:99:7c:d9:5f:28:bf:2d:f8:7d:37:e8:75: 874s 73:ce:0b:36:1c:b2:e5:ae:84:4e:96:e3:fa:55:0c: 874s 6a:db:ec:82:84:ce:c8:b2:72:94:fc:a3:f6:0e:c3: 874s e2:85:eb:ae:05:e9:90:4a:db:a1:02:78:5f:c9:d7: 874s f2:98:df:ab:d5:16:4a:c9:63:e0:a6:b6:ec:1c:57: 874s 58:83:c7:27:33:38:1e:85:6d:71:5a:58:2c:1b:21: 874s 32:cf:20:59:98:3e:a5:b6:d0:63:3b:a9:1a:fe:e1: 874s c7:d3:c0:59:ec:0f:fa:bb:d1 874s Exponent: 65537 (0x10001) 874s Attributes: 874s (none) 874s Requested Extensions: 874s Signature Algorithm: sha256WithRSAEncryption 874s Signature Value: 874s b4:81:c1:1e:64:16:95:b9:ff:56:00:12:b2:6e:ed:60:38:5b: 874s 1d:28:9f:49:df:c1:14:af:70:0a:6b:b8:88:cf:1c:1e:d7:e3: 874s 38:29:a3:54:8a:8d:d9:53:5b:1b:64:c8:8f:d4:26:36:2d:d6: 874s ac:c8:de:25:24:4f:b1:0c:c7:00:a3:57:12:1b:b6:7d:b4:53: 874s 7f:f7:58:60:94:3a:e9:00:c8:e7:fe:5b:1c:77:4a:3e:19:ab: 874s 46:7d:4f:84:7b:a1:b9:6d:e0:87:3a:9d:90:14:32:0e:5f:8d: 874s a2:db:da:fb:da:55:14:84:4b:bc:96:64:3a:df:65:2f:7d:a6: 874s 0d:7c 874s Using configuration from /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA.config 874s Check that the request matches the signature 874s Signature ok 874s Certificate Details: 874s Serial Number: 1 (0x1) 874s Validity 874s Not Before: Apr 8 22:45:23 2024 GMT 874s Not After : Apr 8 22:45:23 2025 GMT 874s Subject: 874s organizationName = Test Organization 874s organizationalUnitName = Test Organization Unit 874s commonName = Test Organization Intermediate CA 874s X509v3 extensions: 874s X509v3 Subject Key Identifier: 874s 8A:D5:D1:E6:95:37:36:82:B7:DB:32:2B:8C:38:47:38:C1:C1:70:9E 874s X509v3 Authority Key Identifier: 874s keyid:C5:DF:83:8A:11:FF:03:A8:7E:C0:53:4F:2E:B4:E8:7D:D1:D0:0B:52 874s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 874s serial:00 874s X509v3 Basic Constraints: 874s CA:TRUE 874s X509v3 Key Usage: critical 874s Digital Signature, Certificate Sign, CRL Sign 874s Certificate is to be certified until Apr 8 22:45:23 2025 GMT (365 days) 874s 874s Write out database with 1 new entries 874s Database updated 874s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem 874s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem 874s + cat 874s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-13007 874s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-13007 1024 874s /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem: OK 874s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-13007 -config /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-14983 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-certificate-request.pem 874s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-certificate-request.pem 874s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-14983 -keyfile /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.pem 874s Using configuration from /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.config 874s Certificate Request: 874s Data: 874s Version: 1 (0x0) 874s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 874s Subject Public Key Info: 874s Public Key Algorithm: rsaEncryption 874s Public-Key: (1024 bit) 874s Modulus: 874s 00:c7:cf:38:38:76:f8:47:9b:5f:83:be:23:0e:9e: 874s 9b:07:e5:0d:3a:8f:82:c0:2c:04:1f:5c:46:4c:73: 874s 1c:31:86:c2:98:46:34:95:d4:a2:06:c1:3b:f5:9c: 874s a8:ad:09:a4:6b:74:ee:9f:1d:da:4b:b4:21:27:a5: 874s 14:f9:97:bb:c1:69:3c:33:16:84:ee:00:e4:69:17: 874s 91:3d:e3:af:1a:13:3f:16:d7:f4:ca:c6:eb:28:c9: 874s e0:32:52:2d:e7:b9:9a:89:44:d3:a5:40:67:21:a9: 874s f3:32:95:a2:93:9e:da:1a:69:41:43:9f:f8:5d:c4: 874s 33:3b:47:59:c9:c2:b0:80:05 874s Exponent: 65537 (0x10001) 874s Attributes: 874s (none) 874s Requested Extensions: 874s Signature Algorithm: sha256WithRSAEncryption 874s Signature Value: 874s 02:5c:fa:a9:bb:71:25:f4:83:59:71:d5:88:94:3d:1a:8f:bf: 874s 22:7c:1b:25:3d:cc:20:b2:1d:6f:67:36:8d:0c:71:e8:5d:e3: 874s 69:e8:68:f0:f9:09:4f:8d:27:db:0d:68:4a:41:4d:cd:53:76: 874s 80:90:74:64:0a:bc:bd:a5:7f:b7:7b:cc:a6:09:02:8c:e2:00: 874s d1:96:99:ff:f8:9a:1b:a5:d5:09:5d:99:59:bf:95:b8:27:1e: 874s a2:58:48:ab:c5:99:22:f0:72:29:42:e6:52:c6:21:f9:f4:cc: 874s 5f:82:b3:0b:f6:8c:67:44:e6:cd:c3:3a:60:e3:fd:a3:a6:21: 874s ec:a4 874s Check that the request matches the signature 874s Signature ok 874s Certificate Details: 874s Serial Number: 2 (0x2) 874s Validity 874s Not Before: Apr 8 22:45:23 2024 GMT 874s Not After : Apr 8 22:45:23 2025 GMT 874s Subject: 874s organizationName = Test Organization 874s organizationalUnitName = Test Organization Unit 874s commonName = Test Organization Sub Intermediate CA 874s X509v3 extensions: 874s X509v3 Subject Key Identifier: 874s B4:51:84:FF:28:35:47:8F:7C:9B:AB:99:B6:60:D1:4E:AE:3B:DE:38 874s X509v3 Authority Key Identifier: 874s keyid:8A:D5:D1:E6:95:37:36:82:B7:DB:32:2B:8C:38:47:38:C1:C1:70:9E 874s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 874s serial:01 874s X509v3 Basic Constraints: 874s CA:TRUE 874s X509v3 Key Usage: critical 874s Digital Signature, Certificate Sign, CRL Sign 874s Certificate is to be certified until Apr 8 22:45:23 2025 GMT (365 days) 874s 874s Write out database with 1 new entries 874s Database updated 874s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.pem 874s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.pem 874s /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.pem: OK 874s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.pem 874s + local cmd=openssl 874s + shift 874s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.pem 874s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 874s error 20 at 0 depth lookup: unable to get local issuer certificate 874s error /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.pem: verification failed 874s + cat 874s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-4909 874s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-4909 1024 874s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-4909 -key /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001-request.pem 874s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001-request.pem 874s Certificate Request: 874s Data: 874s Version: 1 (0x0) 874s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 874s Subject Public Key Info: 874s Public Key Algorithm: rsaEncryption 874s Public-Key: (1024 bit) 874s Modulus: 874s 00:a9:aa:71:96:1f:87:ca:8e:49:6a:5e:89:05:7e: 874s 96:9d:ba:12:bb:95:80:bf:f4:29:d3:be:25:0b:cd: 874s 38:00:4a:60:11:24:c0:1f:a7:f1:eb:a0:22:84:78: 874s 52:ba:56:5f:56:1a:34:64:3a:d3:5a:c6:50:33:9c: 874s 47:10:a0:68:64:58:a3:d7:b0:40:2e:02:b9:48:79: 874s 30:15:c2:31:09:ff:c0:be:02:4e:77:e8:50:ac:9e: 874s 1e:2c:96:61:0b:e9:1b:2c:d8:71:ea:13:c7:3f:d1: 874s ed:97:75:fd:b5:16:e5:70:a7:6e:e9:6a:42:5f:e1: 874s 45:76:4e:0b:f3:67:60:ae:d5 874s Exponent: 65537 (0x10001) 874s Attributes: 874s Requested Extensions: 874s X509v3 Basic Constraints: 874s CA:FALSE 874s Netscape Cert Type: 874s SSL Client, S/MIME 874s Netscape Comment: 874s Test Organization Root CA trusted Certificate 874s X509v3 Subject Key Identifier: 874s BE:DF:C4:BB:28:A5:21:59:B3:9B:0A:F5:4A:0E:D5:58:F3:89:4E:CF 874s X509v3 Key Usage: critical 874s Digital Signature, Non Repudiation, Key Encipherment 874s X509v3 Extended Key Usage: 874s TLS Web Client Authentication, E-mail Protection 874s X509v3 Subject Alternative Name: 874s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 