0s autopkgtest [15:18:53]: starting date and time: 2024-03-16 15:18:53+0000 0s autopkgtest [15:18:53]: git checkout: b506e79c ssh-setup/nova: fix ARCH having two lines of data 0s autopkgtest [15:18:53]: host juju-7f2275-prod-proposed-migration-environment-2; command line: /home/ubuntu/autopkgtest/runner/autopkgtest --output-dir /tmp/autopkgtest-work.iy0gx45k/out --timeout-copy=6000 --setup-commands /home/ubuntu/autopkgtest-cloud/worker-config-production/setup-canonical.sh --apt-pocket=proposed=src:sssd,src:curl,src:gnutls28,src:libpsl,src:libtirpc,src:nettle,src:nfs-utils,src:openssl,src:orthanc-python,src:samba,src:tevent --apt-upgrade sssd --timeout-short=300 --timeout-copy=20000 --timeout-build=20000 '--env=ADT_TEST_TRIGGERS=sssd/2.9.4-1.1ubuntu3 curl/8.5.0-2ubuntu7 gnutls28/3.8.3-1.1ubuntu2 libpsl/0.21.2-1.1 libtirpc/1.3.4+ds-1.1 nettle/3.9.1-2.2 nfs-utils/1:2.6.4-3ubuntu3 openssl/3.0.13-0ubuntu1 orthanc-python/4.1+ds-2build3 samba/2:4.19.5+dfsg-4ubuntu3 tevent/0.16.1-2' -- ssh -s /home/ubuntu/autopkgtest/ssh-setup/nova -- --flavor autopkgtest --security-groups autopkgtest-juju-7f2275-prod-proposed-migration-environment-2@bos02-s390x-20.secgroup --name adt-noble-s390x-sssd-20240316-151853-juju-7f2275-prod-proposed-migration-environment-2 --image adt/ubuntu-noble-s390x-server --keyname testbed-juju-7f2275-prod-proposed-migration-environment-2 --net-id=net_prod-proposed-migration -e TERM=linux -e ''"'"'http_proxy=http://squid.internal:3128'"'"'' -e ''"'"'https_proxy=http://squid.internal:3128'"'"'' -e ''"'"'no_proxy=127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com'"'"'' --mirror=http://ftpmaster.internal/ubuntu/ 207s autopkgtest [15:22:20]: testbed dpkg architecture: s390x 207s autopkgtest [15:22:20]: testbed apt version: 2.7.12 207s autopkgtest [15:22:20]: @@@@@@@@@@@@@@@@@@@@ test bed setup 208s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 208s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [51.4 kB] 208s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [6540 B] 208s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [473 kB] 208s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [3694 kB] 209s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main s390x Packages [632 kB] 209s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main s390x c-n-f Metadata [3032 B] 209s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted s390x Packages [1372 B] 209s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted s390x c-n-f Metadata [116 B] 209s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x Packages [3747 kB] 210s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x c-n-f Metadata [7292 B] 210s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse s390x Packages [33.5 kB] 210s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse s390x c-n-f Metadata [116 B] 211s Fetched 8767 kB in 3s (3202 kB/s) 211s Reading package lists... 214s Reading package lists... 214s Building dependency tree... 214s Reading state information... 214s Calculating upgrade... 214s The following packages will be REMOVED: 214s libssl3 214s The following NEW packages will be installed: 214s libssl3t64 214s The following packages have been kept back: 214s curl 214s The following packages will be upgraded: 214s libtirpc-common openssl ubuntu-minimal ubuntu-standard 214s 4 upgraded, 1 newly installed, 1 to remove and 1 not upgraded. 214s Need to get 2688 kB of archives. 214s After this operation, 23.6 kB of additional disk space will be used. 214s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main s390x openssl s390x 3.0.13-0ubuntu1 [1006 kB] 215s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libssl3t64 s390x 3.0.13-0ubuntu1 [1652 kB] 215s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libtirpc-common all 1.3.4+ds-1.1 [8018 B] 215s Get:4 http://ftpmaster.internal/ubuntu noble/main s390x ubuntu-minimal s390x 1.536 [10.7 kB] 215s Get:5 http://ftpmaster.internal/ubuntu noble/main s390x ubuntu-standard s390x 1.536 [10.7 kB] 215s Fetched 2688 kB in 1s (3785 kB/s) 215s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52171 files and directories currently installed.) 215s Preparing to unpack .../openssl_3.0.13-0ubuntu1_s390x.deb ... 215s Unpacking openssl (3.0.13-0ubuntu1) over (3.0.10-1ubuntu4) ... 