0s autopkgtest [21:44:37]: starting date and time: 2024-11-29 21:44:37+0000 0s autopkgtest [21:44:37]: git checkout: be626eda Fix armhf LXD image generation for plucky 0s autopkgtest [21:44:37]: host juju-7f2275-prod-proposed-migration-environment-15; command line: /home/ubuntu/autopkgtest/runner/autopkgtest --output-dir /tmp/autopkgtest-work.3ir4mhis/out --timeout-copy=6000 --setup-commands /home/ubuntu/autopkgtest-cloud/worker-config-production/setup-canonical.sh --apt-pocket=proposed=src:shadow --apt-upgrade sssd --timeout-short=300 --timeout-copy=20000 --timeout-build=20000 --env=ADT_TEST_TRIGGERS=shadow/1:4.13+dfsg1-4ubuntu3.3 -- ssh -s /home/ubuntu/autopkgtest/ssh-setup/nova -- --flavor autopkgtest-ppc64el --security-groups autopkgtest-juju-7f2275-prod-proposed-migration-environment-15@bos03-ppc64el-27.secgroup --name adt-noble-ppc64el-sssd-20241129-213010-juju-7f2275-prod-proposed-migration-environment-15-43a50d90-3686-4f7b-bc48-4e221274e35f --image adt/ubuntu-noble-ppc64el-server --keyname testbed-juju-7f2275-prod-proposed-migration-environment-15 --net-id=net_prod-proposed-migration-ppc64el -e TERM=linux -e ''"'"'http_proxy=http://squid.internal:3128'"'"'' -e ''"'"'https_proxy=http://squid.internal:3128'"'"'' -e ''"'"'no_proxy=127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,keyserver.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com'"'"'' --mirror=http://ftpmaster.internal/ubuntu/ 108s autopkgtest [21:46:25]: testbed dpkg architecture: ppc64el 108s autopkgtest [21:46:25]: testbed apt version: 2.7.14build2 108s autopkgtest [21:46:25]: @@@@@@@@@@@@@@@@@@@@ test bed setup 108s autopkgtest [21:46:25]: testbed release detected to be: None 109s autopkgtest [21:46:26]: updating testbed package index (apt update) 109s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [265 kB] 110s Hit:2 http://ftpmaster.internal/ubuntu noble InRelease 110s Hit:3 http://ftpmaster.internal/ubuntu noble-updates InRelease 110s Hit:4 http://ftpmaster.internal/ubuntu noble-security InRelease 110s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [8604 B] 110s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [103 kB] 110s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [17.3 kB] 110s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [92.1 kB] 110s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el Packages [172 kB] 110s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el c-n-f Metadata [3752 B] 110s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el Packages [1384 B] 110s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el c-n-f Metadata [116 B] 110s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el Packages [658 kB] 110s Get:14 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el c-n-f Metadata [9704 B] 110s Get:15 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el Packages [972 B] 110s Get:16 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el c-n-f Metadata [116 B] 115s Fetched 1333 kB in 1s (1327 kB/s) 116s Reading package lists... 117s Reading package lists... 117s Building dependency tree... 118s Reading state information... 118s Calculating upgrade... 118s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 118s Reading package lists... 119s Building dependency tree... 119s Reading state information... 119s 0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded. 119s autopkgtest [21:46:36]: upgrading testbed (apt dist-upgrade and autopurge) 119s Reading package lists... 120s Building dependency tree... 120s Reading state information... 120s Calculating upgrade...Starting pkgProblemResolver with broken count: 0 120s Starting 2 pkgProblemResolver with broken count: 0 120s Done 120s Entering ResolveByKeep 121s 121s The following packages will be upgraded: 121s login passwd 121s 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 121s Need to get 1082 kB of archives. 121s After this operation, 4096 B disk space will be freed. 121s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el login ppc64el 1:4.13+dfsg1-4ubuntu3.3 [205 kB] 121s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el passwd ppc64el 1:4.13+dfsg1-4ubuntu3.3 [877 kB] 122s Fetched 1082 kB in 1s (2010 kB/s) 122s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72425 files and directories currently installed.) 122s Preparing to unpack .../login_1%3a4.13+dfsg1-4ubuntu3.3_ppc64el.deb ... 122s Unpacking login (1:4.13+dfsg1-4ubuntu3.3) over (1:4.13+dfsg1-4ubuntu3.2) ... 122s Setting up login (1:4.13+dfsg1-4ubuntu3.3) ... 122s Installing new version of config file /etc/pam.d/login ... 122s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72425 files and directories currently installed.) 122s Preparing to unpack .../passwd_1%3a4.13+dfsg1-4ubuntu3.3_ppc64el.deb ... 122s Unpacking passwd (1:4.13+dfsg1-4ubuntu3.3) over (1:4.13+dfsg1-4ubuntu3.2) ... 122s Setting up passwd (1:4.13+dfsg1-4ubuntu3.3) ... 122s Processing triggers for man-db (2.12.0-4build2) ... 125s Reading package lists... 126s Building dependency tree... 126s Reading state information... 126s Starting pkgProblemResolver with broken count: 0 126s Starting 2 pkgProblemResolver with broken count: 0 126s Done 126s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 129s autopkgtest [21:46:46]: testbed running kernel: Linux 6.8.0-49-generic #49-Ubuntu SMP Sun Nov 3 20:24:00 UTC 2024 129s autopkgtest [21:46:46]: @@@@@@@@@@@@@@@@@@@@ apt-source sssd 145s Get:1 http://ftpmaster.internal/ubuntu noble-updates/main sssd 2.9.4-1.1ubuntu6.1 (dsc) [5064 B] 145s Get:2 http://ftpmaster.internal/ubuntu noble-updates/main sssd 2.9.4-1.1ubuntu6.1 (tar) [7983 kB] 145s Get:3 http://ftpmaster.internal/ubuntu noble-updates/main sssd 2.9.4-1.1ubuntu6.1 (diff) [51.3 kB] 145s gpgv: Signature made Mon Jun 10 14:26:32 2024 UTC 145s gpgv: using RSA key 50C4A0DDCF31E452CEB19B516569D855A744BE93 145s gpgv: Can't check signature: No public key 145s dpkg-source: warning: cannot verify inline signature for ./sssd_2.9.4-1.1ubuntu6.1.dsc: no acceptable signature found 146s autopkgtest [21:47:03]: testing package sssd version 2.9.4-1.1ubuntu6.1 149s autopkgtest [21:47:06]: build not needed 155s autopkgtest [21:47:12]: test ldap-user-group-ldap-auth: preparing testbed 155s Reading package lists... 155s Building dependency tree... 155s Reading state information... 155s Starting pkgProblemResolver with broken count: 0 155s Starting 2 pkgProblemResolver with broken count: 0 155s Done 156s The following NEW packages will be installed: 156s expect ldap-utils libavahi-client3 libavahi-common-data libavahi-common3 156s libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 libdhash1t64 156s libevent-2.1-7t64 libini-config5t64 libipa-hbac-dev libipa-hbac0t64 libjose0 156s libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo libodbc2 156s libpam-pwquality libpam-sss libpath-utils1t64 libpwquality-common 156s libpwquality1 libref-array1t64 libsmbclient0 libsss-certmap-dev 156s libsss-certmap0 libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev 156s libsss-nss-idmap0 libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0t64 156s libverto-libevent1t64 libverto1t64 libwbclient0 python3-libipa-hbac 156s python3-libsss-nss-idmap python3-sss samba-libs slapd sssd sssd-ad 156s sssd-ad-common sssd-common sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 156s sssd-krb5-common sssd-ldap sssd-passkey sssd-proxy sssd-tools tcl-expect 156s tcl8.6 156s 0 upgraded, 64 newly installed, 0 to remove and 0 not upgraded. 156s Need to get 14.3 MB of archives. 156s After this operation, 70.0 MB of additional disk space will be used. 156s Get:1 http://ftpmaster.internal/ubuntu noble/main ppc64el libltdl7 ppc64el 2.4.7-7build1 [48.2 kB] 156s Get:2 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libodbc2 ppc64el 2.3.12-1ubuntu0.24.04.1 [188 kB] 156s Get:3 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el slapd ppc64el 2.6.7+dfsg-1~exp1ubuntu8.1 [1760 kB] 156s Get:4 http://ftpmaster.internal/ubuntu noble/main ppc64el libtcl8.6 ppc64el 8.6.14+dfsg-1build1 [1204 kB] 156s Get:5 http://ftpmaster.internal/ubuntu noble/main ppc64el tcl8.6 ppc64el 8.6.14+dfsg-1build1 [14.8 kB] 156s Get:6 http://ftpmaster.internal/ubuntu noble/universe ppc64el tcl-expect ppc64el 5.45.4-3 [122 kB] 156s Get:7 http://ftpmaster.internal/ubuntu noble/universe ppc64el expect ppc64el 5.45.4-3 [137 kB] 156s Get:8 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el ldap-utils ppc64el 2.6.7+dfsg-1~exp1ubuntu8.1 [155 kB] 156s Get:9 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common-data ppc64el 0.8-13ubuntu6 [29.7 kB] 156s Get:10 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common3 ppc64el 0.8-13ubuntu6 [26.3 kB] 156s Get:11 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-client3 ppc64el 0.8-13ubuntu6 [30.8 kB] 156s Get:12 http://ftpmaster.internal/ubuntu noble/main ppc64el libbasicobjects0t64 ppc64el 0.6.2-2.1build1 [6138 B] 156s Get:13 http://ftpmaster.internal/ubuntu noble/main ppc64el libcares2 ppc64el 1.27.0-1.0ubuntu1 [99.0 kB] 156s Get:14 http://ftpmaster.internal/ubuntu noble/main ppc64el libcollection4t64 ppc64el 0.6.2-2.1build1 [36.4 kB] 156s Get:15 http://ftpmaster.internal/ubuntu noble/main ppc64el libcrack2 ppc64el 2.9.6-5.1build2 [31.1 kB] 156s Get:16 http://ftpmaster.internal/ubuntu noble/main ppc64el libdhash1t64 ppc64el 0.6.2-2.1build1 [10.4 kB] 156s Get:17 http://ftpmaster.internal/ubuntu noble/main ppc64el libevent-2.1-7t64 ppc64el 2.1.12-stable-9ubuntu2 [174 kB] 156s Get:18 http://ftpmaster.internal/ubuntu noble/main ppc64el libpath-utils1t64 ppc64el 0.6.2-2.1build1 [10.6 kB] 156s Get:19 http://ftpmaster.internal/ubuntu noble/main ppc64el libref-array1t64 ppc64el 0.6.2-2.1build1 [8160 B] 156s Get:20 http://ftpmaster.internal/ubuntu noble/main ppc64el libini-config5t64 ppc64el 0.6.2-2.1build1 [55.3 kB] 156s Get:21 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libipa-hbac0t64 ppc64el 2.9.4-1.1ubuntu6.1 [18.1 kB] 157s Get:22 http://ftpmaster.internal/ubuntu noble/universe ppc64el libjose0 ppc64el 13-1 [51.9 kB] 157s Get:23 http://ftpmaster.internal/ubuntu noble/main ppc64el libverto-libevent1t64 ppc64el 0.3.1-1.2ubuntu3 [6490 B] 157s Get:24 http://ftpmaster.internal/ubuntu noble/main ppc64el libverto1t64 ppc64el 0.3.1-1.2ubuntu3 [12.1 kB] 157s Get:25 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libkrad0 ppc64el 1.20.1-6ubuntu2.2 [24.4 kB] 157s Get:26 http://ftpmaster.internal/ubuntu noble/main ppc64el libtalloc2 ppc64el 2.4.2-1build2 [36.7 kB] 157s Get:27 http://ftpmaster.internal/ubuntu noble/main ppc64el libtdb1 ppc64el 1.4.10-1build1 [62.8 kB] 157s Get:28 http://ftpmaster.internal/ubuntu noble/main ppc64el libtevent0t64 ppc64el 0.16.1-2build1 [51.2 kB] 157s Get:29 http://ftpmaster.internal/ubuntu noble/main ppc64el libldb2 ppc64el 2:2.8.0+samba4.19.5+dfsg-4ubuntu9 [220 kB] 157s Get:30 http://ftpmaster.internal/ubuntu noble/main ppc64el libnfsidmap1 ppc64el 1:2.6.4-3ubuntu5 [54.5 kB] 157s Get:31 http://ftpmaster.internal/ubuntu noble/universe ppc64el libnss-sudo all 1.9.15p5-3ubuntu5 [15.2 kB] 157s Get:32 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality-common all 1.4.5-3build1 [7748 B] 157s Get:33 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality1 ppc64el 1.4.5-3build1 [17.0 kB] 157s Get:34 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-pwquality ppc64el 1.4.5-3build1 [12.5 kB] 157s Get:35 http://ftpmaster.internal/ubuntu noble/main ppc64el libwbclient0 ppc64el 2:4.19.5+dfsg-4ubuntu9 [77.3 kB] 157s Get:36 http://ftpmaster.internal/ubuntu noble/main ppc64el samba-libs ppc64el 2:4.19.5+dfsg-4ubuntu9 [6674 kB] 157s Get:37 http://ftpmaster.internal/ubuntu noble/main ppc64el libsmbclient0 ppc64el 2:4.19.5+dfsg-4ubuntu9 [70.3 kB] 157s Get:38 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libnss-sss ppc64el 2.9.4-1.1ubuntu6.1 [36.8 kB] 157s Get:39 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libpam-sss ppc64el 2.9.4-1.1ubuntu6.1 [57.0 kB] 157s Get:40 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el python3-sss ppc64el 2.9.4-1.1ubuntu6.1 [48.5 kB] 157s Get:41 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libsss-certmap0 ppc64el 2.9.4-1.1ubuntu6.1 [54.2 kB] 157s Get:42 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libsss-idmap0 ppc64el 2.9.4-1.1ubuntu6.1 [25.2 kB] 157s Get:43 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libsss-nss-idmap0 ppc64el 2.9.4-1.1ubuntu6.1 [37.9 kB] 157s Get:44 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-common ppc64el 2.9.4-1.1ubuntu6.1 [1280 kB] 157s Get:45 http://ftpmaster.internal/ubuntu noble-updates/universe ppc64el sssd-idp ppc64el 2.9.4-1.1ubuntu6.1 [30.8 kB] 157s Get:46 http://ftpmaster.internal/ubuntu noble-updates/universe ppc64el sssd-passkey ppc64el 2.9.4-1.1ubuntu6.1 [35.4 kB] 157s Get:47 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libipa-hbac-dev ppc64el 2.9.4-1.1ubuntu6.1 [6672 B] 157s Get:48 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libsss-certmap-dev ppc64el 2.9.4-1.1ubuntu6.1 [5738 B] 157s Get:49 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libsss-idmap-dev ppc64el 2.9.4-1.1ubuntu6.1 [8392 B] 157s Get:50 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libsss-nss-idmap-dev ppc64el 2.9.4-1.1ubuntu6.1 [6716 B] 157s Get:51 http://ftpmaster.internal/ubuntu noble-updates/universe ppc64el libsss-sudo ppc64el 2.9.4-1.1ubuntu6.1 [23.0 kB] 157s Get:52 http://ftpmaster.internal/ubuntu noble-updates/universe ppc64el python3-libipa-hbac ppc64el 2.9.4-1.1ubuntu6.1 [19.2 kB] 157s Get:53 http://ftpmaster.internal/ubuntu noble-updates/universe ppc64el python3-libsss-nss-idmap ppc64el 2.9.4-1.1ubuntu6.1 [9544 B] 157s Get:54 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-ad-common ppc64el 2.9.4-1.1ubuntu6.1 [88.6 kB] 157s Get:55 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-krb5-common ppc64el 2.9.4-1.1ubuntu6.1 [103 kB] 157s Get:56 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-ad ppc64el 2.9.4-1.1ubuntu6.1 [148 kB] 157s Get:57 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-ipa ppc64el 2.9.4-1.1ubuntu6.1 [240 kB] 157s Get:58 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-krb5 ppc64el 2.9.4-1.1ubuntu6.1 [14.4 kB] 157s Get:59 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-ldap ppc64el 2.9.4-1.1ubuntu6.1 [31.6 kB] 157s Get:60 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-proxy ppc64el 2.9.4-1.1ubuntu6.1 [48.0 kB] 157s Get:61 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd ppc64el 2.9.4-1.1ubuntu6.1 [4122 B] 157s Get:62 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-dbus ppc64el 2.9.4-1.1ubuntu6.1 [122 kB] 157s Get:63 http://ftpmaster.internal/ubuntu noble-updates/universe ppc64el sssd-kcm ppc64el 2.9.4-1.1ubuntu6.1 [160 kB] 158s Get:64 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-tools ppc64el 2.9.4-1.1ubuntu6.1 [108 kB] 158s Preconfiguring packages ... 158s Fetched 14.3 MB in 2s (7303 kB/s) 158s Selecting previously unselected package libltdl7:ppc64el. 158s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72425 files and directories currently installed.) 158s Preparing to unpack .../00-libltdl7_2.4.7-7build1_ppc64el.deb ... 158s Unpacking libltdl7:ppc64el (2.4.7-7build1) ... 158s Selecting previously unselected package libodbc2:ppc64el. 158s Preparing to unpack .../01-libodbc2_2.3.12-1ubuntu0.24.04.1_ppc64el.deb ... 158s Unpacking libodbc2:ppc64el (2.3.12-1ubuntu0.24.04.1) ... 158s Selecting previously unselected package slapd. 158s Preparing to unpack .../02-slapd_2.6.7+dfsg-1~exp1ubuntu8.1_ppc64el.deb ... 158s Unpacking slapd (2.6.7+dfsg-1~exp1ubuntu8.1) ... 158s Selecting previously unselected package libtcl8.6:ppc64el. 158s Preparing to unpack .../03-libtcl8.6_8.6.14+dfsg-1build1_ppc64el.deb ... 158s Unpacking libtcl8.6:ppc64el (8.6.14+dfsg-1build1) ... 158s Selecting previously unselected package tcl8.6. 158s Preparing to unpack .../04-tcl8.6_8.6.14+dfsg-1build1_ppc64el.deb ... 158s Unpacking tcl8.6 (8.6.14+dfsg-1build1) ... 158s Selecting previously unselected package tcl-expect:ppc64el. 158s Preparing to unpack .../05-tcl-expect_5.45.4-3_ppc64el.deb ... 158s Unpacking tcl-expect:ppc64el (5.45.4-3) ... 158s Selecting previously unselected package expect. 158s Preparing to unpack .../06-expect_5.45.4-3_ppc64el.deb ... 158s Unpacking expect (5.45.4-3) ... 158s Selecting previously unselected package ldap-utils. 158s Preparing to unpack .../07-ldap-utils_2.6.7+dfsg-1~exp1ubuntu8.1_ppc64el.deb ... 158s Unpacking ldap-utils (2.6.7+dfsg-1~exp1ubuntu8.1) ... 158s Selecting previously unselected package libavahi-common-data:ppc64el. 158s Preparing to unpack .../08-libavahi-common-data_0.8-13ubuntu6_ppc64el.deb ... 158s Unpacking libavahi-common-data:ppc64el (0.8-13ubuntu6) ... 158s Selecting previously unselected package libavahi-common3:ppc64el. 158s Preparing to unpack .../09-libavahi-common3_0.8-13ubuntu6_ppc64el.deb ... 158s Unpacking libavahi-common3:ppc64el (0.8-13ubuntu6) ... 158s Selecting previously unselected package libavahi-client3:ppc64el. 158s Preparing to unpack .../10-libavahi-client3_0.8-13ubuntu6_ppc64el.deb ... 158s Unpacking libavahi-client3:ppc64el (0.8-13ubuntu6) ... 159s Selecting previously unselected package libbasicobjects0t64:ppc64el. 159s Preparing to unpack .../11-libbasicobjects0t64_0.6.2-2.1build1_ppc64el.deb ... 159s Unpacking libbasicobjects0t64:ppc64el (0.6.2-2.1build1) ... 159s Selecting previously unselected package libcares2:ppc64el. 159s Preparing to unpack .../12-libcares2_1.27.0-1.0ubuntu1_ppc64el.deb ... 159s Unpacking libcares2:ppc64el (1.27.0-1.0ubuntu1) ... 159s Selecting previously unselected package libcollection4t64:ppc64el. 159s Preparing to unpack .../13-libcollection4t64_0.6.2-2.1build1_ppc64el.deb ... 159s Unpacking libcollection4t64:ppc64el (0.6.2-2.1build1) ... 159s Selecting previously unselected package libcrack2:ppc64el. 159s Preparing to unpack .../14-libcrack2_2.9.6-5.1build2_ppc64el.deb ... 159s Unpacking libcrack2:ppc64el (2.9.6-5.1build2) ... 159s Selecting previously unselected package libdhash1t64:ppc64el. 159s Preparing to unpack .../15-libdhash1t64_0.6.2-2.1build1_ppc64el.deb ... 159s Unpacking libdhash1t64:ppc64el (0.6.2-2.1build1) ... 159s Selecting previously unselected package libevent-2.1-7t64:ppc64el. 159s Preparing to unpack .../16-libevent-2.1-7t64_2.1.12-stable-9ubuntu2_ppc64el.deb ... 159s Unpacking libevent-2.1-7t64:ppc64el (2.1.12-stable-9ubuntu2) ... 159s Selecting previously unselected package libpath-utils1t64:ppc64el. 159s Preparing to unpack .../17-libpath-utils1t64_0.6.2-2.1build1_ppc64el.deb ... 159s Unpacking libpath-utils1t64:ppc64el (0.6.2-2.1build1) ... 159s Selecting previously unselected package libref-array1t64:ppc64el. 159s Preparing to unpack .../18-libref-array1t64_0.6.2-2.1build1_ppc64el.deb ... 159s Unpacking libref-array1t64:ppc64el (0.6.2-2.1build1) ... 159s Selecting previously unselected package libini-config5t64:ppc64el. 159s Preparing to unpack .../19-libini-config5t64_0.6.2-2.1build1_ppc64el.deb ... 159s Unpacking libini-config5t64:ppc64el (0.6.2-2.1build1) ... 159s Selecting previously unselected package libipa-hbac0t64. 159s Preparing to unpack .../20-libipa-hbac0t64_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 159s Unpacking libipa-hbac0t64 (2.9.4-1.1ubuntu6.1) ... 159s Selecting previously unselected package libjose0:ppc64el. 159s Preparing to unpack .../21-libjose0_13-1_ppc64el.deb ... 159s Unpacking libjose0:ppc64el (13-1) ... 159s Selecting previously unselected package libverto-libevent1t64:ppc64el. 159s Preparing to unpack .../22-libverto-libevent1t64_0.3.1-1.2ubuntu3_ppc64el.deb ... 159s Unpacking libverto-libevent1t64:ppc64el (0.3.1-1.2ubuntu3) ... 159s Selecting previously unselected package libverto1t64:ppc64el. 159s Preparing to unpack .../23-libverto1t64_0.3.1-1.2ubuntu3_ppc64el.deb ... 159s Unpacking libverto1t64:ppc64el (0.3.1-1.2ubuntu3) ... 159s Selecting previously unselected package libkrad0:ppc64el. 159s Preparing to unpack .../24-libkrad0_1.20.1-6ubuntu2.2_ppc64el.deb ... 159s Unpacking libkrad0:ppc64el (1.20.1-6ubuntu2.2) ... 159s Selecting previously unselected package libtalloc2:ppc64el. 159s Preparing to unpack .../25-libtalloc2_2.4.2-1build2_ppc64el.deb ... 159s Unpacking libtalloc2:ppc64el (2.4.2-1build2) ... 159s Selecting previously unselected package libtdb1:ppc64el. 159s Preparing to unpack .../26-libtdb1_1.4.10-1build1_ppc64el.deb ... 159s Unpacking libtdb1:ppc64el (1.4.10-1build1) ... 159s Selecting previously unselected package libtevent0t64:ppc64el. 159s Preparing to unpack .../27-libtevent0t64_0.16.1-2build1_ppc64el.deb ... 159s Unpacking libtevent0t64:ppc64el (0.16.1-2build1) ... 159s Selecting previously unselected package libldb2:ppc64el. 159s Preparing to unpack .../28-libldb2_2%3a2.8.0+samba4.19.5+dfsg-4ubuntu9_ppc64el.deb ... 159s Unpacking libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 159s Selecting previously unselected package libnfsidmap1:ppc64el. 159s Preparing to unpack .../29-libnfsidmap1_1%3a2.6.4-3ubuntu5_ppc64el.deb ... 159s Unpacking libnfsidmap1:ppc64el (1:2.6.4-3ubuntu5) ... 159s Selecting previously unselected package libnss-sudo. 159s Preparing to unpack .../30-libnss-sudo_1.9.15p5-3ubuntu5_all.deb ... 159s Unpacking libnss-sudo (1.9.15p5-3ubuntu5) ... 159s Selecting previously unselected package libpwquality-common. 159s Preparing to unpack .../31-libpwquality-common_1.4.5-3build1_all.deb ... 159s Unpacking libpwquality-common (1.4.5-3build1) ... 159s Selecting previously unselected package libpwquality1:ppc64el. 159s Preparing to unpack .../32-libpwquality1_1.4.5-3build1_ppc64el.deb ... 159s Unpacking libpwquality1:ppc64el (1.4.5-3build1) ... 159s Selecting previously unselected package libpam-pwquality:ppc64el. 159s Preparing to unpack .../33-libpam-pwquality_1.4.5-3build1_ppc64el.deb ... 159s Unpacking libpam-pwquality:ppc64el (1.4.5-3build1) ... 159s Selecting previously unselected package libwbclient0:ppc64el. 159s Preparing to unpack .../34-libwbclient0_2%3a4.19.5+dfsg-4ubuntu9_ppc64el.deb ... 159s Unpacking libwbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 159s Selecting previously unselected package samba-libs:ppc64el. 159s Preparing to unpack .../35-samba-libs_2%3a4.19.5+dfsg-4ubuntu9_ppc64el.deb ... 159s Unpacking samba-libs:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 159s Selecting previously unselected package libsmbclient0:ppc64el. 159s Preparing to unpack .../36-libsmbclient0_2%3a4.19.5+dfsg-4ubuntu9_ppc64el.deb ... 159s Unpacking libsmbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 159s Selecting previously unselected package libnss-sss:ppc64el. 159s Preparing to unpack .../37-libnss-sss_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 159s Unpacking libnss-sss:ppc64el (2.9.4-1.1ubuntu6.1) ... 159s Selecting previously unselected package libpam-sss:ppc64el. 159s Preparing to unpack .../38-libpam-sss_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 159s Unpacking libpam-sss:ppc64el (2.9.4-1.1ubuntu6.1) ... 159s Selecting previously unselected package python3-sss. 159s Preparing to unpack .../39-python3-sss_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 159s Unpacking python3-sss (2.9.4-1.1ubuntu6.1) ... 159s Selecting previously unselected package libsss-certmap0. 159s Preparing to unpack .../40-libsss-certmap0_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 159s Unpacking libsss-certmap0 (2.9.4-1.1ubuntu6.1) ... 159s Selecting previously unselected package libsss-idmap0. 159s Preparing to unpack .../41-libsss-idmap0_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 159s Unpacking libsss-idmap0 (2.9.4-1.1ubuntu6.1) ... 159s Selecting previously unselected package libsss-nss-idmap0. 159s Preparing to unpack .../42-libsss-nss-idmap0_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 159s Unpacking libsss-nss-idmap0 (2.9.4-1.1ubuntu6.1) ... 159s Selecting previously unselected package sssd-common. 159s Preparing to unpack .../43-sssd-common_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 159s Unpacking sssd-common (2.9.4-1.1ubuntu6.1) ... 159s Selecting previously unselected package sssd-idp. 159s Preparing to unpack .../44-sssd-idp_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 159s Unpacking sssd-idp (2.9.4-1.1ubuntu6.1) ... 159s Selecting previously unselected package sssd-passkey. 159s Preparing to unpack .../45-sssd-passkey_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 159s Unpacking sssd-passkey (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package libipa-hbac-dev. 160s Preparing to unpack .../46-libipa-hbac-dev_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking libipa-hbac-dev (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package libsss-certmap-dev. 160s Preparing to unpack .../47-libsss-certmap-dev_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking libsss-certmap-dev (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package libsss-idmap-dev. 160s Preparing to unpack .../48-libsss-idmap-dev_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking libsss-idmap-dev (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package libsss-nss-idmap-dev. 160s Preparing to unpack .../49-libsss-nss-idmap-dev_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking libsss-nss-idmap-dev (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package libsss-sudo. 160s Preparing to unpack .../50-libsss-sudo_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking libsss-sudo (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package python3-libipa-hbac. 160s Preparing to unpack .../51-python3-libipa-hbac_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking python3-libipa-hbac (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package python3-libsss-nss-idmap. 160s Preparing to unpack .../52-python3-libsss-nss-idmap_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking python3-libsss-nss-idmap (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package sssd-ad-common. 160s Preparing to unpack .../53-sssd-ad-common_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking sssd-ad-common (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package sssd-krb5-common. 160s Preparing to unpack .../54-sssd-krb5-common_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking sssd-krb5-common (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package sssd-ad. 160s Preparing to unpack .../55-sssd-ad_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking sssd-ad (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package sssd-ipa. 160s Preparing to unpack .../56-sssd-ipa_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking sssd-ipa (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package sssd-krb5. 160s Preparing to unpack .../57-sssd-krb5_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking sssd-krb5 (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package sssd-ldap. 160s Preparing to unpack .../58-sssd-ldap_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking sssd-ldap (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package sssd-proxy. 160s Preparing to unpack .../59-sssd-proxy_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking sssd-proxy (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package sssd. 160s Preparing to unpack .../60-sssd_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking sssd (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package sssd-dbus. 160s Preparing to unpack .../61-sssd-dbus_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking sssd-dbus (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package sssd-kcm. 160s Preparing to unpack .../62-sssd-kcm_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking sssd-kcm (2.9.4-1.1ubuntu6.1) ... 160s Selecting previously unselected package sssd-tools. 160s Preparing to unpack .../63-sssd-tools_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 160s Unpacking sssd-tools (2.9.4-1.1ubuntu6.1) ... 160s Setting up libpwquality-common (1.4.5-3build1) ... 160s Setting up libnfsidmap1:ppc64el (1:2.6.4-3ubuntu5) ... 160s Setting up libsss-idmap0 (2.9.4-1.1ubuntu6.1) ... 160s Setting up libbasicobjects0t64:ppc64el (0.6.2-2.1build1) ... 160s Setting up libipa-hbac0t64 (2.9.4-1.1ubuntu6.1) ... 160s Setting up libsss-idmap-dev (2.9.4-1.1ubuntu6.1) ... 160s Setting up libref-array1t64:ppc64el (0.6.2-2.1build1) ... 160s Setting up libipa-hbac-dev (2.9.4-1.1ubuntu6.1) ... 160s Setting up libtdb1:ppc64el (1.4.10-1build1) ... 160s Setting up libcollection4t64:ppc64el (0.6.2-2.1build1) ... 160s Setting up libevent-2.1-7t64:ppc64el (2.1.12-stable-9ubuntu2) ... 160s Setting up ldap-utils (2.6.7+dfsg-1~exp1ubuntu8.1) ... 160s Setting up libjose0:ppc64el (13-1) ... 160s Setting up libwbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 160s Setting up libtalloc2:ppc64el (2.4.2-1build2) ... 160s Setting up libpath-utils1t64:ppc64el (0.6.2-2.1build1) ... 160s Setting up libavahi-common-data:ppc64el (0.8-13ubuntu6) ... 160s Setting up libcares2:ppc64el (1.27.0-1.0ubuntu1) ... 160s Setting up libdhash1t64:ppc64el (0.6.2-2.1build1) ... 160s Setting up libtcl8.6:ppc64el (8.6.14+dfsg-1build1) ... 160s Setting up libltdl7:ppc64el (2.4.7-7build1) ... 160s Setting up libcrack2:ppc64el (2.9.6-5.1build2) ... 160s Setting up libodbc2:ppc64el (2.3.12-1ubuntu0.24.04.1) ... 160s Setting up python3-libipa-hbac (2.9.4-1.1ubuntu6.1) ... 160s Setting up libnss-sudo (1.9.15p5-3ubuntu5) ... 160s Setting up libsss-nss-idmap0 (2.9.4-1.1ubuntu6.1) ... 160s Setting up libini-config5t64:ppc64el (0.6.2-2.1build1) ... 160s Setting up libtevent0t64:ppc64el (0.16.1-2build1) ... 160s Setting up libnss-sss:ppc64el (2.9.4-1.1ubuntu6.1) ... 160s Setting up slapd (2.6.7+dfsg-1~exp1ubuntu8.1) ... 160s Creating new user openldap... done. 160s Creating initial configuration... done. 160s Creating LDAP directory... done. 161s Setting up tcl8.6 (8.6.14+dfsg-1build1) ... 161s Setting up libsss-sudo (2.9.4-1.1ubuntu6.1) ... 161s Setting up libsss-nss-idmap-dev (2.9.4-1.1ubuntu6.1) ... 161s Setting up libavahi-common3:ppc64el (0.8-13ubuntu6) ... 161s Setting up tcl-expect:ppc64el (5.45.4-3) ... 161s Setting up libsss-certmap0 (2.9.4-1.1ubuntu6.1) ... 161s Setting up libpwquality1:ppc64el (1.4.5-3build1) ... 161s Setting up python3-libsss-nss-idmap (2.9.4-1.1ubuntu6.1) ... 161s Setting up libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 161s Setting up libavahi-client3:ppc64el (0.8-13ubuntu6) ... 161s Setting up expect (5.45.4-3) ... 161s Setting up libpam-pwquality:ppc64el (1.4.5-3build1) ... 161s Setting up samba-libs:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 161s Setting up libsss-certmap-dev (2.9.4-1.1ubuntu6.1) ... 161s Setting up python3-sss (2.9.4-1.1ubuntu6.1) ... 161s Setting up libsmbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 161s Setting up libpam-sss:ppc64el (2.9.4-1.1ubuntu6.1) ... 161s Setting up sssd-common (2.9.4-1.1ubuntu6.1) ... 161s Creating SSSD system user & group... 162s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 162s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 162s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 162s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 162s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 163s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 163s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 163s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 163s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 164s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 164s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 164s sssd-autofs.service is a disabled or a static unit, not starting it. 164s sssd-nss.service is a disabled or a static unit, not starting it. 164s sssd-pam.service is a disabled or a static unit, not starting it. 164s sssd-ssh.service is a disabled or a static unit, not starting it. 164s sssd-sudo.service is a disabled or a static unit, not starting it. 164s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 164s Setting up sssd-proxy (2.9.4-1.1ubuntu6.1) ... 164s Setting up sssd-kcm (2.9.4-1.1ubuntu6.1) ... 165s Created symlink /etc/systemd/system/sockets.target.wants/sssd-kcm.socket → /usr/lib/systemd/system/sssd-kcm.socket. 165s sssd-kcm.service is a disabled or a static unit, not starting it. 165s Setting up sssd-dbus (2.9.4-1.1ubuntu6.1) ... 166s sssd-ifp.service is a disabled or a static unit, not starting it. 166s Setting up sssd-ad-common (2.9.4-1.1ubuntu6.1) ... 166s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 166s sssd-pac.service is a disabled or a static unit, not starting it. 166s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 166s Setting up sssd-krb5-common (2.9.4-1.1ubuntu6.1) ... 166s Setting up sssd-krb5 (2.9.4-1.1ubuntu6.1) ... 166s Setting up sssd-ldap (2.9.4-1.1ubuntu6.1) ... 166s Setting up sssd-ad (2.9.4-1.1ubuntu6.1) ... 166s Setting up sssd-tools (2.9.4-1.1ubuntu6.1) ... 166s Setting up sssd-ipa (2.9.4-1.1ubuntu6.1) ... 166s Setting up sssd (2.9.4-1.1ubuntu6.1) ... 166s Setting up libverto-libevent1t64:ppc64el (0.3.1-1.2ubuntu3) ... 166s Setting up libverto1t64:ppc64el (0.3.1-1.2ubuntu3) ... 166s Setting up libkrad0:ppc64el (1.20.1-6ubuntu2.2) ... 166s Setting up sssd-passkey (2.9.4-1.1ubuntu6.1) ... 166s Setting up sssd-idp (2.9.4-1.1ubuntu6.1) ... 166s Processing triggers for libc-bin (2.39-0ubuntu8.3) ... 166s Processing triggers for ufw (0.36.2-6) ... 166s Processing triggers for man-db (2.12.0-4build2) ... 167s Processing triggers for dbus (1.14.10-4ubuntu4.1) ... 173s autopkgtest [21:47:30]: test ldap-user-group-ldap-auth: [----------------------- 173s + . debian/tests/util 173s + . debian/tests/common-tests 173s + mydomain=example.com 173s + myhostname=ldap.example.com 173s + mysuffix=dc=example,dc=com 173s + admin_dn=cn=admin,dc=example,dc=com 173s + admin_pw=secret 173s + ldap_user=testuser1 173s + ldap_user_pw=testuser1secret 173s + ldap_group=ldapusers 173s + adjust_hostname ldap.example.com 173s + local myhostname=ldap.example.com 173s + echo ldap.example.com 173s + hostname ldap.example.com 173s + grep -qE ldap.example.com /etc/hosts 173s + echo 127.0.1.10 ldap.example.com 173s + reconfigure_slapd 173s + debconf-set-selections 173s + rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb 173s + dpkg-reconfigure -fnoninteractive -pcritical slapd 174s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8.1... done. 174s Moving old database directory to /var/backups: 174s - directory unknown... done. 174s Creating initial configuration... done. 174s Creating LDAP directory... done. 174s + generate_certs ldap.example.com 174s + local cn=ldap.example.com 174s + local cert=/etc/ldap/server.pem 174s + local key=/etc/ldap/server.key 174s + local cnf=/etc/ldap/openssl.cnf 174s + cat 174s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 174s .............++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 174s .....++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 174s ----- 174s modifying entry "cn=config" 174s 174s + chmod 0640 /etc/ldap/server.key 174s + chgrp openldap /etc/ldap/server.key 174s + [ ! -f /etc/ldap/server.pem ] 174s + [ ! -f /etc/ldap/server.key ] 174s + enable_ldap_ssl 174s + cat 174s + cat 174s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 174s + populate_ldap_rfc2307 174s + cat 174s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 174s + configure_sssd_ldap_rfc2307 174s + cat 174s adding new entry "ou=People,dc=example,dc=com" 174s 174s adding new entry "ou=Group,dc=example,dc=com" 174s 174s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 174s 174s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 174s 174s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 174s 174s + chmod 0600 /etc/sssd/sssd.conf 174s + systemctl restart sssd 174s + enable_pam_mkhomedir 174s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 174s Assert local user databases do not have our LDAP test data 174s + echo session optional pam_mkhomedir.so 174s + run_common_tests 174s + echo Assert local user databases do not have our LDAP test data 174s + check_local_user testuser1 174s + local local_user=testuser1 174s + grep -q ^testuser1 /etc/passwd 174s + check_local_group testuser1 174s + local local_group=testuser1 174s + grep -q ^testuser1 /etc/group 174s + check_local_group ldapusers 174s + local local_group=ldapusers 174s + grep -q ^ldapusers /etc/group 174s The LDAP user is known to the system via getent 174s + echo The LDAP user is known to the system via getent 174s + check_getent_user testuser1 174s + local getent_user=testuser1 174s + local output 174s + getent passwd testuser1 174s + The LDAP user's private group is known to the system via getent 174s output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 174s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 174s + echo The LDAP user's private group is known to the system via getent 174s + check_getent_group testuser1 174s + local getent_group=testuser1 174s + local output 175s + getent group testuser1 175s + The LDAP group ldapusers is known to the system via getent 175s output=testuser1:*:10001:testuser1 175s + [ -z testuser1:*:10001:testuser1 ] 175s + echo The LDAP group ldapusers is known to the system via getent 175s + check_getent_group ldapusers 175s + local getent_group=ldapusers 175s + local output 175s + getent group ldapusers 175s + The id(1) command can resolve the group membership of the LDAP user 175s output=ldapusers:*:10100:testuser1 175s + [ -z ldapusers:*:10100:testuser1 ] 175s + echo The id(1) command can resolve the group membership of the LDAP user 175s + id -Gn testuser1 175s The LDAP user can login on a terminal 175s + output=testuser1 ldapusers 175s + [ testuser1 ldapusers != testuser1 ldapusers ] 175s + echo The LDAP user can login on a terminal 175s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1secret 175s spawn login 175s ldap.example.com login: testuser1 175s Password: 175s Welcome to Ubuntu 24.04.1 LTS (GNU/Linux 6.8.0-49-generic ppc64le) 175s 175s * Documentation: https://help.ubuntu.com 175s * Management: https://landscape.canonical.com 175s * Support: https://ubuntu.com/pro 175s 175s 175s The programs included with the Ubuntu system are free software; 175s the exact distribution terms for each program are described in the 175s individual files in /usr/share/doc/*/copyright. 175s 175s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 175s applicable law. 175s 175s 175s The programs included with the Ubuntu system are free software; 175s the exact distribution terms for each program are described in the 175s individual files in /usr/share/doc/*/copyright. 175s 175s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 175s applicable law. 175s 175s Creating directory '/home/testuser1'. 175s [?2004htestuser1@ldap:~$ id -un 175s [?2004l testuser1 175s [?2004htestuser1@ldap:~$ autopkgtest [21:47:32]: test ldap-user-group-ldap-auth: -----------------------] 176s autopkgtest [21:47:33]: test ldap-user-group-ldap-auth: - - - - - - - - - - results - - - - - - - - - - 176s ldap-user-group-ldap-auth PASS 176s autopkgtest [21:47:33]: test ldap-user-group-krb5-auth: preparing testbed 177s Reading package lists... 177s Building dependency tree... 177s Reading state information... 177s Starting pkgProblemResolver with broken count: 0 177s Starting 2 pkgProblemResolver with broken count: 0 177s Done 177s The following NEW packages will be installed: 177s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4t64 177s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10t64 178s 0 upgraded, 8 newly installed, 0 to remove and 0 not upgraded. 178s Need to get 671 kB of archives. 178s After this operation, 3110 kB of additional disk space will be used. 178s Get:1 http://ftpmaster.internal/ubuntu noble/main ppc64el krb5-config all 2.7 [22.0 kB] 178s Get:2 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libgssrpc4t64 ppc64el 1.20.1-6ubuntu2.2 [65.2 kB] 178s Get:3 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libkadm5clnt-mit12 ppc64el 1.20.1-6ubuntu2.2 [43.9 kB] 178s Get:4 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libkdb5-10t64 ppc64el 1.20.1-6ubuntu2.2 [46.9 kB] 178s Get:5 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libkadm5srv-mit12 ppc64el 1.20.1-6ubuntu2.2 [61.2 kB] 178s Get:6 http://ftpmaster.internal/ubuntu noble-updates/universe ppc64el krb5-user ppc64el 1.20.1-6ubuntu2.2 [116 kB] 178s Get:7 http://ftpmaster.internal/ubuntu noble-updates/universe ppc64el krb5-kdc ppc64el 1.20.1-6ubuntu2.2 [209 kB] 178s Get:8 http://ftpmaster.internal/ubuntu noble-updates/universe ppc64el krb5-admin-server ppc64el 1.20.1-6ubuntu2.2 [107 kB] 178s Preconfiguring packages ... 180s Fetched 671 kB in 1s (1229 kB/s) 180s Selecting previously unselected package krb5-config. 180s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 73716 files and directories currently installed.) 180s Preparing to unpack .../0-krb5-config_2.7_all.deb ... 180s Unpacking krb5-config (2.7) ... 180s Selecting previously unselected package libgssrpc4t64:ppc64el. 180s Preparing to unpack .../1-libgssrpc4t64_1.20.1-6ubuntu2.2_ppc64el.deb ... 180s Unpacking libgssrpc4t64:ppc64el (1.20.1-6ubuntu2.2) ... 180s Selecting previously unselected package libkadm5clnt-mit12:ppc64el. 180s Preparing to unpack .../2-libkadm5clnt-mit12_1.20.1-6ubuntu2.2_ppc64el.deb ... 180s Unpacking libkadm5clnt-mit12:ppc64el (1.20.1-6ubuntu2.2) ... 180s Selecting previously unselected package libkdb5-10t64:ppc64el. 180s Preparing to unpack .../3-libkdb5-10t64_1.20.1-6ubuntu2.2_ppc64el.deb ... 180s Unpacking libkdb5-10t64:ppc64el (1.20.1-6ubuntu2.2) ... 180s Selecting previously unselected package libkadm5srv-mit12:ppc64el. 180s Preparing to unpack .../4-libkadm5srv-mit12_1.20.1-6ubuntu2.2_ppc64el.deb ... 180s Unpacking libkadm5srv-mit12:ppc64el (1.20.1-6ubuntu2.2) ... 180s Selecting previously unselected package krb5-user. 180s Preparing to unpack .../5-krb5-user_1.20.1-6ubuntu2.2_ppc64el.deb ... 180s Unpacking krb5-user (1.20.1-6ubuntu2.2) ... 180s Selecting previously unselected package krb5-kdc. 180s Preparing to unpack .../6-krb5-kdc_1.20.1-6ubuntu2.2_ppc64el.deb ... 180s Unpacking krb5-kdc (1.20.1-6ubuntu2.2) ... 180s Selecting previously unselected package krb5-admin-server. 180s Preparing to unpack .../7-krb5-admin-server_1.20.1-6ubuntu2.2_ppc64el.deb ... 180s Unpacking krb5-admin-server (1.20.1-6ubuntu2.2) ... 180s Setting up libgssrpc4t64:ppc64el (1.20.1-6ubuntu2.2) ... 180s Setting up krb5-config (2.7) ... 180s Setting up libkadm5clnt-mit12:ppc64el (1.20.1-6ubuntu2.2) ... 180s Setting up libkdb5-10t64:ppc64el (1.20.1-6ubuntu2.2) ... 180s Setting up libkadm5srv-mit12:ppc64el (1.20.1-6ubuntu2.2) ... 180s Setting up krb5-user (1.20.1-6ubuntu2.2) ... 180s update-alternatives: using /usr/bin/kinit.mit to provide /usr/bin/kinit (kinit) in auto mode 180s update-alternatives: using /usr/bin/klist.mit to provide /usr/bin/klist (klist) in auto mode 180s update-alternatives: using /usr/bin/kswitch.mit to provide /usr/bin/kswitch (kswitch) in auto mode 180s update-alternatives: using /usr/bin/ksu.mit to provide /usr/bin/ksu (ksu) in auto mode 180s update-alternatives: using /usr/bin/kpasswd.mit to provide /usr/bin/kpasswd (kpasswd) in auto mode 180s update-alternatives: using /usr/bin/kdestroy.mit to provide /usr/bin/kdestroy (kdestroy) in auto mode 180s update-alternatives: using /usr/bin/kadmin.mit to provide /usr/bin/kadmin (kadmin) in auto mode 180s update-alternatives: using /usr/bin/ktutil.mit to provide /usr/bin/ktutil (ktutil) in auto mode 180s Setting up krb5-kdc (1.20.1-6ubuntu2.2) ... 