874s Signature Algorithm: sha256WithRSAEncryption 874s Signature Value: 874s 81:d3:e5:c2:69:e6:11:84:5f:f1:75:60:fc:85:8e:ba:46:ee: 874s 0e:e6:97:2a:40:19:1a:dd:de:c6:e6:32:dd:ba:d6:a2:d9:18: 874s 8c:54:b0:fe:78:38:c3:15:88:f2:4e:0b:61:d6:ab:d6:b7:90: 874s df:04:f8:ef:85:0a:dc:06:02:98:84:7c:93:0d:8a:ca:a8:b5: 874s 4b:ba:ca:96:07:10:df:ef:ff:8a:f5:34:8a:10:4d:f6:00:55: 874s fb:a7:c3:0a:b8:da:eb:91:f3:64:51:f6:2d:ca:3a:dc:ff:2c: 874s 79:44:c0:22:f1:4f:53:a9:df:07:41:b4:ad:a3:84:83:67:cc: 874s ee:e1 874s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA.config -passin pass:random-root-CA-password-26599 -keyfile /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001.pem 874s Using configuration from /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA.config 874s Check that the request matches the signature 874s Signature ok 874s Certificate Details: 874s Serial Number: 3 (0x3) 874s Validity 874s Not Before: Apr 8 22:45:23 2024 GMT 874s Not After : Apr 8 22:45:23 2025 GMT 874s Subject: 874s organizationName = Test Organization 874s organizationalUnitName = Test Organization Unit 874s commonName = Test Organization Root Trusted Certificate 0001 874s X509v3 extensions: 874s X509v3 Authority Key Identifier: 874s C5:DF:83:8A:11:FF:03:A8:7E:C0:53:4F:2E:B4:E8:7D:D1:D0:0B:52 874s X509v3 Basic Constraints: 874s CA:FALSE 874s Netscape Cert Type: 874s SSL Client, S/MIME 874s Netscape Comment: 874s Test Organization Root CA trusted Certificate 874s X509v3 Subject Key Identifier: 874s BE:DF:C4:BB:28:A5:21:59:B3:9B:0A:F5:4A:0E:D5:58:F3:89:4E:CF 874s X509v3 Key Usage: critical 874s Digital Signature, Non Repudiation, Key Encipherment 874s X509v3 Extended Key Usage: 874s TLS Web Client Authentication, E-mail Protection 874s X509v3 Subject Alternative Name: 874s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 874s Certificate is to be certified until Apr 8 22:45:23 2025 GMT (365 days) 874s 874s Write out database with 1 new entries 874s Database updated 874s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001.pem 874s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001.pem 874s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001.pem 874s + local cmd=openssl 874s + shift 874s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001.pem 874s /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001.pem: OK 874s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 874s error 20 at 0 depth lookup: unable to get local issuer certificate 874s error /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001.pem: verification failed 874s + cat 874s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-5997 874s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-5997 1024 874s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-5997 -key /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001-request.pem 874s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001-request.pem 874s Certificate Request: 874s Data: 874s Version: 1 (0x0) 874s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 874s Subject Public Key Info: 874s Public Key Algorithm: rsaEncryption 874s Public-Key: (1024 bit) 874s Modulus: 874s 00:a4:43:4e:18:29:d5:d0:52:e7:60:fd:54:8d:a6: 874s 6a:b7:36:be:db:6f:5f:02:a5:98:f1:37:4f:4f:fa: 874s 25:0c:7b:73:c7:71:eb:14:a9:f1:2d:4e:82:bf:52: 874s 53:e6:19:95:2e:13:f2:0e:d5:a3:3b:77:0e:df:2d: 874s 5d:ab:2f:03:0a:46:bb:ca:7d:ff:b0:49:44:34:60: 874s a4:8e:62:db:6b:69:6a:81:6f:4c:63:14:4e:7c:92: 874s 6c:0b:83:51:36:15:23:11:8c:a3:aa:52:b4:6b:8e: 874s ee:fb:0f:8c:2c:46:4d:87:7d:93:ca:0b:d3:09:16: 874s d3:c7:cf:4b:39:e3:01:aa:e3 874s Exponent: 65537 (0x10001) 874s Attributes: 874s Requested Extensions: 874s X509v3 Basic Constraints: 874s CA:FALSE 874s Netscape Cert Type: 874s SSL Client, S/MIME 874s Netscape Comment: 874s Test Organization Intermediate CA trusted Certificate 874s X509v3 Subject Key Identifier: 874s 59:1B:AA:BC:9E:D6:33:C8:F2:68:E9:F8:FE:A4:B7:04:69:55:E9:93 874s X509v3 Key Usage: critical 874s Digital Signature, Non Repudiation, Key Encipherment 874s X509v3 Extended Key Usage: 874s TLS Web Client Authentication, E-mail Protection 874s X509v3 Subject Alternative Name: 874s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 874s Signature Algorithm: sha256WithRSAEncryption 874s Signature Value: 874s 93:8c:6b:70:6b:7d:3f:d2:d1:d6:1f:b5:ed:27:c7:a3:e2:2a: 874s 99:b5:ac:e7:9d:7a:40:7b:94:15:6f:03:65:70:6f:eb:52:de: 874s 31:72:03:d2:50:ac:b3:b3:1e:ea:10:0d:eb:e7:10:ad:2a:88: 874s 9f:4f:39:5b:fa:e9:b8:0e:ac:33:63:7c:ed:fa:da:18:be:c5: 874s 4b:7d:e8:b4:40:4b:8b:3d:a1:01:a2:f9:8e:35:2c:f1:4e:13: 874s dc:25:60:97:87:f0:84:db:29:2f:81:a8:5d:d9:01:0f:ea:7c: 874s 25:15:35:32:e5:bd:77:01:77:0c:ca:5c:f9:31:79:63:94:98: 874s 96:54 874s + openssl ca -passin pass:random-intermediate-CA-password-14983 -config /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001.pem 874s Using configuration from /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.config 874s Check that the request matches the signature 874s Signature ok 874s Certificate Details: 874s Serial Number: 4 (0x4) 874s Validity 874s Not Before: Apr 8 22:45:23 2024 GMT 874s Not After : Apr 8 22:45:23 2025 GMT 874s Subject: 874s organizationName = Test Organization 874s organizationalUnitName = Test Organization Unit 874s commonName = Test Organization Intermediate Trusted Certificate 0001 874s X509v3 extensions: 874s X509v3 Authority Key Identifier: 874s 8A:D5:D1:E6:95:37:36:82:B7:DB:32:2B:8C:38:47:38:C1:C1:70:9E 874s X509v3 Basic Constraints: 874s CA:FALSE 874s Netscape Cert Type: 874s SSL Client, S/MIME 874s Netscape Comment: 874s Test Organization Intermediate CA trusted Certificate 874s X509v3 Subject Key Identifier: 874s 59:1B:AA:BC:9E:D6:33:C8:F2:68:E9:F8:FE:A4:B7:04:69:55:E9:93 874s X509v3 Key Usage: critical 874s Digital Signature, Non Repudiation, Key Encipherment 874s X509v3 Extended Key Usage: 874s TLS Web Client Authentication, E-mail Protection 874s X509v3 Subject Alternative Name: 874s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 874s Certificate is to be certified until Apr 8 22:45:23 2025 GMT (365 days) 874s 874s Write out database with 1 new entries 874s Database updated 874s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001.pem 874s This certificate should not be trusted fully 874s + echo 'This certificate should not be trusted fully' 874s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001.pem 874s + local cmd=openssl 874s + shift 874s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001.pem 874s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 874s error 2 at 1 depth lookup: unable to get issuer certificate 874s error /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 874s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001.pem 874s + cat 874s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18350 874s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-18350 1024 874s /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001.pem: OK 874s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-18350 -key /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 874s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 874s + openssl ca -passin pass:random-sub-intermediate-CA-password-13007 -config /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem 874s Certificate Request: 874s Data: 874s Version: 1 (0x0) 874s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 874s Subject Public Key Info: 874s Public Key Algorithm: rsaEncryption 874s Public-Key: (1024 bit) 874s Modulus: 874s 00:b6:96:28:7b:be:29:59:6c:a7:79:90:63:66:26: 874s e2:13:3e:3f:ca:16:f5:94:89:af:96:a8:24:18:f8: 874s 96:5f:fd:ee:89:2c:2a:1e:18:38:a8:42:ca:66:8a: 874s ac:c2:f1:aa:6b:eb:cd:23:c7:c9:b9:a4:7a:1d:98: 874s ab:af:93:03:e8:58:9e:9b:39:5f:39:1c:5b:3e:2e: 874s 52:6f:a8:fe:b7:5f:05:2d:87:75:de:e4:05:fd:80: 874s e7:dc:1a:62:2b:16:77:89:ce:c3:8d:f4:54:67:dd: 874s 42:54:e5:f0:66:68:9c:81:bb:46:79:39:d3:89:e0: 874s a5:14:96:e6:09:1b:7e:53:c7 874s Exponent: 65537 (0x10001) 874s Attributes: 874s Requested Extensions: 874s X509v3 Basic Constraints: 874s CA:FALSE 874s Netscape Cert Type: 874s SSL Client, S/MIME 874s Netscape Comment: 874s Test Organization Sub Intermediate CA trusted Certificate 874s X509v3 Subject Key Identifier: 874s 4F:8A:A0:4D:96:F6:E7:55:84:63:16:3B:71:E9:F5:84:00:8A:FF:8C 874s X509v3 Key Usage: critical 874s Digital Signature, Non Repudiation, Key Encipherment 874s X509v3 Extended Key Usage: 874s TLS Web Client Authentication, E-mail Protection 874s X509v3 Subject Alternative Name: 874s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 874s Signature Algorithm: sha256WithRSAEncryption 874s Signature Value: 874s 77:ad:79:5a:e6:cb:d8:d9:72:6e:4a:52:b5:d0:a4:cc:1e:b1: 874s a4:d3:8a:71:0f:2b:74:53:29:ac:98:49:7f:9d:fa:07:fd:0a: 874s 9b:13:66:33:82:dd:e2:06:a9:31:36:89:ed:7d:ce:a5:3a:22: 874s c7:27:97:ee:c2:0c:4d:7e:58:1d:71:a6:3f:31:f2:fb:53:68: 874s 07:8c:6e:25:a4:1b:b0:e8:78:8b:42:ff:d8:a3:54:7f:ac:80: 874s 8c:ed:44:86:29:3d:6a:03:84:bc:e7:51:67:e8:96:e4:14:56: 874s 80:71:36:dc:a6:8a:0a:54:52:cc:74:2b:2b:e2:17:f4:58:fe: 874s 98:54 874s Using configuration from /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.config 874s Check that the request matches the signature 874s Signature ok 874s Certificate Details: 874s Serial Number: 5 (0x5) 874s Validity 874s Not Before: Apr 8 22:45:23 2024 GMT 874s Not After : Apr 8 22:45:23 2025 GMT 874s Subject: 874s organizationName = Test Organization 874s organizationalUnitName = Test Organization Unit 874s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 874s X509v3 extensions: 874s X509v3 Authority Key Identifier: 874s B4:51:84:FF:28:35:47:8F:7C:9B:AB:99:B6:60:D1:4E:AE:3B:DE:38 874s X509v3 Basic Constraints: 874s CA:FALSE 874s Netscape Cert Type: 874s SSL Client, S/MIME 874s Netscape Comment: 874s Test Organization Sub Intermediate CA trusted Certificate 874s X509v3 Subject Key Identifier: 874s 4F:8A:A0:4D:96:F6:E7:55:84:63:16:3B:71:E9:F5:84:00:8A:FF:8C 874s X509v3 Key Usage: critical 874s Digital Signature, Non Repudiation, Key Encipherment 874s X509v3 Extended Key Usage: 874s TLS Web Client Authentication, E-mail Protection 874s X509v3 Subject Alternative Name: 874s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 874s Certificate is to be certified until Apr 8 22:45:23 2025 GMT (365 days) 874s 874s Write out database with 1 new entries 874s Database updated 874s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem 874s + echo 'This certificate should not be trusted fully' 874s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem 874s + local cmd=openssl 874s + shift 874s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem 874s This certificate should not be trusted fully 874s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 874s error 2 at 1 depth lookup: unable to get issuer certificate 874s error /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 874s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem 874s + local cmd=openssl 874s + shift 874s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem 874s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 874s error 20 at 0 depth lookup: unable to get local issuer certificate 874s error /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 874s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem 874s /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 874s Building a the full-chain CA file... 874s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 874s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 874s 874s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 874s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 874s 874s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 874s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 874s 874s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem 874s + local cmd=openssl 874s + shift 874s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem 874s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 874s error 20 at 0 depth lookup: unable to get local issuer certificate 874s error /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 874s + echo 'Building a the full-chain CA file...' 874s + cat /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.pem 874s + cat /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem 874s + cat /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.pem 874s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-certs-icKkjO/test-full-chain-CA.pem 874s + openssl pkcs7 -print_certs -noout 874s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem 874s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001.pem 874s /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA.pem: OK 874s /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001.pem: OK 874s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001.pem 874s /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001.pem: OK 874s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-root-intermediate-chain-CA.pem 874s /tmp/sssd-softhsm2-certs-icKkjO/test-root-intermediate-chain-CA.pem: OK 874s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-icKkjO/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem 874s + echo 'Certificates generation completed!' 874s /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 874s Certificates generation completed! 874s + [[ -v NO_SSSD_TESTS ]] 874s + [[ -v GENERATE_SMART_CARDS ]] 874s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4909 874s + local certificate=/tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001.pem 874s + local key_pass=pass:random-root-ca-trusted-cert-0001-4909 874s + local key_cn 874s + local key_name 874s + local tokens_dir 874s + local output_cert_file 874s + token_name= 874s ++ basename /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001.pem .pem 874s + key_name=test-root-CA-trusted-certificate-0001 874s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001.pem 874s ++ sed -n 's/ *commonName *= //p' 875s + key_cn='Test Organization Root Trusted Certificate 0001' 875s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 875s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-root-CA-trusted-certificate-0001.conf 875s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-root-CA-trusted-certificate-0001.conf 875s ++ basename /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 875s + tokens_dir=/tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-root-CA-trusted-certificate-0001 875s + token_name='Test Organization Root Tr Token' 875s + '[' '!' -e /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 875s + local key_file 875s + local decrypted_key 875s + mkdir -p /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-root-CA-trusted-certificate-0001 875s + key_file=/tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001-key.pem 875s + decrypted_key=/tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001-key-decrypted.pem 875s + cat 875s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 123456 --so-pin 123456 --free 875s + softhsm2-util --show-slots 875s Slot 0 has a free/uninitialized token. 