215s dpkg: libssl3:s390x: dependency problems, but removing anyway as you requested: 215s wget depends on libssl3 (>= 3.0.0). 215s tnftp depends on libssl3 (>= 3.0.0). 215s tcpdump depends on libssl3 (>= 3.0.0). 215s systemd-resolved depends on libssl3 (>= 3.0.0). 215s systemd depends on libssl3 (>= 3.0.0). 215s sudo depends on libssl3 (>= 3.0.0). 215s s390-tools depends on libssl3 (>= 3.0.0). 215s rsync depends on libssl3 (>= 3.0.0). 215s python3-cryptography depends on libssl3 (>= 3.0.0). 215s openssh-server depends on libssl3 (>= 3.0.10). 215s openssh-client depends on libssl3 (>= 3.0.10). 215s linux-headers-6.8.0-11-generic depends on libssl3 (>= 3.0.0). 215s libsystemd-shared:s390x depends on libssl3 (>= 3.0.0). 215s libssh-4:s390x depends on libssl3 (>= 3.0.0). 215s libsasl2-modules:s390x depends on libssl3 (>= 3.0.0). 215s libsasl2-2:s390x depends on libssl3 (>= 3.0.0). 215s libpython3.12-minimal:s390x depends on libssl3 (>= 3.0.0). 215s libpython3.11-minimal:s390x depends on libssl3 (>= 3.0.0). 215s libnvme1 depends on libssl3 (>= 3.0.0). 215s libkrb5-3:s390x depends on libssl3 (>= 3.0.0). 215s libkmod2:s390x depends on libssl3 (>= 3.0.0). 215s libfido2-1:s390x depends on libssl3 (>= 3.0.0). 215s libcurl4:s390x depends on libssl3 (>= 3.0.0). 215s libcryptsetup12:s390x depends on libssl3 (>= 3.0.0). 215s kmod depends on libssl3 (>= 3.0.0). 215s dhcpcd-base depends on libssl3 (>= 3.0.0). 215s bind9-libs:s390x depends on libssl3 (>= 3.0.0). 215s 215s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52171 files and directories currently installed.) 215s Removing libssl3:s390x (3.0.10-1ubuntu4) ... 215s Selecting previously unselected package libssl3t64:s390x. 215s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52160 files and directories currently installed.) 215s Preparing to unpack .../libssl3t64_3.0.13-0ubuntu1_s390x.deb ... 215s Unpacking libssl3t64:s390x (3.0.13-0ubuntu1) ... 215s Preparing to unpack .../libtirpc-common_1.3.4+ds-1.1_all.deb ... 215s Unpacking libtirpc-common (1.3.4+ds-1.1) over (1.3.4+ds-1build1) ... 215s Preparing to unpack .../ubuntu-minimal_1.536_s390x.deb ... 215s Unpacking ubuntu-minimal (1.536) over (1.535) ... 215s Preparing to unpack .../ubuntu-standard_1.536_s390x.deb ... 215s Unpacking ubuntu-standard (1.536) over (1.535) ... 215s Setting up ubuntu-minimal (1.536) ... 215s Setting up libssl3t64:s390x (3.0.13-0ubuntu1) ... 215s Setting up libtirpc-common (1.3.4+ds-1.1) ... 215s Setting up ubuntu-standard (1.536) ... 215s Setting up openssl (3.0.13-0ubuntu1) ... 215s Processing triggers for man-db (2.12.0-3) ... 216s Processing triggers for libc-bin (2.39-0ubuntu2) ... 216s Reading package lists... 216s Building dependency tree... 216s Reading state information... 216s 0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded. 217s Hit:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease 217s Hit:2 http://ftpmaster.internal/ubuntu noble InRelease 217s Hit:3 http://ftpmaster.internal/ubuntu noble-updates InRelease 217s Hit:4 http://ftpmaster.internal/ubuntu noble-security InRelease 218s Reading package lists... 218s Reading package lists... 218s Building dependency tree... 218s Reading state information... 218s Calculating upgrade... 219s The following packages have been kept back: 219s curl 219s 0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded. 219s Reading package lists... 219s Building dependency tree... 219s Reading state information... 219s 0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded. 222s autopkgtest [15:22:35]: testbed running kernel: Linux 6.8.0-11-generic #11-Ubuntu SMP Tue Feb 13 23:45:46 UTC 2024 222s autopkgtest [15:22:35]: @@@@@@@@@@@@@@@@@@@@ apt-source sssd 236s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main sssd 2.9.4-1.1ubuntu3 (dsc) [5319 B] 236s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main sssd 2.9.4-1.1ubuntu3 (tar) [7983 kB] 236s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main sssd 2.9.4-1.1ubuntu3 (asc) [833 B] 236s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main sssd 2.9.4-1.1ubuntu3 (diff) [48.6 kB] 236s gpgv: Signature made Sat Mar 16 07:03:28 2024 UTC 236s gpgv: using RSA key AC483F68DE728F43F2202FCA568D30F321B2133D 236s gpgv: issuer "steve.langasek@ubuntu.com" 236s gpgv: Can't check signature: No public key 236s dpkg-source: warning: cannot verify inline signature for ./sssd_2.9.4-1.1ubuntu3.dsc: no acceptable signature found 236s autopkgtest [15:22:49]: testing package sssd version 2.9.4-1.1ubuntu3 237s autopkgtest [15:22:50]: build not needed 241s autopkgtest [15:22:54]: test ldap-user-group-ldap-auth: preparing testbed 242s Reading package lists... 