181s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-kdc.service → /usr/lib/systemd/system/krb5-kdc.service. 181s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 181s Setting up krb5-admin-server (1.20.1-6ubuntu2.2) ... 182s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-admin-server.service → /usr/lib/systemd/system/krb5-admin-server.service. 182s Processing triggers for man-db (2.12.0-4build2) ... 183s Processing triggers for libc-bin (2.39-0ubuntu8.3) ... 189s autopkgtest [21:47:46]: test ldap-user-group-krb5-auth: [----------------------- 189s + . debian/tests/util 189s + . debian/tests/common-tests 189s + mydomain=example.com 189s + myhostname=ldap.example.com 189s + mysuffix=dc=example,dc=com 189s + myrealm=EXAMPLE.COM 189s + admin_dn=cn=admin,dc=example,dc=com 189s + admin_pw=secret 189s + ldap_user=testuser1 189s + ldap_user_pw=testuser1secret 189s + kerberos_principal_pw=testuser1kerberos 189s + ldap_group=ldapusers 189s + adjust_hostname ldap.example.com 189s + local myhostname=ldap.example.com 189s + echo ldap.example.com 189s + hostname ldap.example.com 189s + grep -qE ldap.example.com /etc/hosts 189s + reconfigure_slapd 189s + debconf-set-selections 189s + rm -rf /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8.1 /var/backups/unknown-2.6.7+dfsg-1~exp1ubuntu8.1-20241129-214731.ldapdb 189s + dpkg-reconfigure -fnoninteractive -pcritical slapd 189s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8.1... done. 189s Moving old database directory to /var/backups: 189s - directory unknown... done. 189s Creating initial configuration... done. 190s Creating LDAP directory... done. 190s + generate_certs ldap.example.com 190s + local cn=ldap.example.com 190s + local cert=/etc/ldap/server.pem 190s + local key=/etc/ldap/server.key 190s + local cnf=/etc/ldap/openssl.cnf 190s + cat 190s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 190s ...........++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 190s ..++++++++++++++++++++++++++++++++++++++++++++++++++++++modifying entry "cn=config" 190s 190s ++++++++++ 190s ----- 190s + chmod 0640 /etc/ldap/server.key 190s + chgrp openldap /etc/ldap/server.key 190s + [ ! -f /etc/ldap/server.pem ] 190s + [ ! -f /etc/ldap/server.key ] 190s + enable_ldap_ssl 190s + cat 190s + cat 190s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 190s + populate_ldap_rfc2307 190s + cat 190s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 190s adding new entry "ou=People,dc=example,dc=com" 190s 190s adding new entry "ou=Group,dc=example,dc=com" 190s 190s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 190s 190s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 190s 190s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 190s 190s + create_realm EXAMPLE.COM ldap.example.com 190s + local realm_name=EXAMPLE.COM 190s + local kerberos_server=ldap.example.com 190s + rm -rf /var/lib/krb5kdc/* 190s + rm -rf /etc/krb5kdc/kdc.conf 190s + rm -f /etc/krb5.keytab 190s + cat 190s + cat 190s + echo # */admin * 190s + kdb5_util create -s -P secretpassword 190s Initializing database '/var/lib/krb5kdc/principal' for realm 'EXAMPLE.COM', 190s master key name 'K/M@EXAMPLE.COM' 190s + systemctl restart krb5-kdc.service krb5-admin-server.service 190s + create_krb_principal testuser1 testuser1kerberos 190s + local principal=testuser1 190s + local password=testuser1kerberos 190s + kadmin.local -q addprinc -pw testuser1kerberos testuser1 190s No policy specified for testuser1@EXAMPLE.COM; defaulting to no policy 190s Authenticating as principal root/admin@EXAMPLE.COM with password. 190s Principal "testuser1@EXAMPLE.COM" created. 190s + configure_sssd_ldap_rfc2307_krb5_auth 190s + cat 190s + chmod 0600 /etc/sssd/sssd.conf 190s + systemctl restart sssd 190s + enable_pam_mkhomedir 190s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 190s + run_common_tests 190s + echo Assert local user databases do not have our LDAP test data 190s + check_local_user testuser1 190s + local local_user=testuser1 190s + grep -q ^testuser1 /etc/passwd 190s Assert local user databases do not have our LDAP test data 190s + check_local_group testuser1 190s + local local_group=testuser1 190s + grep -q ^testuser1 /etc/group 190s + check_local_group ldapusers 190s + local local_group=ldapusers 190s + grep -q ^ldapusers /etc/group 190s The LDAP user is known to the system via getent 190s + echo The LDAP user is known to the system via getent 190s + check_getent_user testuser1 190s + local getent_user=testuser1 190s + local output 190s + getent passwd testuser1 190s The LDAP user's private group is known to the system via getent 190s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 190s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 190s + echo The LDAP user's private group is known to the system via getent 190s + check_getent_group testuser1 190s + local getent_group=testuser1 190s + local output 190s + getent group testuser1 190s + The LDAP group ldapusers is known to the system via getent 190s output=testuser1:*:10001:testuser1 190s + [ -z testuser1:*:10001:testuser1 ] 190s + echo The LDAP group ldapusers is known to the system via getent 190s + check_getent_group ldapusers 190s + local getent_group=ldapusers 190s + local output 190s + getent group ldapusers 191s The id(1) command can resolve the group membership of the LDAP user 191s + output=ldapusers:*:10100:testuser1 191s + [ -z ldapusers:*:10100:testuser1 ] 191s + echo The id(1) command can resolve the group membership of the LDAP user 191s + id -Gn testuser1 191s + The Kerberos principal can login on a terminal 191s output=testuser1 ldapusers 191s + [ testuser1 ldapusers != testuser1 ldapusers ] 191s + echo The Kerberos principal can login on a terminal 191s + kdestroy 191s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1kerberos testuser1@EXAMPLE.COM 191s spawn login 191s ldap.example.com login: testuser1 191s Password: 191s Welcome to Ubuntu 24.04.1 LTS (GNU/Linux 6.8.0-49-generic ppc64le) 191s 191s * Documentation: https://help.ubuntu.com 191s * Management: https://landscape.canonical.com 191s * Support: https://ubuntu.com/pro 191s 191s 191s The programs included with the Ubuntu system are free software; 191s the exact distribution terms for each program are described in the 191s individual files in /usr/share/doc/*/copyright. 191s 191s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 191s applicable law. 191s 191s [?2004htestuser1@ldap:~$ id -un 191s [?2004l testuser1 191s [?2004htestuser1@ldap:~$ klist 191s [?2004l Ticket cache: FILE:/tmp/krb5cc_10001_l8l2mb 191s Default principal: testuser1@EXAMPLE.COM 191s 191s Valid starting Expires Service principal 191s 11/29/24 21:47:48 11/30/24 07:47:48 krbtgt/EXAMPLE.COM@EXAMPLE.COMautopkgtest [21:47:48]: test ldap-user-group-krb5-auth: -----------------------] 192s ldap-user-group-krb5-auth PASS 192s autopkgtest [21:47:49]: test ldap-user-group-krb5-auth: - - - - - - - - - - results - - - - - - - - - - 192s autopkgtest [21:47:49]: test sssd-softhism2-certificates-tests.sh: preparing testbed 323s autopkgtest [21:50:00]: testbed dpkg architecture: ppc64el 323s autopkgtest [21:50:00]: testbed apt version: 2.7.14build2 323s autopkgtest [21:50:00]: @@@@@@@@@@@@@@@@@@@@ test bed setup 323s autopkgtest [21:50:00]: testbed release detected to be: noble 324s autopkgtest [21:50:01]: updating testbed package index (apt update) 324s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [265 kB] 325s Hit:2 http://ftpmaster.internal/ubuntu noble InRelease 325s Hit:3 http://ftpmaster.internal/ubuntu noble-updates InRelease 325s Hit:4 http://ftpmaster.internal/ubuntu noble-security InRelease 325s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [17.3 kB] 325s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [103 kB] 325s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [92.1 kB] 325s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [8604 B] 325s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el Packages [172 kB] 325s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el c-n-f Metadata [3752 B] 325s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el Packages [1384 B] 325s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/restricted ppc64el c-n-f Metadata [116 B] 325s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el Packages [658 kB] 325s Get:14 http://ftpmaster.internal/ubuntu noble-proposed/universe ppc64el c-n-f Metadata [9704 B] 325s Get:15 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el Packages [972 B] 325s Get:16 http://ftpmaster.internal/ubuntu noble-proposed/multiverse ppc64el c-n-f Metadata [116 B] 330s Fetched 1333 kB in 1s (1427 kB/s) 331s Reading package lists... 332s Reading package lists... 332s Building dependency tree... 332s Reading state information... 332s Calculating upgrade... 332s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 332s Reading package lists... 332s Building dependency tree... 332s Reading state information... 333s 0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded. 333s autopkgtest [21:50:10]: upgrading testbed (apt dist-upgrade and autopurge) 333s Reading package lists... 333s Building dependency tree... 333s Reading state information... 333s Calculating upgrade...Starting pkgProblemResolver with broken count: 0 333s Starting 2 pkgProblemResolver with broken count: 0 333s Done 334s Entering ResolveByKeep 334s 334s The following packages will be upgraded: 334s login passwd 334s 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 334s Need to get 1082 kB of archives. 334s After this operation, 4096 B disk space will be freed. 334s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el login ppc64el 1:4.13+dfsg1-4ubuntu3.3 [205 kB] 335s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main ppc64el passwd ppc64el 1:4.13+dfsg1-4ubuntu3.3 [877 kB] 335s Fetched 1082 kB in 1s (1909 kB/s) 336s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72425 files and directories currently installed.) 336s Preparing to unpack .../login_1%3a4.13+dfsg1-4ubuntu3.3_ppc64el.deb ... 336s Unpacking login (1:4.13+dfsg1-4ubuntu3.3) over (1:4.13+dfsg1-4ubuntu3.2) ... 336s Setting up login (1:4.13+dfsg1-4ubuntu3.3) ... 336s Installing new version of config file /etc/pam.d/login ... 336s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72425 files and directories currently installed.) 336s Preparing to unpack .../passwd_1%3a4.13+dfsg1-4ubuntu3.3_ppc64el.deb ... 336s Unpacking passwd (1:4.13+dfsg1-4ubuntu3.3) over (1:4.13+dfsg1-4ubuntu3.2) ... 336s Setting up passwd (1:4.13+dfsg1-4ubuntu3.3) ... 336s Processing triggers for man-db (2.12.0-4build2) ... 339s Reading package lists... 339s Building dependency tree... 339s Reading state information... 340s Starting pkgProblemResolver with broken count: 0 340s Starting 2 pkgProblemResolver with broken count: 0 340s Done 340s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 343s Reading package lists... 343s Building dependency tree... 343s Reading state information... 343s Starting pkgProblemResolver with broken count: 0 343s Starting 2 pkgProblemResolver with broken count: 0 343s Done 343s The following NEW packages will be installed: 343s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 343s libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 libdhash1t64 343s libevent-2.1-7t64 libgnutls-dane0t64 libini-config5t64 libipa-hbac0t64 343s libldb2 libnfsidmap1 libnss-sss libpam-pwquality libpam-sss 343s libpath-utils1t64 libpwquality-common libpwquality1 libref-array1t64 343s libsmbclient0 libsofthsm2 libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 343s libtalloc2 libtdb1 libtevent0t64 libunbound8 libwbclient0 python3-sss 343s samba-libs softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common 343s sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy 344s 0 upgraded, 45 newly installed, 0 to remove and 0 not upgraded. 344s Need to get 11.4 MB of archives. 344s After this operation, 57.0 MB of additional disk space will be used. 344s Get:1 http://ftpmaster.internal/ubuntu noble/main ppc64el libevent-2.1-7t64 ppc64el 2.1.12-stable-9ubuntu2 [174 kB] 344s Get:2 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libunbound8 ppc64el 1.19.2-1ubuntu3.3 [538 kB] 344s Get:3 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libgnutls-dane0t64 ppc64el 3.8.3-1.1ubuntu3.2 [24.6 kB] 344s Get:4 http://ftpmaster.internal/ubuntu noble-updates/universe ppc64el gnutls-bin ppc64el 3.8.3-1.1ubuntu3.2 [290 kB] 344s Get:5 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common-data ppc64el 0.8-13ubuntu6 [29.7 kB] 344s Get:6 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-common3 ppc64el 0.8-13ubuntu6 [26.3 kB] 344s Get:7 http://ftpmaster.internal/ubuntu noble/main ppc64el libavahi-client3 ppc64el 0.8-13ubuntu6 [30.8 kB] 344s Get:8 http://ftpmaster.internal/ubuntu noble/main ppc64el libbasicobjects0t64 ppc64el 0.6.2-2.1build1 [6138 B] 344s Get:9 http://ftpmaster.internal/ubuntu noble/main ppc64el libcares2 ppc64el 1.27.0-1.0ubuntu1 [99.0 kB] 344s Get:10 http://ftpmaster.internal/ubuntu noble/main ppc64el libcollection4t64 ppc64el 0.6.2-2.1build1 [36.4 kB] 344s Get:11 http://ftpmaster.internal/ubuntu noble/main ppc64el libcrack2 ppc64el 2.9.6-5.1build2 [31.1 kB] 344s Get:12 http://ftpmaster.internal/ubuntu noble/main ppc64el libdhash1t64 ppc64el 0.6.2-2.1build1 [10.4 kB] 344s Get:13 http://ftpmaster.internal/ubuntu noble/main ppc64el libpath-utils1t64 ppc64el 0.6.2-2.1build1 [10.6 kB] 344s Get:14 http://ftpmaster.internal/ubuntu noble/main ppc64el libref-array1t64 ppc64el 0.6.2-2.1build1 [8160 B] 344s Get:15 http://ftpmaster.internal/ubuntu noble/main ppc64el libini-config5t64 ppc64el 0.6.2-2.1build1 [55.3 kB] 344s Get:16 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libipa-hbac0t64 ppc64el 2.9.4-1.1ubuntu6.1 [18.1 kB] 344s Get:17 http://ftpmaster.internal/ubuntu noble/main ppc64el libtalloc2 ppc64el 2.4.2-1build2 [36.7 kB] 344s Get:18 http://ftpmaster.internal/ubuntu noble/main ppc64el libtdb1 ppc64el 1.4.10-1build1 [62.8 kB] 344s Get:19 http://ftpmaster.internal/ubuntu noble/main ppc64el libtevent0t64 ppc64el 0.16.1-2build1 [51.2 kB] 344s Get:20 http://ftpmaster.internal/ubuntu noble/main ppc64el libldb2 ppc64el 2:2.8.0+samba4.19.5+dfsg-4ubuntu9 [220 kB] 344s Get:21 http://ftpmaster.internal/ubuntu noble/main ppc64el libnfsidmap1 ppc64el 1:2.6.4-3ubuntu5 [54.5 kB] 344s Get:22 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality-common all 1.4.5-3build1 [7748 B] 344s Get:23 http://ftpmaster.internal/ubuntu noble/main ppc64el libpwquality1 ppc64el 1.4.5-3build1 [17.0 kB] 344s Get:24 http://ftpmaster.internal/ubuntu noble/main ppc64el libpam-pwquality ppc64el 1.4.5-3build1 [12.5 kB] 344s Get:25 http://ftpmaster.internal/ubuntu noble/main ppc64el libwbclient0 ppc64el 2:4.19.5+dfsg-4ubuntu9 [77.3 kB] 344s Get:26 http://ftpmaster.internal/ubuntu noble/main ppc64el samba-libs ppc64el 2:4.19.5+dfsg-4ubuntu9 [6674 kB] 345s Get:27 http://ftpmaster.internal/ubuntu noble/main ppc64el libsmbclient0 ppc64el 2:4.19.5+dfsg-4ubuntu9 [70.3 kB] 345s Get:28 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libnss-sss ppc64el 2.9.4-1.1ubuntu6.1 [36.8 kB] 345s Get:29 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libpam-sss ppc64el 2.9.4-1.1ubuntu6.1 [57.0 kB] 345s Get:30 http://ftpmaster.internal/ubuntu noble/universe ppc64el softhsm2-common ppc64el 2.6.1-2.2ubuntu3 [6198 B] 345s Get:31 http://ftpmaster.internal/ubuntu noble/universe ppc64el libsofthsm2 ppc64el 2.6.1-2.2ubuntu3 [296 kB] 345s Get:32 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libsss-certmap0 ppc64el 2.9.4-1.1ubuntu6.1 [54.2 kB] 345s Get:33 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libsss-idmap0 ppc64el 2.9.4-1.1ubuntu6.1 [25.2 kB] 345s Get:34 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el libsss-nss-idmap0 ppc64el 2.9.4-1.1ubuntu6.1 [37.9 kB] 345s Get:35 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el python3-sss ppc64el 2.9.4-1.1ubuntu6.1 [48.5 kB] 345s Get:36 http://ftpmaster.internal/ubuntu noble/universe ppc64el softhsm2 ppc64el 2.6.1-2.2ubuntu3 [200 kB] 345s Get:37 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-common ppc64el 2.9.4-1.1ubuntu6.1 [1280 kB] 345s Get:38 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-ad-common ppc64el 2.9.4-1.1ubuntu6.1 [88.6 kB] 345s Get:39 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-krb5-common ppc64el 2.9.4-1.1ubuntu6.1 [103 kB] 345s Get:40 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-ad ppc64el 2.9.4-1.1ubuntu6.1 [148 kB] 345s Get:41 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-ipa ppc64el 2.9.4-1.1ubuntu6.1 [240 kB] 345s Get:42 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-krb5 ppc64el 2.9.4-1.1ubuntu6.1 [14.4 kB] 345s Get:43 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-ldap ppc64el 2.9.4-1.1ubuntu6.1 [31.6 kB] 345s Get:44 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd-proxy ppc64el 2.9.4-1.1ubuntu6.1 [48.0 kB] 345s Get:45 http://ftpmaster.internal/ubuntu noble-updates/main ppc64el sssd ppc64el 2.9.4-1.1ubuntu6.1 [4122 B] 345s Fetched 11.4 MB in 1s (8000 kB/s) 345s Selecting previously unselected package libevent-2.1-7t64:ppc64el. 345s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72425 files and directories currently installed.) 345s Preparing to unpack .../00-libevent-2.1-7t64_2.1.12-stable-9ubuntu2_ppc64el.deb ... 345s Unpacking libevent-2.1-7t64:ppc64el (2.1.12-stable-9ubuntu2) ... 345s Selecting previously unselected package libunbound8:ppc64el. 345s Preparing to unpack .../01-libunbound8_1.19.2-1ubuntu3.3_ppc64el.deb ... 345s Unpacking libunbound8:ppc64el (1.19.2-1ubuntu3.3) ... 345s Selecting previously unselected package libgnutls-dane0t64:ppc64el. 345s Preparing to unpack .../02-libgnutls-dane0t64_3.8.3-1.1ubuntu3.2_ppc64el.deb ... 345s Unpacking libgnutls-dane0t64:ppc64el (3.8.3-1.1ubuntu3.2) ... 345s Selecting previously unselected package gnutls-bin. 345s Preparing to unpack .../03-gnutls-bin_3.8.3-1.1ubuntu3.2_ppc64el.deb ... 345s Unpacking gnutls-bin (3.8.3-1.1ubuntu3.2) ... 345s Selecting previously unselected package libavahi-common-data:ppc64el. 345s Preparing to unpack .../04-libavahi-common-data_0.8-13ubuntu6_ppc64el.deb ... 345s Unpacking libavahi-common-data:ppc64el (0.8-13ubuntu6) ... 345s Selecting previously unselected package libavahi-common3:ppc64el. 345s Preparing to unpack .../05-libavahi-common3_0.8-13ubuntu6_ppc64el.deb ... 345s Unpacking libavahi-common3:ppc64el (0.8-13ubuntu6) ... 345s Selecting previously unselected package libavahi-client3:ppc64el. 345s Preparing to unpack .../06-libavahi-client3_0.8-13ubuntu6_ppc64el.deb ... 345s Unpacking libavahi-client3:ppc64el (0.8-13ubuntu6) ... 345s Selecting previously unselected package libbasicobjects0t64:ppc64el. 345s Preparing to unpack .../07-libbasicobjects0t64_0.6.2-2.1build1_ppc64el.deb ... 345s Unpacking libbasicobjects0t64:ppc64el (0.6.2-2.1build1) ... 345s Selecting previously unselected package libcares2:ppc64el. 345s Preparing to unpack .../08-libcares2_1.27.0-1.0ubuntu1_ppc64el.deb ... 345s Unpacking libcares2:ppc64el (1.27.0-1.0ubuntu1) ... 345s Selecting previously unselected package libcollection4t64:ppc64el. 345s Preparing to unpack .../09-libcollection4t64_0.6.2-2.1build1_ppc64el.deb ... 345s Unpacking libcollection4t64:ppc64el (0.6.2-2.1build1) ... 345s Selecting previously unselected package libcrack2:ppc64el. 345s Preparing to unpack .../10-libcrack2_2.9.6-5.1build2_ppc64el.deb ... 345s Unpacking libcrack2:ppc64el (2.9.6-5.1build2) ... 345s Selecting previously unselected package libdhash1t64:ppc64el. 345s Preparing to unpack .../11-libdhash1t64_0.6.2-2.1build1_ppc64el.deb ... 345s Unpacking libdhash1t64:ppc64el (0.6.2-2.1build1) ... 346s Selecting previously unselected package libpath-utils1t64:ppc64el. 346s Preparing to unpack .../12-libpath-utils1t64_0.6.2-2.1build1_ppc64el.deb ... 346s Unpacking libpath-utils1t64:ppc64el (0.6.2-2.1build1) ... 346s Selecting previously unselected package libref-array1t64:ppc64el. 346s Preparing to unpack .../13-libref-array1t64_0.6.2-2.1build1_ppc64el.deb ... 346s Unpacking libref-array1t64:ppc64el (0.6.2-2.1build1) ... 346s Selecting previously unselected package libini-config5t64:ppc64el. 346s Preparing to unpack .../14-libini-config5t64_0.6.2-2.1build1_ppc64el.deb ... 346s Unpacking libini-config5t64:ppc64el (0.6.2-2.1build1) ... 346s Selecting previously unselected package libipa-hbac0t64. 346s Preparing to unpack .../15-libipa-hbac0t64_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 346s Unpacking libipa-hbac0t64 (2.9.4-1.1ubuntu6.1) ... 346s Selecting previously unselected package libtalloc2:ppc64el. 346s Preparing to unpack .../16-libtalloc2_2.4.2-1build2_ppc64el.deb ... 346s Unpacking libtalloc2:ppc64el (2.4.2-1build2) ... 346s Selecting previously unselected package libtdb1:ppc64el. 346s Preparing to unpack .../17-libtdb1_1.4.10-1build1_ppc64el.deb ... 346s Unpacking libtdb1:ppc64el (1.4.10-1build1) ... 346s Selecting previously unselected package libtevent0t64:ppc64el. 346s Preparing to unpack .../18-libtevent0t64_0.16.1-2build1_ppc64el.deb ... 346s Unpacking libtevent0t64:ppc64el (0.16.1-2build1) ... 346s Selecting previously unselected package libldb2:ppc64el. 346s Preparing to unpack .../19-libldb2_2%3a2.8.0+samba4.19.5+dfsg-4ubuntu9_ppc64el.deb ... 346s Unpacking libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 346s Selecting previously unselected package libnfsidmap1:ppc64el. 346s Preparing to unpack .../20-libnfsidmap1_1%3a2.6.4-3ubuntu5_ppc64el.deb ... 346s Unpacking libnfsidmap1:ppc64el (1:2.6.4-3ubuntu5) ... 346s Selecting previously unselected package libpwquality-common. 346s Preparing to unpack .../21-libpwquality-common_1.4.5-3build1_all.deb ... 346s Unpacking libpwquality-common (1.4.5-3build1) ... 346s Selecting previously unselected package libpwquality1:ppc64el. 346s Preparing to unpack .../22-libpwquality1_1.4.5-3build1_ppc64el.deb ... 346s Unpacking libpwquality1:ppc64el (1.4.5-3build1) ... 346s Selecting previously unselected package libpam-pwquality:ppc64el. 346s Preparing to unpack .../23-libpam-pwquality_1.4.5-3build1_ppc64el.deb ... 346s Unpacking libpam-pwquality:ppc64el (1.4.5-3build1) ... 346s Selecting previously unselected package libwbclient0:ppc64el. 346s Preparing to unpack .../24-libwbclient0_2%3a4.19.5+dfsg-4ubuntu9_ppc64el.deb ... 346s Unpacking libwbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 346s Selecting previously unselected package samba-libs:ppc64el. 346s Preparing to unpack .../25-samba-libs_2%3a4.19.5+dfsg-4ubuntu9_ppc64el.deb ... 346s Unpacking samba-libs:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 346s Selecting previously unselected package libsmbclient0:ppc64el. 346s Preparing to unpack .../26-libsmbclient0_2%3a4.19.5+dfsg-4ubuntu9_ppc64el.deb ... 346s Unpacking libsmbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 346s Selecting previously unselected package libnss-sss:ppc64el. 346s Preparing to unpack .../27-libnss-sss_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 346s Unpacking libnss-sss:ppc64el (2.9.4-1.1ubuntu6.1) ... 346s Selecting previously unselected package libpam-sss:ppc64el. 346s Preparing to unpack .../28-libpam-sss_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 346s Unpacking libpam-sss:ppc64el (2.9.4-1.1ubuntu6.1) ... 346s Selecting previously unselected package softhsm2-common. 346s Preparing to unpack .../29-softhsm2-common_2.6.1-2.2ubuntu3_ppc64el.deb ... 346s Unpacking softhsm2-common (2.6.1-2.2ubuntu3) ... 346s Selecting previously unselected package libsofthsm2. 346s Preparing to unpack .../30-libsofthsm2_2.6.1-2.2ubuntu3_ppc64el.deb ... 346s Unpacking libsofthsm2 (2.6.1-2.2ubuntu3) ... 346s Selecting previously unselected package libsss-certmap0. 346s Preparing to unpack .../31-libsss-certmap0_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 346s Unpacking libsss-certmap0 (2.9.4-1.1ubuntu6.1) ... 346s Selecting previously unselected package libsss-idmap0. 346s Preparing to unpack .../32-libsss-idmap0_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 346s Unpacking libsss-idmap0 (2.9.4-1.1ubuntu6.1) ... 346s Selecting previously unselected package libsss-nss-idmap0. 346s Preparing to unpack .../33-libsss-nss-idmap0_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 346s Unpacking libsss-nss-idmap0 (2.9.4-1.1ubuntu6.1) ... 346s Selecting previously unselected package python3-sss. 346s Preparing to unpack .../34-python3-sss_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 346s Unpacking python3-sss (2.9.4-1.1ubuntu6.1) ... 346s Selecting previously unselected package softhsm2. 346s Preparing to unpack .../35-softhsm2_2.6.1-2.2ubuntu3_ppc64el.deb ... 346s Unpacking softhsm2 (2.6.1-2.2ubuntu3) ... 346s Selecting previously unselected package sssd-common. 346s Preparing to unpack .../36-sssd-common_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 346s Unpacking sssd-common (2.9.4-1.1ubuntu6.1) ... 346s Selecting previously unselected package sssd-ad-common. 346s Preparing to unpack .../37-sssd-ad-common_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 346s Unpacking sssd-ad-common (2.9.4-1.1ubuntu6.1) ... 346s Selecting previously unselected package sssd-krb5-common. 346s Preparing to unpack .../38-sssd-krb5-common_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 346s Unpacking sssd-krb5-common (2.9.4-1.1ubuntu6.1) ... 346s Selecting previously unselected package sssd-ad. 346s Preparing to unpack .../39-sssd-ad_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 346s Unpacking sssd-ad (2.9.4-1.1ubuntu6.1) ... 346s Selecting previously unselected package sssd-ipa. 346s Preparing to unpack .../40-sssd-ipa_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 346s Unpacking sssd-ipa (2.9.4-1.1ubuntu6.1) ... 346s Selecting previously unselected package sssd-krb5. 346s Preparing to unpack .../41-sssd-krb5_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 346s Unpacking sssd-krb5 (2.9.4-1.1ubuntu6.1) ... 346s Selecting previously unselected package sssd-ldap. 346s Preparing to unpack .../42-sssd-ldap_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 346s Unpacking sssd-ldap (2.9.4-1.1ubuntu6.1) ... 346s Selecting previously unselected package sssd-proxy. 346s Preparing to unpack .../43-sssd-proxy_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 346s Unpacking sssd-proxy (2.9.4-1.1ubuntu6.1) ... 346s Selecting previously unselected package sssd. 346s Preparing to unpack .../44-sssd_2.9.4-1.1ubuntu6.1_ppc64el.deb ... 346s Unpacking sssd (2.9.4-1.1ubuntu6.1) ... 346s Setting up libpwquality-common (1.4.5-3build1) ... 346s Setting up softhsm2-common (2.6.1-2.2ubuntu3) ... 347s 347s Creating config file /etc/softhsm/softhsm2.conf with new version 347s Setting up libnfsidmap1:ppc64el (1:2.6.4-3ubuntu5) ... 347s Setting up libsss-idmap0 (2.9.4-1.1ubuntu6.1) ... 347s Setting up libbasicobjects0t64:ppc64el (0.6.2-2.1build1) ... 347s Setting up libipa-hbac0t64 (2.9.4-1.1ubuntu6.1) ... 347s Setting up libref-array1t64:ppc64el (0.6.2-2.1build1) ... 347s Setting up libtdb1:ppc64el (1.4.10-1build1) ... 347s Setting up libcollection4t64:ppc64el (0.6.2-2.1build1) ... 347s Setting up libevent-2.1-7t64:ppc64el (2.1.12-stable-9ubuntu2) ... 347s Setting up libwbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 347s Setting up libtalloc2:ppc64el (2.4.2-1build2) ... 347s Setting up libpath-utils1t64:ppc64el (0.6.2-2.1build1) ... 347s Setting up libunbound8:ppc64el (1.19.2-1ubuntu3.3) ... 347s Setting up libgnutls-dane0t64:ppc64el (3.8.3-1.1ubuntu3.2) ... 347s Setting up libavahi-common-data:ppc64el (0.8-13ubuntu6) ... 347s Setting up libcares2:ppc64el (1.27.0-1.0ubuntu1) ... 347s Setting up libdhash1t64:ppc64el (0.6.2-2.1build1) ... 347s Setting up libcrack2:ppc64el (2.9.6-5.1build2) ... 347s Setting up libsss-nss-idmap0 (2.9.4-1.1ubuntu6.1) ... 347s Setting up libini-config5t64:ppc64el (0.6.2-2.1build1) ... 347s Setting up libtevent0t64:ppc64el (0.16.1-2build1) ... 347s Setting up libnss-sss:ppc64el (2.9.4-1.1ubuntu6.1) ... 347s Setting up gnutls-bin (3.8.3-1.1ubuntu3.2) ... 347s Setting up libsofthsm2 (2.6.1-2.2ubuntu3) ... 347s Setting up softhsm2 (2.6.1-2.2ubuntu3) ... 347s Setting up libavahi-common3:ppc64el (0.8-13ubuntu6) ... 347s Setting up libsss-certmap0 (2.9.4-1.1ubuntu6.1) ... 347s Setting up libpwquality1:ppc64el (1.4.5-3build1) ... 347s Setting up libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 347s Setting up libavahi-client3:ppc64el (0.8-13ubuntu6) ... 347s Setting up libpam-pwquality:ppc64el (1.4.5-3build1) ... 347s Setting up samba-libs:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 347s Setting up python3-sss (2.9.4-1.1ubuntu6.1) ... 347s Setting up libsmbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 347s Setting up libpam-sss:ppc64el (2.9.4-1.1ubuntu6.1) ... 347s Setting up sssd-common (2.9.4-1.1ubuntu6.1) ... 347s Creating SSSD system user & group... 348s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 348s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 348s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 348s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 348s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 348s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 349s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 349s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 349s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 349s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 350s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 350s sssd-autofs.service is a disabled or a static unit, not starting it. 350s sssd-nss.service is a disabled or a static unit, not starting it. 350s sssd-pam.service is a disabled or a static unit, not starting it. 350s sssd-ssh.service is a disabled or a static unit, not starting it. 350s sssd-sudo.service is a disabled or a static unit, not starting it. 350s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 350s Setting up sssd-proxy (2.9.4-1.1ubuntu6.1) ... 350s Setting up sssd-ad-common (2.9.4-1.1ubuntu6.1) ... 351s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 351s sssd-pac.service is a disabled or a static unit, not starting it. 351s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 351s Setting up sssd-krb5-common (2.9.4-1.1ubuntu6.1) ... 351s Setting up sssd-krb5 (2.9.4-1.1ubuntu6.1) ... 351s Setting up sssd-ldap (2.9.4-1.1ubuntu6.1) ... 351s Setting up sssd-ad (2.9.4-1.1ubuntu6.1) ... 351s Setting up sssd-ipa (2.9.4-1.1ubuntu6.1) ... 351s Setting up sssd (2.9.4-1.1ubuntu6.1) ... 351s Processing triggers for man-db (2.12.0-4build2) ... 352s Processing triggers for libc-bin (2.39-0ubuntu8.3) ... 356s autopkgtest [21:50:33]: test sssd-softhism2-certificates-tests.sh: [----------------------- 356s + '[' -z ubuntu ']' 356s + required_tools=(p11tool openssl softhsm2-util) 356s + for cmd in "${required_tools[@]}" 356s + command -v p11tool 356s + for cmd in "${required_tools[@]}" 356s + command -v openssl 356s + for cmd in "${required_tools[@]}" 356s + command -v softhsm2-util 356s + PIN=053350 356s +++ head -n 1 356s +++ find /usr/lib/softhsm/libsofthsm2.so 356s ++ realpath /usr/lib/softhsm/libsofthsm2.so 356s + SOFTHSM2_MODULE=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 356s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 356s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 356s + '[' '!' -v NO_SSSD_TESTS ']' 356s + '[' '!' -x /usr/libexec/sssd/p11_child ']' 356s + ca_db_arg=ca_db 356s ++ /usr/libexec/sssd/p11_child --help 356s + p11_child_help='Usage: p11_child [OPTION...] 356s -d, --debug-level=INT Debug level 356s --debug-timestamps=INT Add debug timestamps 356s --debug-microseconds=INT Show timestamps with microseconds 356s --dumpable=INT Allow core dumps 356s --debug-fd=INT An open file descriptor for the debug 356s logs 356s --logger=stderr|files|journald Set logger 356s --auth Run in auth mode 356s --pre Run in pre-auth mode 356s --wait_for_card Wait until card is available 356s --verification Run in verification mode 356s --pin Expect PIN on stdin 356s --keypad Expect PIN on keypad 356s --verify=STRING Tune validation 356s --ca_db=STRING CA DB to use 356s --module_name=STRING Module name for authentication 356s --token_name=STRING Token name for authentication 356s --key_id=STRING Key ID for authentication 356s --label=STRING Label for authentication 356s --certificate=STRING certificate to verify, base64 encoded 356s --uri=STRING PKCS#11 URI to restrict selection 356s --chain-id=LONG Tevent chain ID used for logging 356s purposes 356s 356s Help options: 356s -?, --help Show this help message 356s --usage Display brief usage message' 356s + echo 'Usage: p11_child [OPTION...] 356s -d, --debug-level=INT Debug level 356s --debug-timestamps=INT Add debug timestamps 356s --debug-microseconds=INT Show timestamps with microseconds 356s --dumpable=INT Allow core dumps 356s --debug-fd=INT An open file descriptor for the debug 356s logs 356s --logger=stderr|files|journald Set logger 356s --auth Run in auth mode 356s --pre Run in pre-auth mode 356s --wait_for_card Wait until card is available 356s --verification Run in verification mode 356s --pin Expect PIN on stdin 356s --keypad Expect PIN on keypad 356s --verify=STRING Tune validation 356s --ca_db=STRING CA DB to use 356s --module_name=STRING Module name for authentication 356s --token_name=STRING Token name for authentication 356s --key_id=STRING Key ID for authentication 356s --label=STRING Label for authentication 356s --certificate=STRING certificate to verify, base64 encoded 356s --uri=STRING PKCS#11 URI to restrict selection 356s --chain-id=LONG Tevent chain ID used for logging 356s purposes 356s 356s Help options: 356s -?, --help Show this help message 356s --usage Display brief usage message' 356s + grep nssdb -qs 356s + echo 'Usage: p11_child [OPTION...] 356s -d, --debug-level=INT Debug level 356s --debug-timestamps=INT Add debug timestamps 356s --debug-microseconds=INT Show timestamps with microseconds 356s --dumpable=INT Allow core dumps 356s --debug-fd=INT An open file descriptor for the debug 356s logs 356s --logger=stderr|files|journald Set logger 356s --auth Run in auth mode 356s --pre Run in pre-auth mode 356s --wait_for_card Wait until card is available 356s --verification Run in verification mode 356s --pin Expect PIN on stdin 356s --keypad Expect PIN on keypad 356s --verify=STRING Tune validation 356s --ca_db=STRING CA DB to use 356s --module_name=STRING Module name for authentication 356s --token_name=STRING Token name for authentication 356s --key_id=STRING Key ID for authentication 356s --label=STRING Label for authentication 356s --certificate=STRING certificate to verify, base64 encoded 356s --uri=STRING PKCS#11 URI to restrict selection 356s --chain-id=LONG Tevent chain ID used for logging 356s purposes 356s 356s Help options: 356s -?, --help Show this help message 356s --usage Display brief usage message' 356s + grep -qs -- --ca_db 356s + '[' '!' -e /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so ']' 356s ++ mktemp -d -t sssd-softhsm2-XXXXXX 356s + tmpdir=/tmp/sssd-softhsm2-P7qV3q 356s + keys_size=1024 356s + [[ ! -v KEEP_TEMPORARY_FILES ]] 356s + trap 'rm -rf "$tmpdir"' EXIT 356s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 356s + echo -n 01 356s + touch /tmp/sssd-softhsm2-P7qV3q/index.txt 356s + mkdir -p /tmp/sssd-softhsm2-P7qV3q/new_certs 356s + cat 356s + root_ca_key_pass=pass:random-root-CA-password-30461 356s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-P7qV3q/test-root-CA-key.pem -passout pass:random-root-CA-password-30461 1024 356s + openssl req -passin pass:random-root-CA-password-30461 -batch -config /tmp/sssd-softhsm2-P7qV3q/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-P7qV3q/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 356s + openssl x509 -noout -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 356s + cat 356s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-5285 356s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-5285 1024 356s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-5285 -config /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.config -key /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-30461 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-certificate-request.pem 356s + openssl req -text -noout -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-certificate-request.pem 356s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-P7qV3q/test-root-CA.config -passin pass:random-root-CA-password-30461 -keyfile /tmp/sssd-softhsm2-P7qV3q/test-root-CA-key.pem -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem 356s Certificate Request: 356s Data: 356s Version: 1 (0x0) 356s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 356s Subject Public Key Info: 356s Public Key Algorithm: rsaEncryption 356s Public-Key: (1024 bit) 356s Modulus: 356s 00:c0:1b:09:79:4b:15:d8:ea:ed:49:85:14:cb:08: 356s d8:50:5e:57:96:5d:63:d6:d0:3b:af:af:82:61:c4: 356s df:98:d0:40:23:ce:54:01:85:62:e8:0e:b8:10:09: 356s ed:94:21:7a:bf:66:ba:65:e8:26:26:5c:74:a9:4c: 356s f6:0f:9e:81:82:99:4e:01:40:ae:b9:e7:e1:b8:01: 356s 98:4f:07:bd:34:32:9e:8a:b1:28:1e:79:05:d3:70: 356s 7e:6c:9a:07:c1:8a:a7:54:34:9f:de:e3:6f:88:c2: 356s 73:34:26:26:6e:1b:1e:e7:89:98:66:bb:2f:45:6f: 356s 65:7e:15:31:0b:4b:e6:b4:5f 356s Exponent: 65537 (0x10001) 356s Attributes: 356s (none) 356s Requested Extensions: 356s Signature Algorithm: sha256WithRSAEncryption 356s Signature Value: 356s 52:4d:81:aa:d6:61:1b:fa:c1:fa:16:aa:33:f2:01:d3:56:76: 356s d8:a1:b9:87:0e:83:44:73:bc:dd:96:61:a8:4e:8a:38:30:cb: 356s 4d:58:78:77:db:fd:1d:6f:f9:06:9c:96:1e:20:0c:ba:3d:19: 356s 0b:14:a2:8e:f2:82:e0:23:7c:41:69:fc:2c:49:bd:e2:39:24: 356s 73:57:6d:e1:d6:2b:52:df:f0:db:b9:51:c7:5a:2e:b1:cb:ed: 356s ab:47:20:b5:3d:33:78:dd:04:06:09:7d:2a:58:95:e6:ae:b6: 356s 03:16:77:1c:7c:3c:b3:b6:c3:7d:ab:99:56:b4:24:03:73:ea: 356s 55:f6 356s Using configuration from /tmp/sssd-softhsm2-P7qV3q/test-root-CA.config 356s Check that the request matches the signature 356s Signature ok 356s Certificate Details: 356s Serial Number: 1 (0x1) 356s Validity 356s Not Before: Nov 29 21:50:33 2024 GMT 356s Not After : Nov 29 21:50:33 2025 GMT 356s Subject: 356s organizationName = Test Organization 356s organizationalUnitName = Test Organization Unit 356s commonName = Test Organization Intermediate CA 356s X509v3 extensions: 356s X509v3 Subject Key Identifier: 356s C2:B3:F8:5E:48:E9:DA:75:B8:7F:80:90:28:25:B4:28:51:E0:80:22 356s X509v3 Authority Key Identifier: 356s keyid:DD:13:9D:91:4A:49:84:4E:BD:36:77:66:E3:0A:3B:0B:C2:E9:93:C4 356s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 356s serial:00 356s X509v3 Basic Constraints: 356s CA:TRUE 356s X509v3 Key Usage: critical 356s Digital Signature, Certificate Sign, CRL Sign 356s Certificate is to be certified until Nov 29 21:50:33 2025 GMT (365 days) 356s 356s Write out database with 1 new entries 356s Database updated 356s + openssl x509 -noout -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem 357s + openssl verify -CAfile /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem 357s /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem: OK 357s + cat 357s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-19726 357s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-19726 1024 357s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-19726 -config /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-5285 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-certificate-request.pem 357s + openssl req -text -noout -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-certificate-request.pem 357s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-5285 -keyfile /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem 357s Using configuration from /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.config 357s Check that the request matches the signature 357s Signature ok 357s Certificate Details: 357s Serial Number: 2 (0x2) 357s Validity 357s Not Before: Nov 29 21:50:33 2024 GMT 357s Not After : Nov 29 21:50:33 2025 GMT 357s Subject: 357s organizationName = Test Organization 357s organizationalUnitName = Test Organization Unit 357s commonName = Test Organization Sub Intermediate CA 357s X509v3 extensions: 357s X509v3 Subject Key Identifier: 357s 9B:1E:E0:FE:90:4C:A8:81:38:70:1F:E6:A9:1E:9A:4E:0E:02:E8:7B 357s X509v3 Authority Key Identifier: 357s keyid:C2:B3:F8:5E:48:E9:DA:75:B8:7F:80:90:28:25:B4:28:51:E0:80:22 357s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 357s serial:01 357s X509v3 Basic Constraints: 357s CA:TRUE 357s X509v3 Key Usage: critical 357s Digital Signature, Certificate Sign, CRL Sign 357s Certificate is to be certified until Nov 29 21:50:33 2025 GMT (365 days) 357s 357s Write out database with 1 new entries 357s Database updated 357s + openssl x509 -noout -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem 357s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem 357s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem 357s + local cmd=openssl 357s + shift 357s + openssl verify -CAfile /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem 357s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 357s error 20 at 0 depth lookup: unable to get local issuer certificate 357s error /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem: verification failed 357s + cat 357s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-9935 357s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-9935 1024 357s Certificate Request: 357s Data: 357s Version: 1 (0x0) 357s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 357s Subject Public Key Info: 357s Public Key Algorithm: rsaEncryption 357s Public-Key: (1024 bit) 357s Modulus: 357s 00:d9:92:9b:d1:96:79:bd:26:85:20:fc:46:f4:22: 357s 9d:5a:3b:9a:42:e9:15:65:b2:3e:4f:76:0a:e2:44: 357s 5b:77:88:12:ef:f4:de:49:de:a0:d0:a7:24:e1:96: 357s ef:72:c0:4e:f4:1e:a1:9c:6d:48:72:8e:15:c2:b0: 357s b6:44:48:8e:da:9c:a2:03:4f:28:7b:91:f4:cf:de: 357s e6:25:7a:f7:7a:90:3b:48:c4:a3:f5:07:1a:a1:dd: 357s b8:53:bb:5e:a7:e6:f1:c0:a3:fb:43:62:1e:4a:a5: 357s 7e:e4:d1:37:56:7f:de:f5:90:77:fb:d5:2f:31:c4: 357s d1:98:2a:da:5a:4d:40:a4:79 357s Exponent: 65537 (0x10001) 357s Attributes: 357s (none) 357s Requested Extensions: 357s Signature Algorithm: sha256WithRSAEncryption 357s Signature Value: 357s d3:81:39:09:82:a9:02:cc:4e:77:77:9b:72:3b:d6:e5:dc:92: 357s 35:33:2c:9a:d9:29:16:08:26:b9:de:25:b5:86:f0:b6:15:14: 357s c4:8d:89:40:e1:6a:ba:f9:ec:93:aa:f9:20:e7:36:d8:e0:c6: 357s 4f:42:cd:14:7e:ca:6f:f3:b6:14:ed:cf:da:de:c1:34:39:a2: 357s 90:79:9e:86:37:83:bd:9d:aa:52:23:41:b2:b6:6e:73:49:49: 357s cd:34:f3:9c:6c:95:6d:19:2c:a0:3a:b8:2c:75:ee:9a:38:6c: 357s 4b:c6:be:e6:46:a8:29:a5:59:78:05:a6:05:b8:67:0c:32:00: 357s 4d:29 357s /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem: OK 