875s The token has been initialized and is reassigned to slot 167335429 875s Available slots: 875s Slot 167335429 875s Slot info: 875s Description: SoftHSM slot ID 0x9f95605 875s Manufacturer ID: SoftHSM project 875s Hardware version: 2.6 875s Firmware version: 2.6 875s Token present: yes 875s Token info: 875s Manufacturer ID: SoftHSM project 875s Model: SoftHSM v2 875s Hardware version: 2.6 875s Firmware version: 2.6 875s Serial number: 3404675889f95605 875s Initialized: yes 875s User PIN init.: yes 875s Label: Test Organization Root Tr Token 875s Slot 1 875s Slot info: 875s Description: SoftHSM slot ID 0x1 875s Manufacturer ID: SoftHSM project 875s Hardware version: 2.6 875s Firmware version: 2.6 875s Token present: yes 875s Token info: 875s Manufacturer ID: SoftHSM project 875s Model: SoftHSM v2 875s Hardware version: 2.6 875s Firmware version: 2.6 875s Serial number: 875s Initialized: no 875s User PIN init.: no 875s Label: 875s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 875s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-4909 -in /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001-key-decrypted.pem 875s writing RSA key 875s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 875s + rm /tmp/sssd-softhsm2-certs-icKkjO/test-root-CA-trusted-certificate-0001-key-decrypted.pem 875s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 875s + echo 'Test Organization Root Tr Token' 875s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5997 875s + local certificate=/tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001.pem 875s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5997 875s + local key_cn 875s + local key_name 875s + local tokens_dir 875s + local output_cert_file 875s + token_name= 875s ++ basename /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001.pem .pem 875s Object 0: 875s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3404675889f95605;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 875s Type: X.509 Certificate (RSA-1024) 875s Expires: Tue Apr 8 22:45:23 2025 875s Label: Test Organization Root Trusted Certificate 0001 875s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 875s 875s Test Organization Root Tr Token 875s + key_name=test-intermediate-CA-trusted-certificate-0001 875s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001.pem 875s ++ sed -n 's/ *commonName *= //p' 875s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 875s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 875s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 875s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 875s ++ basename /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 875s + tokens_dir=/tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-intermediate-CA-trusted-certificate-0001 875s + token_name='Test Organization Interme Token' 875s + '[' '!' -e /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 875s + local key_file 875s + local decrypted_key 875s + mkdir -p /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-intermediate-CA-trusted-certificate-0001 875s + key_file=/tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001-key.pem 875s + decrypted_key=/tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 875s + cat 875s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 123456 --so-pin 123456 --free 875s + softhsm2-util --show-slots 875s Slot 0 has a free/uninitialized token. 875s The token has been initialized and is reassigned to slot 1875213002 875s Available slots: 875s Slot 1875213002 875s Slot info: 875s Description: SoftHSM slot ID 0x6fc57aca 875s Manufacturer ID: SoftHSM project 875s Hardware version: 2.6 875s Firmware version: 2.6 875s Token present: yes 875s Token info: 875s Manufacturer ID: SoftHSM project 875s Model: SoftHSM v2 875s Hardware version: 2.6 875s Firmware version: 2.6 875s Serial number: 3fe54088efc57aca 875s Initialized: yes 875s User PIN init.: yes 875s Label: Test Organization Interme Token 875s Slot 1 875s Slot info: 875s Description: SoftHSM slot ID 0x1 875s Manufacturer ID: SoftHSM project 875s Hardware version: 2.6 875s Firmware version: 2.6 875s Token present: yes 875s Token info: 875s Manufacturer ID: SoftHSM project 875s Model: SoftHSM v2 875s Hardware version: 2.6 875s Firmware version: 2.6 875s Serial number: 875s Initialized: no 875s User PIN init.: no 875s Label: 875s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 875s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-5997 -in /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 875s writing RSA key 875s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 875s + rm /tmp/sssd-softhsm2-certs-icKkjO/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 875s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 875s + echo 'Test Organization Interme Token' 875s Object 0: 875s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3fe54088efc57aca;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 875s Type: X.509 Certificate (RSA-1024) 875s Expires: Tue Apr 8 22:45:23 2025 875s Label: Test Organization Intermediate Trusted Certificate 0001 875s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 875s 875s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18350 875s + local certificate=/tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem 875s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18350 875s + local key_cn 875s + local key_name 875s + local tokens_dir 875s + local output_cert_file 875s + token_name= 875s Test Organization Interme Token 875s ++ basename /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 875s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 875s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem 875s ++ sed -n 's/ *commonName *= //p' 875s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 875s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 875s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 875s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 875s ++ basename /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 875s + tokens_dir=/tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 875s + token_name='Test Organization Sub Int Token' 875s + '[' '!' -e /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 875s + local key_file 875s + local decrypted_key 875s + mkdir -p /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 875s + key_file=/tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 875s + decrypted_key=/tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 875s + cat 875s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 123456 --so-pin 123456 --free 875s Slot 0 has a free/uninitialized token. 