242s Building dependency tree... 242s Reading state information... 242s Starting pkgProblemResolver with broken count: 0 242s Starting 2 pkgProblemResolver with broken count: 0 242s Done 242s The following additional packages will be installed: 242s curl expect ldap-utils libavahi-client3 libavahi-common-data 242s libavahi-common3 libbasicobjects0t64 libc-ares2 libcollection4t64 libcrack2 242s libcurl4t64 libdhash1t64 libevent-2.1-7 libgnutls30t64 libhogweed6t64 242s libini-config5t64 libipa-hbac-dev libipa-hbac0t64 libjose0 libkrad0 libldb2 242s libltdl7 libnettle8t64 libnfsidmap1 libnss-sss libnss-sudo libodbc2 242s libpam-pwquality libpam-sss libpath-utils1t64 libpsl5t64 libpwquality-common 242s libpwquality1 libref-array1t64 libsmbclient0 libsss-certmap-dev 242s libsss-certmap0 libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev 242s libsss-nss-idmap0 libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0t64 242s libtirpc3t64 libverto-libevent1 libverto1 libwbclient0 python3-libipa-hbac 242s python3-libsss-nss-idmap python3-sss samba-libs slapd sssd sssd-ad 242s sssd-ad-common sssd-common sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 242s sssd-krb5-common sssd-ldap sssd-passkey sssd-proxy sssd-tools tcl-expect 242s tcl8.6 242s Suggested packages: 242s tk8.6 libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal 242s gnutls-bin odbc-postgresql tdsodbc adcli libsasl2-modules-ldap 242s tcl-tclreadline 242s Recommended packages: 242s cracklib-runtime libsasl2-modules-gssapi-mit 242s | libsasl2-modules-gssapi-heimdal 242s The following packages will be REMOVED: 242s libcurl4 libgnutls30 libhogweed6 libnettle8 libpsl5 libtirpc3 242s The following NEW packages will be installed: 242s autopkgtest-satdep expect ldap-utils libavahi-client3 libavahi-common-data 242s libavahi-common3 libbasicobjects0t64 libc-ares2 libcollection4t64 libcrack2 242s libcurl4t64 libdhash1t64 libevent-2.1-7 libgnutls30t64 libhogweed6t64 242s libini-config5t64 libipa-hbac-dev libipa-hbac0t64 libjose0 libkrad0 libldb2 242s libltdl7 libnettle8t64 libnfsidmap1 libnss-sss libnss-sudo libodbc2 242s libpam-pwquality libpam-sss libpath-utils1t64 libpsl5t64 libpwquality-common 242s libpwquality1 libref-array1t64 libsmbclient0 libsss-certmap-dev 242s libsss-certmap0 libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev 242s libsss-nss-idmap0 libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0t64 242s libtirpc3t64 libverto-libevent1 libverto1 libwbclient0 python3-libipa-hbac 242s python3-libsss-nss-idmap python3-sss samba-libs slapd sssd sssd-ad 242s sssd-ad-common sssd-common sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 242s sssd-krb5-common sssd-ldap sssd-passkey sssd-proxy sssd-tools tcl-expect 242s tcl8.6 242s The following packages will be upgraded: 242s curl 242s 1 upgraded, 71 newly installed, 6 to remove and 0 not upgraded. 242s Need to get 15.1 MB/15.1 MB of archives. 242s After this operation, 50.7 MB of additional disk space will be used. 242s Get:1 /tmp/autopkgtest.mWFgi9/1-autopkgtest-satdep.deb autopkgtest-satdep s390x 0 [872 B] 242s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main s390x curl s390x 8.5.0-2ubuntu7 [227 kB] 243s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libpsl5t64 s390x 0.21.2-1.1 [57.6 kB] 243s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libcurl4t64 s390x 8.5.0-2ubuntu7 [364 kB] 243s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libhogweed6t64 s390x 3.9.1-2.2 [204 kB] 243s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libnettle8t64 s390x 3.9.1-2.2 [210 kB] 243s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libgnutls30t64 s390x 3.8.3-1.1ubuntu2 [1044 kB] 243s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libtirpc3t64 s390x 1.3.4+ds-1.1 [85.8 kB] 243s Get:9 http://ftpmaster.internal/ubuntu noble/main s390x libltdl7 s390x 2.4.7-7 [41.6 kB] 243s Get:10 http://ftpmaster.internal/ubuntu noble/main s390x libodbc2 s390x 2.3.12-1 [164 kB] 243s Get:11 http://ftpmaster.internal/ubuntu noble/main s390x slapd s390x 2.6.7+dfsg-1~exp1ubuntu1 [1617 kB] 243s Get:12 http://ftpmaster.internal/ubuntu noble/main s390x libtcl8.6 s390x 8.6.13+dfsg-2 [948 kB] 243s Get:13 http://ftpmaster.internal/ubuntu noble/main s390x tcl8.6 s390x 8.6.13+dfsg-2 [14.7 kB] 243s Get:14 http://ftpmaster.internal/ubuntu noble/universe s390x tcl-expect s390x 5.45.4-2build1 [99.7 kB] 243s Get:15 http://ftpmaster.internal/ubuntu noble/universe s390x expect s390x 5.45.4-2build1 [137 kB] 243s Get:16 http://ftpmaster.internal/ubuntu noble/main s390x ldap-utils s390x 2.6.7+dfsg-1~exp1ubuntu1 [165 kB] 243s Get:17 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-common-data s390x 0.8-13ubuntu2 [29.5 kB] 243s Get:18 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-common3 s390x 0.8-13ubuntu2 [23.8 kB] 243s Get:19 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-client3 s390x 0.8-13ubuntu2 [26.7 kB] 243s Get:20 http://ftpmaster.internal/ubuntu noble/main s390x libbasicobjects0t64 s390x 0.6.2-2.1 [5810 B] 243s Get:21 http://ftpmaster.internal/ubuntu noble/main s390x libcollection4t64 s390x 0.6.2-2.1 [23.9 kB] 243s Get:22 http://ftpmaster.internal/ubuntu noble/main s390x libcrack2 s390x 2.9.6-5.1 [29.6 kB] 243s Get:23 http://ftpmaster.internal/ubuntu noble/main s390x libdhash1t64 s390x 0.6.2-2.1 [9102 B] 243s Get:24 http://ftpmaster.internal/ubuntu noble/main s390x libevent-2.1-7 s390x 2.1.12-stable-9 [144 kB] 243s Get:25 http://ftpmaster.internal/ubuntu noble/main s390x libpath-utils1t64 s390x 0.6.2-2.1 [9376 B] 243s Get:26 http://ftpmaster.internal/ubuntu noble/main s390x libref-array1t64 s390x 0.6.2-2.1 [7224 B] 243s Get:27 http://ftpmaster.internal/ubuntu noble/main s390x libini-config5t64 s390x 0.6.2-2.1 [46.6 kB] 243s Get:28 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libipa-hbac0t64 s390x 2.9.4-1.1ubuntu3 [17.1 kB] 243s Get:29 http://ftpmaster.internal/ubuntu noble/universe s390x libjose0 s390x 11-3 [45.2 kB] 243s Get:30 http://ftpmaster.internal/ubuntu noble/main s390x libverto-libevent1 s390x 0.3.1-1ubuntu5 [5810 B] 243s Get:31 http://ftpmaster.internal/ubuntu noble/main s390x libverto1 s390x 0.3.1-1ubuntu5 [10.6 kB] 243s Get:32 http://ftpmaster.internal/ubuntu noble/main s390x libkrad0 s390x 1.20.1-5build1 [22.0 kB] 243s Get:33 http://ftpmaster.internal/ubuntu noble/main s390x libtalloc2 s390x 2.4.2-1 [28.3 kB] 243s Get:34 http://ftpmaster.internal/ubuntu noble/main s390x libtdb1 s390x 1.4.10-1 [49.9 kB] 243s Get:35 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libtevent0t64 s390x 0.16.1-2 [43.3 kB] 243s Get:36 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libldb2 s390x 2:2.8.0+samba4.19.5+dfsg-4ubuntu3 [192 kB] 243s Get:37 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libnfsidmap1 s390x 1:2.6.4-3ubuntu3 [50.1 kB] 243s Get:38 http://ftpmaster.internal/ubuntu noble/universe s390x libnss-sudo all 1.9.15p5-3ubuntu1 [14.9 kB] 243s Get:39 http://ftpmaster.internal/ubuntu noble/main s390x libpwquality-common all 1.4.5-3 [7658 B] 243s Get:40 http://ftpmaster.internal/ubuntu noble/main s390x libpwquality1 s390x 1.4.5-3 [14.7 kB] 243s Get:41 http://ftpmaster.internal/ubuntu noble/main s390x libpam-pwquality s390x 1.4.5-3 [11.6 kB] 243s Get:42 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libwbclient0 s390x 2:4.19.5+dfsg-4ubuntu3 [71.0 kB] 243s Get:43 http://ftpmaster.internal/ubuntu noble-proposed/main s390x samba-libs s390x 2:4.19.5+dfsg-4ubuntu3 [6231 kB] 244s Get:44 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libsmbclient0 s390x 2:4.19.5+dfsg-4ubuntu3 [65.0 kB] 244s Get:45 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libnss-sss s390x 2.9.4-1.1ubuntu3 [32.7 kB] 244s Get:46 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libpam-sss s390x 2.9.4-1.1ubuntu3 [52.1 kB] 244s Get:47 http://ftpmaster.internal/ubuntu noble-proposed/main s390x python3-sss s390x 2.9.4-1.1ubuntu3 [46.8 kB] 244s Get:48 http://ftpmaster.internal/ubuntu noble/main s390x libc-ares2 s390x 1.27.0-1 [79.2 kB] 244s Get:49 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libsss-certmap0 s390x 2.9.4-1.1ubuntu3 [46.9 kB] 244s Get:50 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libsss-idmap0 s390x 2.9.4-1.1ubuntu3 [22.3 kB] 244s Get:51 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libsss-nss-idmap0 s390x 2.9.4-1.1ubuntu3 [31.5 kB] 244s Get:52 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-common