357s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-9935 -key /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001-request.pem 357s + openssl req -text -noout -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001-request.pem 357s Certificate Request: 357s Data: 357s Version: 1 (0x0) 357s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 357s Subject Public Key Info: 357s Public Key Algorithm: rsaEncryption 357s Public-Key: (1024 bit) 357s Modulus: 357s 00:dd:fc:81:78:0f:89:12:ba:48:fd:71:c8:f9:84: 357s 07:00:f6:22:91:ac:81:40:fe:9d:45:c5:ac:7b:79: 357s ae:28:45:ea:6a:a3:0a:8f:e4:fb:4b:ed:69:80:eb: 357s f7:e2:90:c4:24:d9:05:f1:d3:d5:36:d6:f7:3f:28: 357s bf:8a:11:91:10:11:7a:70:78:11:48:fc:62:ea:ff: 357s aa:be:c3:7f:2c:2d:3e:e4:d9:b7:91:82:ce:f1:a7: 357s e9:b7:de:cb:ae:f7:7f:62:09:29:bc:00:91:1d:a6: 357s 94:1e:e3:0b:15:1b:ca:bf:99:90:ae:4d:8f:b6:8e: 357s c1:50:73:f2:4e:dd:2d:e2:d3 357s Exponent: 65537 (0x10001) 357s Attributes: 357s Requested Extensions: 357s X509v3 Basic Constraints: 357s CA:FALSE 357s Netscape Cert Type: 357s SSL Client, S/MIME 357s Netscape Comment: 357s Test Organization Root CA trusted Certificate 357s X509v3 Subject Key Identifier: 357s 9D:83:F1:2B:B2:E2:9D:E6:DC:AA:0D:05:13:50:92:88:36:DE:69:96 357s X509v3 Key Usage: critical 357s Digital Signature, Non Repudiation, Key Encipherment 357s X509v3 Extended Key Usage: 357s TLS Web Client Authentication, E-mail Protection 357s X509v3 Subject Alternative Name: 357s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 357s Signature Algorithm: sha256WithRSAEncryption 357s Signature Value: 357s b0:8f:9a:cd:8b:31:8a:00:e4:b2:b9:34:e9:03:58:53:bd:3f: 357s 2f:17:bb:93:23:df:a1:9d:41:62:fa:cd:63:00:c4:e2:e2:5c: 357s 78:49:4c:8c:09:f3:15:16:37:a6:a0:64:a5:81:7b:b3:82:53: 357s 52:e5:d1:46:7a:76:15:9e:13:bd:78:14:8f:4d:ab:05:2f:d0: 357s 7b:e5:07:e9:9d:9a:0b:3b:76:ab:cc:f2:fd:42:ca:04:81:f7: 357s 6f:bb:d2:bf:48:bf:71:15:9b:39:c2:1d:94:28:4d:fa:8a:49: 357s 8b:43:19:c3:c4:c1:91:61:74:52:71:7e:39:39:0f:a0:81:7b: 357s ed:26 357s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-P7qV3q/test-root-CA.config -passin pass:random-root-CA-password-30461 -keyfile /tmp/sssd-softhsm2-P7qV3q/test-root-CA-key.pem -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 357s Using configuration from /tmp/sssd-softhsm2-P7qV3q/test-root-CA.config 357s Check that the request matches the signature 357s Signature ok 357s Certificate Details: 357s Serial Number: 3 (0x3) 357s Validity 357s Not Before: Nov 29 21:50:34 2024 GMT 357s Not After : Nov 29 21:50:34 2025 GMT 357s Subject: 357s organizationName = Test Organization 357s organizationalUnitName = Test Organization Unit 357s commonName = Test Organization Root Trusted Certificate 0001 357s X509v3 extensions: 357s X509v3 Authority Key Identifier: 357s DD:13:9D:91:4A:49:84:4E:BD:36:77:66:E3:0A:3B:0B:C2:E9:93:C4 357s X509v3 Basic Constraints: 357s CA:FALSE 357s Netscape Cert Type: 357s SSL Client, S/MIME 357s Netscape Comment: 357s Test Organization Root CA trusted Certificate 357s X509v3 Subject Key Identifier: 357s 9D:83:F1:2B:B2:E2:9D:E6:DC:AA:0D:05:13:50:92:88:36:DE:69:96 357s X509v3 Key Usage: critical 357s Digital Signature, Non Repudiation, Key Encipherment 357s X509v3 Extended Key Usage: 357s TLS Web Client Authentication, E-mail Protection 357s X509v3 Subject Alternative Name: 357s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 357s Certificate is to be certified until Nov 29 21:50:34 2025 GMT (365 days) 357s 357s Write out database with 1 new entries 357s Database updated 357s + openssl x509 -noout -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 357s + openssl verify -CAfile /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 357s /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem: OK 357s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 357s + local cmd=openssl 357s + shift 357s + openssl verify -CAfile /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 357s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 357s error 20 at 0 depth lookup: unable to get local issuer certificate 357s error /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem: verification failed 357s + cat 357s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-19106 357s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-19106 1024 357s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-19106 -key /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001-request.pem 357s + openssl req -text -noout -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001-request.pem 357s Certificate Request: 357s Data: 357s Version: 1 (0x0) 357s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 357s Subject Public Key Info: 357s Public Key Algorithm: rsaEncryption 357s Public-Key: (1024 bit) 357s Modulus: 357s 00:c3:ea:68:33:d0:79:99:7a:25:59:9e:dc:1a:6d: 357s df:40:0e:0c:5b:d9:c2:65:b6:1e:b3:33:6b:38:9e: 357s 48:a2:91:cc:43:1d:99:5a:44:66:10:09:c0:5f:76: 357s 73:fe:05:ad:34:7d:13:d7:fa:5a:a1:f1:75:ce:78: 357s b3:42:b6:2f:9f:5a:dc:a3:44:17:e4:e0:c0:4c:30: 357s cc:f8:c4:1b:bc:cb:68:95:78:05:30:fa:56:8f:d1: 357s 0e:a0:c1:72:fb:45:7c:55:cf:a3:f7:8d:fb:a1:82: 357s 2e:93:9f:b4:ce:a7:82:a5:98:29:d3:3f:be:e2:13: 357s c1:74:2c:f4:a4:8a:ff:01:b3 357s Exponent: 65537 (0x10001) 357s Attributes: 357s Requested Extensions: 357s X509v3 Basic Constraints: 357s CA:FALSE 357s Netscape Cert Type: 357s SSL Client, S/MIME 357s Netscape Comment: 357s Test Organization Intermediate CA trusted Certificate 357s X509v3 Subject Key Identifier: 357s 64:01:0F:79:AE:16:0E:14:D1:67:44:A0:4E:4E:34:54:B6:DC:66:05 357s X509v3 Key Usage: critical 357s Digital Signature, Non Repudiation, Key Encipherment 357s X509v3 Extended Key Usage: 357s TLS Web Client Authentication, E-mail Protection 357s X509v3 Subject Alternative Name: 357s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 357s Signature Algorithm: sha256WithRSAEncryption 357s Signature Value: 357s 8e:51:eb:76:4d:15:0f:e5:f5:de:25:d5:61:94:a5:f3:0e:1d: 357s 23:d8:44:a1:1a:cd:3d:17:3e:9a:dc:f7:ec:2d:06:73:a1:21: 357s f5:dc:bc:e1:ad:34:f3:86:1e:1e:2a:a5:3b:d4:ec:90:25:25: 357s 4e:f4:9f:68:c4:03:3f:14:4c:e6:f5:f0:bc:66:4d:0a:1d:b4: 357s 3e:07:98:55:a1:bc:7a:4e:24:ad:bc:ef:f4:b1:88:da:c5:d0: 357s 35:b5:df:f9:3d:1a:22:ef:a5:ca:31:63:fd:28:51:b5:10:88: 357s 56:49:1e:e1:2d:24:cb:75:9e:4b:3d:dc:82:f5:aa:a0:04:24: 357s af:48 357s + openssl ca -passin pass:random-intermediate-CA-password-5285 -config /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 357s Using configuration from /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.config 357s Check that the request matches the signature 357s Signature ok 357s Certificate Details: 357s Serial Number: 4 (0x4) 357s Validity 357s Not Before: Nov 29 21:50:34 2024 GMT 357s Not After : Nov 29 21:50:34 2025 GMT 357s Subject: 357s organizationName = Test Organization 357s organizationalUnitName = Test Organization Unit 357s commonName = Test Organization Intermediate Trusted Certificate 0001 357s X509v3 extensions: 357s X509v3 Authority Key Identifier: 357s C2:B3:F8:5E:48:E9:DA:75:B8:7F:80:90:28:25:B4:28:51:E0:80:22 357s X509v3 Basic Constraints: 357s CA:FALSE 357s Netscape Cert Type: 357s SSL Client, S/MIME 357s Netscape Comment: 357s Test Organization Intermediate CA trusted Certificate 357s X509v3 Subject Key Identifier: 357s 64:01:0F:79:AE:16:0E:14:D1:67:44:A0:4E:4E:34:54:B6:DC:66:05 357s X509v3 Key Usage: critical 357s Digital Signature, Non Repudiation, Key Encipherment 357s X509v3 Extended Key Usage: 357s TLS Web Client Authentication, E-mail Protection 357s X509v3 Subject Alternative Name: 357s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 357s Certificate is to be certified until Nov 29 21:50:34 2025 GMT (365 days) 357s 357s Write out database with 1 new entries 357s Database updated 357s + openssl x509 -noout -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 357s + echo 'This certificate should not be trusted fully' 357s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 357s + local cmd=openssl 357s This certificate should not be trusted fully 357s + shift 357s + openssl verify -CAfile /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 357s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 357s error 2 at 1 depth lookup: unable to get issuer certificate 357s error /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 357s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 357s /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem: OK 357s + cat 357s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-32570 357s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-32570 1024 357s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-32570 -key /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 357s + openssl req -text -noout -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 357s Certificate Request: 357s Data: 357s Version: 1 (0x0) 357s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 357s Subject Public Key Info: 357s Public Key Algorithm: rsaEncryption 357s Public-Key: (1024 bit) 357s Modulus: 357s 00:c3:00:bb:0b:e0:87:19:6a:57:8d:83:1e:34:b6: 357s c0:91:70:62:27:bc:2f:bd:3f:3b:88:94:9f:5e:c5: 357s c0:c4:5a:69:9b:23:aa:d1:17:80:46:8e:9c:43:dd: 357s bf:3e:d3:50:c0:d6:1e:18:ae:66:64:dc:e2:91:98: 357s 22:01:08:64:30:d1:22:bd:27:78:b7:d8:90:65:32: 357s 87:f7:b6:3d:17:ba:f9:cd:90:0f:48:66:b9:b0:83: 357s bb:9d:04:ba:f9:8a:4f:0d:4f:1f:1c:58:65:69:07: 357s 37:51:b5:c5:4f:af:7f:48:68:d4:cc:3b:6a:96:3b: 357s e0:3a:3f:eb:22:cf:9b:f9:2d 357s Exponent: 65537 (0x10001) 357s Attributes: 357s Requested Extensions: 357s X509v3 Basic Constraints: 357s CA:FALSE 357s Netscape Cert Type: 357s SSL Client, S/MIME 357s Netscape Comment: 357s Test Organization Sub Intermediate CA trusted Certificate 357s X509v3 Subject Key Identifier: 357s 14:78:A1:AF:5A:9E:43:F4:2F:88:65:31:90:76:8D:1A:1F:44:06:90 357s X509v3 Key Usage: critical 357s Digital Signature, Non Repudiation, Key Encipherment 357s X509v3 Extended Key Usage: 357s TLS Web Client Authentication, E-mail Protection 357s X509v3 Subject Alternative Name: 357s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 357s Signature Algorithm: sha256WithRSAEncryption 357s Signature Value: 357s 33:b3:53:d7:03:10:53:2d:c9:16:da:1b:7a:73:81:6b:ff:f3: 357s 4a:4d:69:77:cf:09:c1:ff:1e:bc:2a:38:1f:f4:db:8f:e0:cc: 357s b3:da:08:28:89:2e:dd:b0:24:65:8a:9b:b6:c2:61:01:0a:0f: 357s e0:fa:99:00:52:81:74:97:9e:54:3b:a3:21:f4:7f:d4:34:c2: 357s be:f9:b3:a7:7a:4c:e0:5b:ee:36:05:b8:57:58:df:35:61:84: 357s a8:e7:f5:29:c2:cd:ba:3c:0f:de:57:0a:c8:42:2e:3c:5d:a9: 357s 7a:3a:24:de:20:37:16:0f:e6:a0:94:12:69:1e:53:11:cc:24: 357s 23:2a 357s + openssl ca -passin pass:random-sub-intermediate-CA-password-19726 -config /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 357s Using configuration from /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.config 357s Check that the request matches the signature 357s Signature ok 357s Certificate Details: 357s Serial Number: 5 (0x5) 357s Validity 357s Not Before: Nov 29 21:50:34 2024 GMT 357s Not After : Nov 29 21:50:34 2025 GMT 357s Subject: 357s organizationName = Test Organization 357s organizationalUnitName = Test Organization Unit 357s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 357s X509v3 extensions: 357s X509v3 Authority Key Identifier: 357s 9B:1E:E0:FE:90:4C:A8:81:38:70:1F:E6:A9:1E:9A:4E:0E:02:E8:7B 357s X509v3 Basic Constraints: 357s CA:FALSE 357s Netscape Cert Type: 357s SSL Client, S/MIME 357s Netscape Comment: 357s Test Organization Sub Intermediate CA trusted Certificate 357s X509v3 Subject Key Identifier: 357s 14:78:A1:AF:5A:9E:43:F4:2F:88:65:31:90:76:8D:1A:1F:44:06:90 357s X509v3 Key Usage: critical 357s Digital Signature, Non Repudiation, Key Encipherment 357s X509v3 Extended Key Usage: 357s TLS Web Client Authentication, E-mail Protection 357s X509v3 Subject Alternative Name: 357s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 357s Certificate is to be certified until Nov 29 21:50:34 2025 GMT (365 days) 357s 357s Write out database with 1 new entries 357s Database updated 357s + openssl x509 -noout -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 357s This certificate should not be trusted fully 357s + echo 'This certificate should not be trusted fully' 357s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 357s + local cmd=openssl 357s + shift 357s + openssl verify -CAfile /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 357s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 357s error 2 at 1 depth lookup: unable to get issuer certificate 357s error /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 357s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 357s + local cmd=openssl 357s + shift 357s + openssl verify -CAfile /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 357s O = Tes/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 357s t Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 357s error 20 at 0 depth lookup: unable to get local issuer certificate 357s error /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 357s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 357s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 357s + local cmd=openssl 357s + shift 357s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 357s O = Test Organization, OU = Test Organization Unit, CN = TestBuilding a the full-chain CA file... 357s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 357s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 357s 357s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 357s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 357s 357s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 357s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 357s 357s Organization Sub Intermediate Trusted Certificate 0001 357s error 20 at 0 depth lookup: unable to get local issuer certificate 357s error /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 357s + echo 'Building a the full-chain CA file...' 357s + cat /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem 357s + cat /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem 357s + cat /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem 357s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 357s + openssl pkcs7 -print_certs -noout 357s + openssl verify -CAfile /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem 357s /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem: OK 357s + openssl verify -CAfile /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 357s /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem: OK 357s + openssl verify -CAfile /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 357s /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem: OK 357s /tmp/sssd-softhsm2-P7qV3q/test-root-intermediate-chain-CA.pem: OK 357s + openssl verify -CAfile /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-root-intermediate-chain-CA.pem 357s + openssl verify -CAfile /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 357s /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 357s + echo 'Certificates generation completed!' 357s + [[ -v NO_SSSD_TESTS ]] 357s + invalid_certificate /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 /dev/null 357s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 /dev/null 357s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 357s + local key_pass=pass:random-root-ca-trusted-cert-0001-9935 357s + local key_ring=/dev/null 357s + local verify_option= 357s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 357s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 357s + local key_pass=pass:random-root-ca-trusted-cert-0001-9935 357s + local key_cn 357s + local key_name 357s + local tokens_dir 357s + local output_cert_file 357s + token_name= 357s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem .pem 357s + key_name=test-root-CA-trusted-certificate-0001 357s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 357s ++ sed -n 's/ *commonName *= //p' 357s Certificates generation completed! 357s + key_cn='Test Organization Root Trusted Certificate 0001' 357s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 357s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf 357s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf 357s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 357s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001 357s + token_name='Test Organization Root Tr Token' 357s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 357s + local key_file 357s + local decrypted_key 357s + mkdir -p /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001 357s + key_file=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001-key.pem 357s + decrypted_key=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001-key-decrypted.pem 357s + cat 357s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 053350 --so-pin 053350 --free 357s Slot 0 has a free/uninitialized token. 357s The token has been initialized and is reassigned to slot 88055648 357s + softhsm2-util --show-slots 357s Available slots: 357s Slot 88055648 357s Slot info: 357s Description: SoftHSM slot ID 0x53f9f60 357s Manufacturer ID: SoftHSM project 357s Hardware version: 2.6 357s Firmware version: 2.6 357s Token present: yes 357s Token info: 357s Manufacturer ID: SoftHSM project 357s Model: SoftHSM v2 357s Hardware version: 2.6 357s Firmware version: 2.6 357s Serial number: 6bfe2f36053f9f60 357s Initialized: yes 357s User PIN init.: yes 357s Label: Test Organization Root Tr Token 357s Slot 1 357s Slot info: 357s Description: SoftHSM slot ID 0x1 357s Manufacturer ID: SoftHSM project 357s Hardware version: 2.6 357s Firmware version: 2.6 357s Token present: yes 357s Token info: 357s Manufacturer ID: SoftHSM project 357s Model: SoftHSM v2 357s Hardware version: 2.6 357s Firmware version: 2.6 357s Serial number: 357s Initialized: no 357s User PIN init.: no 357s Label: 357s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 357s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-9935 -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001-key-decrypted.pem 357s writing RSA key 357s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 357s + rm /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001-key-decrypted.pem 357s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 357s Object 0: 357s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6bfe2f36053f9f60;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 357s Type: X.509 Certificate (RSA-1024) 357s Expires: Sat Nov 29 21:50:34 2025 357s Label: Test Organization Root Trusted Certificate 0001 357s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 357s 357s Test Organization Root Tr Token 357s + echo 'Test Organization Root Tr Token' 357s + '[' -n '' ']' 357s + local output_base_name=SSSD-child-4710 357s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-4710.output 357s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-4710.pem 357s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 357s [p11_child[3056]] [main] (0x0400): p11_child started. 357s [p11_child[3056]] [main] (0x2000): Running in [pre-auth] mode. 357s [p11_child[3056]] [main] (0x2000): Running with effective IDs: [0][0]. 357s [p11_child[3056]] [main] (0x2000): Running with real IDs [0][0]. 357s [p11_child[3056]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 357s [p11_child[3056]] [do_work] (0x0040): init_verification failed. 357s [p11_child[3056]] [main] (0x0020): p11_child failed (5) 357s + return 2 357s + valid_certificate /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 /dev/null no_verification 357s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 /dev/null no_verification 357s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 357s + local key_pass=pass:random-root-ca-trusted-cert-0001-9935 357s + local key_ring=/dev/null 357s + local verify_option=no_verification 357s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 357s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 357s + local key_pass=pass:random-root-ca-trusted-cert-0001-9935 357s + local key_cn 357s + local key_name 357s + local tokens_dir 357s + local output_cert_file 357s + token_name= 357s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem .pem 357s + key_name=test-root-CA-trusted-certificate-0001 357s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 357s ++ sed -n 's/ *commonName *= //p' 357s + key_cn='Test Organization Root Trusted Certificate 0001' 357s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 357s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf 357s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf 357s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 357s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001 357s + token_name='Test Organization Root Tr Token' 357s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 357s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001 ']' 357s + echo 'Test Organization Root Tr Token' 357s Test Organization Root Tr Token 357s + '[' -n no_verification ']' 357s + local verify_arg=--verify=no_verification 357s + local output_base_name=SSSD-child-17719 357s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-17719.output 357s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-17719.pem 357s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 357s [p11_child[3062]] [main] (0x0400): p11_child started. 357s [p11_child[3062]] [main] (0x2000): Running in [pre-auth] mode. 357s [p11_child[3062]] [main] (0x2000): Running with effective IDs: [0][0]. 357s [p11_child[3062]] [main] (0x2000): Running with real IDs [0][0]. 357s [p11_child[3062]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 357s [p11_child[3062]] [do_card] (0x4000): Module List: 357s [p11_child[3062]] [do_card] (0x4000): common name: [softhsm2]. 357s [p11_child[3062]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 357s [p11_child[3062]] [do_card] (0x4000): Description [SoftHSM slot ID 0x53f9f60] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 357s [p11_child[3062]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 357s [p11_child[3062]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x53f9f60][88055648] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 357s [p11_child[3062]] [do_card] (0x4000): Login NOT required. 357s [p11_child[3062]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 357s [p11_child[3062]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 357s [p11_child[3062]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x53f9f60;slot-manufacturer=SoftHSM%20project;slot-id=88055648;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6bfe2f36053f9f60;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 357s [p11_child[3062]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 357s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-17719.output 357s + echo '-----BEGIN CERTIFICATE-----' 357s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-17719.output 357s + echo '-----END CERTIFICATE-----' 357s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-17719.pem 357s Certificate: 357s Data: 357s Version: 3 (0x2) 357s Serial Number: 3 (0x3) 357s Signature Algorithm: sha256WithRSAEncryption 357s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 357s Validity 357s Not Before: Nov 29 21:50:34 2024 GMT 357s Not After : Nov 29 21:50:34 2025 GMT 357s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 357s Subject Public Key Info: 357s Public Key Algorithm: rsaEncryption 357s Public-Key: (1024 bit) 357s Modulus: 357s 00:dd:fc:81:78:0f:89:12:ba:48:fd:71:c8:f9:84: 357s 07:00:f6:22:91:ac:81:40:fe:9d:45:c5:ac:7b:79: 357s ae:28:45:ea:6a:a3:0a:8f:e4:fb:4b:ed:69:80:eb: 357s f7:e2:90:c4:24:d9:05:f1:d3:d5:36:d6:f7:3f:28: 357s bf:8a:11:91:10:11:7a:70:78:11:48:fc:62:ea:ff: 357s aa:be:c3:7f:2c:2d:3e:e4:d9:b7:91:82:ce:f1:a7: 357s e9:b7:de:cb:ae:f7:7f:62:09:29:bc:00:91:1d:a6: 357s 94:1e:e3:0b:15:1b:ca:bf:99:90:ae:4d:8f:b6:8e: 357s c1:50:73:f2:4e:dd:2d:e2:d3 357s Exponent: 65537 (0x10001) 357s X509v3 extensions: 357s X509v3 Authority Key Identifier: 357s DD:13:9D:91:4A:49:84:4E:BD:36:77:66:E3:0A:3B:0B:C2:E9:93:C4 357s X509v3 Basic Constraints: 357s CA:FALSE 357s Netscape Cert Type: 357s SSL Client, S/MIME 357s Netscape Comment: 357s Test Organization Root CA trusted Certificate 357s X509v3 Subject Key Identifier: 357s 9D:83:F1:2B:B2:E2:9D:E6:DC:AA:0D:05:13:50:92:88:36:DE:69:96 357s X509v3 Key Usage: critical 357s Digital Signature, Non Repudiation, Key Encipherment 357s X509v3 Extended Key Usage: 357s TLS Web Client Authentication, E-mail Protection 357s X509v3 Subject Alternative Name: 357s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 357s Signature Algorithm: sha256WithRSAEncryption 357s Signature Value: 357s de:52:b5:c5:43:51:60:7d:df:79:bb:fd:e7:d5:87:b9:0a:83: 357s 18:ab:7f:c8:8d:17:03:94:fe:d7:17:b0:47:95:cc:05:ce:46: 357s 06:ac:83:3b:7d:1e:12:9b:c2:ac:25:43:ca:b6:a9:0e:2f:ef: 357s 91:69:52:92:c1:2a:ca:0e:58:6a:0f:24:7f:0c:23:3f:48:b0: 357s c0:f8:31:c0:27:bb:ee:66:72:db:4a:7d:e1:db:57:94:60:87: 357s 37:5d:2a:f3:24:0a:44:45:57:c1:e6:e3:d8:4f:bf:91:fd:1d: 357s 2e:09:d1:9a:1d:74:95:1a:9a:3d:5f:c2:01:ba:b9:07:61:af: 357s 62:b9 357s + local found_md5 expected_md5 357s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 358s + expected_md5=Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 358s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-17719.pem 358s + found_md5=Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 358s + '[' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 '!=' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 ']' 358s + output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-17719-auth.output 358s ++ basename /tmp/sssd-softhsm2-P7qV3q/SSSD-child-17719-auth.output .output 358s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-17719-auth.pem 358s + echo -n 053350 358s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 358s [p11_child[3070]] [main] (0x0400): p11_child started. 358s [p11_child[3070]] [main] (0x2000): Running in [auth] mode. 358s [p11_child[3070]] [main] (0x2000): Running with effective IDs: [0][0]. 358s [p11_child[3070]] [main] (0x2000): Running with real IDs [0][0]. 358s [p11_child[3070]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 358s [p11_child[3070]] [do_card] (0x4000): Module List: 358s [p11_child[3070]] [do_card] (0x4000): common name: [softhsm2]. 358s [p11_child[3070]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 358s [p11_child[3070]] [do_card] (0x4000): Description [SoftHSM slot ID 0x53f9f60] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 358s [p11_child[3070]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 358s [p11_child[3070]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x53f9f60][88055648] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 358s [p11_child[3070]] [do_card] (0x4000): Login required. 358s [p11_child[3070]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 358s [p11_child[3070]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 358s [p11_child[3070]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x53f9f60;slot-manufacturer=SoftHSM%20project;slot-id=88055648;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6bfe2f36053f9f60;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 358s [p11_child[3070]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 358s [p11_child[3070]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 358s [p11_child[3070]] [do_card] (0x4000): Certificate verified and validated. 358s [p11_child[3070]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 358s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-17719-auth.output 358s + echo '-----BEGIN CERTIFICATE-----' 358s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-17719-auth.output 358s + echo '-----END CERTIFICATE-----' 358s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-17719-auth.pem 358s Certificate: 358s Data: 358s Version: 3 (0x2) 358s Serial Number: 3 (0x3) 358s Signature Algorithm: sha256WithRSAEncryption 358s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 358s Validity 358s Not Before: Nov 29 21:50:34 2024 GMT 358s Not After : Nov 29 21:50:34 2025 GMT 358s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 358s Subject Public Key Info: 358s Public Key Algorithm: rsaEncryption 358s Public-Key: (1024 bit) 358s Modulus: 358s 00:dd:fc:81:78:0f:89:12:ba:48:fd:71:c8:f9:84: 358s 07:00:f6:22:91:ac:81:40:fe:9d:45:c5:ac:7b:79: 358s ae:28:45:ea:6a:a3:0a:8f:e4:fb:4b:ed:69:80:eb: 358s f7:e2:90:c4:24:d9:05:f1:d3:d5:36:d6:f7:3f:28: 358s bf:8a:11:91:10:11:7a:70:78:11:48:fc:62:ea:ff: 358s aa:be:c3:7f:2c:2d:3e:e4:d9:b7:91:82:ce:f1:a7: 358s e9:b7:de:cb:ae:f7:7f:62:09:29:bc:00:91:1d:a6: 358s 94:1e:e3:0b:15:1b:ca:bf:99:90:ae:4d:8f:b6:8e: 358s c1:50:73:f2:4e:dd:2d:e2:d3 358s Exponent: 65537 (0x10001) 358s X509v3 extensions: 358s X509v3 Authority Key Identifier: 358s DD:13:9D:91:4A:49:84:4E:BD:36:77:66:E3:0A:3B:0B:C2:E9:93:C4 358s X509v3 Basic Constraints: 358s CA:FALSE 358s Netscape Cert Type: 358s SSL Client, S/MIME 358s Netscape Comment: 358s Test Organization Root CA trusted Certificate 358s X509v3 Subject Key Identifier: 358s 9D:83:F1:2B:B2:E2:9D:E6:DC:AA:0D:05:13:50:92:88:36:DE:69:96 358s X509v3 Key Usage: critical 358s Digital Signature, Non Repudiation, Key Encipherment 358s X509v3 Extended Key Usage: 358s TLS Web Client Authentication, E-mail Protection 358s X509v3 Subject Alternative Name: 358s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 358s Signature Algorithm: sha256WithRSAEncryption 358s Signature Value: 358s de:52:b5:c5:43:51:60:7d:df:79:bb:fd:e7:d5:87:b9:0a:83: 358s 18:ab:7f:c8:8d:17:03:94:fe:d7:17:b0:47:95:cc:05:ce:46: 358s 06:ac:83:3b:7d:1e:12:9b:c2:ac:25:43:ca:b6:a9:0e:2f:ef: 358s 91:69:52:92:c1:2a:ca:0e:58:6a:0f:24:7f:0c:23:3f:48:b0: 358s c0:f8:31:c0:27:bb:ee:66:72:db:4a:7d:e1:db:57:94:60:87: 358s 37:5d:2a:f3:24:0a:44:45:57:c1:e6:e3:d8:4f:bf:91:fd:1d: 358s 2e:09:d1:9a:1d:74:95:1a:9a:3d:5f:c2:01:ba:b9:07:61:af: 358s 62:b9 358s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-17719-auth.pem 358s + found_md5=Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 358s + '[' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 '!=' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 ']' 358s + valid_certificate /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 358s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 358s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 358s + local key_pass=pass:random-root-ca-trusted-cert-0001-9935 358s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 358s + local verify_option= 358s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 358s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 358s + local key_pass=pass:random-root-ca-trusted-cert-0001-9935 358s + local key_cn 358s + local key_name 358s + local tokens_dir 358s + local output_cert_file 358s + token_name= 358s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem .pem 358s + key_name=test-root-CA-trusted-certificate-0001 358s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 358s ++ sed -n 's/ *commonName *= //p' 358s + key_cn='Test Organization Root Trusted Certificate 0001' 358s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 358s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf 358s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf 358s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 358s Test Organization Root Tr Token 358s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001 358s + token_name='Test Organization Root Tr Token' 358s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 358s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001 ']' 358s + echo 'Test Organization Root Tr Token' 358s + '[' -n '' ']' 358s + local output_base_name=SSSD-child-9608 358s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-9608.output 358s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-9608.pem 358s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 358s [p11_child[3080]] [main] (0x0400): p11_child started. 358s [p11_child[3080]] [main] (0x2000): Running in [pre-auth] mode. 358s [p11_child[3080]] [main] (0x2000): Running with effective IDs: [0][0]. 358s [p11_child[3080]] [main] (0x2000): Running with real IDs [0][0]. 358s [p11_child[3080]] [do_card] (0x4000): Module List: 358s [p11_child[3080]] [do_card] (0x4000): common name: [softhsm2]. 358s [p11_child[3080]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 358s [p11_child[3080]] [do_card] (0x4000): Description [SoftHSM slot ID 0x53f9f60] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 358s [p11_child[3080]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 358s [p11_child[3080]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x53f9f60][88055648] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 358s [p11_child[3080]] [do_card] (0x4000): Login NOT required. 358s [p11_child[3080]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 358s [p11_child[3080]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 358s [p11_child[3080]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 358s [p11_child[3080]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x53f9f60;slot-manufacturer=SoftHSM%20project;slot-id=88055648;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6bfe2f36053f9f60;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 358s [p11_child[3080]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 358s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-9608.output 358s + echo '-----BEGIN CERTIFICATE-----' 358s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-9608.output 358s + echo '-----END CERTIFICATE-----' 358s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-9608.pem 358s Certificate: 358s Data: 358s Version: 3 (0x2) 358s Serial Number: 3 (0x3) 358s Signature Algorithm: sha256WithRSAEncryption 358s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 358s Validity 358s Not Before: Nov 29 21:50:34 2024 GMT 358s Not After : Nov 29 21:50:34 2025 GMT 358s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 358s Subject Public Key Info: 358s Public Key Algorithm: rsaEncryption 358s Public-Key: (1024 bit) 358s Modulus: 358s 00:dd:fc:81:78:0f:89:12:ba:48:fd:71:c8:f9:84: 358s 07:00:f6:22:91:ac:81:40:fe:9d:45:c5:ac:7b:79: 358s ae:28:45:ea:6a:a3:0a:8f:e4:fb:4b:ed:69:80:eb: 358s f7:e2:90:c4:24:d9:05:f1:d3:d5:36:d6:f7:3f:28: 358s bf:8a:11:91:10:11:7a:70:78:11:48:fc:62:ea:ff: 358s aa:be:c3:7f:2c:2d:3e:e4:d9:b7:91:82:ce:f1:a7: 358s e9:b7:de:cb:ae:f7:7f:62:09:29:bc:00:91:1d:a6: 358s 94:1e:e3:0b:15:1b:ca:bf:99:90:ae:4d:8f:b6:8e: 358s c1:50:73:f2:4e:dd:2d:e2:d3 358s Exponent: 65537 (0x10001) 358s X509v3 extensions: 358s X509v3 Authority Key Identifier: 358s DD:13:9D:91:4A:49:84:4E:BD:36:77:66:E3:0A:3B:0B:C2:E9:93:C4 358s X509v3 Basic Constraints: 358s CA:FALSE 358s Netscape Cert Type: 358s SSL Client, S/MIME 358s Netscape Comment: 358s Test Organization Root CA trusted Certificate 358s X509v3 Subject Key Identifier: 358s 9D:83:F1:2B:B2:E2:9D:E6:DC:AA:0D:05:13:50:92:88:36:DE:69:96 358s X509v3 Key Usage: critical 358s Digital Signature, Non Repudiation, Key Encipherment 358s X509v3 Extended Key Usage: 358s TLS Web Client Authentication, E-mail Protection 358s X509v3 Subject Alternative Name: 358s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 358s Signature Algorithm: sha256WithRSAEncryption 358s Signature Value: 358s de:52:b5:c5:43:51:60:7d:df:79:bb:fd:e7:d5:87:b9:0a:83: 358s 18:ab:7f:c8:8d:17:03:94:fe:d7:17:b0:47:95:cc:05:ce:46: 358s 06:ac:83:3b:7d:1e:12:9b:c2:ac:25:43:ca:b6:a9:0e:2f:ef: 358s 91:69:52:92:c1:2a:ca:0e:58:6a:0f:24:7f:0c:23:3f:48:b0: 358s c0:f8:31:c0:27:bb:ee:66:72:db:4a:7d:e1:db:57:94:60:87: 358s 37:5d:2a:f3:24:0a:44:45:57:c1:e6:e3:d8:4f:bf:91:fd:1d: 358s 2e:09:d1:9a:1d:74:95:1a:9a:3d:5f:c2:01:ba:b9:07:61:af: 358s 62:b9 358s + local found_md5 expected_md5 358s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 358s + expected_md5=Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 358s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-9608.pem 358s + found_md5=Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 358s + '[' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 '!=' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 ']' 358s + output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-9608-auth.output 358s ++ basename /tmp/sssd-softhsm2-P7qV3q/SSSD-child-9608-auth.output .output 358s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-9608-auth.pem 358s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 358s + echo -n 053350 358s [p11_child[3088]] [main] (0x0400): p11_child started. 358s [p11_child[3088]] [main] (0x2000): Running in [auth] mode. 358s [p11_child[3088]] [main] (0x2000): Running with effective IDs: [0][0]. 358s [p11_child[3088]] [main] (0x2000): Running with real IDs [0][0]. 358s [p11_child[3088]] [do_card] (0x4000): Module List: 358s [p11_child[3088]] [do_card] (0x4000): common name: [softhsm2]. 358s [p11_child[3088]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 358s [p11_child[3088]] [do_card] (0x4000): Description [SoftHSM slot ID 0x53f9f60] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 358s [p11_child[3088]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 358s [p11_child[3088]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x53f9f60][88055648] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 358s [p11_child[3088]] [do_card] (0x4000): Login required. 358s [p11_child[3088]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 358s [p11_child[3088]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 358s [p11_child[3088]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 358s [p11_child[3088]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x53f9f60;slot-manufacturer=SoftHSM%20project;slot-id=88055648;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6bfe2f36053f9f60;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 358s [p11_child[3088]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 358s [p11_child[3088]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 358s [p11_child[3088]] [do_card] (0x4000): Certificate verified and validated. 358s [p11_child[3088]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 358s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-9608-auth.output 358s + echo '-----BEGIN CERTIFICATE-----' 358s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-9608-auth.output 358s + echo '-----END CERTIFICATE-----' 358s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-9608-auth.pem 358s Certificate: 358s Data: 358s Version: 3 (0x2) 358s Serial Number: 3 (0x3) 358s Signature Algorithm: sha256WithRSAEncryption 358s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 358s Validity 358s Not Before: Nov 29 21:50:34 2024 GMT 358s Not After : Nov 29 21:50:34 2025 GMT 358s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 358s Subject Public Key Info: 358s Public Key Algorithm: rsaEncryption 358s Public-Key: (1024 bit) 358s Modulus: 358s 00:dd:fc:81:78:0f:89:12:ba:48:fd:71:c8:f9:84: 358s 07:00:f6:22:91:ac:81:40:fe:9d:45:c5:ac:7b:79: 358s ae:28:45:ea:6a:a3:0a:8f:e4:fb:4b:ed:69:80:eb: 358s f7:e2:90:c4:24:d9:05:f1:d3:d5:36:d6:f7:3f:28: 358s bf:8a:11:91:10:11:7a:70:78:11:48:fc:62:ea:ff: 358s aa:be:c3:7f:2c:2d:3e:e4:d9:b7:91:82:ce:f1:a7: 358s e9:b7:de:cb:ae:f7:7f:62:09:29:bc:00:91:1d:a6: 358s 94:1e:e3:0b:15:1b:ca:bf:99:90:ae:4d:8f:b6:8e: 358s c1:50:73:f2:4e:dd:2d:e2:d3 358s Exponent: 65537 (0x10001) 358s X509v3 extensions: 358s X509v3 Authority Key Identifier: 358s DD:13:9D:91:4A:49:84:4E:BD:36:77:66:E3:0A:3B:0B:C2:E9:93:C4 358s X509v3 Basic Constraints: 358s CA:FALSE 358s Netscape Cert Type: 358s SSL Client, S/MIME 358s Netscape Comment: 358s Test Organization Root CA trusted Certificate 358s X509v3 Subject Key Identifier: 358s 9D:83:F1:2B:B2:E2:9D:E6:DC:AA:0D:05:13:50:92:88:36:DE:69:96 358s X509v3 Key Usage: critical 358s Digital Signature, Non Repudiation, Key Encipherment 358s X509v3 Extended Key Usage: 358s TLS Web Client Authentication, E-mail Protection 358s X509v3 Subject Alternative Name: 358s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 358s Signature Algorithm: sha256WithRSAEncryption 358s Signature Value: 358s de:52:b5:c5:43:51:60:7d:df:79:bb:fd:e7:d5:87:b9:0a:83: 358s 18:ab:7f:c8:8d:17:03:94:fe:d7:17:b0:47:95:cc:05:ce:46: 358s 06:ac:83:3b:7d:1e:12:9b:c2:ac:25:43:ca:b6:a9:0e:2f:ef: 358s 91:69:52:92:c1:2a:ca:0e:58:6a:0f:24:7f:0c:23:3f:48:b0: 358s c0:f8:31:c0:27:bb:ee:66:72:db:4a:7d:e1:db:57:94:60:87: 358s 37:5d:2a:f3:24:0a:44:45:57:c1:e6:e3:d8:4f:bf:91:fd:1d: 358s 2e:09:d1:9a:1d:74:95:1a:9a:3d:5f:c2:01:ba:b9:07:61:af: 358s 62:b9 358s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-9608-auth.pem 358s + found_md5=Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 358s + '[' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 '!=' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 ']' 358s + valid_certificate /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem partial_chain 358s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem partial_chain 358s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 358s + local key_pass=pass:random-root-ca-trusted-cert-0001-9935 358s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 358s + local verify_option=partial_chain 358s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 358s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 358s + local key_pass=pass:random-root-ca-trusted-cert-0001-9935 358s + local key_cn 358s + local key_name 358s + local tokens_dir 358s + local output_cert_file 358s + token_name= 358s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem .pem 358s + key_name=test-root-CA-trusted-certificate-0001 358s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 358s ++ sed -n 's/ *commonName *= //p' 358s Test Organization Root Tr Token 358s + key_cn='Test Organization Root Trusted Certificate 0001' 358s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 358s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf 358s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf 358s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 358s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001 358s + token_name='Test Organization Root Tr Token' 358s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 358s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001 ']' 358s + echo 'Test Organization Root Tr Token' 358s + '[' -n partial_chain ']' 358s + local verify_arg=--verify=partial_chain 358s + local output_base_name=SSSD-child-1490 358s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-1490.output 358s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-1490.pem 358s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 358s [p11_child[3098]] [main] (0x0400): p11_child started. 358s [p11_child[3098]] [main] (0x2000): Running in [pre-auth] mode. 358s [p11_child[3098]] [main] (0x2000): Running with effective IDs: [0][0]. 358s [p11_child[3098]] [main] (0x2000): Running with real IDs [0][0]. 358s [p11_child[3098]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 358s [p11_child[3098]] [do_card] (0x4000): Module List: 358s [p11_child[3098]] [do_card] (0x4000): common name: [softhsm2]. 