875s The token has been initialized and is reassigned to slot 282388190 875s + softhsm2-util --show-slots 875s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 875s Available slots: 875s Slot 282388190 875s Slot info: 875s Description: SoftHSM slot ID 0x10d4e6de 875s Manufacturer ID: SoftHSM project 875s Hardware version: 2.6 875s Firmware version: 2.6 875s Token present: yes 875s Token info: 875s Manufacturer ID: SoftHSM project 875s Model: SoftHSM v2 875s Hardware version: 2.6 875s Firmware version: 2.6 875s Serial number: c6ed7c3390d4e6de 875s Initialized: yes 875s User PIN init.: yes 875s Label: Test Organization Sub Int Token 875s Slot 1 875s Slot info: 875s Description: SoftHSM slot ID 0x1 875s Manufacturer ID: SoftHSM project 875s Hardware version: 2.6 875s Firmware version: 2.6 875s Token present: yes 875s Token info: 875s Manufacturer ID: SoftHSM project 875s Model: SoftHSM v2 875s Hardware version: 2.6 875s Firmware version: 2.6 875s Serial number: 875s Initialized: no 875s User PIN init.: no 875s Label: 875s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-18350 -in /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 875s writing RSA key 875s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 875s + rm /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 875s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 875s Object 0: 875s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=c6ed7c3390d4e6de;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 875s Type: X.509 Certificate (RSA-1024) 875s Expires: Tue Apr 8 22:45:23 2025 875s Label: Test Organization Sub Intermediate Trusted Certificate 0001 875s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 875s 875s Test Organization Sub Int Token 875s Certificates generation completed! 875s + echo 'Test Organization Sub Int Token' 875s + echo 'Certificates generation completed!' 875s + exit 0 875s + find /tmp/sssd-softhsm2-certs-icKkjO -type d -exec chmod 777 '{}' ';' 875s + find /tmp/sssd-softhsm2-certs-icKkjO -type f -exec chmod 666 '{}' ';' 875s + backup_file /etc/sssd/sssd.conf 875s + '[' -z '' ']' 875s ++ mktemp -d -t sssd-softhsm2-backups-XXXXXX 875s + backupsdir=/tmp/sssd-softhsm2-backups-tcPuRk 875s + '[' -e /etc/sssd/sssd.conf ']' 875s + delete_paths+=("$1") 875s + rm -f /etc/sssd/sssd.conf 875s ++ runuser -u ubuntu -- sh -c 'echo ~' 875s + user_home=/home/ubuntu 875s + mkdir -p /home/ubuntu 875s + chown ubuntu:ubuntu /home/ubuntu 875s ++ runuser -u ubuntu -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}' 875s + user_config=/home/ubuntu/.config 875s + system_config=/etc 875s + softhsm2_conf_paths=("${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf" "root:$system_config/softhsm/softhsm2.conf") 875s + for path_pair in "${softhsm2_conf_paths[@]}" 875s + IFS=: 875s + read -r -a path 875s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 875s + backup_file /home/ubuntu/.config/softhsm2/softhsm2.conf 875s + '[' -z /tmp/sssd-softhsm2-backups-tcPuRk ']' 875s + '[' -e /home/ubuntu/.config/softhsm2/softhsm2.conf ']' 875s + delete_paths+=("$1") 875s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 875s + for path_pair in "${softhsm2_conf_paths[@]}" 875s + IFS=: 875s + read -r -a path 875s + path=/etc/softhsm/softhsm2.conf 875s + backup_file /etc/softhsm/softhsm2.conf 875s + '[' -z /tmp/sssd-softhsm2-backups-tcPuRk ']' 875s + '[' -e /etc/softhsm/softhsm2.conf ']' 875s ++ dirname /etc/softhsm/softhsm2.conf 875s + local back_dir=/tmp/sssd-softhsm2-backups-tcPuRk//etc/softhsm 875s ++ basename /etc/softhsm/softhsm2.conf 875s + local back_path=/tmp/sssd-softhsm2-backups-tcPuRk//etc/softhsm/softhsm2.conf 875s + '[' '!' -e /tmp/sssd-softhsm2-backups-tcPuRk//etc/softhsm/softhsm2.conf ']' 875s + mkdir -p /tmp/sssd-softhsm2-backups-tcPuRk//etc/softhsm 875s + cp -a /etc/softhsm/softhsm2.conf /tmp/sssd-softhsm2-backups-tcPuRk//etc/softhsm/softhsm2.conf 875s + restore_paths+=("$back_path") 875s + rm -f /etc/softhsm/softhsm2.conf 875s + test_authentication login /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-root-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-icKkjO/test-full-chain-CA.pem 875s + pam_service=login 875s + certificate_config=/tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-root-CA-trusted-certificate-0001.conf 875s + ca_db=/tmp/sssd-softhsm2-certs-icKkjO/test-full-chain-CA.pem 875s + verification_options= 875s + mkdir -p -m 700 /etc/sssd 875s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-icKkjO/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 875s + cat 875s Using CA DB '/tmp/sssd-softhsm2-certs-icKkjO/test-full-chain-CA.pem' with verification options: '' 875s + chmod 600 /etc/sssd/sssd.conf 875s + for path_pair in "${softhsm2_conf_paths[@]}" 875s + IFS=: 875s + read -r -a path 875s + user=ubuntu 875s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 875s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 875s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 875s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-root-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 875s + runuser -u ubuntu -- softhsm2-util --show-slots 875s + grep 'Test Organization' 875s Label: Test Organization Root Tr Token 875s + for path_pair in "${softhsm2_conf_paths[@]}" 875s + IFS=: 875s + read -r -a path 875s + user=root 875s + path=/etc/softhsm/softhsm2.conf 875s ++ dirname /etc/softhsm/softhsm2.conf 875s + runuser -u root -- mkdir -p /etc/softhsm 875s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-root-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 875s + runuser -u root -- softhsm2-util --show-slots 875s + grep 'Test Organization' 875s Label: Test Organization Root Tr Token 875s + systemctl restart sssd 875s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 875s + for alternative in "${alternative_pam_configs[@]}" 875s + pam-auth-update --enable sss-smart-card-optional 876s # 876s # /etc/pam.d/common-auth - authentication settings common to all services 876s # 876s # This file is included from other service-specific PAM config files, 876s # and should contain a list of the authentication modules that define 876s # the central authentication scheme for use on the system 876s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 876s # traditional Unix authentication mechanisms. 876s # 876s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 876s # To take advantage of this, it is recommended that you configure any 876s # local modules either before or after the default block, and use 876s # pam-auth-update to manage selection of other modules. See 876s # pam-auth-update(8) for details. 876s 876s # here are the per-package modules (the "Primary" block) 876s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 876s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 876s auth [success=1 default=ignore] pam_sss.so use_first_pass 876s # here's the fallback if no module succeeds 876s auth requisite pam_deny.so 876s # prime the stack with a positive return value if there isn't one already; 876s # this avoids us returning an error just because nothing sets a success code 876s # since the modules above will each just jump around 876s auth required pam_permit.so 876s # and here are more per-package modules (the "Additional" block) 876s auth optional pam_cap.so 876s # end of pam-auth-update config 876s + cat /etc/pam.d/common-auth 876s + echo -n -e 123456 876s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 876s pamtester: invoking pam_start(login, ubuntu, ...) 