s390x 2.9.4-1.1ubuntu3 [1125 kB] 244s Get:53 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x sssd-idp s390x 2.9.4-1.1ubuntu3 [27.3 kB] 244s Get:54 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x sssd-passkey s390x 2.9.4-1.1ubuntu3 [32.3 kB] 244s Get:55 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-ad-common s390x 2.9.4-1.1ubuntu3 [74.8 kB] 244s Get:56 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-krb5-common s390x 2.9.4-1.1ubuntu3 [90.3 kB] 244s Get:57 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-ad s390x 2.9.4-1.1ubuntu3 [133 kB] 244s Get:58 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-ipa s390x 2.9.4-1.1ubuntu3 [215 kB] 244s Get:59 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-krb5 s390x 2.9.4-1.1ubuntu3 [14.4 kB] 244s Get:60 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-ldap s390x 2.9.4-1.1ubuntu3 [31.0 kB] 244s Get:61 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-proxy s390x 2.9.4-1.1ubuntu3 [43.9 kB] 244s Get:62 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd s390x 2.9.4-1.1ubuntu3 [4118 B] 244s Get:63 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-dbus s390x 2.9.4-1.1ubuntu3 [101 kB] 244s Get:64 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x sssd-kcm s390x 2.9.4-1.1ubuntu3 [137 kB] 244s Get:65 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-tools s390x 2.9.4-1.1ubuntu3 [97.7 kB] 244s Get:66 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libipa-hbac-dev s390x 2.9.4-1.1ubuntu3 [6672 B] 244s Get:67 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libsss-certmap-dev s390x 2.9.4-1.1ubuntu3 [5730 B] 244s Get:68 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libsss-idmap-dev s390x 2.9.4-1.1ubuntu3 [8380 B] 244s Get:69 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libsss-nss-idmap-dev s390x 2.9.4-1.1ubuntu3 [6704 B] 244s Get:70 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x libsss-sudo s390x 2.9.4-1.1ubuntu3 [21.5 kB] 244s Get:71 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x python3-libipa-hbac s390x 2.9.4-1.1ubuntu3 [16.9 kB] 244s Get:72 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x python3-libsss-nss-idmap s390x 2.9.4-1.1ubuntu3 [9140 B] 244s Preconfiguring packages ... 244s Fetched 15.1 MB in 2s (9473 kB/s) 244s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52173 files and directories currently installed.) 244s Preparing to unpack .../curl_8.5.0-2ubuntu7_s390x.deb ... 244s Unpacking curl (8.5.0-2ubuntu7) over (8.5.0-2ubuntu2) ... 244s dpkg: libpsl5:s390x: dependency problems, but removing anyway as you requested: 244s wget depends on libpsl5 (>= 0.16.0). 244s libcurl4:s390x depends on libpsl5 (>= 0.16.0). 244s libcurl3-gnutls:s390x depends on libpsl5 (>= 0.16.0). 244s 244s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52173 files and directories currently installed.) 244s Removing libpsl5:s390x (0.21.2-1build1) ... 244s Selecting previously unselected package libpsl5t64:s390x. 244s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52168 files and directories currently installed.) 244s Preparing to unpack .../libpsl5t64_0.21.2-1.1_s390x.deb ... 244s Unpacking libpsl5t64:s390x (0.21.2-1.1) ... 244s dpkg: libcurl4:s390x: dependency problems, but removing anyway as you requested: 244s s390-tools depends on libcurl4 (>= 7.16.2). 244s 245s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52174 files and directories currently installed.) 245s Removing libcurl4:s390x (8.5.0-2ubuntu2) ... 245s Selecting previously unselected package libcurl4t64:s390x. 245s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52169 files and directories currently installed.) 245s Preparing to unpack .../libcurl4t64_8.5.0-2ubuntu7_s390x.deb ... 245s Unpacking libcurl4t64:s390x (8.5.0-2ubuntu7) ... 245s dpkg: libhogweed6:s390x: dependency problems, but removing anyway as you requested: 245s librtmp1:s390x depends on libhogweed6. 245s libjcat1:s390x depends on libhogweed6. 245s libgnutls30:s390x depends on libhogweed6 (>= 3.6). 245s 245s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52175 files and directories currently installed.) 245s Removing libhogweed6:s390x (3.9.1-2) ... 245s Selecting previously unselected package libhogweed6t64:s390x. 245s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52170 files and directories currently installed.) 