358s [p11_child[3098]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 358s [p11_child[3098]] [do_card] (0x4000): Description [SoftHSM slot ID 0x53f9f60] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 358s [p11_child[3098]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 358s [p11_child[3098]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x53f9f60][88055648] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 358s [p11_child[3098]] [do_card] (0x4000): Login NOT required. 358s [p11_child[3098]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 358s [p11_child[3098]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 358s [p11_child[3098]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 358s [p11_child[3098]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x53f9f60;slot-manufacturer=SoftHSM%20project;slot-id=88055648;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6bfe2f36053f9f60;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 358s [p11_child[3098]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 358s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-1490.output 358s + echo '-----BEGIN CERTIFICATE-----' 358s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-1490.output 358s + echo '-----END CERTIFICATE-----' 358s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-1490.pem 358s Certificate: 358s Data: 358s Version: 3 (0x2) 358s Serial Number: 3 (0x3) 358s Signature Algorithm: sha256WithRSAEncryption 358s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 358s Validity 358s Not Before: Nov 29 21:50:34 2024 GMT 358s Not After : Nov 29 21:50:34 2025 GMT 358s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 358s Subject Public Key Info: 358s Public Key Algorithm: rsaEncryption 358s Public-Key: (1024 bit) 358s Modulus: 358s 00:dd:fc:81:78:0f:89:12:ba:48:fd:71:c8:f9:84: 358s 07:00:f6:22:91:ac:81:40:fe:9d:45:c5:ac:7b:79: 358s ae:28:45:ea:6a:a3:0a:8f:e4:fb:4b:ed:69:80:eb: 358s f7:e2:90:c4:24:d9:05:f1:d3:d5:36:d6:f7:3f:28: 358s bf:8a:11:91:10:11:7a:70:78:11:48:fc:62:ea:ff: 358s aa:be:c3:7f:2c:2d:3e:e4:d9:b7:91:82:ce:f1:a7: 358s e9:b7:de:cb:ae:f7:7f:62:09:29:bc:00:91:1d:a6: 358s 94:1e:e3:0b:15:1b:ca:bf:99:90:ae:4d:8f:b6:8e: 358s c1:50:73:f2:4e:dd:2d:e2:d3 358s Exponent: 65537 (0x10001) 358s X509v3 extensions: 358s X509v3 Authority Key Identifier: 358s DD:13:9D:91:4A:49:84:4E:BD:36:77:66:E3:0A:3B:0B:C2:E9:93:C4 358s X509v3 Basic Constraints: 358s CA:FALSE 358s Netscape Cert Type: 358s SSL Client, S/MIME 358s Netscape Comment: 358s Test Organization Root CA trusted Certificate 358s X509v3 Subject Key Identifier: 358s 9D:83:F1:2B:B2:E2:9D:E6:DC:AA:0D:05:13:50:92:88:36:DE:69:96 358s X509v3 Key Usage: critical 358s Digital Signature, Non Repudiation, Key Encipherment 358s X509v3 Extended Key Usage: 358s TLS Web Client Authentication, E-mail Protection 358s X509v3 Subject Alternative Name: 358s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 358s Signature Algorithm: sha256WithRSAEncryption 358s Signature Value: 358s de:52:b5:c5:43:51:60:7d:df:79:bb:fd:e7:d5:87:b9:0a:83: 358s 18:ab:7f:c8:8d:17:03:94:fe:d7:17:b0:47:95:cc:05:ce:46: 358s 06:ac:83:3b:7d:1e:12:9b:c2:ac:25:43:ca:b6:a9:0e:2f:ef: 358s 91:69:52:92:c1:2a:ca:0e:58:6a:0f:24:7f:0c:23:3f:48:b0: 358s c0:f8:31:c0:27:bb:ee:66:72:db:4a:7d:e1:db:57:94:60:87: 358s 37:5d:2a:f3:24:0a:44:45:57:c1:e6:e3:d8:4f:bf:91:fd:1d: 358s 2e:09:d1:9a:1d:74:95:1a:9a:3d:5f:c2:01:ba:b9:07:61:af: 358s 62:b9 358s + local found_md5 expected_md5 358s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 358s + expected_md5=Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 358s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-1490.pem 358s + found_md5=Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 358s + '[' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 '!=' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 ']' 358s + output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-1490-auth.output 358s ++ basename /tmp/sssd-softhsm2-P7qV3q/SSSD-child-1490-auth.output .output 358s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-1490-auth.pem 358s + echo -n 053350 358s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 358s [p11_child[3106]] [main] (0x0400): p11_child started. 358s [p11_child[3106]] [main] (0x2000): Running in [auth] mode. 358s [p11_child[3106]] [main] (0x2000): Running with effective IDs: [0][0]. 358s [p11_child[3106]] [main] (0x2000): Running with real IDs [0][0]. 358s [p11_child[3106]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 358s [p11_child[3106]] [do_card] (0x4000): Module List: 358s [p11_child[3106]] [do_card] (0x4000): common name: [softhsm2]. 358s [p11_child[3106]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 358s [p11_child[3106]] [do_card] (0x4000): Description [SoftHSM slot ID 0x53f9f60] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 358s [p11_child[3106]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 358s [p11_child[3106]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x53f9f60][88055648] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 358s [p11_child[3106]] [do_card] (0x4000): Login required. 358s [p11_child[3106]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 358s [p11_child[3106]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 358s [p11_child[3106]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 358s [p11_child[3106]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x53f9f60;slot-manufacturer=SoftHSM%20project;slot-id=88055648;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6bfe2f36053f9f60;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 358s [p11_child[3106]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 358s [p11_child[3106]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 358s [p11_child[3106]] [do_card] (0x4000): Certificate verified and validated. 358s [p11_child[3106]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 358s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-1490-auth.output 359s + echo '-----BEGIN CERTIFICATE-----' 359s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-1490-auth.output 359s + echo '-----END CERTIFICATE-----' 359s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-1490-auth.pem 359s Certificate: 359s Data: 359s Version: 3 (0x2) 359s Serial Number: 3 (0x3) 359s Signature Algorithm: sha256WithRSAEncryption 359s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 359s Validity 359s Not Before: Nov 29 21:50:34 2024 GMT 359s Not After : Nov 29 21:50:34 2025 GMT 359s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 359s Subject Public Key Info: 359s Public Key Algorithm: rsaEncryption 359s Public-Key: (1024 bit) 359s Modulus: 359s 00:dd:fc:81:78:0f:89:12:ba:48:fd:71:c8:f9:84: 359s 07:00:f6:22:91:ac:81:40:fe:9d:45:c5:ac:7b:79: 359s ae:28:45:ea:6a:a3:0a:8f:e4:fb:4b:ed:69:80:eb: 359s f7:e2:90:c4:24:d9:05:f1:d3:d5:36:d6:f7:3f:28: 359s bf:8a:11:91:10:11:7a:70:78:11:48:fc:62:ea:ff: 359s aa:be:c3:7f:2c:2d:3e:e4:d9:b7:91:82:ce:f1:a7: 359s e9:b7:de:cb:ae:f7:7f:62:09:29:bc:00:91:1d:a6: 359s 94:1e:e3:0b:15:1b:ca:bf:99:90:ae:4d:8f:b6:8e: 359s c1:50:73:f2:4e:dd:2d:e2:d3 359s Exponent: 65537 (0x10001) 359s X509v3 extensions: 359s X509v3 Authority Key Identifier: 359s DD:13:9D:91:4A:49:84:4E:BD:36:77:66:E3:0A:3B:0B:C2:E9:93:C4 359s X509v3 Basic Constraints: 359s CA:FALSE 359s Netscape Cert Type: 359s SSL Client, S/MIME 359s Netscape Comment: 359s Test Organization Root CA trusted Certificate 359s X509v3 Subject Key Identifier: 359s 9D:83:F1:2B:B2:E2:9D:E6:DC:AA:0D:05:13:50:92:88:36:DE:69:96 359s X509v3 Key Usage: critical 359s Digital Signature, Non Repudiation, Key Encipherment 359s X509v3 Extended Key Usage: 359s TLS Web Client Authentication, E-mail Protection 359s X509v3 Subject Alternative Name: 359s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 359s Signature Algorithm: sha256WithRSAEncryption 359s Signature Value: 359s de:52:b5:c5:43:51:60:7d:df:79:bb:fd:e7:d5:87:b9:0a:83: 359s 18:ab:7f:c8:8d:17:03:94:fe:d7:17:b0:47:95:cc:05:ce:46: 359s 06:ac:83:3b:7d:1e:12:9b:c2:ac:25:43:ca:b6:a9:0e:2f:ef: 359s 91:69:52:92:c1:2a:ca:0e:58:6a:0f:24:7f:0c:23:3f:48:b0: 359s c0:f8:31:c0:27:bb:ee:66:72:db:4a:7d:e1:db:57:94:60:87: 359s 37:5d:2a:f3:24:0a:44:45:57:c1:e6:e3:d8:4f:bf:91:fd:1d: 359s 2e:09:d1:9a:1d:74:95:1a:9a:3d:5f:c2:01:ba:b9:07:61:af: 359s 62:b9 359s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-1490-auth.pem 359s + found_md5=Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 359s + '[' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 '!=' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 ']' 359s + valid_certificate /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 359s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 359s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 359s + local key_pass=pass:random-root-ca-trusted-cert-0001-9935 359s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 359s + local verify_option= 359s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 359s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 359s + local key_pass=pass:random-root-ca-trusted-cert-0001-9935 359s + local key_cn 359s + local key_name 359s + local tokens_dir 359s + local output_cert_file 359s + token_name= 359s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem .pem 359s + key_name=test-root-CA-trusted-certificate-0001 359s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 359s ++ sed -n 's/ *commonName *= //p' 359s + key_cn='Test Organization Root Trusted Certificate 0001' 359s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 359s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf 359s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf 359s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 359s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001 359s + token_name='Test Organization Root Tr Token' 359s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 359s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001 ']' 359s Test Organization Root Tr Token 359s + echo 'Test Organization Root Tr Token' 359s + '[' -n '' ']' 359s + local output_base_name=SSSD-child-12958 359s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-12958.output 359s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-12958.pem 359s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 359s [p11_child[3116]] [main] (0x0400): p11_child started. 359s [p11_child[3116]] [main] (0x2000): Running in [pre-auth] mode. 359s [p11_child[3116]] [main] (0x2000): Running with effective IDs: [0][0]. 359s [p11_child[3116]] [main] (0x2000): Running with real IDs [0][0]. 359s [p11_child[3116]] [do_card] (0x4000): Module List: 359s [p11_child[3116]] [do_card] (0x4000): common name: [softhsm2]. 359s [p11_child[3116]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 359s [p11_child[3116]] [do_card] (0x4000): Description [SoftHSM slot ID 0x53f9f60] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 359s [p11_child[3116]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 359s [p11_child[3116]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x53f9f60][88055648] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 359s [p11_child[3116]] [do_card] (0x4000): Login NOT required. 359s [p11_child[3116]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 359s [p11_child[3116]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 359s [p11_child[3116]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 359s [p11_child[3116]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x53f9f60;slot-manufacturer=SoftHSM%20project;slot-id=88055648;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6bfe2f36053f9f60;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 359s [p11_child[3116]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 359s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12958.output 359s + echo '-----BEGIN CERTIFICATE-----' 359s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12958.output 359s + echo '-----END CERTIFICATE-----' 359s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12958.pem 359s Certificate: 359s Data: 359s Version: 3 (0x2) 359s Serial Number: 3 (0x3) 359s Signature Algorithm: sha256WithRSAEncryption 359s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 359s Validity 359s Not Before: Nov 29 21:50:34 2024 GMT 359s Not After : Nov 29 21:50:34 2025 GMT 359s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 359s Subject Public Key Info: 359s Public Key Algorithm: rsaEncryption 359s Public-Key: (1024 bit) 359s Modulus: 359s 00:dd:fc:81:78:0f:89:12:ba:48:fd:71:c8:f9:84: 359s 07:00:f6:22:91:ac:81:40:fe:9d:45:c5:ac:7b:79: 359s ae:28:45:ea:6a:a3:0a:8f:e4:fb:4b:ed:69:80:eb: 359s f7:e2:90:c4:24:d9:05:f1:d3:d5:36:d6:f7:3f:28: 359s bf:8a:11:91:10:11:7a:70:78:11:48:fc:62:ea:ff: 359s aa:be:c3:7f:2c:2d:3e:e4:d9:b7:91:82:ce:f1:a7: 359s e9:b7:de:cb:ae:f7:7f:62:09:29:bc:00:91:1d:a6: 359s 94:1e:e3:0b:15:1b:ca:bf:99:90:ae:4d:8f:b6:8e: 359s c1:50:73:f2:4e:dd:2d:e2:d3 359s Exponent: 65537 (0x10001) 359s X509v3 extensions: 359s X509v3 Authority Key Identifier: 359s DD:13:9D:91:4A:49:84:4E:BD:36:77:66:E3:0A:3B:0B:C2:E9:93:C4 359s X509v3 Basic Constraints: 359s CA:FALSE 359s Netscape Cert Type: 359s SSL Client, S/MIME 359s Netscape Comment: 359s Test Organization Root CA trusted Certificate 359s X509v3 Subject Key Identifier: 359s 9D:83:F1:2B:B2:E2:9D:E6:DC:AA:0D:05:13:50:92:88:36:DE:69:96 359s X509v3 Key Usage: critical 359s Digital Signature, Non Repudiation, Key Encipherment 359s X509v3 Extended Key Usage: 359s TLS Web Client Authentication, E-mail Protection 359s X509v3 Subject Alternative Name: 359s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 359s Signature Algorithm: sha256WithRSAEncryption 359s Signature Value: 359s de:52:b5:c5:43:51:60:7d:df:79:bb:fd:e7:d5:87:b9:0a:83: 359s 18:ab:7f:c8:8d:17:03:94:fe:d7:17:b0:47:95:cc:05:ce:46: 359s 06:ac:83:3b:7d:1e:12:9b:c2:ac:25:43:ca:b6:a9:0e:2f:ef: 359s 91:69:52:92:c1:2a:ca:0e:58:6a:0f:24:7f:0c:23:3f:48:b0: 359s c0:f8:31:c0:27:bb:ee:66:72:db:4a:7d:e1:db:57:94:60:87: 359s 37:5d:2a:f3:24:0a:44:45:57:c1:e6:e3:d8:4f:bf:91:fd:1d: 359s 2e:09:d1:9a:1d:74:95:1a:9a:3d:5f:c2:01:ba:b9:07:61:af: 359s 62:b9 359s + local found_md5 expected_md5 359s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 359s + expected_md5=Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 359s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12958.pem 359s + found_md5=Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 359s + '[' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 '!=' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 ']' 359s + output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-12958-auth.output 359s ++ basename /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12958-auth.output .output 359s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-12958-auth.pem 359s + echo -n 053350 359s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 359s [p11_child[3124]] [main] (0x0400): p11_child started. 359s [p11_child[3124]] [main] (0x2000): Running in [auth] mode. 359s [p11_child[3124]] [main] (0x2000): Running with effective IDs: [0][0]. 359s [p11_child[3124]] [main] (0x2000): Running with real IDs [0][0]. 359s [p11_child[3124]] [do_card] (0x4000): Module List: 359s [p11_child[3124]] [do_card] (0x4000): common name: [softhsm2]. 359s [p11_child[3124]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 359s [p11_child[3124]] [do_card] (0x4000): Description [SoftHSM slot ID 0x53f9f60] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 359s [p11_child[3124]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 359s [p11_child[3124]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x53f9f60][88055648] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 359s [p11_child[3124]] [do_card] (0x4000): Login required. 359s [p11_child[3124]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 359s [p11_child[3124]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 359s [p11_child[3124]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 359s [p11_child[3124]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x53f9f60;slot-manufacturer=SoftHSM%20project;slot-id=88055648;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6bfe2f36053f9f60;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 359s [p11_child[3124]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 359s [p11_child[3124]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 359s [p11_child[3124]] [do_card] (0x4000): Certificate verified and validated. 359s [p11_child[3124]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 359s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12958-auth.output 359s + echo '-----BEGIN CERTIFICATE-----' 359s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12958-auth.output 359s + echo '-----END CERTIFICATE-----' 359s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12958-auth.pem 359s Certificate: 359s Data: 359s Version: 3 (0x2) 359s Serial Number: 3 (0x3) 359s Signature Algorithm: sha256WithRSAEncryption 359s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 359s Validity 359s Not Before: Nov 29 21:50:34 2024 GMT 359s Not After : Nov 29 21:50:34 2025 GMT 359s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 359s Subject Public Key Info: 359s Public Key Algorithm: rsaEncryption 359s Public-Key: (1024 bit) 359s Modulus: 359s 00:dd:fc:81:78:0f:89:12:ba:48:fd:71:c8:f9:84: 359s 07:00:f6:22:91:ac:81:40:fe:9d:45:c5:ac:7b:79: 359s ae:28:45:ea:6a:a3:0a:8f:e4:fb:4b:ed:69:80:eb: 359s f7:e2:90:c4:24:d9:05:f1:d3:d5:36:d6:f7:3f:28: 359s bf:8a:11:91:10:11:7a:70:78:11:48:fc:62:ea:ff: 359s aa:be:c3:7f:2c:2d:3e:e4:d9:b7:91:82:ce:f1:a7: 359s e9:b7:de:cb:ae:f7:7f:62:09:29:bc:00:91:1d:a6: 359s 94:1e:e3:0b:15:1b:ca:bf:99:90:ae:4d:8f:b6:8e: 359s c1:50:73:f2:4e:dd:2d:e2:d3 359s Exponent: 65537 (0x10001) 359s X509v3 extensions: 359s X509v3 Authority Key Identifier: 359s DD:13:9D:91:4A:49:84:4E:BD:36:77:66:E3:0A:3B:0B:C2:E9:93:C4 359s X509v3 Basic Constraints: 359s CA:FALSE 359s Netscape Cert Type: 359s SSL Client, S/MIME 359s Netscape Comment: 359s Test Organization Root CA trusted Certificate 359s X509v3 Subject Key Identifier: 359s 9D:83:F1:2B:B2:E2:9D:E6:DC:AA:0D:05:13:50:92:88:36:DE:69:96 359s X509v3 Key Usage: critical 359s Digital Signature, Non Repudiation, Key Encipherment 359s X509v3 Extended Key Usage: 359s TLS Web Client Authentication, E-mail Protection 359s X509v3 Subject Alternative Name: 359s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 359s Signature Algorithm: sha256WithRSAEncryption 359s Signature Value: 359s de:52:b5:c5:43:51:60:7d:df:79:bb:fd:e7:d5:87:b9:0a:83: 359s 18:ab:7f:c8:8d:17:03:94:fe:d7:17:b0:47:95:cc:05:ce:46: 359s 06:ac:83:3b:7d:1e:12:9b:c2:ac:25:43:ca:b6:a9:0e:2f:ef: 359s 91:69:52:92:c1:2a:ca:0e:58:6a:0f:24:7f:0c:23:3f:48:b0: 359s c0:f8:31:c0:27:bb:ee:66:72:db:4a:7d:e1:db:57:94:60:87: 359s 37:5d:2a:f3:24:0a:44:45:57:c1:e6:e3:d8:4f:bf:91:fd:1d: 359s 2e:09:d1:9a:1d:74:95:1a:9a:3d:5f:c2:01:ba:b9:07:61:af: 359s 62:b9 359s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12958-auth.pem 359s + found_md5=Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 359s + '[' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 '!=' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 ']' 359s + valid_certificate /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem partial_chain 359s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem partial_chain 359s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 359s + local key_pass=pass:random-root-ca-trusted-cert-0001-9935 359s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 359s + local verify_option=partial_chain 359s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 359s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 359s + local key_pass=pass:random-root-ca-trusted-cert-0001-9935 359s + local key_cn 359s + local key_name 359s + local tokens_dir 359s + local output_cert_file 359s + token_name= 359s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem .pem 359s + key_name=test-root-CA-trusted-certificate-0001 359s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 359s ++ sed -n 's/ *commonName *= //p' 359s + key_cn='Test Organization Root Trusted Certificate 0001' 359s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 359s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf 359s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf 359s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 359s Test Organization Root Tr Token 359s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001 359s + token_name='Test Organization Root Tr Token' 359s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 359s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001 ']' 359s + echo 'Test Organization Root Tr Token' 359s + '[' -n partial_chain ']' 359s + local verify_arg=--verify=partial_chain 359s + local output_base_name=SSSD-child-3682 359s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-3682.output 359s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-3682.pem 359s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 359s [p11_child[3134]] [main] (0x0400): p11_child started. 359s [p11_child[3134]] [main] (0x2000): Running in [pre-auth] mode. 359s [p11_child[3134]] [main] (0x2000): Running with effective IDs: [0][0]. 359s [p11_child[3134]] [main] (0x2000): Running with real IDs [0][0]. 359s [p11_child[3134]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 359s [p11_child[3134]] [do_card] (0x4000): Module List: 359s [p11_child[3134]] [do_card] (0x4000): common name: [softhsm2]. 359s [p11_child[3134]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 359s [p11_child[3134]] [do_card] (0x4000): Description [SoftHSM slot ID 0x53f9f60] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 359s [p11_child[3134]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 359s [p11_child[3134]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x53f9f60][88055648] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 359s [p11_child[3134]] [do_card] (0x4000): Login NOT required. 359s [p11_child[3134]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 359s [p11_child[3134]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 359s [p11_child[3134]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 359s [p11_child[3134]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x53f9f60;slot-manufacturer=SoftHSM%20project;slot-id=88055648;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6bfe2f36053f9f60;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 359s [p11_child[3134]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 359s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-3682.output 359s + echo '-----BEGIN CERTIFICATE-----' 359s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-3682.output 359s + echo '-----END CERTIFICATE-----' 359s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-3682.pem 359s Certificate: 359s Data: 359s Version: 3 (0x2) 359s Serial Number: 3 (0x3) 359s Signature Algorithm: sha256WithRSAEncryption 359s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 359s Validity 359s Not Before: Nov 29 21:50:34 2024 GMT 359s Not After : Nov 29 21:50:34 2025 GMT 359s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 359s Subject Public Key Info: 359s Public Key Algorithm: rsaEncryption 359s Public-Key: (1024 bit) 359s Modulus: 359s 00:dd:fc:81:78:0f:89:12:ba:48:fd:71:c8:f9:84: 359s 07:00:f6:22:91:ac:81:40:fe:9d:45:c5:ac:7b:79: 359s ae:28:45:ea:6a:a3:0a:8f:e4:fb:4b:ed:69:80:eb: 359s f7:e2:90:c4:24:d9:05:f1:d3:d5:36:d6:f7:3f:28: 359s bf:8a:11:91:10:11:7a:70:78:11:48:fc:62:ea:ff: 359s aa:be:c3:7f:2c:2d:3e:e4:d9:b7:91:82:ce:f1:a7: 359s e9:b7:de:cb:ae:f7:7f:62:09:29:bc:00:91:1d:a6: 359s 94:1e:e3:0b:15:1b:ca:bf:99:90:ae:4d:8f:b6:8e: 359s c1:50:73:f2:4e:dd:2d:e2:d3 359s Exponent: 65537 (0x10001) 359s X509v3 extensions: 359s X509v3 Authority Key Identifier: 359s DD:13:9D:91:4A:49:84:4E:BD:36:77:66:E3:0A:3B:0B:C2:E9:93:C4 359s X509v3 Basic Constraints: 359s CA:FALSE 359s Netscape Cert Type: 359s SSL Client, S/MIME 359s Netscape Comment: 359s Test Organization Root CA trusted Certificate 359s X509v3 Subject Key Identifier: 359s 9D:83:F1:2B:B2:E2:9D:E6:DC:AA:0D:05:13:50:92:88:36:DE:69:96 359s X509v3 Key Usage: critical 359s Digital Signature, Non Repudiation, Key Encipherment 359s X509v3 Extended Key Usage: 359s TLS Web Client Authentication, E-mail Protection 359s X509v3 Subject Alternative Name: 359s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 359s Signature Algorithm: sha256WithRSAEncryption 359s Signature Value: 359s de:52:b5:c5:43:51:60:7d:df:79:bb:fd:e7:d5:87:b9:0a:83: 359s 18:ab:7f:c8:8d:17:03:94:fe:d7:17:b0:47:95:cc:05:ce:46: 359s 06:ac:83:3b:7d:1e:12:9b:c2:ac:25:43:ca:b6:a9:0e:2f:ef: 359s 91:69:52:92:c1:2a:ca:0e:58:6a:0f:24:7f:0c:23:3f:48:b0: 359s c0:f8:31:c0:27:bb:ee:66:72:db:4a:7d:e1:db:57:94:60:87: 359s 37:5d:2a:f3:24:0a:44:45:57:c1:e6:e3:d8:4f:bf:91:fd:1d: 359s 2e:09:d1:9a:1d:74:95:1a:9a:3d:5f:c2:01:ba:b9:07:61:af: 359s 62:b9 359s + local found_md5 expected_md5 359s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 359s + expected_md5=Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 359s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-3682.pem 359s + found_md5=Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 359s + '[' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 '!=' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 ']' 359s + output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-3682-auth.output 359s ++ basename /tmp/sssd-softhsm2-P7qV3q/SSSD-child-3682-auth.output .output 359s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-3682-auth.pem 359s + echo -n 053350 359s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 359s [p11_child[3142]] [main] (0x0400): p11_child started. 359s [p11_child[3142]] [main] (0x2000): Running in [auth] mode. 359s [p11_child[3142]] [main] (0x2000): Running with effective IDs: [0][0]. 359s [p11_child[3142]] [main] (0x2000): Running with real IDs [0][0]. 359s [p11_child[3142]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 359s [p11_child[3142]] [do_card] (0x4000): Module List: 359s [p11_child[3142]] [do_card] (0x4000): common name: [softhsm2]. 359s [p11_child[3142]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 359s [p11_child[3142]] [do_card] (0x4000): Description [SoftHSM slot ID 0x53f9f60] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 359s [p11_child[3142]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 359s [p11_child[3142]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x53f9f60][88055648] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 359s [p11_child[3142]] [do_card] (0x4000): Login required. 359s [p11_child[3142]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 359s [p11_child[3142]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 359s [p11_child[3142]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 359s [p11_child[3142]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x53f9f60;slot-manufacturer=SoftHSM%20project;slot-id=88055648;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6bfe2f36053f9f60;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 359s [p11_child[3142]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 359s [p11_child[3142]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 359s [p11_child[3142]] [do_card] (0x4000): Certificate verified and validated. 359s [p11_child[3142]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 359s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-3682-auth.output 359s + echo '-----BEGIN CERTIFICATE-----' 359s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-3682-auth.output 359s + echo '-----END CERTIFICATE-----' 359s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-3682-auth.pem 359s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-3682-auth.pem 359s Certificate: 359s Data: 359s Version: 3 (0x2) 359s Serial Number: 3 (0x3) 359s Signature Algorithm: sha256WithRSAEncryption 359s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 359s Validity 359s Not Before: Nov 29 21:50:34 2024 GMT 359s Not After : Nov 29 21:50:34 2025 GMT 359s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 359s Subject Public Key Info: 359s Public Key Algorithm: rsaEncryption 359s Public-Key: (1024 bit) 359s Modulus: 359s 00:dd:fc:81:78:0f:89:12:ba:48:fd:71:c8:f9:84: 359s 07:00:f6:22:91:ac:81:40:fe:9d:45:c5:ac:7b:79: 359s ae:28:45:ea:6a:a3:0a:8f:e4:fb:4b:ed:69:80:eb: 359s f7:e2:90:c4:24:d9:05:f1:d3:d5:36:d6:f7:3f:28: 359s bf:8a:11:91:10:11:7a:70:78:11:48:fc:62:ea:ff: 359s aa:be:c3:7f:2c:2d:3e:e4:d9:b7:91:82:ce:f1:a7: 359s e9:b7:de:cb:ae:f7:7f:62:09:29:bc:00:91:1d:a6: 359s 94:1e:e3:0b:15:1b:ca:bf:99:90:ae:4d:8f:b6:8e: 359s c1:50:73:f2:4e:dd:2d:e2:d3 359s Exponent: 65537 (0x10001) 359s X509v3 extensions: 359s X509v3 Authority Key Identifier: 359s DD:13:9D:91:4A:49:84:4E:BD:36:77:66:E3:0A:3B:0B:C2:E9:93:C4 359s X509v3 Basic Constraints: 359s CA:FALSE 359s Netscape Cert Type: 359s SSL Client, S/MIME 359s Netscape Comment: 359s Test Organization Root CA trusted Certificate 359s X509v3 Subject Key Identifier: 359s 9D:83:F1:2B:B2:E2:9D:E6:DC:AA:0D:05:13:50:92:88:36:DE:69:96 359s X509v3 Key Usage: critical 359s Digital Signature, Non Repudiation, Key Encipherment 359s X509v3 Extended Key Usage: 359s TLS Web Client Authentication, E-mail Protection 359s X509v3 Subject Alternative Name: 359s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 359s Signature Algorithm: sha256WithRSAEncryption 359s Signature Value: 359s de:52:b5:c5:43:51:60:7d:df:79:bb:fd:e7:d5:87:b9:0a:83: 359s 18:ab:7f:c8:8d:17:03:94:fe:d7:17:b0:47:95:cc:05:ce:46: 359s 06:ac:83:3b:7d:1e:12:9b:c2:ac:25:43:ca:b6:a9:0e:2f:ef: 359s 91:69:52:92:c1:2a:ca:0e:58:6a:0f:24:7f:0c:23:3f:48:b0: 359s c0:f8:31:c0:27:bb:ee:66:72:db:4a:7d:e1:db:57:94:60:87: 359s 37:5d:2a:f3:24:0a:44:45:57:c1:e6:e3:d8:4f:bf:91:fd:1d: 359s 2e:09:d1:9a:1d:74:95:1a:9a:3d:5f:c2:01:ba:b9:07:61:af: 359s 62:b9 359s + found_md5=Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 359s + '[' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 '!=' Modulus=DDFC81780F8912BA48FD71C8F9840700F62291AC8140FE9D45C5AC7B79AE2845EA6AA30A8FE4FB4BED6980EBF7E290C424D905F1D3D536D6F73F28BF8A119110117A70781148FC62EAFFAABEC37F2C2D3EE4D9B79182CEF1A7E9B7DECBAEF77F620929BC00911DA6941EE30B151BCABF9990AE4D8FB68EC15073F24EDD2DE2D3 ']' 359s + invalid_certificate /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem 359s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem 359s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 359s + local key_pass=pass:random-root-ca-trusted-cert-0001-9935 359s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem 359s + local verify_option= 359s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 359s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 359s + local key_pass=pass:random-root-ca-trusted-cert-0001-9935 359s + local key_cn 359s + local key_name 359s + local tokens_dir 359s + local output_cert_file 359s + token_name= 359s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem .pem 359s + key_name=test-root-CA-trusted-certificate-0001 359s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 359s ++ sed -n 's/ *commonName *= //p' 359s + key_cn='Test Organization Root Trusted Certificate 0001' 359s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 359s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf 359s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf 359s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 359s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001 359s + token_name='Test Organization Root Tr Token' 359s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 359s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001 ']' 359s + echo 'Test Organization Root Tr Token' 359s + '[' -n '' ']' 359s Test Organization Root Tr Token 359s + local output_base_name=SSSD-child-18816 359s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-18816.output 359s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-18816.pem 359s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem 359s [p11_child[3152]] [main] (0x0400): p11_child started. 359s [p11_child[3152]] [main] (0x2000): Running in [pre-auth] mode. 359s [p11_child[3152]] [main] (0x2000): Running with effective IDs: [0][0]. 359s [p11_child[3152]] [main] (0x2000): Running with real IDs [0][0]. 360s [p11_child[3152]] [do_card] (0x4000): Module List: 360s [p11_child[3152]] [do_card] (0x4000): common name: [softhsm2]. 360s [p11_child[3152]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 360s [p11_child[3152]] [do_card] (0x4000): Description [SoftHSM slot ID 0x53f9f60] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 360s [p11_child[3152]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 360s [p11_child[3152]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x53f9f60][88055648] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 360s [p11_child[3152]] [do_card] (0x4000): Login NOT required. 360s [p11_child[3152]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 360s [p11_child[3152]] [do_verification] (0x0040): X509_verify_cert failed [0]. 360s [p11_child[3152]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 360s [p11_child[3152]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 360s [p11_child[3152]] [do_card] (0x4000): No certificate found. 360s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-18816.output 360s + return 2 360s + invalid_certificate /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem partial_chain 360s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem partial_chain 360s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 360s + local key_pass=pass:random-root-ca-trusted-cert-0001-9935 360s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem 360s + local verify_option=partial_chain 360s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-9935 360s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 360s + local key_pass=pass:random-root-ca-trusted-cert-0001-9935 360s + local key_cn 360s + local key_name 360s + local tokens_dir 360s + local output_cert_file 360s + token_name= 360s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem .pem 360s + key_name=test-root-CA-trusted-certificate-0001 360s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-root-CA-trusted-certificate-0001.pem 360s ++ sed -n 's/ *commonName *= //p' 360s + key_cn='Test Organization Root Trusted Certificate 0001' 360s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 360s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf 360s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf 360s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 360s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001 360s + token_name='Test Organization Root Tr Token' 360s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 360s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-root-CA-trusted-certificate-0001 ']' 360s + echo 'Test Organization Root Tr Token' 360s Test Organization Root Tr Token 360s + '[' -n partial_chain ']' 360s + local verify_arg=--verify=partial_chain 360s + local output_base_name=SSSD-child-14007 360s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-14007.output 360s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-14007.pem 360s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem 360s [p11_child[3159]] [main] (0x0400): p11_child started. 360s [p11_child[3159]] [main] (0x2000): Running in [pre-auth] mode. 360s [p11_child[3159]] [main] (0x2000): Running with effective IDs: [0][0]. 360s [p11_child[3159]] [main] (0x2000): Running with real IDs [0][0]. 360s [p11_child[3159]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 360s [p11_child[3159]] [do_card] (0x4000): Module List: 360s [p11_child[3159]] [do_card] (0x4000): common name: [softhsm2]. 360s [p11_child[3159]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 360s [p11_child[3159]] [do_card] (0x4000): Description [SoftHSM slot ID 0x53f9f60] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 360s [p11_child[3159]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 360s [p11_child[3159]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x53f9f60][88055648] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 360s [p11_child[3159]] [do_card] (0x4000): Login NOT required. 360s [p11_child[3159]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 360s [p11_child[3159]] [do_verification] (0x0040): X509_verify_cert failed [0]. 360s [p11_child[3159]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 360s [p11_child[3159]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 360s [p11_child[3159]] [do_card] (0x4000): No certificate found. 360s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-14007.output 360s + return 2 360s + invalid_certificate /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 /dev/null 360s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 /dev/null 360s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 360s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19106 360s + local key_ring=/dev/null 360s + local verify_option= 360s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 360s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 360s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19106 360s + local key_cn 360s + local key_name 360s + local tokens_dir 360s + local output_cert_file 360s + token_name= 360s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem .pem 360s + key_name=test-intermediate-CA-trusted-certificate-0001 360s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 360s ++ sed -n 's/ *commonName *= //p' 360s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 360s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 360s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 360s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 360s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 360s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001 360s + token_name='Test Organization Interme Token' 360s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 360s + local key_file 360s + local decrypted_key 360s + mkdir -p /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001 360s + key_file=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001-key.pem 360s + decrypted_key=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 360s + cat 360s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 053350 --so-pin 053350 --free 360s Slot 0 has a free/uninitialized token. 360s The token has been initialized and is reassigned to slot 863717734 360s + softhsm2-util --show-slots 360s Available slots: 360s Slot 863717734 360s Slot info: 360s Description: SoftHSM slot ID 0x337b4966 360s Manufacturer ID: SoftHSM project 360s Hardware version: 2.6 360s Firmware version: 2.6 360s Token present: yes 360s Token info: 360s Manufacturer ID: SoftHSM project 360s Model: SoftHSM v2 360s Hardware version: 2.6 360s Firmware version: 2.6 360s Serial number: a67731ccb37b4966 360s Initialized: yes 360s User PIN init.: yes 360s Label: Test Organization Interme Token 360s Slot 1 360s Slot info: 360s Description: SoftHSM slot ID 0x1 360s Manufacturer ID: SoftHSM project 360s Hardware version: 2.6 360s Firmware version: 2.6 360s Token present: yes 360s Token info: 360s Manufacturer ID: SoftHSM project 360s Model: SoftHSM v2 360s Hardware version: 2.6 360s Firmware version: 2.6 360s Serial number: 360s Initialized: no 360s User PIN init.: no 360s Label: 360s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 360s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-19106 -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 360s writing RSA key 360s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 360s + rm /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 360s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 360s Object 0: 360s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a67731ccb37b4966;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 360s Type: X.509 Certificate (RSA-1024) 360s Expires: Sat Nov 29 21:50:34 2025 360s Label: Test Organization Intermediate Trusted Certificate 0001 360s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 360s 360s + echo 'Test Organization Interme Token' 360s + '[' -n '' ']' 360s + local output_base_name=SSSD-child-225 360s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-225.output 360s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-225.pem 360s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 360s Test Organization Interme Token 360s [p11_child[3175]] [main] (0x0400): p11_child started. 360s [p11_child[3175]] [main] (0x2000): Running in [pre-auth] mode. 360s [p11_child[3175]] [main] (0x2000): Running with effective IDs: [0][0]. 360s [p11_child[3175]] [main] (0x2000): Running with real IDs [0][0]. 360s [p11_child[3175]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 360s [p11_child[3175]] [do_work] (0x0040): init_verification failed. 360s [p11_child[3175]] [main] (0x0020): p11_child failed (5) 360s + return 2 360s + valid_certificate /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 /dev/null no_verification 360s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 /dev/null no_verification 360s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 360s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19106 360s + local key_ring=/dev/null 360s + local verify_option=no_verification 360s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 360s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 360s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19106 360s + local key_cn 360s + local key_name 360s + local tokens_dir 360s + local output_cert_file 360s + token_name= 360s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem .pem 360s + key_name=test-intermediate-CA-trusted-certificate-0001 360s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 360s ++ sed -n 's/ *commonName *= //p' 360s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 360s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 360s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 360s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 360s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 360s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001 360s + token_name='Test Organization Interme Token' 360s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 360s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 360s + echo 'Test Organization Interme Token' 360s + '[' -n no_verification ']' 360s + local verify_arg=--verify=no_verification 360s + local output_base_name=SSSD-child-8497 360s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-8497.output 360s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-8497.pem 360s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 360s Test Organization Interme Token 360s [p11_child[3181]] [main] (0x0400): p11_child started. 360s [p11_child[3181]] [main] (0x2000): Running in [pre-auth] mode. 360s [p11_child[3181]] [main] (0x2000): Running with effective IDs: [0][0]. 360s [p11_child[3181]] [main] (0x2000): Running with real IDs [0][0]. 360s [p11_child[3181]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 360s [p11_child[3181]] [do_card] (0x4000): Module List: 360s [p11_child[3181]] [do_card] (0x4000): common name: [softhsm2]. 