876s pamtester: performing operation - authenticate 876s PIN for Test Organization Root Tr Token: + echo -n -e 123456 876s pamtester: successfully authenticated 876s + runuser -u ubuntu -- pamtester -v login '' authenticate 876s pamtester: invoking pam_start(login, , ...) 876s pamtester: performing operation - authenticate 876s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 876s + echo -n -e wrong123456 876s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 876s pamtester: invoking pam_start(login, ubuntu, ...) 876s pamtester: performing operation - authenticate 879s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 879s + echo -n -e wrong123456 879s + runuser -u ubuntu -- pamtester -v login '' authenticate 879s pamtester: invoking pam_start(login, , ...) 879s pamtester: performing operation - authenticate 881s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 881s + echo -n -e 123456 881s + pamtester -v login root authenticate 881s pamtester: invoking pam_start(login, root, ...) 881s pamtester: performing operation - authenticate 884s Password: pamtester: Authentication failure 884s + for alternative in "${alternative_pam_configs[@]}" 884s + pam-auth-update --enable sss-smart-card-required 884s PAM configuration 884s ----------------- 884s 884s Incompatible PAM profiles selected. 884s 884s The following PAM profiles cannot be used together: 884s 884s SSS required smart card authentication, SSS optional smart card 884s authentication 884s 884s Please select a different set of modules to enable. 884s 884s # 884s # /etc/pam.d/common-auth - authentication settings common to all services 884s # 884s # This file is included from other service-specific PAM config files, 884s # and should contain a list of the authentication modules that define 884s # the central authentication scheme for use on the system 884s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 884s # traditional Unix authentication mechanisms. 884s # 884s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 884s # To take advantage of this, it is recommended that you configure any 884s # local modules either before or after the default block, and use 884s # pam-auth-update to manage selection of other modules. See 884s # pam-auth-update(8) for details. 884s 884s # here are the per-package modules (the "Primary" block) 884s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 884s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 884s auth [success=1 default=ignore] pam_sss.so use_first_pass 884s # here's the fallback if no module succeeds 884s auth requisite pam_deny.so 884s # prime the stack with a positive return value if there isn't one already; 884s # this avoids us returning an error just because nothing sets a success code 884s # since the modules above will each just jump around 884s auth required pam_permit.so 884s # and here are more per-package modules (the "Additional" block) 884s auth optional pam_cap.so 884s # end of pam-auth-update config 884s + cat /etc/pam.d/common-auth 884s + echo -n -e 123456 884s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 884s pamtester: invoking pam_start(login, ubuntu, ...) 884s pamtester: performing operation - authenticate 884s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 884s + echo -n -e 123456 884s + runuser -u ubuntu -- pamtester -v login '' authenticate 884s pamtester: invoking pam_start(login, , ...) 884s pamtester: performing operation - authenticate 884s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 884s + echo -n -e wrong123456 884s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 884s pamtester: invoking pam_start(login, ubuntu, ...) 884s pamtester: performing operation - authenticate 886s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 886s + echo -n -e wrong123456 886s + runuser -u ubuntu -- pamtester -v login '' authenticate 886s pamtester: invoking pam_start(login, , ...) 886s pamtester: performing operation - authenticate 889s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 889s + echo -n -e 123456 889s + pamtester -v login root authenticate 889s pamtester: invoking pam_start(login, root, ...) 889s pamtester: performing operation - authenticate 891s pamtester: Authentication service cannot retrieve authentication info 891s + test_authentication login /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-icKkjO/test-full-chain-CA.pem 891s + pam_service=login 891s + certificate_config=/tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 891s + ca_db=/tmp/sssd-softhsm2-certs-icKkjO/test-full-chain-CA.pem 891s + verification_options= 891s + mkdir -p -m 700 /etc/sssd 891s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-icKkjO/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 891s + cat 891s Using CA DB '/tmp/sssd-softhsm2-certs-icKkjO/test-full-chain-CA.pem' with verification options: '' 891s Label: Test Organization Sub Int Token 891s Label: Test Organization Sub Int Token 891s + chmod 600 /etc/sssd/sssd.conf 891s + for path_pair in "${softhsm2_conf_paths[@]}" 891s + IFS=: 891s + read -r -a path 891s + user=ubuntu 891s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 891s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 891s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 891s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 891s + runuser -u ubuntu -- softhsm2-util --show-slots 891s + grep 'Test Organization' 891s + for path_pair in "${softhsm2_conf_paths[@]}" 891s + IFS=: 891s + read -r -a path 891s + user=root 891s + path=/etc/softhsm/softhsm2.conf 891s ++ dirname /etc/softhsm/softhsm2.conf 891s + runuser -u root -- mkdir -p /etc/softhsm 891s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 891s + runuser -u root -- softhsm2-util --show-slots 891s + grep 'Test Organization' 891s + systemctl restart sssd 891s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 892s + for alternative in "${alternative_pam_configs[@]}" 892s + pam-auth-update --enable sss-smart-card-optional 892s # 892s # /etc/pam.d/common-auth - authentication settings common to all services 892s # 892s # This file is included from other service-specific PAM config files, 892s # and should contain a list of the authentication modules that define 892s # the central authentication scheme for use on the system 892s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 892s # traditional Unix authentication mechanisms. 892s # 892s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 892s # To take advantage of this, it is recommended that you configure any 892s # local modules either before or after the default block, and use 892s # pam-auth-update to manage selection of other modules. See 892s # pam-auth-update(8) for details. 