245s Preparing to unpack .../libhogweed6t64_3.9.1-2.2_s390x.deb ... 245s Unpacking libhogweed6t64:s390x (3.9.1-2.2) ... 245s dpkg: libnettle8:s390x: dependency problems, but removing anyway as you requested: 245s librtmp1:s390x depends on libnettle8. 245s libgnutls30:s390x depends on libnettle8 (>= 3.9~). 245s libcurl3-gnutls:s390x depends on libnettle8. 245s libarchive13:s390x depends on libnettle8. 245s 245s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52176 files and directories currently installed.) 245s Removing libnettle8:s390x (3.9.1-2) ... 245s Selecting previously unselected package libnettle8t64:s390x. 245s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52169 files and directories currently installed.) 245s Preparing to unpack .../libnettle8t64_3.9.1-2.2_s390x.deb ... 245s Unpacking libnettle8t64:s390x (3.9.1-2.2) ... 245s dpkg: libgnutls30:s390x: dependency problems, but removing anyway as you requested: 245s librtmp1:s390x depends on libgnutls30 (>= 3.7.2). 245s libldap2:s390x depends on libgnutls30 (>= 3.8.2). 245s libjcat1:s390x depends on libgnutls30 (>= 3.7.3). 245s libcurl3-gnutls:s390x depends on libgnutls30 (>= 3.8.2). 245s fwupd depends on libgnutls30 (>= 3.7.3). 245s dirmngr depends on libgnutls30 (>= 3.8.1). 245s apt depends on libgnutls30 (>= 3.8.1). 245s 245s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52177 files and directories currently installed.) 245s Removing libgnutls30:s390x (3.8.3-1ubuntu1) ... 245s Selecting previously unselected package libgnutls30t64:s390x. 245s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52168 files and directories currently installed.) 245s Preparing to unpack .../libgnutls30t64_3.8.3-1.1ubuntu2_s390x.deb ... 245s Unpacking libgnutls30t64:s390x (3.8.3-1.1ubuntu2) ... 245s Setting up libnettle8t64:s390x (3.9.1-2.2) ... 245s Setting up libhogweed6t64:s390x (3.9.1-2.2) ... 245s Setting up libgnutls30t64:s390x (3.8.3-1.1ubuntu2) ... 245s dpkg: libtirpc3:s390x: dependency problems, but removing anyway as you requested: 245s lsof depends on libtirpc3 (>= 1.0.2). 245s libpython3.12-stdlib:s390x depends on libtirpc3 (>= 1.0.2). 245s libpython3.11-stdlib:s390x depends on libtirpc3 (>= 1.0.2). 245s libnsl2:s390x depends on libtirpc3 (>= 1.0.2). 245s iproute2 depends on libtirpc3 (>= 1.0.2). 245s 245s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52196 files and directories currently installed.) 245s Removing libtirpc3:s390x (1.3.4+ds-1build1) ... 245s Selecting previously unselected package libtirpc3t64:s390x. 245s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52190 files and directories currently installed.) 245s Preparing to unpack .../00-libtirpc3t64_1.3.4+ds-1.1_s390x.deb ... 245s Adding 'diversion of /lib/s390x-linux-gnu/libtirpc.so.3 to /lib/s390x-linux-gnu/libtirpc.so.3.usr-is-merged by libtirpc3t64' 245s Adding 'diversion of /lib/s390x-linux-gnu/libtirpc.so.3.0.0 to /lib/s390x-linux-gnu/libtirpc.so.3.0.0.usr-is-merged by libtirpc3t64' 245s Unpacking libtirpc3t64:s390x (1.3.4+ds-1.1) ... 245s Selecting previously unselected package libltdl7:s390x. 245s Preparing to unpack .../01-libltdl7_2.4.7-7_s390x.deb ... 245s Unpacking libltdl7:s390x (2.4.7-7) ... 245s Selecting previously unselected package libodbc2:s390x. 245s Preparing to unpack .../02-libodbc2_2.3.12-1_s390x.deb ... 245s Unpacking libodbc2:s390x (2.3.12-1) ... 245s Selecting previously unselected package slapd. 245s Preparing to unpack .../03-slapd_2.6.7+dfsg-1~exp1ubuntu1_s390x.deb ... 245s Unpacking slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 245s Selecting previously unselected package libtcl8.6:s390x. 245s Preparing to unpack .../04-libtcl8.6_8.6.13+dfsg-2_s390x.deb ... 245s Unpacking libtcl8.6:s390x (8.6.13+dfsg-2) ... 245s Selecting previously unselected package tcl8.6. 245s Preparing to unpack .../05-tcl8.6_8.6.13+dfsg-2_s390x.deb ... 245s Unpacking tcl8.6 (8.6.13+dfsg-2) ... 245s Selecting previously unselected package tcl-expect:s390x. 245s Preparing to unpack .../06-tcl-expect_5.45.4-2build1_s390x.deb ... 245s Unpacking tcl-expect:s390x (5.45.4-2build1) ... 245s Selecting previously unselected package expect. 245s Preparing to unpack .../07-expect_5.45.4-2build1_s390x.deb ... 245s Unpacking expect (5.45.4-2build1) ... 245s Selecting previously unselected package ldap-utils. 