360s [p11_child[3181]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 360s [p11_child[3181]] [do_card] (0x4000): Description [SoftHSM slot ID 0x337b4966] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 360s [p11_child[3181]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 360s [p11_child[3181]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x337b4966][863717734] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 360s [p11_child[3181]] [do_card] (0x4000): Login NOT required. 360s [p11_child[3181]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 360s [p11_child[3181]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 360s [p11_child[3181]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x337b4966;slot-manufacturer=SoftHSM%20project;slot-id=863717734;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a67731ccb37b4966;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 360s [p11_child[3181]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 360s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-8497.output 360s + echo '-----BEGIN CERTIFICATE-----' 360s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-8497.output 360s + echo '-----END CERTIFICATE-----' 360s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-8497.pem 360s Certificate: 360s Data: 360s Version: 3 (0x2) 360s Serial Number: 4 (0x4) 360s Signature Algorithm: sha256WithRSAEncryption 360s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 360s Validity 360s Not Before: Nov 29 21:50:34 2024 GMT 360s Not After : Nov 29 21:50:34 2025 GMT 360s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 360s Subject Public Key Info: 360s Public Key Algorithm: rsaEncryption 360s Public-Key: (1024 bit) 360s Modulus: 360s 00:c3:ea:68:33:d0:79:99:7a:25:59:9e:dc:1a:6d: 360s df:40:0e:0c:5b:d9:c2:65:b6:1e:b3:33:6b:38:9e: 360s 48:a2:91:cc:43:1d:99:5a:44:66:10:09:c0:5f:76: 360s 73:fe:05:ad:34:7d:13:d7:fa:5a:a1:f1:75:ce:78: 360s b3:42:b6:2f:9f:5a:dc:a3:44:17:e4:e0:c0:4c:30: 360s cc:f8:c4:1b:bc:cb:68:95:78:05:30:fa:56:8f:d1: 360s 0e:a0:c1:72:fb:45:7c:55:cf:a3:f7:8d:fb:a1:82: 360s 2e:93:9f:b4:ce:a7:82:a5:98:29:d3:3f:be:e2:13: 360s c1:74:2c:f4:a4:8a:ff:01:b3 360s Exponent: 65537 (0x10001) 360s X509v3 extensions: 360s X509v3 Authority Key Identifier: 360s C2:B3:F8:5E:48:E9:DA:75:B8:7F:80:90:28:25:B4:28:51:E0:80:22 360s X509v3 Basic Constraints: 360s CA:FALSE 360s Netscape Cert Type: 360s SSL Client, S/MIME 360s Netscape Comment: 360s Test Organization Intermediate CA trusted Certificate 360s X509v3 Subject Key Identifier: 360s 64:01:0F:79:AE:16:0E:14:D1:67:44:A0:4E:4E:34:54:B6:DC:66:05 360s X509v3 Key Usage: critical 360s Digital Signature, Non Repudiation, Key Encipherment 360s X509v3 Extended Key Usage: 360s TLS Web Client Authentication, E-mail Protection 360s X509v3 Subject Alternative Name: 360s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 360s Signature Algorithm: sha256WithRSAEncryption 360s Signature Value: 360s 36:a9:16:4d:69:84:a0:b7:10:32:18:15:0f:19:f5:7f:83:b9: 360s 6f:19:f0:b4:68:7d:16:da:d9:86:52:32:0e:af:56:30:3f:d5: 360s 59:90:9c:e1:35:27:94:b7:80:f1:78:47:4c:bd:29:93:11:50: 360s 36:64:5a:c4:fb:ad:d1:d9:c7:d9:71:06:ad:ae:42:3c:46:73: 360s 24:d3:f4:a1:de:ba:41:4c:f3:2f:0d:82:8c:08:53:d1:ad:5c: 360s f4:e1:5c:c1:4e:3c:e3:d6:0e:bc:9a:f0:59:5d:1d:ac:da:45: 360s b1:3a:db:93:59:2b:f7:55:e4:48:4e:ac:51:0f:6b:77:3a:86: 360s 13:86 360s + local found_md5 expected_md5 360s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 360s + expected_md5=Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 360s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-8497.pem 360s + found_md5=Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 360s + '[' Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 '!=' Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 ']' 360s + output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-8497-auth.output 360s ++ basename /tmp/sssd-softhsm2-P7qV3q/SSSD-child-8497-auth.output .output 360s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-8497-auth.pem 360s + echo -n 053350 360s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 360s [p11_child[3189]] [main] (0x0400): p11_child started. 360s [p11_child[3189]] [main] (0x2000): Running in [auth] mode. 360s [p11_child[3189]] [main] (0x2000): Running with effective IDs: [0][0]. 360s [p11_child[3189]] [main] (0x2000): Running with real IDs [0][0]. 360s [p11_child[3189]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 360s [p11_child[3189]] [do_card] (0x4000): Module List: 360s [p11_child[3189]] [do_card] (0x4000): common name: [softhsm2]. 360s [p11_child[3189]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 360s [p11_child[3189]] [do_card] (0x4000): Description [SoftHSM slot ID 0x337b4966] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 360s [p11_child[3189]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 360s [p11_child[3189]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x337b4966][863717734] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 360s [p11_child[3189]] [do_card] (0x4000): Login required. 360s [p11_child[3189]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 360s [p11_child[3189]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 360s [p11_child[3189]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x337b4966;slot-manufacturer=SoftHSM%20project;slot-id=863717734;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a67731ccb37b4966;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 360s [p11_child[3189]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 360s [p11_child[3189]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 360s [p11_child[3189]] [do_card] (0x4000): Certificate verified and validated. 360s [p11_child[3189]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 360s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-8497-auth.output 360s + echo '-----BEGIN CERTIFICATE-----' 360s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-8497-auth.output 360s + echo '-----END CERTIFICATE-----' 360s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-8497-auth.pem 360s Certificate: 360s Data: 360s Version: 3 (0x2) 360s Serial Number: 4 (0x4) 360s Signature Algorithm: sha256WithRSAEncryption 360s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 360s Validity 360s Not Before: Nov 29 21:50:34 2024 GMT 360s Not After : Nov 29 21:50:34 2025 GMT 360s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 360s Subject Public Key Info: 360s Public Key Algorithm: rsaEncryption 360s Public-Key: (1024 bit) 360s Modulus: 360s 00:c3:ea:68:33:d0:79:99:7a:25:59:9e:dc:1a:6d: 360s df:40:0e:0c:5b:d9:c2:65:b6:1e:b3:33:6b:38:9e: 360s 48:a2:91:cc:43:1d:99:5a:44:66:10:09:c0:5f:76: 360s 73:fe:05:ad:34:7d:13:d7:fa:5a:a1:f1:75:ce:78: 360s b3:42:b6:2f:9f:5a:dc:a3:44:17:e4:e0:c0:4c:30: 360s cc:f8:c4:1b:bc:cb:68:95:78:05:30:fa:56:8f:d1: 360s 0e:a0:c1:72:fb:45:7c:55:cf:a3:f7:8d:fb:a1:82: 360s 2e:93:9f:b4:ce:a7:82:a5:98:29:d3:3f:be:e2:13: 360s c1:74:2c:f4:a4:8a:ff:01:b3 360s Exponent: 65537 (0x10001) 360s X509v3 extensions: 360s X509v3 Authority Key Identifier: 360s C2:B3:F8:5E:48:E9:DA:75:B8:7F:80:90:28:25:B4:28:51:E0:80:22 360s X509v3 Basic Constraints: 360s CA:FALSE 360s Netscape Cert Type: 360s SSL Client, S/MIME 360s Netscape Comment: 360s Test Organization Intermediate CA trusted Certificate 360s X509v3 Subject Key Identifier: 360s 64:01:0F:79:AE:16:0E:14:D1:67:44:A0:4E:4E:34:54:B6:DC:66:05 360s X509v3 Key Usage: critical 360s Digital Signature, Non Repudiation, Key Encipherment 360s X509v3 Extended Key Usage: 360s TLS Web Client Authentication, E-mail Protection 360s X509v3 Subject Alternative Name: 360s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 360s Signature Algorithm: sha256WithRSAEncryption 360s Signature Value: 360s 36:a9:16:4d:69:84:a0:b7:10:32:18:15:0f:19:f5:7f:83:b9: 360s 6f:19:f0:b4:68:7d:16:da:d9:86:52:32:0e:af:56:30:3f:d5: 360s 59:90:9c:e1:35:27:94:b7:80:f1:78:47:4c:bd:29:93:11:50: 360s 36:64:5a:c4:fb:ad:d1:d9:c7:d9:71:06:ad:ae:42:3c:46:73: 360s 24:d3:f4:a1:de:ba:41:4c:f3:2f:0d:82:8c:08:53:d1:ad:5c: 360s f4:e1:5c:c1:4e:3c:e3:d6:0e:bc:9a:f0:59:5d:1d:ac:da:45: 360s b1:3a:db:93:59:2b:f7:55:e4:48:4e:ac:51:0f:6b:77:3a:86: 360s 13:86 360s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-8497-auth.pem 360s + found_md5=Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 360s + '[' Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 '!=' Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 ']' 360s + invalid_certificate /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 360s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 360s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 360s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19106 360s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 360s + local verify_option= 360s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 360s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 360s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19106 360s + local key_cn 360s + local key_name 360s + local tokens_dir 360s + local output_cert_file 360s + token_name= 360s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem .pem 360s + key_name=test-intermediate-CA-trusted-certificate-0001 360s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 360s ++ sed -n 's/ *commonName *= //p' 360s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 360s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 360s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 360s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 360s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 360s Test Organization Interme Token 360s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001 360s + token_name='Test Organization Interme Token' 360s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 360s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 360s + echo 'Test Organization Interme Token' 360s + '[' -n '' ']' 360s + local output_base_name=SSSD-child-18050 360s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-18050.output 360s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-18050.pem 360s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 360s [p11_child[3199]] [main] (0x0400): p11_child started. 360s [p11_child[3199]] [main] (0x2000): Running in [pre-auth] mode. 360s [p11_child[3199]] [main] (0x2000): Running with effective IDs: [0][0]. 360s [p11_child[3199]] [main] (0x2000): Running with real IDs [0][0]. 360s [p11_child[3199]] [do_card] (0x4000): Module List: 360s [p11_child[3199]] [do_card] (0x4000): common name: [softhsm2]. 360s [p11_child[3199]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 360s [p11_child[3199]] [do_card] (0x4000): Description [SoftHSM slot ID 0x337b4966] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 360s [p11_child[3199]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 360s [p11_child[3199]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x337b4966][863717734] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 360s [p11_child[3199]] [do_card] (0x4000): Login NOT required. 360s [p11_child[3199]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 360s [p11_child[3199]] [do_verification] (0x0040): X509_verify_cert failed [0]. 360s [p11_child[3199]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 360s [p11_child[3199]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 360s [p11_child[3199]] [do_card] (0x4000): No certificate found. 360s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-18050.output 360s + return 2 360s + invalid_certificate /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem partial_chain 360s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem partial_chain 360s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 360s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19106 360s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 360s + local verify_option=partial_chain 360s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 360s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 360s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19106 360s + local key_cn 360s + local key_name 360s + local tokens_dir 360s + local output_cert_file 360s + token_name= 360s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem .pem 360s + key_name=test-intermediate-CA-trusted-certificate-0001 360s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 360s ++ sed -n 's/ *commonName *= //p' 360s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 360s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 360s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 360s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 360s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 360s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001 360s + token_name='Test Organization Interme Token' 360s Test Organization Interme Token 360s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 360s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 360s + echo 'Test Organization Interme Token' 360s + '[' -n partial_chain ']' 360s + local verify_arg=--verify=partial_chain 360s + local output_base_name=SSSD-child-9267 360s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-9267.output 360s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-9267.pem 360s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 360s [p11_child[3206]] [main] (0x0400): p11_child started. 360s [p11_child[3206]] [main] (0x2000): Running in [pre-auth] mode. 360s [p11_child[3206]] [main] (0x2000): Running with effective IDs: [0][0]. 360s [p11_child[3206]] [main] (0x2000): Running with real IDs [0][0]. 360s [p11_child[3206]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 360s [p11_child[3206]] [do_card] (0x4000): Module List: 360s [p11_child[3206]] [do_card] (0x4000): common name: [softhsm2]. 360s [p11_child[3206]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 360s [p11_child[3206]] [do_card] (0x4000): Description [SoftHSM slot ID 0x337b4966] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 360s [p11_child[3206]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 360s [p11_child[3206]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x337b4966][863717734] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 360s [p11_child[3206]] [do_card] (0x4000): Login NOT required. 360s [p11_child[3206]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 360s [p11_child[3206]] [do_verification] (0x0040): X509_verify_cert failed [0]. 360s [p11_child[3206]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 360s [p11_child[3206]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 360s [p11_child[3206]] [do_card] (0x4000): No certificate found. 360s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-9267.output 360s + return 2 360s + valid_certificate /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 360s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 360s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 360s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19106 360s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 360s + local verify_option= 360s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 360s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 360s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19106 360s + local key_cn 360s + local key_name 360s + local tokens_dir 360s + local output_cert_file 360s + token_name= 360s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem .pem 360s + key_name=test-intermediate-CA-trusted-certificate-0001 360s ++ sed -n 's/ *commonName *= //p' 360s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 360s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 360s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 360s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 360s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 360s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 360s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001 360s + token_name='Test Organization Interme Token' 360s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 360s Test Organization Interme Token 360s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 360s + echo 'Test Organization Interme Token' 360s + '[' -n '' ']' 360s + local output_base_name=SSSD-child-27765 360s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-27765.output 360s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-27765.pem 360s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 360s [p11_child[3213]] [main] (0x0400): p11_child started. 360s [p11_child[3213]] [main] (0x2000): Running in [pre-auth] mode. 360s [p11_child[3213]] [main] (0x2000): Running with effective IDs: [0][0]. 360s [p11_child[3213]] [main] (0x2000): Running with real IDs [0][0]. 360s [p11_child[3213]] [do_card] (0x4000): Module List: 360s [p11_child[3213]] [do_card] (0x4000): common name: [softhsm2]. 360s [p11_child[3213]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 360s [p11_child[3213]] [do_card] (0x4000): Description [SoftHSM slot ID 0x337b4966] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 360s [p11_child[3213]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 360s [p11_child[3213]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x337b4966][863717734] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 360s [p11_child[3213]] [do_card] (0x4000): Login NOT required. 360s [p11_child[3213]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 360s [p11_child[3213]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 360s [p11_child[3213]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 360s [p11_child[3213]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x337b4966;slot-manufacturer=SoftHSM%20project;slot-id=863717734;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a67731ccb37b4966;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 360s [p11_child[3213]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 360s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-27765.output 360s + echo '-----BEGIN CERTIFICATE-----' 360s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-27765.output 360s + echo '-----END CERTIFICATE-----' 360s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-27765.pem 361s Certificate: 361s Data: 361s Version: 3 (0x2) 361s Serial Number: 4 (0x4) 361s Signature Algorithm: sha256WithRSAEncryption 361s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 361s Validity 361s Not Before: Nov 29 21:50:34 2024 GMT 361s Not After : Nov 29 21:50:34 2025 GMT 361s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 361s Subject Public Key Info: 361s Public Key Algorithm: rsaEncryption 361s Public-Key: (1024 bit) 361s Modulus: 361s 00:c3:ea:68:33:d0:79:99:7a:25:59:9e:dc:1a:6d: 361s df:40:0e:0c:5b:d9:c2:65:b6:1e:b3:33:6b:38:9e: 361s 48:a2:91:cc:43:1d:99:5a:44:66:10:09:c0:5f:76: 361s 73:fe:05:ad:34:7d:13:d7:fa:5a:a1:f1:75:ce:78: 361s b3:42:b6:2f:9f:5a:dc:a3:44:17:e4:e0:c0:4c:30: 361s cc:f8:c4:1b:bc:cb:68:95:78:05:30:fa:56:8f:d1: 361s 0e:a0:c1:72:fb:45:7c:55:cf:a3:f7:8d:fb:a1:82: 361s 2e:93:9f:b4:ce:a7:82:a5:98:29:d3:3f:be:e2:13: 361s c1:74:2c:f4:a4:8a:ff:01:b3 361s Exponent: 65537 (0x10001) 361s X509v3 extensions: 361s X509v3 Authority Key Identifier: 361s C2:B3:F8:5E:48:E9:DA:75:B8:7F:80:90:28:25:B4:28:51:E0:80:22 361s X509v3 Basic Constraints: 361s CA:FALSE 361s Netscape Cert Type: 361s SSL Client, S/MIME 361s Netscape Comment: 361s Test Organization Intermediate CA trusted Certificate 361s X509v3 Subject Key Identifier: 361s 64:01:0F:79:AE:16:0E:14:D1:67:44:A0:4E:4E:34:54:B6:DC:66:05 361s X509v3 Key Usage: critical 361s Digital Signature, Non Repudiation, Key Encipherment 361s X509v3 Extended Key Usage: 361s TLS Web Client Authentication, E-mail Protection 361s X509v3 Subject Alternative Name: 361s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 361s Signature Algorithm: sha256WithRSAEncryption 361s Signature Value: 361s 36:a9:16:4d:69:84:a0:b7:10:32:18:15:0f:19:f5:7f:83:b9: 361s 6f:19:f0:b4:68:7d:16:da:d9:86:52:32:0e:af:56:30:3f:d5: 361s 59:90:9c:e1:35:27:94:b7:80:f1:78:47:4c:bd:29:93:11:50: 361s 36:64:5a:c4:fb:ad:d1:d9:c7:d9:71:06:ad:ae:42:3c:46:73: 361s 24:d3:f4:a1:de:ba:41:4c:f3:2f:0d:82:8c:08:53:d1:ad:5c: 361s f4:e1:5c:c1:4e:3c:e3:d6:0e:bc:9a:f0:59:5d:1d:ac:da:45: 361s b1:3a:db:93:59:2b:f7:55:e4:48:4e:ac:51:0f:6b:77:3a:86: 361s 13:86 361s + local found_md5 expected_md5 361s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 361s + expected_md5=Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 361s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-27765.pem 361s + found_md5=Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 361s + '[' Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 '!=' Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 ']' 361s + output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-27765-auth.output 361s ++ basename /tmp/sssd-softhsm2-P7qV3q/SSSD-child-27765-auth.output .output 361s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-27765-auth.pem 361s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 361s + echo -n 053350 361s [p11_child[3221]] [main] (0x0400): p11_child started. 361s [p11_child[3221]] [main] (0x2000): Running in [auth] mode. 361s [p11_child[3221]] [main] (0x2000): Running with effective IDs: [0][0]. 361s [p11_child[3221]] [main] (0x2000): Running with real IDs [0][0]. 361s [p11_child[3221]] [do_card] (0x4000): Module List: 361s [p11_child[3221]] [do_card] (0x4000): common name: [softhsm2]. 361s [p11_child[3221]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 361s [p11_child[3221]] [do_card] (0x4000): Description [SoftHSM slot ID 0x337b4966] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 361s [p11_child[3221]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 361s [p11_child[3221]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x337b4966][863717734] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 361s [p11_child[3221]] [do_card] (0x4000): Login required. 361s [p11_child[3221]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 361s [p11_child[3221]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 361s [p11_child[3221]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 361s [p11_child[3221]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x337b4966;slot-manufacturer=SoftHSM%20project;slot-id=863717734;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a67731ccb37b4966;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 361s [p11_child[3221]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 361s [p11_child[3221]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 361s [p11_child[3221]] [do_card] (0x4000): Certificate verified and validated. 361s [p11_child[3221]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 361s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-27765-auth.output 361s + echo '-----BEGIN CERTIFICATE-----' 361s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-27765-auth.output 361s + echo '-----END CERTIFICATE-----' 361s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-27765-auth.pem 361s Certificate: 361s Data: 361s Version: 3 (0x2) 361s Serial Number: 4 (0x4) 361s Signature Algorithm: sha256WithRSAEncryption 361s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 361s Validity 361s Not Before: Nov 29 21:50:34 2024 GMT 361s Not After : Nov 29 21:50:34 2025 GMT 361s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 361s Subject Public Key Info: 361s Public Key Algorithm: rsaEncryption 361s Public-Key: (1024 bit) 361s Modulus: 361s 00:c3:ea:68:33:d0:79:99:7a:25:59:9e:dc:1a:6d: 361s df:40:0e:0c:5b:d9:c2:65:b6:1e:b3:33:6b:38:9e: 361s 48:a2:91:cc:43:1d:99:5a:44:66:10:09:c0:5f:76: 361s 73:fe:05:ad:34:7d:13:d7:fa:5a:a1:f1:75:ce:78: 361s b3:42:b6:2f:9f:5a:dc:a3:44:17:e4:e0:c0:4c:30: 361s cc:f8:c4:1b:bc:cb:68:95:78:05:30:fa:56:8f:d1: 361s 0e:a0:c1:72:fb:45:7c:55:cf:a3:f7:8d:fb:a1:82: 361s 2e:93:9f:b4:ce:a7:82:a5:98:29:d3:3f:be:e2:13: 361s c1:74:2c:f4:a4:8a:ff:01:b3 361s Exponent: 65537 (0x10001) 361s X509v3 extensions: 361s X509v3 Authority Key Identifier: 361s C2:B3:F8:5E:48:E9:DA:75:B8:7F:80:90:28:25:B4:28:51:E0:80:22 361s X509v3 Basic Constraints: 361s CA:FALSE 361s Netscape Cert Type: 361s SSL Client, S/MIME 361s Netscape Comment: 361s Test Organization Intermediate CA trusted Certificate 361s X509v3 Subject Key Identifier: 361s 64:01:0F:79:AE:16:0E:14:D1:67:44:A0:4E:4E:34:54:B6:DC:66:05 361s X509v3 Key Usage: critical 361s Digital Signature, Non Repudiation, Key Encipherment 361s X509v3 Extended Key Usage: 361s TLS Web Client Authentication, E-mail Protection 361s X509v3 Subject Alternative Name: 361s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 361s Signature Algorithm: sha256WithRSAEncryption 361s Signature Value: 361s 36:a9:16:4d:69:84:a0:b7:10:32:18:15:0f:19:f5:7f:83:b9: 361s 6f:19:f0:b4:68:7d:16:da:d9:86:52:32:0e:af:56:30:3f:d5: 361s 59:90:9c:e1:35:27:94:b7:80:f1:78:47:4c:bd:29:93:11:50: 361s 36:64:5a:c4:fb:ad:d1:d9:c7:d9:71:06:ad:ae:42:3c:46:73: 361s 24:d3:f4:a1:de:ba:41:4c:f3:2f:0d:82:8c:08:53:d1:ad:5c: 361s f4:e1:5c:c1:4e:3c:e3:d6:0e:bc:9a:f0:59:5d:1d:ac:da:45: 361s b1:3a:db:93:59:2b:f7:55:e4:48:4e:ac:51:0f:6b:77:3a:86: 361s 13:86 361s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-27765-auth.pem 361s + found_md5=Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 361s + '[' Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 '!=' Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 ']' 361s + valid_certificate /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem partial_chain 361s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem partial_chain 361s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 361s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19106 361s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 361s + local verify_option=partial_chain 361s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 361s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 361s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19106 361s + local key_cn 361s + local key_name 361s + local tokens_dir 361s + local output_cert_file 361s + token_name= 361s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem .pem 361s + key_name=test-intermediate-CA-trusted-certificate-0001 361s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 361s ++ sed -n 's/ *commonName *= //p' 361s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 361s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 361s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 361s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 361s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 361s Test Organization Interme Token 361s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001 361s + token_name='Test Organization Interme Token' 361s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 361s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 361s + echo 'Test Organization Interme Token' 361s + '[' -n partial_chain ']' 361s + local verify_arg=--verify=partial_chain 361s + local output_base_name=SSSD-child-12705 361s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-12705.output 361s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-12705.pem 361s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 361s [p11_child[3231]] [main] (0x0400): p11_child started. 361s [p11_child[3231]] [main] (0x2000): Running in [pre-auth] mode. 361s [p11_child[3231]] [main] (0x2000): Running with effective IDs: [0][0]. 361s [p11_child[3231]] [main] (0x2000): Running with real IDs [0][0]. 361s [p11_child[3231]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 361s [p11_child[3231]] [do_card] (0x4000): Module List: 361s [p11_child[3231]] [do_card] (0x4000): common name: [softhsm2]. 361s [p11_child[3231]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 361s [p11_child[3231]] [do_card] (0x4000): Description [SoftHSM slot ID 0x337b4966] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 361s [p11_child[3231]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 361s [p11_child[3231]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x337b4966][863717734] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 361s [p11_child[3231]] [do_card] (0x4000): Login NOT required. 361s [p11_child[3231]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 361s [p11_child[3231]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 361s [p11_child[3231]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 361s [p11_child[3231]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x337b4966;slot-manufacturer=SoftHSM%20project;slot-id=863717734;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a67731ccb37b4966;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 361s [p11_child[3231]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 361s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12705.output 361s + echo '-----BEGIN CERTIFICATE-----' 361s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12705.output 361s + echo '-----END CERTIFICATE-----' 361s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12705.pem 361s Certificate: 361s Data: 361s Version: 3 (0x2) 361s Serial Number: 4 (0x4) 361s Signature Algorithm: sha256WithRSAEncryption 361s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 361s Validity 361s Not Before: Nov 29 21:50:34 2024 GMT 361s Not After : Nov 29 21:50:34 2025 GMT 361s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 361s Subject Public Key Info: 361s Public Key Algorithm: rsaEncryption 361s Public-Key: (1024 bit) 361s Modulus: 361s 00:c3:ea:68:33:d0:79:99:7a:25:59:9e:dc:1a:6d: 361s df:40:0e:0c:5b:d9:c2:65:b6:1e:b3:33:6b:38:9e: 361s 48:a2:91:cc:43:1d:99:5a:44:66:10:09:c0:5f:76: 361s 73:fe:05:ad:34:7d:13:d7:fa:5a:a1:f1:75:ce:78: 361s b3:42:b6:2f:9f:5a:dc:a3:44:17:e4:e0:c0:4c:30: 361s cc:f8:c4:1b:bc:cb:68:95:78:05:30:fa:56:8f:d1: 361s 0e:a0:c1:72:fb:45:7c:55:cf:a3:f7:8d:fb:a1:82: 361s 2e:93:9f:b4:ce:a7:82:a5:98:29:d3:3f:be:e2:13: 361s c1:74:2c:f4:a4:8a:ff:01:b3 361s Exponent: 65537 (0x10001) 361s X509v3 extensions: 361s X509v3 Authority Key Identifier: 361s C2:B3:F8:5E:48:E9:DA:75:B8:7F:80:90:28:25:B4:28:51:E0:80:22 361s X509v3 Basic Constraints: 361s CA:FALSE 361s Netscape Cert Type: 361s SSL Client, S/MIME 361s Netscape Comment: 361s Test Organization Intermediate CA trusted Certificate 361s X509v3 Subject Key Identifier: 361s 64:01:0F:79:AE:16:0E:14:D1:67:44:A0:4E:4E:34:54:B6:DC:66:05 361s X509v3 Key Usage: critical 361s Digital Signature, Non Repudiation, Key Encipherment 361s X509v3 Extended Key Usage: 361s TLS Web Client Authentication, E-mail Protection 361s X509v3 Subject Alternative Name: 361s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 361s Signature Algorithm: sha256WithRSAEncryption 361s Signature Value: 361s 36:a9:16:4d:69:84:a0:b7:10:32:18:15:0f:19:f5:7f:83:b9: 361s 6f:19:f0:b4:68:7d:16:da:d9:86:52:32:0e:af:56:30:3f:d5: 361s 59:90:9c:e1:35:27:94:b7:80:f1:78:47:4c:bd:29:93:11:50: 361s 36:64:5a:c4:fb:ad:d1:d9:c7:d9:71:06:ad:ae:42:3c:46:73: 361s 24:d3:f4:a1:de:ba:41:4c:f3:2f:0d:82:8c:08:53:d1:ad:5c: 361s f4:e1:5c:c1:4e:3c:e3:d6:0e:bc:9a:f0:59:5d:1d:ac:da:45: 361s b1:3a:db:93:59:2b:f7:55:e4:48:4e:ac:51:0f:6b:77:3a:86: 361s 13:86 361s + local found_md5 expected_md5 361s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 361s + expected_md5=Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 361s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12705.pem 361s + found_md5=Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 361s + '[' Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 '!=' Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 ']' 361s + output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-12705-auth.output 361s ++ basename /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12705-auth.output .output 361s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-12705-auth.pem 361s + echo -n 053350 361s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 361s [p11_child[3239]] [main] (0x0400): p11_child started. 361s [p11_child[3239]] [main] (0x2000): Running in [auth] mode. 361s [p11_child[3239]] [main] (0x2000): Running with effective IDs: [0][0]. 361s [p11_child[3239]] [main] (0x2000): Running with real IDs [0][0]. 361s [p11_child[3239]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 361s [p11_child[3239]] [do_card] (0x4000): Module List: 361s [p11_child[3239]] [do_card] (0x4000): common name: [softhsm2]. 361s [p11_child[3239]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 361s [p11_child[3239]] [do_card] (0x4000): Description [SoftHSM slot ID 0x337b4966] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 361s [p11_child[3239]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 361s [p11_child[3239]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x337b4966][863717734] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 361s [p11_child[3239]] [do_card] (0x4000): Login required. 361s [p11_child[3239]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 361s [p11_child[3239]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 361s [p11_child[3239]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 361s [p11_child[3239]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x337b4966;slot-manufacturer=SoftHSM%20project;slot-id=863717734;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a67731ccb37b4966;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 361s [p11_child[3239]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 361s [p11_child[3239]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 361s [p11_child[3239]] [do_card] (0x4000): Certificate verified and validated. 361s [p11_child[3239]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 361s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12705-auth.output 361s + echo '-----BEGIN CERTIFICATE-----' 361s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12705-auth.output 361s + echo '-----END CERTIFICATE-----' 361s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12705-auth.pem 361s Certificate: 361s Data: 361s Version: 3 (0x2) 361s Serial Number: 4 (0x4) 361s Signature Algorithm: sha256WithRSAEncryption 361s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 361s Validity 361s Not Before: Nov 29 21:50:34 2024 GMT 361s Not After : Nov 29 21:50:34 2025 GMT 361s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 361s Subject Public Key Info: 361s Public Key Algorithm: rsaEncryption 361s Public-Key: (1024 bit) 361s Modulus: 361s 00:c3:ea:68:33:d0:79:99:7a:25:59:9e:dc:1a:6d: 361s df:40:0e:0c:5b:d9:c2:65:b6:1e:b3:33:6b:38:9e: 361s 48:a2:91:cc:43:1d:99:5a:44:66:10:09:c0:5f:76: 361s 73:fe:05:ad:34:7d:13:d7:fa:5a:a1:f1:75:ce:78: 361s b3:42:b6:2f:9f:5a:dc:a3:44:17:e4:e0:c0:4c:30: 361s cc:f8:c4:1b:bc:cb:68:95:78:05:30:fa:56:8f:d1: 361s 0e:a0:c1:72:fb:45:7c:55:cf:a3:f7:8d:fb:a1:82: 361s 2e:93:9f:b4:ce:a7:82:a5:98:29:d3:3f:be:e2:13: 361s c1:74:2c:f4:a4:8a:ff:01:b3 361s Exponent: 65537 (0x10001) 361s X509v3 extensions: 361s X509v3 Authority Key Identifier: 361s C2:B3:F8:5E:48:E9:DA:75:B8:7F:80:90:28:25:B4:28:51:E0:80:22 361s X509v3 Basic Constraints: 361s CA:FALSE 361s Netscape Cert Type: 361s SSL Client, S/MIME 361s Netscape Comment: 361s Test Organization Intermediate CA trusted Certificate 361s X509v3 Subject Key Identifier: 361s 64:01:0F:79:AE:16:0E:14:D1:67:44:A0:4E:4E:34:54:B6:DC:66:05 361s X509v3 Key Usage: critical 361s Digital Signature, Non Repudiation, Key Encipherment 361s X509v3 Extended Key Usage: 361s TLS Web Client Authentication, E-mail Protection 361s X509v3 Subject Alternative Name: 361s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 361s Signature Algorithm: sha256WithRSAEncryption 361s Signature Value: 361s 36:a9:16:4d:69:84:a0:b7:10:32:18:15:0f:19:f5:7f:83:b9: 361s 6f:19:f0:b4:68:7d:16:da:d9:86:52:32:0e:af:56:30:3f:d5: 361s 59:90:9c:e1:35:27:94:b7:80:f1:78:47:4c:bd:29:93:11:50: 361s 36:64:5a:c4:fb:ad:d1:d9:c7:d9:71:06:ad:ae:42:3c:46:73: 361s 24:d3:f4:a1:de:ba:41:4c:f3:2f:0d:82:8c:08:53:d1:ad:5c: 361s f4:e1:5c:c1:4e:3c:e3:d6:0e:bc:9a:f0:59:5d:1d:ac:da:45: 361s b1:3a:db:93:59:2b:f7:55:e4:48:4e:ac:51:0f:6b:77:3a:86: 361s 13:86 361s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12705-auth.pem 361s + found_md5=Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 361s + '[' Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 '!=' Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 ']' 361s + invalid_certificate /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem 361s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem 361s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 361s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19106 361s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem 361s + local verify_option= 361s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 361s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 361s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19106 361s + local key_cn 361s + local key_name 361s + local tokens_dir 361s + local output_cert_file 361s + token_name= 361s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem .pem 361s + key_name=test-intermediate-CA-trusted-certificate-0001 361s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 361s ++ sed -n 's/ *commonName *= //p' 361s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 361s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 361s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 361s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 361s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 361s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001 361s + token_name='Test Organization Interme Token' 361s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 361s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 361s + echo 'Test Organization Interme Token' 361s + '[' -n '' ']' 361s + local output_base_name=SSSD-child-18650 361s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-18650.output 361s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-18650.pem 361s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem 361s Test Organization Interme Token 361s [p11_child[3249]] [main] (0x0400): p11_child started. 361s [p11_child[3249]] [main] (0x2000): Running in [pre-auth] mode. 361s [p11_child[3249]] [main] (0x2000): Running with effective IDs: [0][0]. 361s [p11_child[3249]] [main] (0x2000): Running with real IDs [0][0]. 361s [p11_child[3249]] [do_card] (0x4000): Module List: 361s [p11_child[3249]] [do_card] (0x4000): common name: [softhsm2]. 361s [p11_child[3249]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 361s [p11_child[3249]] [do_card] (0x4000): Description [SoftHSM slot ID 0x337b4966] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 361s [p11_child[3249]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 361s [p11_child[3249]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x337b4966][863717734] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 361s [p11_child[3249]] [do_card] (0x4000): Login NOT required. 361s [p11_child[3249]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 361s [p11_child[3249]] [do_verification] (0x0040): X509_verify_cert failed [0]. 361s [p11_child[3249]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 361s [p11_child[3249]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 361s [p11_child[3249]] [do_card] (0x4000): No certificate found. 361s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-18650.output 361s + return 2 361s + valid_certificate /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem partial_chain 361s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem partial_chain 361s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 361s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19106 361s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem 361s + local verify_option=partial_chain 361s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-19106 361s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 361s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-19106 361s + local key_cn 361s + local key_name 361s + local tokens_dir 361s + local output_cert_file 361s + token_name= 361s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem .pem 361s + key_name=test-intermediate-CA-trusted-certificate-0001 361s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 361s ++ sed -n 's/ *commonName *= //p' 361s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 361s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 361s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 361s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 361s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 361s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001 361s + token_name='Test Organization Interme Token' 361s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 361s Test Organization Interme Token 361s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 361s + echo 'Test Organization Interme Token' 361s + '[' -n partial_chain ']' 361s + local verify_arg=--verify=partial_chain 361s + local output_base_name=SSSD-child-29413 361s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-29413.output 361s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-29413.pem 361s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem 361s [p11_child[3256]] [main] (0x0400): p11_child started. 361s [p11_child[3256]] [main] (0x2000): Running in [pre-auth] mode. 361s [p11_child[3256]] [main] (0x2000): Running with effective IDs: [0][0]. 361s [p11_child[3256]] [main] (0x2000): Running with real IDs [0][0]. 361s [p11_child[3256]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 361s [p11_child[3256]] [do_card] (0x4000): Module List: 361s [p11_child[3256]] [do_card] (0x4000): common name: [softhsm2]. 361s [p11_child[3256]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 361s [p11_child[3256]] [do_card] (0x4000): Description [SoftHSM slot ID 0x337b4966] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 361s [p11_child[3256]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 361s [p11_child[3256]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x337b4966][863717734] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 361s [p11_child[3256]] [do_card] (0x4000): Login NOT required. 