892s 892s # here are the per-package modules (the "Primary" block) 892s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 892s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 892s auth [success=1 default=ignore] pam_sss.so use_first_pass 892s # here's the fallback if no module succeeds 892s auth requisite pam_deny.so 892s # prime the stack with a positive return value if there isn't one already; 892s # this avoids us returning an error just because nothing sets a success code 892s # since the modules above will each just jump around 892s auth required pam_permit.so 892s # and here are more per-package modules (the "Additional" block) 892s auth optional pam_cap.so 892s # end of pam-auth-update config 892s + cat /etc/pam.d/common-auth 892s + echo -n -e 123456 892s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 892s pamtester: invoking pam_start(login, ubuntu, ...) 892s pamtester: performing operation - authenticate 892s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 892s + echo -n -e 123456 892s + runuser -u ubuntu -- pamtester -v login '' authenticate 892s pamtester: invoking pam_start(login, , ...) 892s pamtester: performing operation - authenticate 892s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 892s + echo -n -e wrong123456 892s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 892s pamtester: invoking pam_start(login, ubuntu, ...) 892s pamtester: performing operation - authenticate 895s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 895s + echo -n -e wrong123456 895s + runuser -u ubuntu -- pamtester -v login '' authenticate 895s pamtester: invoking pam_start(login, , ...) 895s pamtester: performing operation - authenticate 897s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 897s + echo -n -e 123456 897s + pamtester -v login root authenticate 897s pamtester: invoking pam_start(login, root, ...) 897s pamtester: performing operation - authenticate 901s Password: pamtester: Authentication failure 901s + for alternative in "${alternative_pam_configs[@]}" 901s + pam-auth-update --enable sss-smart-card-required 901s PAM configuration 901s ----------------- 901s 901s Incompatible PAM profiles selected. 901s 901s The following PAM profiles cannot be used together: 901s 901s SSS required smart card authentication, SSS optional smart card 901s authentication 901s 901s Please select a different set of modules to enable. 901s 901s + cat /etc/pam.d/common-auth 901s + echo -n -e 123456 901s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 901s # 901s # /etc/pam.d/common-auth - authentication settings common to all services 901s # 901s # This file is included from other service-specific PAM config files, 901s # and should contain a list of the authentication modules that define 901s # the central authentication scheme for use on the system 901s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 901s # traditional Unix authentication mechanisms. 901s # 901s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 901s # To take advantage of this, it is recommended that you configure any 901s # local modules either before or after the default block, and use 901s # pam-auth-update to manage selection of other modules. See 901s # pam-auth-update(8) for details. 901s 901s # here are the per-package modules (the "Primary" block) 901s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 901s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 901s auth [success=1 default=ignore] pam_sss.so use_first_pass 901s # here's the fallback if no module succeeds 901s auth requisite pam_deny.so 901s # prime the stack with a positive return value if there isn't one already; 901s # this avoids us returning an error just because nothing sets a success code 901s # since the modules above will each just jump around 901s auth required pam_permit.so 901s # and here are more per-package modules (the "Additional" block) 901s auth optional pam_cap.so 901s # end of pam-auth-update config 901s pamtester: invoking pam_start(login, ubuntu, ...) 901s pamtester: performing operation - authenticate 901s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 901s + echo -n -e 123456 901s + runuser -u ubuntu -- pamtester -v login '' authenticate 901s pamtester: invoking pam_start(login, , ...) 901s pamtester: performing operation - authenticate 901s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 901s + echo -n -e wrong123456 901s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 901s pamtester: invoking pam_start(login, ubuntu, ...) 901s pamtester: performing operation - authenticate 904s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 904s + echo -n -e wrong123456 904s + runuser -u ubuntu -- pamtester -v login '' authenticate 904s pamtester: invoking pam_start(login, , ...) 904s pamtester: performing operation - authenticate 906s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 906s + echo -n -e 123456 906s + pamtester -v login root authenticate 906s pamtester: invoking pam_start(login, root, ...) 906s pamtester: performing operation - authenticate 909s pamtester: Authentication service cannot retrieve authentication info 909s + test_authentication login /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.pem partial_chain 909s + pam_service=login 909s + certificate_config=/tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 909s + ca_db=/tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.pem 909s + verification_options=partial_chain 909s + mkdir -p -m 700 /etc/sssd 909s Using CA DB '/tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.pem' with verification options: 'partial_chain' 909s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-icKkjO/test-sub-intermediate-CA.pem'\'' with verification options: '\''partial_chain'\''' 909s + cat 909s Label: Test Organization Sub Int Token 909s + chmod 600 /etc/sssd/sssd.conf 909s + for path_pair in "${softhsm2_conf_paths[@]}" 909s + IFS=: 909s + read -r -a path 909s + user=ubuntu 909s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 909s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 909s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 909s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 909s + grep 'Test Organization' 909s + runuser -u ubuntu -- softhsm2-util --show-slots 909s + for path_pair in "${softhsm2_conf_paths[@]}" 909s + IFS=: 909s + read -r -a path 909s + user=root 909s + path=/etc/softhsm/softhsm2.conf 909s ++ dirname /etc/softhsm/softhsm2.conf 909s + runuser -u root -- mkdir -p /etc/softhsm 909s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-icKkjO/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 909s + runuser -u root -- softhsm2-util --show-slots 909s + grep 'Test Organization' 909s Label: Test Organization Sub Int Token 909s + systemctl restart sssd 910s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 910s + for alternative in "${alternative_pam_configs[@]}" 910s + pam-auth-update --enable sss-smart-card-optional 910s + cat /etc/pam.d/common-auth 910s # 910s # /etc/pam.d/common-auth - authentication settings common to all services 910s # 910s # This file is included from other service-specific PAM config files, 910s # and should contain a list of the authentication modules that define 910s # the central authentication scheme for use on the system 910s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 910s # traditional Unix authentication mechanisms. 