245s Preparing to unpack .../08-ldap-utils_2.6.7+dfsg-1~exp1ubuntu1_s390x.deb ... 245s Unpacking ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 245s Selecting previously unselected package libavahi-common-data:s390x. 245s Preparing to unpack .../09-libavahi-common-data_0.8-13ubuntu2_s390x.deb ... 245s Unpacking libavahi-common-data:s390x (0.8-13ubuntu2) ... 245s Selecting previously unselected package libavahi-common3:s390x. 245s Preparing to unpack .../10-libavahi-common3_0.8-13ubuntu2_s390x.deb ... 245s Unpacking libavahi-common3:s390x (0.8-13ubuntu2) ... 245s Selecting previously unselected package libavahi-client3:s390x. 245s Preparing to unpack .../11-libavahi-client3_0.8-13ubuntu2_s390x.deb ... 245s Unpacking libavahi-client3:s390x (0.8-13ubuntu2) ... 245s Selecting previously unselected package libbasicobjects0t64:s390x. 245s Preparing to unpack .../12-libbasicobjects0t64_0.6.2-2.1_s390x.deb ... 245s Unpacking libbasicobjects0t64:s390x (0.6.2-2.1) ... 245s Selecting previously unselected package libcollection4t64:s390x. 245s Preparing to unpack .../13-libcollection4t64_0.6.2-2.1_s390x.deb ... 245s Unpacking libcollection4t64:s390x (0.6.2-2.1) ... 245s Selecting previously unselected package libcrack2:s390x. 245s Preparing to unpack .../14-libcrack2_2.9.6-5.1_s390x.deb ... 245s Unpacking libcrack2:s390x (2.9.6-5.1) ... 245s Selecting previously unselected package libdhash1t64:s390x. 245s Preparing to unpack .../15-libdhash1t64_0.6.2-2.1_s390x.deb ... 245s Unpacking libdhash1t64:s390x (0.6.2-2.1) ... 245s Selecting previously unselected package libevent-2.1-7:s390x. 245s Preparing to unpack .../16-libevent-2.1-7_2.1.12-stable-9_s390x.deb ... 245s Unpacking libevent-2.1-7:s390x (2.1.12-stable-9) ... 245s Selecting previously unselected package libpath-utils1t64:s390x. 245s Preparing to unpack .../17-libpath-utils1t64_0.6.2-2.1_s390x.deb ... 245s Unpacking libpath-utils1t64:s390x (0.6.2-2.1) ... 245s Selecting previously unselected package libref-array1t64:s390x. 245s Preparing to unpack .../18-libref-array1t64_0.6.2-2.1_s390x.deb ... 245s Unpacking libref-array1t64:s390x (0.6.2-2.1) ... 245s Selecting previously unselected package libini-config5t64:s390x. 245s Preparing to unpack .../19-libini-config5t64_0.6.2-2.1_s390x.deb ... 245s Unpacking libini-config5t64:s390x (0.6.2-2.1) ... 245s Selecting previously unselected package libipa-hbac0t64. 245s Preparing to unpack .../20-libipa-hbac0t64_2.9.4-1.1ubuntu3_s390x.deb ... 245s Unpacking libipa-hbac0t64 (2.9.4-1.1ubuntu3) ... 245s Selecting previously unselected package libjose0:s390x. 245s Preparing to unpack .../21-libjose0_11-3_s390x.deb ... 245s Unpacking libjose0:s390x (11-3) ... 245s Selecting previously unselected package libverto-libevent1:s390x. 246s Preparing to unpack .../22-libverto-libevent1_0.3.1-1ubuntu5_s390x.deb ... 246s Unpacking libverto-libevent1:s390x (0.3.1-1ubuntu5) ... 246s Selecting previously unselected package libverto1:s390x. 246s Preparing to unpack .../23-libverto1_0.3.1-1ubuntu5_s390x.deb ... 246s Unpacking libverto1:s390x (0.3.1-1ubuntu5) ... 246s Selecting previously unselected package libkrad0:s390x. 246s Preparing to unpack .../24-libkrad0_1.20.1-5build1_s390x.deb ... 246s Unpacking libkrad0:s390x (1.20.1-5build1) ... 246s Selecting previously unselected package libtalloc2:s390x. 246s Preparing to unpack .../25-libtalloc2_2.4.2-1_s390x.deb ... 246s Unpacking libtalloc2:s390x (2.4.2-1) ... 246s Selecting previously unselected package libtdb1:s390x. 246s Preparing to unpack .../26-libtdb1_1.4.10-1_s390x.deb ... 246s Unpacking libtdb1:s390x (1.4.10-1) ... 246s Selecting previously unselected package libtevent0t64:s390x. 246s Preparing to unpack .../27-libtevent0t64_0.16.1-2_s390x.deb ... 246s Unpacking libtevent0t64:s390x (0.16.1-2) ... 246s Selecting previously unselected package libldb2:s390x. 246s Preparing to unpack .../28-libldb2_2%3a2.8.0+samba4.19.5+dfsg-4ubuntu3_s390x.deb ... 246s Unpacking libldb2:s390x (2:2.8.0+samba4.19.5+dfsg-4ubuntu3) ... 246s Selecting previously unselected package libnfsidmap1:s390x. 246s Preparing to unpack .../29-libnfsidmap1_1%3a2.6.4-3ubuntu3_s390x.deb ... 246s Unpacking libnfsidmap1:s390x (1:2.6.4-3ubuntu3) ... 246s Selecting previously unselected package libnss-sudo. 246s Preparing to unpack .../30-libnss-sudo_1.9.15p5-3ubuntu1_all.deb ... 