361s [p11_child[3256]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 361s [p11_child[3256]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 361s [p11_child[3256]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 361s [p11_child[3256]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x337b4966;slot-manufacturer=SoftHSM%20project;slot-id=863717734;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a67731ccb37b4966;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 361s [p11_child[3256]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 361s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29413.output 361s + echo '-----BEGIN CERTIFICATE-----' 361s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29413.output 361s + echo '-----END CERTIFICATE-----' 361s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29413.pem 361s Certificate: 361s Data: 361s Version: 3 (0x2) 361s Serial Number: 4 (0x4) 361s Signature Algorithm: sha256WithRSAEncryption 361s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 361s Validity 361s Not Before: Nov 29 21:50:34 2024 GMT 361s Not After : Nov 29 21:50:34 2025 GMT 361s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 361s Subject Public Key Info: 361s Public Key Algorithm: rsaEncryption 361s Public-Key: (1024 bit) 361s Modulus: 361s 00:c3:ea:68:33:d0:79:99:7a:25:59:9e:dc:1a:6d: 361s df:40:0e:0c:5b:d9:c2:65:b6:1e:b3:33:6b:38:9e: 361s 48:a2:91:cc:43:1d:99:5a:44:66:10:09:c0:5f:76: 361s 73:fe:05:ad:34:7d:13:d7:fa:5a:a1:f1:75:ce:78: 361s b3:42:b6:2f:9f:5a:dc:a3:44:17:e4:e0:c0:4c:30: 361s cc:f8:c4:1b:bc:cb:68:95:78:05:30:fa:56:8f:d1: 361s 0e:a0:c1:72:fb:45:7c:55:cf:a3:f7:8d:fb:a1:82: 361s 2e:93:9f:b4:ce:a7:82:a5:98:29:d3:3f:be:e2:13: 361s c1:74:2c:f4:a4:8a:ff:01:b3 361s Exponent: 65537 (0x10001) 361s X509v3 extensions: 361s X509v3 Authority Key Identifier: 361s C2:B3:F8:5E:48:E9:DA:75:B8:7F:80:90:28:25:B4:28:51:E0:80:22 361s X509v3 Basic Constraints: 361s CA:FALSE 361s Netscape Cert Type: 361s SSL Client, S/MIME 361s Netscape Comment: 361s Test Organization Intermediate CA trusted Certificate 361s X509v3 Subject Key Identifier: 361s 64:01:0F:79:AE:16:0E:14:D1:67:44:A0:4E:4E:34:54:B6:DC:66:05 361s X509v3 Key Usage: critical 361s Digital Signature, Non Repudiation, Key Encipherment 361s X509v3 Extended Key Usage: 361s TLS Web Client Authentication, E-mail Protection 361s X509v3 Subject Alternative Name: 361s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 361s Signature Algorithm: sha256WithRSAEncryption 361s Signature Value: 361s 36:a9:16:4d:69:84:a0:b7:10:32:18:15:0f:19:f5:7f:83:b9: 361s 6f:19:f0:b4:68:7d:16:da:d9:86:52:32:0e:af:56:30:3f:d5: 361s 59:90:9c:e1:35:27:94:b7:80:f1:78:47:4c:bd:29:93:11:50: 361s 36:64:5a:c4:fb:ad:d1:d9:c7:d9:71:06:ad:ae:42:3c:46:73: 361s 24:d3:f4:a1:de:ba:41:4c:f3:2f:0d:82:8c:08:53:d1:ad:5c: 361s f4:e1:5c:c1:4e:3c:e3:d6:0e:bc:9a:f0:59:5d:1d:ac:da:45: 361s b1:3a:db:93:59:2b:f7:55:e4:48:4e:ac:51:0f:6b:77:3a:86: 361s 13:86 361s + local found_md5 expected_md5 361s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA-trusted-certificate-0001.pem 361s + expected_md5=Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 361s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29413.pem 362s + found_md5=Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 362s + '[' Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 '!=' Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 ']' 362s + output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-29413-auth.output 362s ++ basename /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29413-auth.output .output 362s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-29413-auth.pem 362s + echo -n 053350 362s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 362s [p11_child[3264]] [main] (0x0400): p11_child started. 362s [p11_child[3264]] [main] (0x2000): Running in [auth] mode. 362s [p11_child[3264]] [main] (0x2000): Running with effective IDs: [0][0]. 362s [p11_child[3264]] [main] (0x2000): Running with real IDs [0][0]. 362s [p11_child[3264]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 362s [p11_child[3264]] [do_card] (0x4000): Module List: 362s [p11_child[3264]] [do_card] (0x4000): common name: [softhsm2]. 362s [p11_child[3264]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 362s [p11_child[3264]] [do_card] (0x4000): Description [SoftHSM slot ID 0x337b4966] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 362s [p11_child[3264]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 362s [p11_child[3264]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x337b4966][863717734] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 362s [p11_child[3264]] [do_card] (0x4000): Login required. 362s [p11_child[3264]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 362s [p11_child[3264]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 362s [p11_child[3264]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 362s [p11_child[3264]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x337b4966;slot-manufacturer=SoftHSM%20project;slot-id=863717734;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a67731ccb37b4966;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 362s [p11_child[3264]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 362s [p11_child[3264]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 362s [p11_child[3264]] [do_card] (0x4000): Certificate verified and validated. 362s [p11_child[3264]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 362s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29413-auth.output 362s + echo '-----BEGIN CERTIFICATE-----' 362s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29413-auth.output 362s + echo '-----END CERTIFICATE-----' 362s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29413-auth.pem 362s Certificate: 362s Data: 362s Version: 3 (0x2) 362s Serial Number: 4 (0x4) 362s Signature Algorithm: sha256WithRSAEncryption 362s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 362s Validity 362s Not Before: Nov 29 21:50:34 2024 GMT 362s Not After : Nov 29 21:50:34 2025 GMT 362s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 362s Subject Public Key Info: 362s Public Key Algorithm: rsaEncryption 362s Public-Key: (1024 bit) 362s Modulus: 362s 00:c3:ea:68:33:d0:79:99:7a:25:59:9e:dc:1a:6d: 362s df:40:0e:0c:5b:d9:c2:65:b6:1e:b3:33:6b:38:9e: 362s 48:a2:91:cc:43:1d:99:5a:44:66:10:09:c0:5f:76: 362s 73:fe:05:ad:34:7d:13:d7:fa:5a:a1:f1:75:ce:78: 362s b3:42:b6:2f:9f:5a:dc:a3:44:17:e4:e0:c0:4c:30: 362s cc:f8:c4:1b:bc:cb:68:95:78:05:30:fa:56:8f:d1: 362s 0e:a0:c1:72:fb:45:7c:55:cf:a3:f7:8d:fb:a1:82: 362s 2e:93:9f:b4:ce:a7:82:a5:98:29:d3:3f:be:e2:13: 362s c1:74:2c:f4:a4:8a:ff:01:b3 362s Exponent: 65537 (0x10001) 362s X509v3 extensions: 362s X509v3 Authority Key Identifier: 362s C2:B3:F8:5E:48:E9:DA:75:B8:7F:80:90:28:25:B4:28:51:E0:80:22 362s X509v3 Basic Constraints: 362s CA:FALSE 362s Netscape Cert Type: 362s SSL Client, S/MIME 362s Netscape Comment: 362s Test Organization Intermediate CA trusted Certificate 362s X509v3 Subject Key Identifier: 362s 64:01:0F:79:AE:16:0E:14:D1:67:44:A0:4E:4E:34:54:B6:DC:66:05 362s X509v3 Key Usage: critical 362s Digital Signature, Non Repudiation, Key Encipherment 362s X509v3 Extended Key Usage: 362s TLS Web Client Authentication, E-mail Protection 362s X509v3 Subject Alternative Name: 362s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 362s Signature Algorithm: sha256WithRSAEncryption 362s Signature Value: 362s 36:a9:16:4d:69:84:a0:b7:10:32:18:15:0f:19:f5:7f:83:b9: 362s 6f:19:f0:b4:68:7d:16:da:d9:86:52:32:0e:af:56:30:3f:d5: 362s 59:90:9c:e1:35:27:94:b7:80:f1:78:47:4c:bd:29:93:11:50: 362s 36:64:5a:c4:fb:ad:d1:d9:c7:d9:71:06:ad:ae:42:3c:46:73: 362s 24:d3:f4:a1:de:ba:41:4c:f3:2f:0d:82:8c:08:53:d1:ad:5c: 362s f4:e1:5c:c1:4e:3c:e3:d6:0e:bc:9a:f0:59:5d:1d:ac:da:45: 362s b1:3a:db:93:59:2b:f7:55:e4:48:4e:ac:51:0f:6b:77:3a:86: 362s 13:86 362s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29413-auth.pem 362s + found_md5=Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 362s + '[' Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 '!=' Modulus=C3EA6833D079997A25599EDC1A6DDF400E0C5BD9C265B61EB3336B389E48A291CC431D995A44661009C05F7673FE05AD347D13D7FA5AA1F175CE78B342B62F9F5ADCA34417E4E0C04C30CCF8C41BBCCB6895780530FA568FD10EA0C172FB457C55CFA3F78DFBA1822E939FB4CEA782A59829D33FBEE213C1742CF4A48AFF01B3 ']' 362s + invalid_certificate /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 362s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 362s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 362s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-32570 362s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 362s + local verify_option= 362s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 362s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 362s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-32570 362s + local key_cn 362s + local key_name 362s + local tokens_dir 362s + local output_cert_file 362s + token_name= 362s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 362s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 362s ++ sed -n 's/ *commonName *= //p' 362s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 362s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 362s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 362s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 362s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 362s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 362s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 362s + token_name='Test Organization Sub Int Token' 362s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 362s + local key_file 362s + local decrypted_key 362s + mkdir -p /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 362s + key_file=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 362s + decrypted_key=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 362s + cat 362s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 053350 --so-pin 053350 --free 362s Slot 0 has a free/uninitialized token. 362s The token has been initialized and is reassigned to slot 460604889 362s + softhsm2-util --show-slots 362s Available slots: 362s Slot 460604889 362s Slot info: 362s Description: SoftHSM slot ID 0x1b7445d9 362s Manufacturer ID: SoftHSM project 362s Hardware version: 2.6 362s Firmware version: 2.6 362s Token present: yes 362s Token info: 362s Manufacturer ID: SoftHSM project 362s Model: SoftHSM v2 362s Hardware version: 2.6 362s Firmware version: 2.6 362s Serial number: dc125cdd1b7445d9 362s Initialized: yes 362s User PIN init.: yes 362s Label: Test Organization Sub Int Token 362s Slot 1 362s Slot info: 362s Description: SoftHSM slot ID 0x1 362s Manufacturer ID: SoftHSM project 362s Hardware version: 2.6 362s Firmware version: 2.6 362s Token present: yes 362s Token info: 362s Manufacturer ID: SoftHSM project 362s Model: SoftHSM v2 362s Hardware version: 2.6 362s Firmware version: 2.6 362s Serial number: 362s Initialized: no 362s User PIN init.: no 362s Label: 362s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 362s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-32570 -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 362s writing RSA key 362s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 362s + rm /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 362s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 362s Object 0: 362s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=dc125cdd1b7445d9;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 362s Type: X.509 Certificate (RSA-1024) 362s Expires: Sat Nov 29 21:50:34 2025 362s Label: Test Organization Sub Intermediate Trusted Certificate 0001 362s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 362s 362s Test Organization Sub Int Token 362s + echo 'Test Organization Sub Int Token' 362s + '[' -n '' ']' 362s + local output_base_name=SSSD-child-18112 362s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-18112.output 362s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-18112.pem 362s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 362s [p11_child[3283]] [main] (0x0400): p11_child started. 362s [p11_child[3283]] [main] (0x2000): Running in [pre-auth] mode. 362s [p11_child[3283]] [main] (0x2000): Running with effective IDs: [0][0]. 362s [p11_child[3283]] [main] (0x2000): Running with real IDs [0][0]. 362s [p11_child[3283]] [do_card] (0x4000): Module List: 362s [p11_child[3283]] [do_card] (0x4000): common name: [softhsm2]. 362s [p11_child[3283]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 362s [p11_child[3283]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1b7445d9] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 362s [p11_child[3283]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 362s [p11_child[3283]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x1b7445d9][460604889] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 362s [p11_child[3283]] [do_card] (0x4000): Login NOT required. 362s [p11_child[3283]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 362s [p11_child[3283]] [do_verification] (0x0040): X509_verify_cert failed [0]. 362s [p11_child[3283]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 362s [p11_child[3283]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 362s [p11_child[3283]] [do_card] (0x4000): No certificate found. 362s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-18112.output 362s + return 2 362s + invalid_certificate /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem partial_chain 362s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 /tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem partial_chain 362s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 362s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-32570 362s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 362s + local verify_option=partial_chain 362s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 362s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 362s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-32570 362s + local key_cn 362s + local key_name 362s + local tokens_dir 362s + local output_cert_file 362s + token_name= 362s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 362s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 362s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 362s ++ sed -n 's/ *commonName *= //p' 362s Test Organization Sub Int Token 362s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 362s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 362s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 362s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 362s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 362s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 362s + token_name='Test Organization Sub Int Token' 362s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 362s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 362s + echo 'Test Organization Sub Int Token' 362s + '[' -n partial_chain ']' 362s + local verify_arg=--verify=partial_chain 362s + local output_base_name=SSSD-child-12861 362s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-12861.output 362s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-12861.pem 362s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-root-CA.pem 362s [p11_child[3290]] [main] (0x0400): p11_child started. 362s [p11_child[3290]] [main] (0x2000): Running in [pre-auth] mode. 362s [p11_child[3290]] [main] (0x2000): Running with effective IDs: [0][0]. 362s [p11_child[3290]] [main] (0x2000): Running with real IDs [0][0]. 362s [p11_child[3290]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 362s [p11_child[3290]] [do_card] (0x4000): Module List: 362s [p11_child[3290]] [do_card] (0x4000): common name: [softhsm2]. 362s [p11_child[3290]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 362s [p11_child[3290]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1b7445d9] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 362s [p11_child[3290]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 362s [p11_child[3290]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x1b7445d9][460604889] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 362s [p11_child[3290]] [do_card] (0x4000): Login NOT required. 362s [p11_child[3290]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 362s [p11_child[3290]] [do_verification] (0x0040): X509_verify_cert failed [0]. 362s [p11_child[3290]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 362s [p11_child[3290]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 362s [p11_child[3290]] [do_card] (0x4000): No certificate found. 362s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12861.output 362s + return 2 362s + valid_certificate /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 362s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 362s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 362s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-32570 362s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 362s + local verify_option= 362s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 362s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 362s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-32570 362s + local key_cn 362s + local key_name 362s + local tokens_dir 362s + local output_cert_file 362s + token_name= 362s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 362s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 362s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 362s ++ sed -n 's/ *commonName *= //p' 362s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 362s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 362s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 362s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 362s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 362s Test Organization Sub Int Token 362s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 362s + token_name='Test Organization Sub Int Token' 362s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 362s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 362s + echo 'Test Organization Sub Int Token' 362s + '[' -n '' ']' 362s + local output_base_name=SSSD-child-29191 362s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-29191.output 362s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-29191.pem 362s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 362s [p11_child[3297]] [main] (0x0400): p11_child started. 362s [p11_child[3297]] [main] (0x2000): Running in [pre-auth] mode. 362s [p11_child[3297]] [main] (0x2000): Running with effective IDs: [0][0]. 362s [p11_child[3297]] [main] (0x2000): Running with real IDs [0][0]. 362s [p11_child[3297]] [do_card] (0x4000): Module List: 362s [p11_child[3297]] [do_card] (0x4000): common name: [softhsm2]. 362s [p11_child[3297]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 362s [p11_child[3297]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1b7445d9] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 362s [p11_child[3297]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 362s [p11_child[3297]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x1b7445d9][460604889] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 362s [p11_child[3297]] [do_card] (0x4000): Login NOT required. 362s [p11_child[3297]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 362s [p11_child[3297]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 362s [p11_child[3297]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 362s [p11_child[3297]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1b7445d9;slot-manufacturer=SoftHSM%20project;slot-id=460604889;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=dc125cdd1b7445d9;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 362s [p11_child[3297]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 362s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29191.output 362s + echo '-----BEGIN CERTIFICATE-----' 362s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29191.output 362s + echo '-----END CERTIFICATE-----' 362s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29191.pem 362s Certificate: 362s Data: 362s Version: 3 (0x2) 362s Serial Number: 5 (0x5) 362s Signature Algorithm: sha256WithRSAEncryption 362s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 362s Validity 362s Not Before: Nov 29 21:50:34 2024 GMT 362s Not After : Nov 29 21:50:34 2025 GMT 362s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 362s Subject Public Key Info: 362s Public Key Algorithm: rsaEncryption 362s Public-Key: (1024 bit) 362s Modulus: 362s 00:c3:00:bb:0b:e0:87:19:6a:57:8d:83:1e:34:b6: 362s c0:91:70:62:27:bc:2f:bd:3f:3b:88:94:9f:5e:c5: 362s c0:c4:5a:69:9b:23:aa:d1:17:80:46:8e:9c:43:dd: 362s bf:3e:d3:50:c0:d6:1e:18:ae:66:64:dc:e2:91:98: 362s 22:01:08:64:30:d1:22:bd:27:78:b7:d8:90:65:32: 362s 87:f7:b6:3d:17:ba:f9:cd:90:0f:48:66:b9:b0:83: 362s bb:9d:04:ba:f9:8a:4f:0d:4f:1f:1c:58:65:69:07: 362s 37:51:b5:c5:4f:af:7f:48:68:d4:cc:3b:6a:96:3b: 362s e0:3a:3f:eb:22:cf:9b:f9:2d 362s Exponent: 65537 (0x10001) 362s X509v3 extensions: 362s X509v3 Authority Key Identifier: 362s 9B:1E:E0:FE:90:4C:A8:81:38:70:1F:E6:A9:1E:9A:4E:0E:02:E8:7B 362s X509v3 Basic Constraints: 362s CA:FALSE 362s Netscape Cert Type: 362s SSL Client, S/MIME 362s Netscape Comment: 362s Test Organization Sub Intermediate CA trusted Certificate 362s X509v3 Subject Key Identifier: 362s 14:78:A1:AF:5A:9E:43:F4:2F:88:65:31:90:76:8D:1A:1F:44:06:90 362s X509v3 Key Usage: critical 362s Digital Signature, Non Repudiation, Key Encipherment 362s X509v3 Extended Key Usage: 362s TLS Web Client Authentication, E-mail Protection 362s X509v3 Subject Alternative Name: 362s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 362s Signature Algorithm: sha256WithRSAEncryption 362s Signature Value: 362s 90:2e:81:18:dd:75:a3:55:41:d9:a4:33:29:cf:b9:f5:84:6e: 362s 42:82:fc:56:55:a3:e7:ff:68:45:ca:58:8d:f8:fd:af:15:ef: 362s ea:73:96:54:0d:56:c1:27:cc:ae:b1:d3:cd:40:b2:33:d3:37: 362s c3:36:22:39:7f:58:98:2f:26:0a:13:32:c5:fe:d4:68:bc:42: 362s 20:bb:47:6f:57:21:4c:6f:47:30:dc:c5:aa:67:a0:43:78:b8: 362s 33:91:cb:9b:46:d5:52:68:d3:91:9a:8f:ce:7f:21:b3:6e:67: 362s f1:20:e9:a7:92:40:82:38:44:bd:21:1c:d5:5f:ef:0e:b6:fa: 362s ff:9e 362s + local found_md5 expected_md5 362s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 362s + expected_md5=Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D 362s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29191.pem 362s + found_md5=Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D 362s + '[' Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D '!=' Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D ']' 362s + output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-29191-auth.output 362s ++ basename /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29191-auth.output .output 362s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-29191-auth.pem 362s + echo -n 053350 362s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 362s [p11_child[3305]] [main] (0x0400): p11_child started. 362s [p11_child[3305]] [main] (0x2000): Running in [auth] mode. 362s [p11_child[3305]] [main] (0x2000): Running with effective IDs: [0][0]. 362s [p11_child[3305]] [main] (0x2000): Running with real IDs [0][0]. 362s [p11_child[3305]] [do_card] (0x4000): Module List: 362s [p11_child[3305]] [do_card] (0x4000): common name: [softhsm2]. 362s [p11_child[3305]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 362s [p11_child[3305]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1b7445d9] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 362s [p11_child[3305]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 362s [p11_child[3305]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x1b7445d9][460604889] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 362s [p11_child[3305]] [do_card] (0x4000): Login required. 362s [p11_child[3305]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 362s [p11_child[3305]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 362s [p11_child[3305]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 362s [p11_child[3305]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1b7445d9;slot-manufacturer=SoftHSM%20project;slot-id=460604889;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=dc125cdd1b7445d9;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 362s [p11_child[3305]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 362s [p11_child[3305]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 362s [p11_child[3305]] [do_card] (0x4000): Certificate verified and validated. 362s [p11_child[3305]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 362s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29191-auth.output 362s + echo '-----BEGIN CERTIFICATE-----' 362s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29191-auth.output 362s + echo '-----END CERTIFICATE-----' 362s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29191-auth.pem 362s Certificate: 362s Data: 362s Version: 3 (0x2) 362s Serial Number: 5 (0x5) 362s Signature Algorithm: sha256WithRSAEncryption 362s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 362s Validity 362s Not Before: Nov 29 21:50:34 2024 GMT 362s Not After : Nov 29 21:50:34 2025 GMT 362s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 362s Subject Public Key Info: 362s Public Key Algorithm: rsaEncryption 362s Public-Key: (1024 bit) 362s Modulus: 362s 00:c3:00:bb:0b:e0:87:19:6a:57:8d:83:1e:34:b6: 362s c0:91:70:62:27:bc:2f:bd:3f:3b:88:94:9f:5e:c5: 362s c0:c4:5a:69:9b:23:aa:d1:17:80:46:8e:9c:43:dd: 362s bf:3e:d3:50:c0:d6:1e:18:ae:66:64:dc:e2:91:98: 362s 22:01:08:64:30:d1:22:bd:27:78:b7:d8:90:65:32: 362s 87:f7:b6:3d:17:ba:f9:cd:90:0f:48:66:b9:b0:83: 362s bb:9d:04:ba:f9:8a:4f:0d:4f:1f:1c:58:65:69:07: 362s 37:51:b5:c5:4f:af:7f:48:68:d4:cc:3b:6a:96:3b: 362s e0:3a:3f:eb:22:cf:9b:f9:2d 362s Exponent: 65537 (0x10001) 362s X509v3 extensions: 362s X509v3 Authority Key Identifier: 362s 9B:1E:E0:FE:90:4C:A8:81:38:70:1F:E6:A9:1E:9A:4E:0E:02:E8:7B 362s X509v3 Basic Constraints: 362s CA:FALSE 362s Netscape Cert Type: 362s SSL Client, S/MIME 362s Netscape Comment: 362s Test Organization Sub Intermediate CA trusted Certificate 362s X509v3 Subject Key Identifier: 362s 14:78:A1:AF:5A:9E:43:F4:2F:88:65:31:90:76:8D:1A:1F:44:06:90 362s X509v3 Key Usage: critical 362s Digital Signature, Non Repudiation, Key Encipherment 362s X509v3 Extended Key Usage: 362s TLS Web Client Authentication, E-mail Protection 362s X509v3 Subject Alternative Name: 362s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 362s Signature Algorithm: sha256WithRSAEncryption 362s Signature Value: 362s 90:2e:81:18:dd:75:a3:55:41:d9:a4:33:29:cf:b9:f5:84:6e: 362s 42:82:fc:56:55:a3:e7:ff:68:45:ca:58:8d:f8:fd:af:15:ef: 362s ea:73:96:54:0d:56:c1:27:cc:ae:b1:d3:cd:40:b2:33:d3:37: 362s c3:36:22:39:7f:58:98:2f:26:0a:13:32:c5:fe:d4:68:bc:42: 362s 20:bb:47:6f:57:21:4c:6f:47:30:dc:c5:aa:67:a0:43:78:b8: 362s 33:91:cb:9b:46:d5:52:68:d3:91:9a:8f:ce:7f:21:b3:6e:67: 362s f1:20:e9:a7:92:40:82:38:44:bd:21:1c:d5:5f:ef:0e:b6:fa: 362s ff:9e 362s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-29191-auth.pem 362s + found_md5=Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D 362s + '[' Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D '!=' Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D ']' 362s + valid_certificate /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem partial_chain 362s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 /tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem partial_chain 362s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 362s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-32570 362s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 362s + local verify_option=partial_chain 362s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 362s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 362s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-32570 362s + local key_cn 362s + local key_name 362s + local tokens_dir 362s + local output_cert_file 362s + token_name= 362s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 362s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 362s ++ sed -n 's/ *commonName *= //p' 362s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 362s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 362s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 362s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 362s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 362s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 362s Test Organization Sub Int Token 362s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 362s + token_name='Test Organization Sub Int Token' 362s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 362s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 362s + echo 'Test Organization Sub Int Token' 362s + '[' -n partial_chain ']' 362s + local verify_arg=--verify=partial_chain 362s + local output_base_name=SSSD-child-22848 362s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-22848.output 362s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-22848.pem 362s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem 362s [p11_child[3315]] [main] (0x0400): p11_child started. 362s [p11_child[3315]] [main] (0x2000): Running in [pre-auth] mode. 362s [p11_child[3315]] [main] (0x2000): Running with effective IDs: [0][0]. 362s [p11_child[3315]] [main] (0x2000): Running with real IDs [0][0]. 362s [p11_child[3315]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 362s [p11_child[3315]] [do_card] (0x4000): Module List: 362s [p11_child[3315]] [do_card] (0x4000): common name: [softhsm2]. 362s [p11_child[3315]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 362s [p11_child[3315]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1b7445d9] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 362s [p11_child[3315]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 362s [p11_child[3315]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x1b7445d9][460604889] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 362s [p11_child[3315]] [do_card] (0x4000): Login NOT required. 362s [p11_child[3315]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 362s [p11_child[3315]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 362s [p11_child[3315]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 362s [p11_child[3315]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1b7445d9;slot-manufacturer=SoftHSM%20project;slot-id=460604889;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=dc125cdd1b7445d9;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 362s [p11_child[3315]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 362s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-22848.output 362s + echo '-----BEGIN CERTIFICATE-----' 362s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-22848.output 362s + echo '-----END CERTIFICATE-----' 362s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-22848.pem 362s Certificate: 362s Data: 362s Version: 3 (0x2) 362s Serial Number: 5 (0x5) 362s Signature Algorithm: sha256WithRSAEncryption 362s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 362s Validity 362s Not Before: Nov 29 21:50:34 2024 GMT 362s Not After : Nov 29 21:50:34 2025 GMT 362s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 362s Subject Public Key Info: 362s Public Key Algorithm: rsaEncryption 362s Public-Key: (1024 bit) 362s Modulus: 362s 00:c3:00:bb:0b:e0:87:19:6a:57:8d:83:1e:34:b6: 362s c0:91:70:62:27:bc:2f:bd:3f:3b:88:94:9f:5e:c5: 362s c0:c4:5a:69:9b:23:aa:d1:17:80:46:8e:9c:43:dd: 362s bf:3e:d3:50:c0:d6:1e:18:ae:66:64:dc:e2:91:98: 362s 22:01:08:64:30:d1:22:bd:27:78:b7:d8:90:65:32: 362s 87:f7:b6:3d:17:ba:f9:cd:90:0f:48:66:b9:b0:83: 362s bb:9d:04:ba:f9:8a:4f:0d:4f:1f:1c:58:65:69:07: 362s 37:51:b5:c5:4f:af:7f:48:68:d4:cc:3b:6a:96:3b: 362s e0:3a:3f:eb:22:cf:9b:f9:2d 362s Exponent: 65537 (0x10001) 362s X509v3 extensions: 362s X509v3 Authority Key Identifier: 362s 9B:1E:E0:FE:90:4C:A8:81:38:70:1F:E6:A9:1E:9A:4E:0E:02:E8:7B 362s X509v3 Basic Constraints: 362s CA:FALSE 362s Netscape Cert Type: 362s SSL Client, S/MIME 362s Netscape Comment: 362s Test Organization Sub Intermediate CA trusted Certificate 362s X509v3 Subject Key Identifier: 362s 14:78:A1:AF:5A:9E:43:F4:2F:88:65:31:90:76:8D:1A:1F:44:06:90 362s X509v3 Key Usage: critical 362s Digital Signature, Non Repudiation, Key Encipherment 362s X509v3 Extended Key Usage: 362s TLS Web Client Authentication, E-mail Protection 362s X509v3 Subject Alternative Name: 362s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 362s Signature Algorithm: sha256WithRSAEncryption 362s Signature Value: 362s 90:2e:81:18:dd:75:a3:55:41:d9:a4:33:29:cf:b9:f5:84:6e: 362s 42:82:fc:56:55:a3:e7:ff:68:45:ca:58:8d:f8:fd:af:15:ef: 362s ea:73:96:54:0d:56:c1:27:cc:ae:b1:d3:cd:40:b2:33:d3:37: 362s c3:36:22:39:7f:58:98:2f:26:0a:13:32:c5:fe:d4:68:bc:42: 362s 20:bb:47:6f:57:21:4c:6f:47:30:dc:c5:aa:67:a0:43:78:b8: 362s 33:91:cb:9b:46:d5:52:68:d3:91:9a:8f:ce:7f:21:b3:6e:67: 362s f1:20:e9:a7:92:40:82:38:44:bd:21:1c:d5:5f:ef:0e:b6:fa: 362s ff:9e 362s + local found_md5 expected_md5 362s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 363s + expected_md5=Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D 363s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-22848.pem 363s + found_md5=Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D 363s + '[' Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D '!=' Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D ']' 363s + output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-22848-auth.output 363s ++ basename /tmp/sssd-softhsm2-P7qV3q/SSSD-child-22848-auth.output .output 363s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-22848-auth.pem 363s + echo -n 053350 363s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 363s [p11_child[3323]] [main] (0x0400): p11_child started. 363s [p11_child[3323]] [main] (0x2000): Running in [auth] mode. 363s [p11_child[3323]] [main] (0x2000): Running with effective IDs: [0][0]. 363s [p11_child[3323]] [main] (0x2000): Running with real IDs [0][0]. 363s [p11_child[3323]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 363s [p11_child[3323]] [do_card] (0x4000): Module List: 363s [p11_child[3323]] [do_card] (0x4000): common name: [softhsm2]. 363s [p11_child[3323]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 363s [p11_child[3323]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1b7445d9] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 363s [p11_child[3323]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 363s [p11_child[3323]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x1b7445d9][460604889] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 363s [p11_child[3323]] [do_card] (0x4000): Login required. 363s [p11_child[3323]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 363s [p11_child[3323]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 363s [p11_child[3323]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 363s [p11_child[3323]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1b7445d9;slot-manufacturer=SoftHSM%20project;slot-id=460604889;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=dc125cdd1b7445d9;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 363s [p11_child[3323]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 363s [p11_child[3323]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 363s [p11_child[3323]] [do_card] (0x4000): Certificate verified and validated. 363s [p11_child[3323]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 363s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-22848-auth.output 363s + echo '-----BEGIN CERTIFICATE-----' 363s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-22848-auth.output 363s + echo '-----END CERTIFICATE-----' 363s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-22848-auth.pem 363s Certificate: 363s Data: 363s Version: 3 (0x2) 363s Serial Number: 5 (0x5) 363s Signature Algorithm: sha256WithRSAEncryption 363s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 363s Validity 363s Not Before: Nov 29 21:50:34 2024 GMT 363s Not After : Nov 29 21:50:34 2025 GMT 363s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 363s Subject Public Key Info: 363s Public Key Algorithm: rsaEncryption 363s Public-Key: (1024 bit) 363s Modulus: 363s 00:c3:00:bb:0b:e0:87:19:6a:57:8d:83:1e:34:b6: 363s c0:91:70:62:27:bc:2f:bd:3f:3b:88:94:9f:5e:c5: 363s c0:c4:5a:69:9b:23:aa:d1:17:80:46:8e:9c:43:dd: 363s bf:3e:d3:50:c0:d6:1e:18:ae:66:64:dc:e2:91:98: 363s 22:01:08:64:30:d1:22:bd:27:78:b7:d8:90:65:32: 363s 87:f7:b6:3d:17:ba:f9:cd:90:0f:48:66:b9:b0:83: 363s bb:9d:04:ba:f9:8a:4f:0d:4f:1f:1c:58:65:69:07: 363s 37:51:b5:c5:4f:af:7f:48:68:d4:cc:3b:6a:96:3b: 363s e0:3a:3f:eb:22:cf:9b:f9:2d 363s Exponent: 65537 (0x10001) 363s X509v3 extensions: 363s X509v3 Authority Key Identifier: 363s 9B:1E:E0:FE:90:4C:A8:81:38:70:1F:E6:A9:1E:9A:4E:0E:02:E8:7B 363s X509v3 Basic Constraints: 363s CA:FALSE 363s Netscape Cert Type: 363s SSL Client, S/MIME 363s Netscape Comment: 363s Test Organization Sub Intermediate CA trusted Certificate 363s X509v3 Subject Key Identifier: 363s 14:78:A1:AF:5A:9E:43:F4:2F:88:65:31:90:76:8D:1A:1F:44:06:90 363s X509v3 Key Usage: critical 363s Digital Signature, Non Repudiation, Key Encipherment 363s X509v3 Extended Key Usage: 363s TLS Web Client Authentication, E-mail Protection 363s X509v3 Subject Alternative Name: 363s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 363s Signature Algorithm: sha256WithRSAEncryption 363s Signature Value: 363s 90:2e:81:18:dd:75:a3:55:41:d9:a4:33:29:cf:b9:f5:84:6e: 363s 42:82:fc:56:55:a3:e7:ff:68:45:ca:58:8d:f8:fd:af:15:ef: 363s ea:73:96:54:0d:56:c1:27:cc:ae:b1:d3:cd:40:b2:33:d3:37: 363s c3:36:22:39:7f:58:98:2f:26:0a:13:32:c5:fe:d4:68:bc:42: 363s 20:bb:47:6f:57:21:4c:6f:47:30:dc:c5:aa:67:a0:43:78:b8: 363s 33:91:cb:9b:46:d5:52:68:d3:91:9a:8f:ce:7f:21:b3:6e:67: 363s f1:20:e9:a7:92:40:82:38:44:bd:21:1c:d5:5f:ef:0e:b6:fa: 363s ff:9e 363s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-22848-auth.pem 363s + found_md5=Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D 363s + '[' Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D '!=' Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D ']' 363s + invalid_certificate /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem 363s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem 363s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 363s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-32570 363s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem 363s + local verify_option= 363s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 363s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 363s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-32570 363s + local key_cn 363s + local key_name 363s + local tokens_dir 363s + local output_cert_file 363s + token_name= 363s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 363s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 363s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 363s ++ sed -n 's/ *commonName *= //p' 363s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 363s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 363s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 363s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 363s Test Organization Sub Int Token 363s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 363s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 363s + token_name='Test Organization Sub Int Token' 363s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 363s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 363s + echo 'Test Organization Sub Int Token' 363s + '[' -n '' ']' 363s + local output_base_name=SSSD-child-23769 363s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-23769.output 363s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-23769.pem 363s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem 363s [p11_child[3333]] [main] (0x0400): p11_child started. 363s [p11_child[3333]] [main] (0x2000): Running in [pre-auth] mode. 363s [p11_child[3333]] [main] (0x2000): Running with effective IDs: [0][0]. 363s [p11_child[3333]] [main] (0x2000): Running with real IDs [0][0]. 363s [p11_child[3333]] [do_card] (0x4000): Module List: 363s [p11_child[3333]] [do_card] (0x4000): common name: [softhsm2]. 363s [p11_child[3333]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 363s [p11_child[3333]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1b7445d9] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 363s [p11_child[3333]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 363s [p11_child[3333]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x1b7445d9][460604889] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 363s [p11_child[3333]] [do_card] (0x4000): Login NOT required. 363s [p11_child[3333]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 363s [p11_child[3333]] [do_verification] (0x0040): X509_verify_cert failed [0]. 363s [p11_child[3333]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 363s [p11_child[3333]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 363s [p11_child[3333]] [do_card] (0x4000): No certificate found. 363s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-23769.output 363s + return 2 363s + invalid_certificate /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 /tmp/sssd-softhsm2-P7qV3q/test-root-intermediate-chain-CA.pem partial_chain 363s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 /tmp/sssd-softhsm2-P7qV3q/test-root-intermediate-chain-CA.pem partial_chain 363s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 363s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-32570 363s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-root-intermediate-chain-CA.pem 363s + local verify_option=partial_chain 363s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 363s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 363s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-32570 363s + local key_cn 363s + local key_name 363s + local tokens_dir 363s + local output_cert_file 363s + token_name= 363s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 363s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 363s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 363s ++ sed -n 's/ *commonName *= //p' 363s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 363s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 363s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 363s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 363s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 363s Test Organization Sub Int Token 363s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 363s + token_name='Test Organization Sub Int Token' 363s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 363s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 363s + echo 'Test Organization Sub Int Token' 363s + '[' -n partial_chain ']' 363s + local verify_arg=--verify=partial_chain 363s + local output_base_name=SSSD-child-738 363s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-738.output 363s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-738.pem 363s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-root-intermediate-chain-CA.pem 363s [p11_child[3340]] [main] (0x0400): p11_child started. 363s [p11_child[3340]] [main] (0x2000): Running in [pre-auth] mode. 363s [p11_child[3340]] [main] (0x2000): Running with effective IDs: [0][0]. 363s [p11_child[3340]] [main] (0x2000): Running with real IDs [0][0]. 363s [p11_child[3340]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 363s [p11_child[3340]] [do_card] (0x4000): Module List: 363s [p11_child[3340]] [do_card] (0x4000): common name: [softhsm2]. 