910s # 910s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 910s # To take advantage of this, it is recommended that you configure any 910s # local modules either before or after the default block, and use 910s # pam-auth-update to manage selection of other modules. See 910s # pam-auth-update(8) for details. 910s 910s # here are the per-package modules (the "Primary" block) 910s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 910s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 910s auth [success=1 default=ignore] pam_sss.so use_first_pass 910s # here's the fallback if no module succeeds 910s auth requisite pam_deny.so 910s # prime the stack with a positive return value if there isn't one already; 910s # this avoids us returning an error just because nothing sets a success code 910s # since the modules above will each just jump around 910s auth required pam_permit.so 910s # and here are more per-package modules (the "Additional" block) 910s auth optional pam_cap.so 910s # end of pam-auth-update config 910s + echo -n -e 123456 910s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 910s pamtester: invoking pam_start(login, ubuntu, ...) 910s pamtester: performing operation - authenticate 910s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 910s + echo -n -e 123456 910s + runuser -u ubuntu -- pamtester -v login '' authenticate 910s pamtester: invoking pam_start(login, , ...) 910s pamtester: performing operation - authenticate 910s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 910s + echo -n -e wrong123456 910s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 910s pamtester: invoking pam_start(login, ubuntu, ...) 910s pamtester: performing operation - authenticate 913s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 913s + echo -n -e wrong123456 913s + runuser -u ubuntu -- pamtester -v login '' authenticate 913s pamtester: invoking pam_start(login, , ...) 913s pamtester: performing operation - authenticate 916s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 916s + echo -n -e 123456 916s + pamtester -v login root authenticate 916s pamtester: invoking pam_start(login, root, ...) 916s pamtester: performing operation - authenticate 918s Password: pamtester: Authentication failure 918s + for alternative in "${alternative_pam_configs[@]}" 918s + pam-auth-update --enable sss-smart-card-required 918s PAM configuration 918s ----------------- 918s 918s Incompatible PAM profiles selected. 918s 918s The following PAM profiles cannot be used together: 918s 918s SSS required smart card authentication, SSS optional smart card 918s authentication 918s 918s Please select a different set of modules to enable. 918s 918s + cat /etc/pam.d/common-auth 918s + echo -n -e 123456 918s # 918s # /etc/pam.d/common-auth - authentication settings common to all services 918s # 918s # This file is included from other service-specific PAM config files, 918s # and should contain a list of the authentication modules that define 918s # the central authentication scheme for use on the system 918s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 918s # traditional Unix authentication mechanisms. 918s # 918s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 918s # To take advantage of this, it is recommended that you configure any 918s # local modules either before or after the default block, and use 918s # pam-auth-update to manage selection of other modules. See 918s # pam-auth-update(8) for details. 918s 918s # here are the per-package modules (the "Primary" block) 918s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 918s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 918s auth [success=1 default=ignore] pam_sss.so use_first_pass 918s # here's the fallback if no module succeeds 918s auth requisite pam_deny.so 918s # prime the stack with a positive return value if there isn't one already; 918s # this avoids us returning an error just because nothing sets a success code 918s # since the modules above will each just jump around 918s auth required pam_permit.so 918s # and here are more per-package modules (the "Additional" block) 918s auth optional pam_cap.so 918s # end of pam-auth-update config 918s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 918s pamtester: invoking pam_start(login, ubuntu, ...) 918s pamtester: performing operation - authenticate 918s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 918s + echo -n -e 123456 918s + runuser -u ubuntu -- pamtester -v login '' authenticate 918s pamtester: invoking pam_start(login, , ...) 918s pamtester: performing operation - authenticate 918s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 918s + echo -n -e wrong123456 918s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 918s pamtester: invoking pam_start(login, ubuntu, ...) 918s pamtester: performing operation - authenticate 923s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 923s + echo -n -e wrong123456 923s + runuser -u ubuntu -- pamtester -v login '' authenticate 923s pamtester: invoking pam_start(login, , ...) 923s pamtester: performing operation - authenticate 925s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 925s + echo -n -e 123456 925s + pamtester -v login root authenticate 925s pamtester: invoking pam_start(login, root, ...) 925s pamtester: performing operation - authenticate 928s pamtester: Authentication service cannot retrieve authentication info 928s + handle_exit 928s + exit_code=0 928s + restore_changes 928s + for path in "${restore_paths[@]}" 928s + local original_path 928s ++ realpath --strip --relative-base=/tmp/sssd-softhsm2-backups-tcPuRk /tmp/sssd-softhsm2-backups-tcPuRk//etc/softhsm/softhsm2.conf 928s + original_path=/etc/softhsm/softhsm2.conf 928s + rm /etc/softhsm/softhsm2.conf 928s + mv /tmp/sssd-softhsm2-backups-tcPuRk//etc/softhsm/softhsm2.conf /etc/softhsm/softhsm2.conf 928s + for path in "${delete_paths[@]}" 928s + rm -f /etc/sssd/sssd.conf 928s + for path in "${delete_paths[@]}" 928s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 928s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 928s + '[' -e /etc/sssd/sssd.conf ']' 928s + systemctl stop sssd 928s + '[' -e /etc/softhsm/softhsm2.conf ']' 928s + chmod 600 /etc/softhsm/softhsm2.conf 928s + rm -rf /tmp/sssd-softhsm2-certs-icKkjO 928s + '[' 0 = 0 ']' 928s Script completed successfully! 928s + rm -rf /tmp/sssd-softhsm2-backups-tcPuRk 928s + set +x 928s autopkgtest [22:46:17]: test sssd-smart-card-pam-auth-configs: -----------------------] 929s autopkgtest [22:46:18]: test sssd-smart-card-pam-auth-configs: - - - - - - - - - - results - - - - - - - - - - 929s sssd-smart-card-pam-auth-configs PASS 929s autopkgtest [22:46:18]: @@@@@@@@@@@@@@@@@@@@ summary 929s ldap-user-group-ldap-auth PASS 929s ldap-user-group-krb5-auth PASS 929s sssd-softhism2-certificates-tests.sh PASS 929s sssd-smart-card-pam-auth-configs PASS 957s Creating nova instance adt-noble-ppc64el-sssd-20240408-223048-juju-7f2275-prod-proposed-migration-environment-2-8c8da996-6a0d-4ca7-b743-e9bad15c2810 from image adt/ubuntu-noble-ppc64el-server-20240408.img (UUID b56d2c0c-5ffd-49d5-aeeb-f4687ff0a945)... 957s Creating nova instance adt-noble-ppc64el-sssd-20240408-223048-juju-7f2275-prod-proposed-migration-environment-2-8c8da996-6a0d-4ca7-b743-e9bad15c2810 from image adt/ubuntu-noble-ppc64el-server-20240408.img (UUID b56d2c0c-5ffd-49d5-aeeb-f4687ff0a945)...