363s [p11_child[3340]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 363s [p11_child[3340]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1b7445d9] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 363s [p11_child[3340]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 363s [p11_child[3340]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x1b7445d9][460604889] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 363s [p11_child[3340]] [do_card] (0x4000): Login NOT required. 363s [p11_child[3340]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 363s [p11_child[3340]] [do_verification] (0x0040): X509_verify_cert failed [0]. 363s [p11_child[3340]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 363s [p11_child[3340]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 363s [p11_child[3340]] [do_card] (0x4000): No certificate found. 363s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-738.output 363s + return 2 363s + valid_certificate /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem partial_chain 363s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem partial_chain 363s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 363s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-32570 363s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem 363s + local verify_option=partial_chain 363s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 363s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 363s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-32570 363s + local key_cn 363s + local key_name 363s + local tokens_dir 363s + local output_cert_file 363s + token_name= 363s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 363s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 363s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 363s ++ sed -n 's/ *commonName *= //p' 363s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 363s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 363s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 363s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 363s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 363s Test Organization Sub Int Token 363s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 363s + token_name='Test Organization Sub Int Token' 363s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 363s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 363s + echo 'Test Organization Sub Int Token' 363s + '[' -n partial_chain ']' 363s + local verify_arg=--verify=partial_chain 363s + local output_base_name=SSSD-child-21306 363s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-21306.output 363s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-21306.pem 363s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem 363s [p11_child[3347]] [main] (0x0400): p11_child started. 363s [p11_child[3347]] [main] (0x2000): Running in [pre-auth] mode. 363s [p11_child[3347]] [main] (0x2000): Running with effective IDs: [0][0]. 363s [p11_child[3347]] [main] (0x2000): Running with real IDs [0][0]. 363s [p11_child[3347]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 363s [p11_child[3347]] [do_card] (0x4000): Module List: 363s [p11_child[3347]] [do_card] (0x4000): common name: [softhsm2]. 363s [p11_child[3347]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 363s [p11_child[3347]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1b7445d9] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 363s [p11_child[3347]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 363s [p11_child[3347]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x1b7445d9][460604889] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 363s [p11_child[3347]] [do_card] (0x4000): Login NOT required. 363s [p11_child[3347]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 363s [p11_child[3347]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 363s [p11_child[3347]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 363s [p11_child[3347]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1b7445d9;slot-manufacturer=SoftHSM%20project;slot-id=460604889;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=dc125cdd1b7445d9;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 363s [p11_child[3347]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 363s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-21306.output 363s + echo '-----BEGIN CERTIFICATE-----' 363s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-21306.output 363s + echo '-----END CERTIFICATE-----' 363s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-21306.pem 363s Certificate: 363s Data: 363s Version: 3 (0x2) 363s Serial Number: 5 (0x5) 363s Signature Algorithm: sha256WithRSAEncryption 363s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 363s Validity 363s Not Before: Nov 29 21:50:34 2024 GMT 363s Not After : Nov 29 21:50:34 2025 GMT 363s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 363s Subject Public Key Info: 363s Public Key Algorithm: rsaEncryption 363s Public-Key: (1024 bit) 363s Modulus: 363s 00:c3:00:bb:0b:e0:87:19:6a:57:8d:83:1e:34:b6: 363s c0:91:70:62:27:bc:2f:bd:3f:3b:88:94:9f:5e:c5: 363s c0:c4:5a:69:9b:23:aa:d1:17:80:46:8e:9c:43:dd: 363s bf:3e:d3:50:c0:d6:1e:18:ae:66:64:dc:e2:91:98: 363s 22:01:08:64:30:d1:22:bd:27:78:b7:d8:90:65:32: 363s 87:f7:b6:3d:17:ba:f9:cd:90:0f:48:66:b9:b0:83: 363s bb:9d:04:ba:f9:8a:4f:0d:4f:1f:1c:58:65:69:07: 363s 37:51:b5:c5:4f:af:7f:48:68:d4:cc:3b:6a:96:3b: 363s e0:3a:3f:eb:22:cf:9b:f9:2d 363s Exponent: 65537 (0x10001) 363s X509v3 extensions: 363s X509v3 Authority Key Identifier: 363s 9B:1E:E0:FE:90:4C:A8:81:38:70:1F:E6:A9:1E:9A:4E:0E:02:E8:7B 363s X509v3 Basic Constraints: 363s CA:FALSE 363s Netscape Cert Type: 363s SSL Client, S/MIME 363s Netscape Comment: 363s Test Organization Sub Intermediate CA trusted Certificate 363s X509v3 Subject Key Identifier: 363s 14:78:A1:AF:5A:9E:43:F4:2F:88:65:31:90:76:8D:1A:1F:44:06:90 363s X509v3 Key Usage: critical 363s Digital Signature, Non Repudiation, Key Encipherment 363s X509v3 Extended Key Usage: 363s TLS Web Client Authentication, E-mail Protection 363s X509v3 Subject Alternative Name: 363s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 363s Signature Algorithm: sha256WithRSAEncryption 363s Signature Value: 363s 90:2e:81:18:dd:75:a3:55:41:d9:a4:33:29:cf:b9:f5:84:6e: 363s 42:82:fc:56:55:a3:e7:ff:68:45:ca:58:8d:f8:fd:af:15:ef: 363s ea:73:96:54:0d:56:c1:27:cc:ae:b1:d3:cd:40:b2:33:d3:37: 363s c3:36:22:39:7f:58:98:2f:26:0a:13:32:c5:fe:d4:68:bc:42: 363s 20:bb:47:6f:57:21:4c:6f:47:30:dc:c5:aa:67:a0:43:78:b8: 363s 33:91:cb:9b:46:d5:52:68:d3:91:9a:8f:ce:7f:21:b3:6e:67: 363s f1:20:e9:a7:92:40:82:38:44:bd:21:1c:d5:5f:ef:0e:b6:fa: 363s ff:9e 363s + local found_md5 expected_md5 363s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 363s + expected_md5=Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D 363s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-21306.pem 363s + found_md5=Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D 363s + '[' Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D '!=' Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D ']' 363s + output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-21306-auth.output 363s ++ basename /tmp/sssd-softhsm2-P7qV3q/SSSD-child-21306-auth.output .output 363s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-21306-auth.pem 363s + echo -n 053350 363s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 363s [p11_child[3355]] [main] (0x0400): p11_child started. 363s [p11_child[3355]] [main] (0x2000): Running in [auth] mode. 363s [p11_child[3355]] [main] (0x2000): Running with effective IDs: [0][0]. 363s [p11_child[3355]] [main] (0x2000): Running with real IDs [0][0]. 363s [p11_child[3355]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 363s [p11_child[3355]] [do_card] (0x4000): Module List: 363s [p11_child[3355]] [do_card] (0x4000): common name: [softhsm2]. 363s [p11_child[3355]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 363s [p11_child[3355]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1b7445d9] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 363s [p11_child[3355]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 363s [p11_child[3355]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x1b7445d9][460604889] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 363s [p11_child[3355]] [do_card] (0x4000): Login required. 363s [p11_child[3355]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 363s [p11_child[3355]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 363s [p11_child[3355]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 363s [p11_child[3355]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1b7445d9;slot-manufacturer=SoftHSM%20project;slot-id=460604889;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=dc125cdd1b7445d9;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 363s [p11_child[3355]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 363s [p11_child[3355]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 363s [p11_child[3355]] [do_card] (0x4000): Certificate verified and validated. 363s [p11_child[3355]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 363s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-21306-auth.output 363s + echo '-----BEGIN CERTIFICATE-----' 363s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-21306-auth.output 363s + echo '-----END CERTIFICATE-----' 363s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-21306-auth.pem 363s Certificate: 363s Data: 363s Version: 3 (0x2) 363s Serial Number: 5 (0x5) 363s Signature Algorithm: sha256WithRSAEncryption 363s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 363s Validity 363s Not Before: Nov 29 21:50:34 2024 GMT 363s Not After : Nov 29 21:50:34 2025 GMT 363s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 363s Subject Public Key Info: 363s Public Key Algorithm: rsaEncryption 363s Public-Key: (1024 bit) 363s Modulus: 363s 00:c3:00:bb:0b:e0:87:19:6a:57:8d:83:1e:34:b6: 363s c0:91:70:62:27:bc:2f:bd:3f:3b:88:94:9f:5e:c5: 363s c0:c4:5a:69:9b:23:aa:d1:17:80:46:8e:9c:43:dd: 363s bf:3e:d3:50:c0:d6:1e:18:ae:66:64:dc:e2:91:98: 363s 22:01:08:64:30:d1:22:bd:27:78:b7:d8:90:65:32: 363s 87:f7:b6:3d:17:ba:f9:cd:90:0f:48:66:b9:b0:83: 363s bb:9d:04:ba:f9:8a:4f:0d:4f:1f:1c:58:65:69:07: 363s 37:51:b5:c5:4f:af:7f:48:68:d4:cc:3b:6a:96:3b: 363s e0:3a:3f:eb:22:cf:9b:f9:2d 363s Exponent: 65537 (0x10001) 363s X509v3 extensions: 363s X509v3 Authority Key Identifier: 363s 9B:1E:E0:FE:90:4C:A8:81:38:70:1F:E6:A9:1E:9A:4E:0E:02:E8:7B 363s X509v3 Basic Constraints: 363s CA:FALSE 363s Netscape Cert Type: 363s SSL Client, S/MIME 363s Netscape Comment: 363s Test Organization Sub Intermediate CA trusted Certificate 363s X509v3 Subject Key Identifier: 363s 14:78:A1:AF:5A:9E:43:F4:2F:88:65:31:90:76:8D:1A:1F:44:06:90 363s X509v3 Key Usage: critical 363s Digital Signature, Non Repudiation, Key Encipherment 363s X509v3 Extended Key Usage: 363s TLS Web Client Authentication, E-mail Protection 363s X509v3 Subject Alternative Name: 363s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 363s Signature Algorithm: sha256WithRSAEncryption 363s Signature Value: 363s 90:2e:81:18:dd:75:a3:55:41:d9:a4:33:29:cf:b9:f5:84:6e: 363s 42:82:fc:56:55:a3:e7:ff:68:45:ca:58:8d:f8:fd:af:15:ef: 363s ea:73:96:54:0d:56:c1:27:cc:ae:b1:d3:cd:40:b2:33:d3:37: 363s c3:36:22:39:7f:58:98:2f:26:0a:13:32:c5:fe:d4:68:bc:42: 363s 20:bb:47:6f:57:21:4c:6f:47:30:dc:c5:aa:67:a0:43:78:b8: 363s 33:91:cb:9b:46:d5:52:68:d3:91:9a:8f:ce:7f:21:b3:6e:67: 363s f1:20:e9:a7:92:40:82:38:44:bd:21:1c:d5:5f:ef:0e:b6:fa: 363s ff:9e 363s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-21306-auth.pem 363s + found_md5=Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D 363s + '[' Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D '!=' Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D ']' 363s + valid_certificate /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 /tmp/sssd-softhsm2-P7qV3q/test-intermediate-sub-chain-CA.pem partial_chain 363s + check_certificate /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 /tmp/sssd-softhsm2-P7qV3q/test-intermediate-sub-chain-CA.pem partial_chain 363s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 363s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-32570 363s + local key_ring=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-sub-chain-CA.pem 363s + local verify_option=partial_chain 363s + prepare_softhsm2_card /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-32570 363s + local certificate=/tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 363s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-32570 363s + local key_cn 363s + local key_name 363s + local tokens_dir 363s + local output_cert_file 363s + token_name= 363s ++ basename /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 363s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 363s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 363s ++ sed -n 's/ *commonName *= //p' 363s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 363s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 363s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 363s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 363s ++ basename /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 363s + tokens_dir=/tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 363s + token_name='Test Organization Sub Int Token' 363s + '[' '!' -e /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 363s + '[' '!' -d /tmp/sssd-softhsm2-P7qV3q/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 363s + echo 'Test Organization Sub Int Token' 363s + '[' -n partial_chain ']' 363s + local verify_arg=--verify=partial_chain 363s + local output_base_name=SSSD-child-12644 363s + local output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-12644.output 363s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-12644.pem 363s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-sub-chain-CA.pem 363s Test Organization Sub Int Token 363s [p11_child[3365]] [main] (0x0400): p11_child started. 363s [p11_child[3365]] [main] (0x2000): Running in [pre-auth] mode. 363s [p11_child[3365]] [main] (0x2000): Running with effective IDs: [0][0]. 363s [p11_child[3365]] [main] (0x2000): Running with real IDs [0][0]. 363s [p11_child[3365]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 363s [p11_child[3365]] [do_card] (0x4000): Module List: 363s [p11_child[3365]] [do_card] (0x4000): common name: [softhsm2]. 363s [p11_child[3365]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 363s [p11_child[3365]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1b7445d9] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 363s [p11_child[3365]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 363s [p11_child[3365]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x1b7445d9][460604889] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 363s [p11_child[3365]] [do_card] (0x4000): Login NOT required. 363s [p11_child[3365]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 363s [p11_child[3365]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 363s [p11_child[3365]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 363s [p11_child[3365]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1b7445d9;slot-manufacturer=SoftHSM%20project;slot-id=460604889;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=dc125cdd1b7445d9;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 363s [p11_child[3365]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 363s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12644.output 363s + echo '-----BEGIN CERTIFICATE-----' 363s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12644.output 363s + echo '-----END CERTIFICATE-----' 363s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12644.pem 363s Certificate: 363s Data: 363s Version: 3 (0x2) 363s Serial Number: 5 (0x5) 363s Signature Algorithm: sha256WithRSAEncryption 363s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 363s Validity 363s Not Before: Nov 29 21:50:34 2024 GMT 363s Not After : Nov 29 21:50:34 2025 GMT 363s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 363s Subject Public Key Info: 363s Public Key Algorithm: rsaEncryption 363s Public-Key: (1024 bit) 363s Modulus: 363s 00:c3:00:bb:0b:e0:87:19:6a:57:8d:83:1e:34:b6: 363s c0:91:70:62:27:bc:2f:bd:3f:3b:88:94:9f:5e:c5: 363s c0:c4:5a:69:9b:23:aa:d1:17:80:46:8e:9c:43:dd: 363s bf:3e:d3:50:c0:d6:1e:18:ae:66:64:dc:e2:91:98: 363s 22:01:08:64:30:d1:22:bd:27:78:b7:d8:90:65:32: 363s 87:f7:b6:3d:17:ba:f9:cd:90:0f:48:66:b9:b0:83: 363s bb:9d:04:ba:f9:8a:4f:0d:4f:1f:1c:58:65:69:07: 363s 37:51:b5:c5:4f:af:7f:48:68:d4:cc:3b:6a:96:3b: 363s e0:3a:3f:eb:22:cf:9b:f9:2d 363s Exponent: 65537 (0x10001) 363s X509v3 extensions: 363s X509v3 Authority Key Identifier: 363s 9B:1E:E0:FE:90:4C:A8:81:38:70:1F:E6:A9:1E:9A:4E:0E:02:E8:7B 363s X509v3 Basic Constraints: 363s CA:FALSE 363s Netscape Cert Type: 363s SSL Client, S/MIME 363s Netscape Comment: 363s Test Organization Sub Intermediate CA trusted Certificate 363s X509v3 Subject Key Identifier: 363s 14:78:A1:AF:5A:9E:43:F4:2F:88:65:31:90:76:8D:1A:1F:44:06:90 363s X509v3 Key Usage: critical 363s Digital Signature, Non Repudiation, Key Encipherment 363s X509v3 Extended Key Usage: 363s TLS Web Client Authentication, E-mail Protection 363s X509v3 Subject Alternative Name: 363s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 363s Signature Algorithm: sha256WithRSAEncryption 363s Signature Value: 363s 90:2e:81:18:dd:75:a3:55:41:d9:a4:33:29:cf:b9:f5:84:6e: 363s 42:82:fc:56:55:a3:e7:ff:68:45:ca:58:8d:f8:fd:af:15:ef: 363s ea:73:96:54:0d:56:c1:27:cc:ae:b1:d3:cd:40:b2:33:d3:37: 363s c3:36:22:39:7f:58:98:2f:26:0a:13:32:c5:fe:d4:68:bc:42: 363s 20:bb:47:6f:57:21:4c:6f:47:30:dc:c5:aa:67:a0:43:78:b8: 363s 33:91:cb:9b:46:d5:52:68:d3:91:9a:8f:ce:7f:21:b3:6e:67: 363s f1:20:e9:a7:92:40:82:38:44:bd:21:1c:d5:5f:ef:0e:b6:fa: 363s ff:9e 363s + local found_md5 expected_md5 363s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/test-sub-intermediate-CA-trusted-certificate-0001.pem 363s + expected_md5=Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D 363s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12644.pem 364s + found_md5=Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D 364s + '[' Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D '!=' Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D ']' 364s + output_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-12644-auth.output 364s ++ basename /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12644-auth.output .output 364s + output_cert_file=/tmp/sssd-softhsm2-P7qV3q/SSSD-child-12644-auth.pem 364s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-P7qV3q/test-intermediate-sub-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 364s + echo -n 053350 364s [p11_child[3373]] [main] (0x0400): p11_child started. 364s [p11_child[3373]] [main] (0x2000): Running in [auth] mode. 364s [p11_child[3373]] [main] (0x2000): Running with effective IDs: [0][0]. 364s [p11_child[3373]] [main] (0x2000): Running with real IDs [0][0]. 364s [p11_child[3373]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 364s [p11_child[3373]] [do_card] (0x4000): Module List: 364s [p11_child[3373]] [do_card] (0x4000): common name: [softhsm2]. 364s [p11_child[3373]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 364s [p11_child[3373]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1b7445d9] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 364s [p11_child[3373]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 364s [p11_child[3373]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x1b7445d9][460604889] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 364s [p11_child[3373]] [do_card] (0x4000): Login required. 364s [p11_child[3373]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 364s [p11_child[3373]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 364s [p11_child[3373]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 364s [p11_child[3373]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1b7445d9;slot-manufacturer=SoftHSM%20project;slot-id=460604889;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=dc125cdd1b7445d9;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 364s [p11_child[3373]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 364s [p11_child[3373]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 364s [p11_child[3373]] [do_card] (0x4000): Certificate verified and validated. 364s [p11_child[3373]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 364s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12644-auth.output 364s + echo '-----BEGIN CERTIFICATE-----' 364s + tail -n1 /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12644-auth.output 364s + echo '-----END CERTIFICATE-----' 364s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12644-auth.pem 364s Certificate: 364s Data: 364s Version: 3 (0x2) 364s Serial Number: 5 (0x5) 364s Signature Algorithm: sha256WithRSAEncryption 364s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 364s Validity 364s Not Before: Nov 29 21:50:34 2024 GMT 364s Not After : Nov 29 21:50:34 2025 GMT 364s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 364s Subject Public Key Info: 364s Public Key Algorithm: rsaEncryption 364s Public-Key: (1024 bit) 364s Modulus: 364s 00:c3:00:bb:0b:e0:87:19:6a:57:8d:83:1e:34:b6: 364s c0:91:70:62:27:bc:2f:bd:3f:3b:88:94:9f:5e:c5: 364s c0:c4:5a:69:9b:23:aa:d1:17:80:46:8e:9c:43:dd: 364s bf:3e:d3:50:c0:d6:1e:18:ae:66:64:dc:e2:91:98: 364s 22:01:08:64:30:d1:22:bd:27:78:b7:d8:90:65:32: 364s 87:f7:b6:3d:17:ba:f9:cd:90:0f:48:66:b9:b0:83: 364s bb:9d:04:ba:f9:8a:4f:0d:4f:1f:1c:58:65:69:07: 364s 37:51:b5:c5:4f:af:7f:48:68:d4:cc:3b:6a:96:3b: 364s e0:3a:3f:eb:22:cf:9b:f9:2d 364s Exponent: 65537 (0x10001) 364s X509v3 extensions: 364s X509v3 Authority Key Identifier: 364s 9B:1E:E0:FE:90:4C:A8:81:38:70:1F:E6:A9:1E:9A:4E:0E:02:E8:7B 364s X509v3 Basic Constraints: 364s CA:FALSE 364s Netscape Cert Type: 364s SSL Client, S/MIME 364s Netscape Comment: 364s Test Organization Sub Intermediate CA trusted Certificate 364s X509v3 Subject Key Identifier: 364s 14:78:A1:AF:5A:9E:43:F4:2F:88:65:31:90:76:8D:1A:1F:44:06:90 364s X509v3 Key Usage: critical 364s Digital Signature, Non Repudiation, Key Encipherment 364s X509v3 Extended Key Usage: 364s TLS Web Client Authentication, E-mail Protection 364s X509v3 Subject Alternative Name: 364s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 364s Signature Algorithm: sha256WithRSAEncryption 364s Signature Value: 364s 90:2e:81:18:dd:75:a3:55:41:d9:a4:33:29:cf:b9:f5:84:6e: 364s 42:82:fc:56:55:a3:e7:ff:68:45:ca:58:8d:f8:fd:af:15:ef: 364s ea:73:96:54:0d:56:c1:27:cc:ae:b1:d3:cd:40:b2:33:d3:37: 364s c3:36:22:39:7f:58:98:2f:26:0a:13:32:c5:fe:d4:68:bc:42: 364s 20:bb:47:6f:57:21:4c:6f:47:30:dc:c5:aa:67:a0:43:78:b8: 364s 33:91:cb:9b:46:d5:52:68:d3:91:9a:8f:ce:7f:21:b3:6e:67: 364s f1:20:e9:a7:92:40:82:38:44:bd:21:1c:d5:5f:ef:0e:b6:fa: 364s ff:9e 364s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-P7qV3q/SSSD-child-12644-auth.pem 364s 364s Test completed, Root CA and intermediate issued certificates verified! 364s + found_md5=Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D 364s + '[' Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D '!=' Modulus=C300BB0BE087196A578D831E34B6C091706227BC2FBD3F3B88949F5EC5C0C45A699B23AAD11780468E9C43DDBF3ED350C0D61E18AE6664DCE291982201086430D122BD2778B7D890653287F7B63D17BAF9CD900F4866B9B083BB9D04BAF98A4F0D4F1F1C586569073751B5C54FAF7F4868D4CC3B6A963BE03A3FEB22CF9BF92D ']' 364s + set +x 364s autopkgtest [21:50:41]: test sssd-softhism2-certificates-tests.sh: -----------------------] 365s autopkgtest [21:50:42]: test sssd-softhism2-certificates-tests.sh: - - - - - - - - - - results - - - - - - - - - - 365s sssd-softhism2-certificates-tests.sh PASS 365s autopkgtest [21:50:42]: test sssd-smart-card-pam-auth-configs: preparing testbed 365s Reading package lists... 365s Building dependency tree... 365s Reading state information... 366s Starting pkgProblemResolver with broken count: 0 366s Starting 2 pkgProblemResolver with broken count: 0 366s Done 366s The following NEW packages will be installed: 366s pamtester 366s 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. 366s Need to get 14.6 kB of archives. 366s After this operation, 86.0 kB of additional disk space will be used. 366s Get:1 http://ftpmaster.internal/ubuntu noble/universe ppc64el pamtester ppc64el 0.1.2-4 [14.6 kB] 367s Fetched 14.6 kB in 0s (68.2 kB/s) 367s Selecting previously unselected package pamtester. 367s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 73022 files and directories currently installed.) 367s Preparing to unpack .../pamtester_0.1.2-4_ppc64el.deb ... 367s Unpacking pamtester (0.1.2-4) ... 367s Setting up pamtester (0.1.2-4) ... 367s Processing triggers for man-db (2.12.0-4build2) ... 368s autopkgtest [21:50:45]: test sssd-smart-card-pam-auth-configs: env OFFLINE_MODE=1 bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 368s autopkgtest [21:50:45]: test sssd-smart-card-pam-auth-configs: [----------------------- 368s + '[' -z ubuntu ']' 368s + export DEBIAN_FRONTEND=noninteractive 368s + DEBIAN_FRONTEND=noninteractive 368s + required_tools=(pamtester softhsm2-util sssd) 368s + [[ ! -v OFFLINE_MODE ]] 368s + for cmd in "${required_tools[@]}" 368s + command -v pamtester 368s + for cmd in "${required_tools[@]}" 368s + command -v softhsm2-util 368s + for cmd in "${required_tools[@]}" 368s + command -v sssd 368s + PIN=123456 368s ++ mktemp -d -t sssd-softhsm2-certs-XXXXXX 368s + tmpdir=/tmp/sssd-softhsm2-certs-QpipWd 368s + backupsdir= 368s + alternative_pam_configs=(sss-smart-card-optional sss-smart-card-required) 368s + declare -a restore_paths 368s + declare -a delete_paths 368s + trap handle_exit EXIT 368s ++ dirname debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 368s + tester=debian/tests/sssd-softhism2-certificates-tests.sh 368s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 368s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 368s + export PIN TEST_TMPDIR=/tmp/sssd-softhsm2-certs-QpipWd GENERATE_SMART_CARDS=1 KEEP_TEMPORARY_FILES=1 NO_SSSD_TESTS=1 368s + TEST_TMPDIR=/tmp/sssd-softhsm2-certs-QpipWd 368s + GENERATE_SMART_CARDS=1 368s + KEEP_TEMPORARY_FILES=1 368s + NO_SSSD_TESTS=1 368s + bash debian/tests/sssd-softhism2-certificates-tests.sh 368s + '[' -z ubuntu ']' 368s + required_tools=(p11tool openssl softhsm2-util) 368s + for cmd in "${required_tools[@]}" 368s + command -v p11tool 368s + for cmd in "${required_tools[@]}" 368s + command -v openssl 368s + for cmd in "${required_tools[@]}" 368s + command -v softhsm2-util 368s + PIN=123456 368s +++ find /usr/lib/softhsm/libsofthsm2.so 368s +++ head -n 1 368s ++ realpath /usr/lib/softhsm/libsofthsm2.so 368s + SOFTHSM2_MODULE=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 368s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 368s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 368s + '[' '!' -v NO_SSSD_TESTS ']' 368s + '[' '!' -e /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so ']' 368s + tmpdir=/tmp/sssd-softhsm2-certs-QpipWd 368s + keys_size=1024 368s + [[ ! -v KEEP_TEMPORARY_FILES ]] 368s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 368s + echo -n 01 368s + touch /tmp/sssd-softhsm2-certs-QpipWd/index.txt 368s + mkdir -p /tmp/sssd-softhsm2-certs-QpipWd/new_certs 368s + cat 368s + root_ca_key_pass=pass:random-root-CA-password-2483 368s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-key.pem -passout pass:random-root-CA-password-2483 1024 368s + openssl req -passin pass:random-root-CA-password-2483 -batch -config /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA.pem 368s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA.pem 368s + cat 368s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-11053 368s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-11053 1024 368s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-11053 -config /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-2483 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-certificate-request.pem 368s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-certificate-request.pem 368s Certificate Request: 368s Data: 368s Version: 1 (0x0) 368s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 368s Subject Public Key Info: 368s Public Key Algorithm: rsaEncryption 368s Public-Key: (1024 bit) 368s Modulus: 368s 00:b9:76:81:c8:5e:69:ea:c7:d9:33:b9:5a:29:83: 368s 29:02:53:92:a3:40:e6:bf:3b:d7:d8:5e:8b:2c:f3: 368s 63:7a:e8:07:7b:8c:be:a7:7b:83:fe:08:cd:b8:9d: 368s 68:00:be:6d:7b:4c:e1:c9:6e:8c:ca:d6:ff:13:d2: 368s 45:6e:de:cd:61:d8:97:cb:a3:2b:9f:13:6b:8f:d9: 368s 9b:0f:65:31:ad:14:98:ba:72:08:c3:cc:b1:7c:49: 368s 67:ab:7b:72:64:7a:63:a1:57:6b:6c:7f:78:09:f8: 368s 16:cb:61:1b:92:11:57:4d:36:c4:56:06:58:52:57: 368s 60:41:8e:29:f3:3d:03:c1:77 368s Exponent: 65537 (0x10001) 368s Attributes: 368s (none) 368s Requested Extensions: 368s Signature Algorithm: sha256WithRSAEncryption 368s Signature Value: 368s 15:87:1b:d9:e9:db:63:a5:02:8a:c9:04:d9:62:c2:f3:1d:42: 368s 03:ee:b2:80:c3:5b:86:0a:0f:9b:bd:32:68:f8:41:ed:a5:31: 368s ac:86:2c:c5:47:e1:bb:43:fc:a6:1d:3f:c3:7e:3d:1a:cc:36: 368s 03:2c:11:8a:61:c1:0e:c8:8f:5d:fb:f6:0f:51:50:10:a3:29: 368s 09:f9:d2:e7:2d:51:50:ec:4f:2d:d3:fc:2e:3d:48:84:f3:64: 368s 20:df:3f:73:20:80:71:fb:ab:a8:81:98:37:f7:e7:c1:5c:23: 368s f4:7c:b2:2f:32:7c:52:96:1a:4b:62:b7:8b:8e:78:52:39:bd: 368s bd:32 368s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA.config -passin pass:random-root-CA-password-2483 -keyfile /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem 368s Using configuration from /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA.config 368s Check that the request matches the signature 368s Signature ok 368s Certificate Details: 368s Serial Number: 1 (0x1) 368s Validity 368s Not Before: Nov 29 21:50:45 2024 GMT 368s Not After : Nov 29 21:50:45 2025 GMT 368s Subject: 368s organizationName = Test Organization 368s organizationalUnitName = Test Organization Unit 368s commonName = Test Organization Intermediate CA 368s X509v3 extensions: 368s X509v3 Subject Key Identifier: 368s 58:0E:40:68:43:08:E1:08:E9:45:61:04:1D:EE:1C:3F:62:84:02:3D 368s X509v3 Authority Key Identifier: 368s keyid:0F:A2:96:DF:9C:7B:FA:EE:C7:61:7E:93:C6:A8:0D:44:F4:8F:C3:75 368s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 368s serial:00 368s X509v3 Basic Constraints: 368s CA:TRUE 368s X509v3 Key Usage: critical 368s Digital Signature, Certificate Sign, CRL Sign 368s Certificate is to be certified until Nov 29 21:50:45 2025 GMT (365 days) 368s 368s Write out database with 1 new entries 368s Database updated 368s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem 368s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem 368s /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem: OK 368s + cat 368s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-13853 368s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-13853 1024 368s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-13853 -config /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-11053 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-certificate-request.pem 368s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-certificate-request.pem 368s Certificate Request: 368s Data: 368s Version: 1 (0x0) 368s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 368s Subject Public Key Info: 368s Public Key Algorithm: rsaEncryption 368s Public-Key: (1024 bit) 368s Modulus: 368s 00:e9:27:92:e0:40:e7:46:e4:aa:4b:c0:65:bf:94: 368s 81:83:8b:59:6e:a7:29:d7:ce:f3:21:89:4f:81:46: 368s 4a:22:db:03:47:df:60:46:e1:33:68:e7:c3:e3:cc: 368s 12:ae:73:97:41:72:db:45:56:3f:9c:a8:a5:23:4f: 368s 93:ff:66:bd:ee:a6:af:f3:03:b7:18:85:a8:fb:97: 368s f0:a1:0c:2b:ca:d9:4f:0a:f8:72:74:ab:90:72:e5: 368s d4:dd:2a:be:24:2d:d2:7e:6a:6d:fc:2b:f4:ee:1a: 368s 8a:39:c6:be:9e:a8:74:ab:0e:b8:2b:a9:f4:6e:e1: 368s 11:c4:66:ba:89:e0:ca:c7:bf 368s Exponent: 65537 (0x10001) 368s Attributes: 368s (none) 368s Requested Extensions: 368s Signature Algorithm: sha256WithRSAEncryption 368s Signature Value: 368s 48:87:07:75:09:9f:b2:ed:20:d6:98:a9:65:a3:d1:da:9a:09: 368s 8a:fe:6c:43:f4:47:16:02:2e:e6:10:3c:7e:e4:74:14:b5:31: 368s b6:69:89:bf:cf:0b:44:22:96:47:88:d3:fb:77:06:27:80:7d: 368s 0a:26:a3:08:10:8f:2c:14:3d:96:05:45:8e:94:aa:be:c1:09: 368s d8:e6:4a:27:44:fe:d6:c2:6f:fc:fc:52:3d:ba:c1:25:b7:6c: 368s aa:da:27:e6:9f:9e:17:72:c1:ea:20:d2:07:7c:ad:3d:2c:f4: 368s 65:79:a0:31:c6:c7:9c:fe:73:3c:3f:b4:6f:a3:ce:c0:0c:12: 368s d9:6e 368s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-11053 -keyfile /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.pem 368s Using configuration from /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.config 368s Check that the request matches the signature 368s Signature ok 368s Certificate Details: 368s Serial Number: 2 (0x2) 368s Validity 368s Not Before: Nov 29 21:50:45 2024 GMT 368s Not After : Nov 29 21:50:45 2025 GMT 368s Subject: 368s organizationName = Test Organization 368s organizationalUnitName = Test Organization Unit 368s commonName = Test Organization Sub Intermediate CA 368s X509v3 extensions: 368s X509v3 Subject Key Identifier: 368s 56:6F:42:14:83:23:B2:7C:5E:0F:95:6A:83:DF:E5:BC:3A:0D:F6:C1 368s X509v3 Authority Key Identifier: 368s keyid:58:0E:40:68:43:08:E1:08:E9:45:61:04:1D:EE:1C:3F:62:84:02:3D 368s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 368s serial:01 368s X509v3 Basic Constraints: 368s CA:TRUE 368s X509v3 Key Usage: critical 368s Digital Signature, Certificate Sign, CRL Sign 368s Certificate is to be certified until Nov 29 21:50:45 2025 GMT (365 days) 368s 368s Write out database with 1 new entries 368s Database updated 368s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.pem 368s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.pem 368s /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.pem: OK 368s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.pem 368s + local cmd=openssl 368s + shift 368s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.pem 368s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 368s error 20 at 0 depth lookup: unable to get local issuer certificate 368s error /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.pem: verification failed 368s + cat 368s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-10091 368s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-10091 1024 369s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-10091 -key /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001-request.pem 369s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001-request.pem 369s Certificate Request: 369s Data: 369s Version: 1 (0x0) 369s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 369s Subject Public Key Info: 369s Public Key Algorithm: rsaEncryption 369s Public-Key: (1024 bit) 369s Modulus: 369s 00:c6:56:b6:fc:82:e3:a5:35:2f:af:79:43:9f:a0: 369s 73:28:b1:bf:3a:2d:bb:ef:2c:f2:19:20:01:90:19: 369s 8b:14:82:55:f4:64:05:ed:28:95:4d:92:34:e5:3d: 369s d4:20:53:ec:a5:3f:82:cc:ac:ed:d9:49:12:d2:03: 369s e4:91:fb:f7:21:6b:a8:b0:b4:79:72:39:c2:29:f8: 369s 47:53:31:94:7e:0d:48:eb:ba:0c:b7:8c:bd:51:9b: 369s 0a:8c:05:e2:cf:14:6d:b9:e2:8e:5d:d4:e7:b1:c2: 369s 0a:00:9f:79:53:89:d5:dd:20:4f:26:bf:62:db:c8: 369s 4d:43:0c:c1:ef:9f:6f:5a:e9 369s Exponent: 65537 (0x10001) 369s Attributes: 369s Requested Extensions: 369s X509v3 Basic Constraints: 369s CA:FALSE 369s Netscape Cert Type: 369s SSL Client, S/MIME 369s Netscape Comment: 369s Test Organization Root CA trusted Certificate 369s X509v3 Subject Key Identifier: 369s 3A:A9:78:87:A4:D8:49:43:D8:4A:7D:56:A0:3B:BC:D5:E2:EC:CE:C6 369s X509v3 Key Usage: critical 369s Digital Signature, Non Repudiation, Key Encipherment 369s X509v3 Extended Key Usage: 369s TLS Web Client Authentication, E-mail Protection 369s X509v3 Subject Alternative Name: 369s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 369s Signature Algorithm: sha256WithRSAEncryption 369s Signature Value: 369s 52:02:13:1e:a2:56:0a:2b:84:78:cc:b0:70:1d:b3:cf:cc:df: 369s 72:99:31:6a:ff:fb:e8:c2:dd:12:79:bf:f2:44:3a:a4:f3:b8: 369s e5:36:77:a5:2f:0b:3c:cc:d9:00:cc:70:97:3d:cb:38:94:f3: 369s ac:87:8d:6b:00:13:1d:92:43:40:3f:bb:8c:78:51:fd:2f:f9: 369s e3:75:cd:5d:98:9d:ca:c0:17:96:48:d3:a2:e1:3e:63:ba:4d: 369s 9a:fe:0a:d1:d0:09:2b:41:c6:3b:18:44:ea:5a:ab:56:73:09: 369s e4:3b:b3:4d:75:20:96:2e:e4:0b:97:7f:e0:ab:d8:d2:11:59: 369s 1e:07 369s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA.config -passin pass:random-root-CA-password-2483 -keyfile /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001.pem 369s Using configuration from /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA.config 369s Check that the request matches the signature 369s Signature ok 369s Certificate Details: 369s Serial Number: 3 (0x3) 369s Validity 369s Not Before: Nov 29 21:50:46 2024 GMT 369s Not After : Nov 29 21:50:46 2025 GMT 369s Subject: 369s organizationName = Test Organization 369s organizationalUnitName = Test Organization Unit 369s commonName = Test Organization Root Trusted Certificate 0001 369s X509v3 extensions: 369s X509v3 Authority Key Identifier: 369s 0F:A2:96:DF:9C:7B:FA:EE:C7:61:7E:93:C6:A8:0D:44:F4:8F:C3:75 369s X509v3 Basic Constraints: 369s CA:FALSE 369s Netscape Cert Type: 369s SSL Client, S/MIME 369s Netscape Comment: 369s Test Organization Root CA trusted Certificate 369s X509v3 Subject Key Identifier: 369s 3A:A9:78:87:A4:D8:49:43:D8:4A:7D:56:A0:3B:BC:D5:E2:EC:CE:C6 369s X509v3 Key Usage: critical 369s Digital Signature, Non Repudiation, Key Encipherment 369s X509v3 Extended Key Usage: 369s TLS Web Client Authentication, E-mail Protection 369s X509v3 Subject Alternative Name: 369s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 369s Certificate is to be certified until Nov 29 21:50:46 2025 GMT (365 days) 369s 369s Write out database with 1 new entries 369s Database updated 369s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001.pem 369s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001.pem 369s /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001.pem: OK 369s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001.pem 369s + local cmd=openssl 369s + shift 369s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001.pem 369s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 369s error 20 at 0 depth lookup: unable to get local issuer certificate 369s error /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001.pem: verification failed 369s + cat 369s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-5415 369s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-5415 1024 369s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-5415 -key /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001-request.pem 369s Certificate Request: 369s Data: 369s Version: 1 (0x0) 369s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 369s Subject Public Key Info: 369s Public Key Algorithm: rsaEncryption 369s Public-Key: (1024 bit) 369s Modulus: 369s 00:9e:c3:42:5a:e3:17:85:90:2e:f0:26:df:15:bf: 369s 3b:f5:b4:36:82:7b:4b:4f:81:d4:9a:8a:d6:e2:88: 369s e6:28:72:4d:fd:6e:0b:51:26:06:52:7c:89:ac:3a: 369s 67:7b:e2:0e:0b:34:16:41:b0:43:4f:f0:82:35:81: 369s 2b:e8:4d:01:23:18:51:d8:dc:15:35:bd:cd:ac:55: 369s e6:73:46:b5:1a:6f:9a:78:d6:9a:25:ef:f9:23:2c: 369s 86:22:6b:80:f1:ba:f0:bd:00:4a:19:7d:bb:6e:24: 369s 78:e9:9a:44:22:7b:9d:a5:4e:61:c8:14:76:a2:d1: 369s 44:c3:99:ea:4d:83:43:66:69 369s Exponent: 65537 (0x10001) 369s Attributes: 369s Requested Extensions: 369s X509v3 Basic Constraints: 369s CA:FALSE 369s Netscape Cert Type: 369s SSL Client, S/MIME 369s Netscape Comment: 369s Test Organization Intermediate CA trusted Certificate 369s X509v3 Subject Key Identifier: 369s 6F:7A:F8:4C:E6:67:85:0F:CD:22:74:DC:49:D2:40:1D:74:9A:51:F7 369s X509v3 Key Usage: critical 369s Digital Signature, Non Repudiation, Key Encipherment 369s X509v3 Extended Key Usage: 369s TLS Web Client Authentication, E-mail Protection 369s X509v3 Subject Alternative Name: 369s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 369s Signature Algorithm: sha256WithRSAEncryption 369s Signature Value: 369s 17:c1:73:2e:f4:9c:99:a8:c5:ba:a6:73:4c:82:9a:26:b7:78: 369s 0e:ea:6c:8a:5f:26:95:43:40:a0:18:8c:3e:f8:92:49:39:47: 369s e6:29:76:11:9f:fe:b9:9c:07:93:15:bc:3a:ea:fa:74:12:6d: 369s bd:fe:84:d4:cf:a9:0a:5e:a4:dd:f1:f8:fb:c2:43:ef:e9:0e: 369s 5d:3e:94:a3:6f:d3:0d:d3:e5:5b:c2:8d:12:0e:08:6d:3e:63: 369s f8:53:dd:1e:18:df:8a:e0:4e:7d:0c:48:20:5e:42:bf:e4:7f: 369s ae:b9:d0:ac:0c:94:11:1d:89:9c:a9:53:c9:a0:a2:e4:37:38: 369s f4:87 369s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001-request.pem 369s + openssl ca -passin pass:random-intermediate-CA-password-11053 -config /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001.pem 369s Using configuration from /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.config 369s Check that the request matches the signature 369s Signature ok 369s Certificate Details: 369s Serial Number: 4 (0x4) 369s Validity 369s Not Before: Nov 29 21:50:46 2024 GMT 369s Not After : Nov 29 21:50:46 2025 GMT 369s Subject: 369s organizationName = Test Organization 369s organizationalUnitName = Test Organization Unit 369s commonName = Test Organization Intermediate Trusted Certificate 0001 369s X509v3 extensions: 369s X509v3 Authority Key Identifier: 369s 58:0E:40:68:43:08:E1:08:E9:45:61:04:1D:EE:1C:3F:62:84:02:3D 369s X509v3 Basic Constraints: 369s CA:FALSE 369s Netscape Cert Type: 369s SSL Client, S/MIME 369s Netscape Comment: 369s Test Organization Intermediate CA trusted Certificate 369s X509v3 Subject Key Identifier: 369s 6F:7A:F8:4C:E6:67:85:0F:CD:22:74:DC:49:D2:40:1D:74:9A:51:F7 369s X509v3 Key Usage: critical 369s Digital Signature, Non Repudiation, Key Encipherment 369s X509v3 Extended Key Usage: 369s TLS Web Client Authentication, E-mail Protection 369s X509v3 Subject Alternative Name: 369s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 369s Certificate is to be certified until Nov 29 21:50:46 2025 GMT (365 days) 369s 369s Write out database with 1 new entries 369s Database updated 369s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001.pem 369s This certificate should not be trusted fully 369s + echo 'This certificate should not be trusted fully' 369s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001.pem 369s + local cmd=openssl 369s + shift 369s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001.pem 369s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 369s error 2 at 1 depth lookup: unable to get issuer certificate 369s error /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 369s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001.pem 369s /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001.pem: OK 369s + cat 369s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20845 369s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-20845 1024 369s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-20845 -key /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 369s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 369s Certificate Request: 369s Data: 369s Version: 1 (0x0) 369s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 369s Subject Public Key Info: 369s Public Key Algorithm: rsaEncryption 369s Public-Key: (1024 bit) 369s Modulus: 369s 00:d7:7c:ba:97:ea:16:6c:d2:46:8a:9f:69:da:55: 369s b3:d1:ff:4c:14:34:f7:4a:9d:0a:ad:b8:a8:5a:d3: 369s 39:84:35:ee:79:5c:1c:db:86:5a:1f:83:de:0d:47: 369s c0:b5:c1:03:e5:0a:cd:d5:1d:4d:ec:5a:c5:9f:ea: 369s c0:3b:56:3a:1e:59:b6:b3:8c:41:c2:51:28:96:18: 369s 31:ed:32:76:ef:0d:75:ac:33:8a:60:f3:7a:55:e4: 369s fe:55:59:cd:92:eb:f7:8f:f7:f9:c8:bf:c6:a3:95: 369s 23:64:31:32:4c:eb:7c:4e:94:47:e0:32:c3:e7:90: 369s 16:70:d0:c2:22:53:51:da:c5 369s Exponent: 65537 (0x10001) 369s Attributes: 369s Requested Extensions: 369s X509v3 Basic Constraints: 369s CA:FALSE 369s Netscape Cert Type: 369s SSL Client, S/MIME 369s Netscape Comment: 369s Test Organization Sub Intermediate CA trusted Certificate 369s X509v3 Subject Key Identifier: 369s 44:00:4F:62:62:EF:74:36:7B:56:EF:51:15:2A:21:0B:93:5C:00:11 369s X509v3 Key Usage: critical 369s Digital Signature, Non Repudiation, Key Encipherment 369s X509v3 Extended Key Usage: 369s TLS Web Client Authentication, E-mail Protection 369s X509v3 Subject Alternative Name: 369s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 369s Signature Algorithm: sha256WithRSAEncryption 369s Signature Value: 369s 10:29:65:b8:4e:87:61:e4:43:46:c7:05:8e:34:62:fb:33:e3: 369s 1c:1e:2a:3d:ee:a3:54:61:76:ad:a4:8b:c5:fe:4d:58:1b:ae: 369s 76:f4:86:2e:4c:dc:02:bc:6e:86:6a:b4:f0:c7:22:68:54:b7: 369s f5:87:ab:fc:b5:0f:ef:9d:ea:2d:0f:32:ec:d8:6a:17:fd:9d: 369s 20:ae:4d:96:a2:cf:0f:71:19:b4:0f:ca:a8:3a:45:49:b1:21: 369s 00:84:ba:b6:c6:dd:13:d7:f6:1b:7e:60:97:4e:b2:a0:2e:45: 369s e3:40:3f:92:6a:7b:6f:3c:6a:72:d4:24:0a:c4:e0:f2:d7:da: 369s 76:3f 369s + openssl ca -passin pass:random-sub-intermediate-CA-password-13853 -config /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem 369s Using configuration from /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.config 369s Check that the request matches the signature 369s Signature ok 369s Certificate Details: 369s Serial Number: 5 (0x5) 369s Validity 369s Not Before: Nov 29 21:50:46 2024 GMT 369s Not After : Nov 29 21:50:46 2025 GMT 369s Subject: 369s organizationName = Test Organization 369s organizationalUnitName = Test Organization Unit 369s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 369s X509v3 extensions: 369s X509v3 Authority Key Identifier: 369s 56:6F:42:14:83:23:B2:7C:5E:0F:95:6A:83:DF:E5:BC:3A:0D:F6:C1 369s X509v3 Basic Constraints: 369s CA:FALSE 369s Netscape Cert Type: 369s SSL Client, S/MIME 369s Netscape Comment: 369s Test Organization Sub Intermediate CA trusted Certificate 369s X509v3 Subject Key Identifier: 369s 44:00:4F:62:62:EF:74:36:7B:56:EF:51:15:2A:21:0B:93:5C:00:11 369s X509v3 Key Usage: critical 369s Digital Signature, Non Repudiation, Key Encipherment 369s X509v3 Extended Key Usage: 369s TLS Web Client Authentication, E-mail Protection 369s X509v3 Subject Alternative Name: 369s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 369s Certificate is to be certified until Nov 29 21:50:46 2025 GMT (365 days) 369s 369s Write out database with 1 new entries 369s Database updated 369s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem 369s + echo 'This certificate should not be trusted fully' 369s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem 369s + local cmd=openssl 369s + shift 369s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem 369s This certificate should not be trusted fully 369s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 369s error 2 at 1 depth lookup: unable to get issuer certificate 369s error /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 369s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem 369s + local cmd=openssl 369s + shift 369s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem 369s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 369s error 20 at 0 depth lookup: unable to get local issuer certificate 369s error /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 369s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem 369s /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 369s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem 369s + local cmd=openssl 369s + shift 369s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem 369s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 369s error 20 at 0 depth lookup: unable to get local issuer certificate 369s error /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 369s + echo 'Building a the full-chain CA file...' 369s + cat /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.pem 369s + cat /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem 369s + cat /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.pem 369s Building a the full-chain CA file... 369s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-certs-QpipWd/test-full-chain-CA.pem 369s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 369s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 369s 369s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 369s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 369s 369s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 369s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 369s 369s + openssl pkcs7 -print_certs -noout 369s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem 369s /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA.pem: OK 369s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001.pem 369s /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001.pem: OK 369s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001.pem 369s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-root-intermediate-chain-CA.pem 369s /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001.pem: OK 369s /tmp/sssd-softhsm2-certs-QpipWd/test-root-intermediate-chain-CA.pem: OK 369s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-QpipWd/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem 369s /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 369s + echo 'Certificates generation completed!' 369s Certificates generation completed! 369s + [[ -v NO_SSSD_TESTS ]] 369s + [[ -v GENERATE_SMART_CARDS ]] 369s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-10091 369s + local certificate=/tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-root-ca-trusted-cert-0001-10091 369s + local key_cn 369s + local key_name 369s + local tokens_dir 369s + local output_cert_file 369s + token_name= 369s ++ basename /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001.pem .pem 369s + key_name=test-root-CA-trusted-certificate-0001 369s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001.pem 369s ++ sed -n 's/ *commonName *= //p' 369s + key_cn='Test Organization Root Trusted Certificate 0001' 369s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 369s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-root-CA-trusted-certificate-0001.conf 369s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-root-CA-trusted-certificate-0001.conf 369s ++ basename /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 369s + tokens_dir=/tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-root-CA-trusted-certificate-0001 369s + token_name='Test Organization Root Tr Token' 369s + '[' '!' -e /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 369s + local key_file 369s + local decrypted_key 369s + mkdir -p /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-root-CA-trusted-certificate-0001 369s + key_file=/tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001-key.pem 369s + decrypted_key=/tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001-key-decrypted.pem 369s + cat 369s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 123456 --so-pin 123456 --free 369s Slot 0 has a free/uninitialized token. 369s The token has been initialized and is reassigned to slot 251524743 369s + softhsm2-util --show-slots 369s Available slots: 369s Slot 251524743 369s Slot info: 369s Description: SoftHSM slot ID 0xefdf687 369s Manufacturer ID: SoftHSM project 369s Hardware version: 2.6 369s Firmware version: 2.6 369s Token present: yes 369s Token info: 369s Manufacturer ID: SoftHSM project 369s Model: SoftHSM v2 369s Hardware version: 2.6 369s Firmware version: 2.6 369s Serial number: 8731e8bf8efdf687 369s Initialized: yes 369s User PIN init.: yes 369s Label: Test Organization Root Tr Token 369s Slot 1 369s Slot info: 369s Description: SoftHSM slot ID 0x1 369s Manufacturer ID: SoftHSM project 369s Hardware version: 2.6 369s Firmware version: 2.6 369s Token present: yes 369s Token info: 369s Manufacturer ID: SoftHSM project 369s Model: SoftHSM v2 369s Hardware version: 2.6 369s Firmware version: 2.6 369s Serial number: 369s Initialized: no 369s User PIN init.: no 369s Label: 369s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 369s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-10091 -in /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001-key-decrypted.pem 369s writing RSA key 369s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 369s + rm /tmp/sssd-softhsm2-certs-QpipWd/test-root-CA-trusted-certificate-0001-key-decrypted.pem 369s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 369s Object 0: 369s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=8731e8bf8efdf687;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 369s Type: X.509 Certificate (RSA-1024) 369s Expires: Sat Nov 29 21:50:46 2025 369s Label: Test Organization Root Trusted Certificate 0001 369s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 369s 369s + echo 'Test Organization Root Tr Token' 369s Test Organization Root Tr Token 369s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-5415 369s + local certificate=/tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-5415 369s + local key_cn 369s + local key_name 369s + local tokens_dir 369s + local output_cert_file 369s + token_name= 369s ++ basename /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001.pem .pem 369s + key_name=test-intermediate-CA-trusted-certificate-0001 369s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001.pem 369s ++ sed -n 's/ *commonName *= //p' 369s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 369s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 369s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s ++ basename /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 369s + tokens_dir=/tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-intermediate-CA-trusted-certificate-0001 369s + token_name='Test Organization Interme Token' 369s + '[' '!' -e /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 369s + local key_file 369s + local decrypted_key 369s + mkdir -p /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-intermediate-CA-trusted-certificate-0001 369s + key_file=/tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001-key.pem 369s + decrypted_key=/tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 369s + cat 369s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 123456 --so-pin 123456 --free 369s Slot 0 has a free/uninitialized token. 369s The token has been initialized and is reassigned to slot 268484896 369s + softhsm2-util --show-slots 369s Available slots: 369s Slot 268484896 369s Slot info: 369s Description: SoftHSM slot ID 0x1000c120 369s Manufacturer ID: SoftHSM project 369s Hardware version: 2.6 369s Firmware version: 2.6 369s Token present: yes 369s Token info: 369s Manufacturer ID: SoftHSM project 369s Model: SoftHSM v2 369s Hardware version: 2.6 369s Firmware version: 2.6 369s Serial number: f435aaed9000c120 369s Initialized: yes 369s User PIN init.: yes 369s Label: Test Organization Interme Token 369s Slot 1 369s Slot info: 369s Description: SoftHSM slot ID 0x1 369s Manufacturer ID: SoftHSM project 369s Hardware version: 2.6 369s Firmware version: 2.6 369s Token present: yes 369s Token info: 369s Manufacturer ID: SoftHSM project 369s Model: SoftHSM v2 369s Hardware version: 2.6 369s Firmware version: 2.6 369s Serial number: 369s Initialized: no 369s User PIN init.: no 369s Label: 369s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 369s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-5415 -in /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 369s writing RSA key 369s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 369s + rm /tmp/sssd-softhsm2-certs-QpipWd/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 369s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 369s Object 0: 369s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f435aaed9000c120;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 369s Type: X.509 Certificate (RSA-1024) 369s Expires: Sat Nov 29 21:50:46 2025 369s Label: Test Organization Intermediate Trusted Certificate 0001 369s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 369s 369s Test Organization Interme Token 369s + echo 'Test Organization Interme Token' 369s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-20845 369s + local certificate=/tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-20845 369s + local key_cn 369s + local key_name 369s + local tokens_dir 369s + local output_cert_file 369s + token_name= 369s ++ basename /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 369s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 369s ++ sed -n 's/ *commonName *= //p' 369s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem 369s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 369s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 369s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 369s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 369s ++ basename /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 369s + tokens_dir=/tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 369s + token_name='Test Organization Sub Int Token' 369s + '[' '!' -e /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 369s + local key_file 369s + local decrypted_key 369s + mkdir -p /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 369s + key_file=/tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 369s + decrypted_key=/tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 369s + cat 369s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 123456 --so-pin 123456 --free 369s Slot 0 has a free/uninitialized token. 369s The token has been initialized and is reassigned to slot 642005219 369s + softhsm2-util --show-slots 370s Available slots: 370s Slot 642005219 370s Slot info: 370s Description: SoftHSM slot ID 0x264438e3 370s Manufacturer ID: SoftHSM project 370s Hardware version: 2.6 370s Firmware version: 2.6 370s Token present: yes 370s Token info: 370s Manufacturer ID: SoftHSM project 370s Model: SoftHSM v2 370s Hardware version: 2.6 370s Firmware version: 2.6 370s Serial number: a7795da0a64438e3 370s Initialized: yes 370s User PIN init.: yes 370s Label: Test Organization Sub Int Token 370s Slot 1 370s Slot info: 370s Description: SoftHSM slot ID 0x1 370s Manufacturer ID: SoftHSM project 370s Hardware version: 2.6 370s Firmware version: 2.6 370s Token present: yes 370s Token info: 370s Manufacturer ID: SoftHSM project 370s Model: SoftHSM v2 370s Hardware version: 2.6 370s Firmware version: 2.6 370s Serial number: 370s Initialized: no 370s User PIN init.: no 370s Label: 370s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 370s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-20845 -in /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 370s writing RSA key 370s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 370s + rm /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 370s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 370s Object 0: 370s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a7795da0a64438e3;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 370s Type: X.509 Certificate (RSA-1024) 370s Expires: Sat Nov 29 21:50:46 2025 370s Label: Test Organization Sub Intermediate Trusted Certificate 0001 370s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 370s 370s + echo 'Test Organization Sub Int Token' 370s + echo 'Certificates generation completed!' 370s + exit 0 370s + find /tmp/sssd-softhsm2-certs-QpipWd -type d -exec chmod 777 '{}' ';' 370s Test Organization Sub Int Token 370s Certificates generation completed! 370s + find /tmp/sssd-softhsm2-certs-QpipWd -type f -exec chmod 666 '{}' ';' 370s + backup_file /etc/sssd/sssd.conf 370s + '[' -z '' ']' 370s ++ mktemp -d -t sssd-softhsm2-backups-XXXXXX 370s + backupsdir=/tmp/sssd-softhsm2-backups-HxHJLr 370s + '[' -e /etc/sssd/sssd.conf ']' 370s + delete_paths+=("$1") 370s + rm -f /etc/sssd/sssd.conf 370s ++ runuser -u ubuntu -- sh -c 'echo ~' 370s + user_home=/home/ubuntu 370s + mkdir -p /home/ubuntu 370s + chown ubuntu:ubuntu /home/ubuntu 370s ++ runuser -u ubuntu -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}' 370s + user_config=/home/ubuntu/.config 370s + system_config=/etc 370s + softhsm2_conf_paths=("${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf" "root:$system_config/softhsm/softhsm2.conf") 370s + for path_pair in "${softhsm2_conf_paths[@]}" 370s + IFS=: 370s + read -r -a path 370s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 370s + backup_file /home/ubuntu/.config/softhsm2/softhsm2.conf 370s + '[' -z /tmp/sssd-softhsm2-backups-HxHJLr ']' 370s + '[' -e /home/ubuntu/.config/softhsm2/softhsm2.conf ']' 370s + delete_paths+=("$1") 370s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 370s + for path_pair in "${softhsm2_conf_paths[@]}" 370s + IFS=: 370s + read -r -a path 370s + path=/etc/softhsm/softhsm2.conf 370s + backup_file /etc/softhsm/softhsm2.conf 370s + '[' -z /tmp/sssd-softhsm2-backups-HxHJLr ']' 370s + '[' -e /etc/softhsm/softhsm2.conf ']' 370s ++ dirname /etc/softhsm/softhsm2.conf 370s + local back_dir=/tmp/sssd-softhsm2-backups-HxHJLr//etc/softhsm 370s ++ basename /etc/softhsm/softhsm2.conf 370s + local back_path=/tmp/sssd-softhsm2-backups-HxHJLr//etc/softhsm/softhsm2.conf 370s + '[' '!' -e /tmp/sssd-softhsm2-backups-HxHJLr//etc/softhsm/softhsm2.conf ']' 370s + mkdir -p /tmp/sssd-softhsm2-backups-HxHJLr//etc/softhsm 370s + cp -a /etc/softhsm/softhsm2.conf /tmp/sssd-softhsm2-backups-HxHJLr//etc/softhsm/softhsm2.conf 370s + restore_paths+=("$back_path") 370s + rm -f /etc/softhsm/softhsm2.conf 370s + test_authentication login /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-root-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-QpipWd/test-full-chain-CA.pem 370s + pam_service=login 370s + certificate_config=/tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-root-CA-trusted-certificate-0001.conf 370s + ca_db=/tmp/sssd-softhsm2-certs-QpipWd/test-full-chain-CA.pem 370s Using CA DB '/tmp/sssd-softhsm2-certs-QpipWd/test-full-chain-CA.pem' with verification options: '' 370s + verification_options= 370s + mkdir -p -m 700 /etc/sssd 370s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-QpipWd/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 370s + cat 370s + chmod 600 /etc/sssd/sssd.conf 370s + for path_pair in "${softhsm2_conf_paths[@]}" 370s + IFS=: 370s + read -r -a path 370s + user=ubuntu 370s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 370s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 370s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 370s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-root-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 370s + runuser -u ubuntu -- softhsm2-util --show-slots 370s + grep 'Test Organization' 370s Label: Test Organization Root Tr Token 370s + for path_pair in "${softhsm2_conf_paths[@]}" 370s + IFS=: 370s + read -r -a path 370s + user=root 370s + path=/etc/softhsm/softhsm2.conf 370s ++ dirname /etc/softhsm/softhsm2.conf 370s + runuser -u root -- mkdir -p /etc/softhsm 370s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-root-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 370s + runuser -u root -- softhsm2-util --show-slots 370s + grep 'Test Organization' 370s Label: Test Organization Root Tr Token 370s + systemctl restart sssd 370s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 370s + for alternative in "${alternative_pam_configs[@]}" 370s + pam-auth-update --enable sss-smart-card-optional 371s + cat /etc/pam.d/common-auth 371s # 371s # /etc/pam.d/common-auth - authentication settings common to all services 371s # 371s # This file is included from other service-specific PAM config files, 371s # and should contain a list of the authentication modules that define 371s # the central authentication scheme for use on the system 371s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 371s # traditional Unix authentication mechanisms. 371s # 371s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 371s # To take advantage of this, it is recommended that you configure any 371s # local modules either before or after the default block, and use 371s # pam-auth-update to manage selection of other modules. See 371s # pam-auth-update(8) for details. 371s 371s # here are the per-package modules (the "Primary" block) 371s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 371s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 371s auth [success=1 default=ignore] pam_sss.so use_first_pass 371s # here's the fallback if no module succeeds 371s auth requisite pam_deny.so 371s # prime the stack with a positive return value if there isn't one already; 371s # this avoids us returning an error just because nothing sets a success code 371s # since the modules above will each just jump around 371s auth required pam_permit.so 371s # and here are more per-package modules (the "Additional" block) 371s auth optional pam_cap.so 371s # end of pam-auth-update config 371s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 371s + echo -n -e 123456 371s pamtester: invoking pam_start(login, ubuntu, ...) 371s pamtester: performing operation - authenticate 371s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 371s + echo -n -e 123456 371s + runuser -u ubuntu -- pamtester -v login '' authenticate 371s pamtester: invoking pam_start(login, , ...) 371s pamtester: performing operation - authenticate 371s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 371s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 371s + echo -n -e wrong123456 371s pamtester: invoking pam_start(login, ubuntu, ...) 371s pamtester: performing operation - authenticate 375s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 375s + echo -n -e wrong123456 375s + runuser -u ubuntu -- pamtester -v login '' authenticate 375s pamtester: invoking pam_start(login, , ...) 375s pamtester: performing operation - authenticate 377s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 377s + echo -n -e 123456 377s + pamtester -v login root authenticate 377s pamtester: invoking pam_start(login, root, ...) 377s pamtester: performing operation - authenticate 380s Password: pamtester: Authentication failure 380s + for alternative in "${alternative_pam_configs[@]}" 380s + pam-auth-update --enable sss-smart-card-required 380s PAM configuration 380s ----------------- 380s 380s Incompatible PAM profiles selected. 380s 380s The following PAM profiles cannot be used together: 380s 380s SSS required smart card authentication, SSS optional smart card 380s authentication 380s 380s Please select a different set of modules to enable. 380s 380s # 380s # /etc/pam.d/common-auth - authentication settings common to all services 380s # 380s # This file is included from other service-specific PAM config files, 380s # and should contain a list of the authentication modules that define 380s # the central authentication scheme for use on the system 380s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 380s # traditional Unix authentication mechanisms. 380s # 380s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 380s # To take advantage of this, it is recommended that you configure any 380s # local modules either before or after the default block, and use 380s # pam-auth-update to manage selection of other modules. See 380s # pam-auth-update(8) for details. 380s 380s # here are the per-package modules (the "Primary" block) 380s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 380s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 380s auth [success=1 default=ignore] pam_sss.so use_first_pass 380s # here's the fallback if no module succeeds 380s auth requisite pam_deny.so 380s # prime the stack with a positive return value if there isn't one already; 380s # this avoids us returning an error just because nothing sets a success code 380s # since the modules above will each just jump around 380s auth required pam_permit.so 380s # and here are more per-package modules (the "Additional" block) 380s auth optional pam_cap.so 380s # end of pam-auth-update config 380s + cat /etc/pam.d/common-auth 380s + echo -n -e 123456 380s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 380s pamtester: invoking pam_start(login, ubuntu, ...) 380s pamtester: performing operation - authenticate 380s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 380s + runuser -u ubuntu -- pamtester -v login '' authenticate 380s + echo -n -e 123456 380s pamtester: invoking pam_start(login, , ...) 380s pamtester: performing operation - authenticate 380s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 380s + echo -n -e wrong123456 380s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 380s pamtester: invoking pam_start(login, ubuntu, ...) 380s pamtester: performing operation - authenticate 382s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 382s + echo -n -e wrong123456 382s + runuser -u ubuntu -- pamtester -v login '' authenticate 382s pamtester: invoking pam_start(login, , ...) 382s pamtester: performing operation - authenticate 386s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 386s + pamtester -v login root authenticate 386s pamtester: invoking pam_start(login, root, ...) 386s + echo -n -e 123456 386s pamtester: performing operation - authenticate 388s pamtester: Authentication service cannot retrieve authentication info 388s + test_authentication login /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-QpipWd/test-full-chain-CA.pem 388s + pam_service=login 388s + certificate_config=/tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 388s + ca_db=/tmp/sssd-softhsm2-certs-QpipWd/test-full-chain-CA.pem 388s + verification_options= 388s + mkdir -p -m 700 /etc/sssd 388s Using CA DB '/tmp/sssd-softhsm2-certs-QpipWd/test-full-chain-CA.pem' with verification options: '' 388s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-QpipWd/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 388s + cat 388s + chmod 600 /etc/sssd/sssd.conf 388s + for path_pair in "${softhsm2_conf_paths[@]}" 388s + IFS=: 388s + read -r -a path 388s + user=ubuntu 388s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 388s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 388s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 388s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 388s + runuser -u ubuntu -- softhsm2-util --show-slots 388s + grep 'Test Organization' 389s Label: Test Organization Sub Int Token 389s + for path_pair in "${softhsm2_conf_paths[@]}" 389s + IFS=: 389s + read -r -a path 389s + user=root 389s + path=/etc/softhsm/softhsm2.conf 389s ++ dirname /etc/softhsm/softhsm2.conf 389s + runuser -u root -- mkdir -p /etc/softhsm 389s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 389s + grep 'Test Organization' 389s + runuser -u root -- softhsm2-util --show-slots 389s Label: Test Organization Sub Int Token 389s + systemctl restart sssd 389s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 389s + for alternative in "${alternative_pam_configs[@]}" 389s + pam-auth-update --enable sss-smart-card-optional 389s + cat /etc/pam.d/common-auth 389s # 389s # /etc/pam.d/common-auth - authentication settings common to all services 389s # 389s # This file is included from other service-specific PAM config files, 389s # and should contain a list of the authentication modules that define 389s # the central authentication scheme for use on the system 389s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 389s # traditional Unix authentication mechanisms. 389s # 389s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 389s # To take advantage of this, it is recommended that you configure any 389s # local modules either before or after the default block, and use 389s # pam-auth-update to manage selection of other modules. See 389s # pam-auth-update(8) for details. 389s 389s # here are the per-package modules (the "Primary" block) 389s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 389s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 389s auth [success=1 default=ignore] pam_sss.so use_first_pass 389s # here's the fallback if no module succeeds 389s auth requisite pam_deny.so 389s # prime the stack with a positive return value if there isn't one already; 389s # this avoids us returning an error just because nothing sets a success code 389s # since the modules above will each just jump around 389s auth required pam_permit.so 389s # and here are more per-package modules (the "Additional" block) 389s auth optional pam_cap.so 389s # end of pam-auth-update config 389s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 389s + echo -n -e 123456 389s pamtester: invoking pam_start(login, ubuntu, ...) 389s pamtester: performing operation - authenticate 389s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 389s + echo -n -e 123456 389s + runuser -u ubuntu -- pamtester -v login '' authenticate 389s pamtester: invoking pam_start(login, , ...) 389s pamtester: performing operation - authenticate 389s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 389s + echo -n -e wrong123456 389s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 389s pamtester: invoking pam_start(login, ubuntu, ...) 389s pamtester: performing operation - authenticate 393s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 393s + echo -n -e wrong123456 393s + runuser -u ubuntu -- pamtester -v login '' authenticate 393s pamtester: invoking pam_start(login, , ...) 393s pamtester: performing operation - authenticate 395s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 395s + echo -n -e 123456 395s + pamtester -v login root authenticate 395s pamtester: invoking pam_start(login, root, ...) 395s pamtester: performing operation - authenticate 398s Password: pamtester: Authentication failure 398s + for alternative in "${alternative_pam_configs[@]}" 398s + pam-auth-update --enable sss-smart-card-required 399s PAM configuration 399s ----------------- 399s 399s Incompatible PAM profiles selected. 399s 399s The following PAM profiles cannot be used together: 399s 399s SSS required smart card authentication, SSS optional smart card 399s authentication 399s 399s Please select a different set of modules to enable. 399s 399s + cat /etc/pam.d/common-auth 399s # 399s # /etc/pam.d/common-auth - authentication settings common to all services 399s # 399s # This file is included from other service-specific PAM config files, 399s # and should contain a list of the authentication modules that define 399s # the central authentication scheme for use on the system 399s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 399s # traditional Unix authentication mechanisms. 399s # 399s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 399s # To take advantage of this, it is recommended that you configure any 399s # local modules either before or after the default block, and use 399s # pam-auth-update to manage selection of other modules. See 399s # pam-auth-update(8) for details. 399s 399s # here are the per-package modules (the "Primary" block) 399s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 399s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 399s auth [success=1 default=ignore] pam_sss.so use_first_pass 399s # here's the fallback if no module succeeds 399s auth requisite pam_deny.so 399s # prime the stack with a positive return value if there isn't one already; 399s # this avoids us returning an error just because nothing sets a success code 399s # since the modules above will each just jump around 399s auth required pam_permit.so 399s # and here are more per-package modules (the "Additional" block) 399s auth optional pam_cap.so 399s # end of pam-auth-update config 399s + echo -n -e 123456 399s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 399s pamtester: invoking pam_start(login, ubuntu, ...) 399s pamtester: performing operation - authenticate 399s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 399s + echo -n -e 123456 399s + runuser -u ubuntu -- pamtester -v login '' authenticate 399s pamtester: invoking pam_start(login, , ...) 399s pamtester: performing operation - authenticate 399s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 399s + echo -n -e wrong123456 399s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 399s pamtester: invoking pam_start(login, ubuntu, ...) 399s pamtester: performing operation - authenticate 401s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 401s + echo -n -e wrong123456 401s + runuser -u ubuntu -- pamtester -v login '' authenticate 401s pamtester: invoking pam_start(login, , ...) 401s pamtester: performing operation - authenticate 404s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 404s + echo -n -e 123456 404s + pamtester -v login root authenticate 404s pamtester: invoking pam_start(login, root, ...) 404s pamtester: performing operation - authenticate 407s pamtester: Authentication service cannot retrieve authentication info 407s + test_authentication login /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.pem partial_chain 407s + pam_service=login 407s + certificate_config=/tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 407s + ca_db=/tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.pem 407s + verification_options=partial_chain 407s + mkdir -p -m 700 /etc/sssd 407s Using CA DB '/tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.pem' with verification options: 'partial_chain' 407s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-QpipWd/test-sub-intermediate-CA.pem'\'' with verification options: '\''partial_chain'\''' 407s + cat 407s + chmod 600 /etc/sssd/sssd.conf 407s + for path_pair in "${softhsm2_conf_paths[@]}" 407s + IFS=: 407s + read -r -a path 407s + user=ubuntu 407s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 407s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 407s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 407s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 407s + runuser -u ubuntu -- softhsm2-util --show-slots 407s + grep 'Test Organization' 407s Label: Test Organization Sub Int Token 407s + for path_pair in "${softhsm2_conf_paths[@]}" 407s + IFS=: 407s + read -r -a path 407s + user=root 407s + path=/etc/softhsm/softhsm2.conf 407s ++ dirname /etc/softhsm/softhsm2.conf 407s + runuser -u root -- mkdir -p /etc/softhsm 407s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-QpipWd/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 407s + runuser -u root -- softhsm2-util --show-slots 407s + grep 'Test Organization' 407s Label: Test Organization Sub Int Token 407s + systemctl restart sssd 407s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 407s + for alternative in "${alternative_pam_configs[@]}" 407s + pam-auth-update --enable sss-smart-card-optional 408s + cat /etc/pam.d/common-auth 408s # 408s # /etc/pam.d/common-auth - authentication settings common to all services 408s # 408s # This file is included from other service-specific PAM config files, 408s # and should contain a list of the authentication modules that define 408s # the central authentication scheme for use on the system 408s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 408s # traditional Unix authentication mechanisms. 408s # 408s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 408s # To take advantage of this, it is recommended that you configure any 408s # local modules either before or after the default block, and use 408s # pam-auth-update to manage selection of other modules. See 408s # pam-auth-update(8) for details. 408s 408s # here are the per-package modules (the "Primary" block) 408s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 408s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 408s auth [success=1 default=ignore] pam_sss.so use_first_pass 408s # here's the fallback if no module succeeds 408s auth requisite pam_deny.so 408s # prime the stack with a positive return value if there isn't one already; 408s # this avoids us returning an error just because nothing sets a success code 408s # since the modules above will each just jump around 408s auth required pam_permit.so 408s # and here are more per-package modules (the "Additional" block) 408s auth optional pam_cap.so 408s # end of pam-auth-update config 408s + echo -n -e 123456 408s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 408s pamtester: invoking pam_start(login, ubuntu, ...) 408s pamtester: performing operation - authenticate 408s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 408s + runuser -u ubuntu -- pamtester -v login '' authenticate 408s + echo -n -e 123456 408s pamtester: invoking pam_start(login, , ...) 408s pamtester: performing operation - authenticate 408s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 408s + echo -n -e wrong123456 408s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 408s pamtester: invoking pam_start(login, ubuntu, ...) 408s pamtester: performing operation - authenticate 410s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 410s + echo -n -e wrong123456 410s + runuser -u ubuntu -- pamtester -v login '' authenticate 410s pamtester: invoking pam_start(login, , ...) 410s pamtester: performing operation - authenticate 413s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 413s + echo -n -e 123456 413s + pamtester -v login root authenticate 413s pamtester: invoking pam_start(login, root, ...) 413s pamtester: performing operation - authenticate 417s Password: pamtester: Authentication failure 417s + for alternative in "${alternative_pam_configs[@]}" 417s + pam-auth-update --enable sss-smart-card-required 417s PAM configuration 417s ----------------- 417s 417s Incompatible PAM profiles selected. 417s 417s The following PAM profiles cannot be used together: 417s 417s SSS required smart card authentication, SSS optional smart card 417s authentication 417s 417s Please select a different set of modules to enable. 417s 417s + cat /etc/pam.d/common-auth 417s # 417s # /etc/pam.d/common-auth - authentication settings common to all services 417s # 417s # This file is included from other service-specific PAM config files, 417s # and should contain a list of the authentication modules that define 417s # the central authentication scheme for use on the system 417s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 417s # traditional Unix authentication mechanisms. 417s # 417s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 417s # To take advantage of this, it is recommended that you configure any 417s # local modules either before or after the default block, and use 417s # pam-auth-update to manage selection of other modules. See 417s # pam-auth-update(8) for details. 417s 417s # here are the per-package modules (the "Primary" block) 417s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 417s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 417s auth [success=1 default=ignore] pam_sss.so use_first_pass 417s # here's the fallback if no module succeeds 417s auth requisite pam_deny.so 417s # prime the stack with a positive return value if there isn't one already; 417s # this avoids us returning an error just because nothing sets a success code 417s # since the modules above will each just jump around 417s auth required pam_permit.so 417s # and here are more per-package modules (the "Additional" block) 417s auth optional pam_cap.so 417s # end of pam-auth-update config 417s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 417s + echo -n -e 123456 417s pamtester: invoking pam_start(login, ubuntu, ...) 417s pamtester: performing operation - authenticate 417s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 417s + echo -n -e 123456 417s + runuser -u ubuntu -- pamtester -v login '' authenticate 417s pamtester: invoking pam_start(login, , ...) 417s pamtester: performing operation - authenticate 417s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 417s + echo -n -e wrong123456 417s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 417s pamtester: invoking pam_start(login, ubuntu, ...) 417s pamtester: performing operation - authenticate 420s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 420s + echo -n -e wrong123456 420s + runuser -u ubuntu -- pamtester -v login '' authenticate 420s pamtester: invoking pam_start(login, , ...) 420s pamtester: performing operation - authenticate 423s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 423s + echo -n -e 123456 423s + pamtester -v login root authenticate 423s pamtester: invoking pam_start(login, root, ...) 423s pamtester: performing operation - authenticate 425s pamtester: Authentication service cannot retrieve authentication info 425s + handle_exit 425s + exit_code=0 425s + restore_changes 425s + for path in "${restore_paths[@]}" 425s + local original_path 425s ++ realpath --strip --relative-base=/tmp/sssd-softhsm2-backups-HxHJLr /tmp/sssd-softhsm2-backups-HxHJLr//etc/softhsm/softhsm2.conf 425s + original_path=/etc/softhsm/softhsm2.conf 425s + rm /etc/softhsm/softhsm2.conf 425s + mv /tmp/sssd-softhsm2-backups-HxHJLr//etc/softhsm/softhsm2.conf /etc/softhsm/softhsm2.conf 425s + for path in "${delete_paths[@]}" 425s + rm -f /etc/sssd/sssd.conf 425s + for path in "${delete_paths[@]}" 425s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 425s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 426s + '[' -e /etc/sssd/sssd.conf ']' 426s + systemctl stop sssd 426s + '[' -e /etc/softhsm/softhsm2.conf ']' 426s + chmod 600 /etc/softhsm/softhsm2.conf 426s + rm -rf /tmp/sssd-softhsm2-certs-QpipWd 426s Script completed successfully! 426s + '[' 0 = 0 ']' 426s + rm -rf /tmp/sssd-softhsm2-backups-HxHJLr 426s + set +x 426s autopkgtest [21:51:43]: test sssd-smart-card-pam-auth-configs: -----------------------] 427s autopkgtest [21:51:44]: test sssd-smart-card-pam-auth-configs: - - - - - - - - - - results - - - - - - - - - - 427s sssd-smart-card-pam-auth-configs PASS 427s autopkgtest [21:51:44]: @@@@@@@@@@@@@@@@@@@@ summary 427s ldap-user-group-ldap-auth PASS 427s ldap-user-group-krb5-auth PASS 427s sssd-softhism2-certificates-tests.sh PASS 427s sssd-smart-card-pam-auth-configs PASS 438s nova [W] Using flock in prodstack6-ppc64el 438s Creating nova instance adt-noble-ppc64el-sssd-20241129-213010-juju-7f2275-prod-proposed-migration-environment-15-43a50d90-3686-4f7b-bc48-4e221274e35f from image adt/ubuntu-noble-ppc64el-server-20241129.img (UUID 27c7e4da-e3d3-4f1f-930b-bdb881c2e9f7)... 438s nova [W] Using flock in prodstack6-ppc64el 438s Creating nova instance adt-noble-ppc64el-sssd-20241129-213010-juju-7f2275-prod-proposed-migration-environment-15-43a50d90-3686-4f7b-bc48-4e221274e35f from image adt/ubuntu-noble-ppc64el-server-20241129.img (UUID 27c7e4da-e3d3-4f1f-930b-bdb881c2e9f7)...