246s Unpacking libnss-sudo (1.9.15p5-3ubuntu1) ... 246s Selecting previously unselected package libpwquality-common. 246s Preparing to unpack .../31-libpwquality-common_1.4.5-3_all.deb ... 246s Unpacking libpwquality-common (1.4.5-3) ... 246s Selecting previously unselected package libpwquality1:s390x. 246s Preparing to unpack .../32-libpwquality1_1.4.5-3_s390x.deb ... 246s Unpacking libpwquality1:s390x (1.4.5-3) ... 246s Selecting previously unselected package libpam-pwquality:s390x. 246s Preparing to unpack .../33-libpam-pwquality_1.4.5-3_s390x.deb ... 246s Unpacking libpam-pwquality:s390x (1.4.5-3) ... 246s Selecting previously unselected package libwbclient0:s390x. 246s Preparing to unpack .../34-libwbclient0_2%3a4.19.5+dfsg-4ubuntu3_s390x.deb ... 246s Unpacking libwbclient0:s390x (2:4.19.5+dfsg-4ubuntu3) ... 246s Selecting previously unselected package samba-libs:s390x. 246s Preparing to unpack .../35-samba-libs_2%3a4.19.5+dfsg-4ubuntu3_s390x.deb ... 246s Unpacking samba-libs:s390x (2:4.19.5+dfsg-4ubuntu3) ... 246s Selecting previously unselected package libsmbclient0:s390x. 246s Preparing to unpack .../36-libsmbclient0_2%3a4.19.5+dfsg-4ubuntu3_s390x.deb ... 246s Unpacking libsmbclient0:s390x (2:4.19.5+dfsg-4ubuntu3) ... 246s Selecting previously unselected package libnss-sss:s390x. 246s Preparing to unpack .../37-libnss-sss_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking libnss-sss:s390x (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package libpam-sss:s390x. 246s Preparing to unpack .../38-libpam-sss_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking libpam-sss:s390x (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package python3-sss. 246s Preparing to unpack .../39-python3-sss_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking python3-sss (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package libc-ares2:s390x. 246s Preparing to unpack .../40-libc-ares2_1.27.0-1_s390x.deb ... 246s Unpacking libc-ares2:s390x (1.27.0-1) ... 246s Selecting previously unselected package libsss-certmap0. 246s Preparing to unpack .../41-libsss-certmap0_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking libsss-certmap0 (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package libsss-idmap0. 246s Preparing to unpack .../42-libsss-idmap0_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking libsss-idmap0 (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package libsss-nss-idmap0. 246s Preparing to unpack .../43-libsss-nss-idmap0_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking libsss-nss-idmap0 (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package sssd-common. 246s Preparing to unpack .../44-sssd-common_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking sssd-common (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package sssd-idp. 246s Preparing to unpack .../45-sssd-idp_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking sssd-idp (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package sssd-passkey. 246s Preparing to unpack .../46-sssd-passkey_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking sssd-passkey (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package sssd-ad-common. 246s Preparing to unpack .../47-sssd-ad-common_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking sssd-ad-common (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package sssd-krb5-common. 246s Preparing to unpack .../48-sssd-krb5-common_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking sssd-krb5-common (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package sssd-ad. 246s Preparing to unpack .../49-sssd-ad_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking sssd-ad (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package sssd-ipa. 246s Preparing to unpack .../50-sssd-ipa_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking sssd-ipa (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package sssd-krb5. 246s Preparing to unpack .../51-sssd-krb5_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking sssd-krb5 (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package sssd-ldap. 246s Preparing to unpack .../52-sssd-ldap_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking sssd-ldap (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package sssd-proxy. 246s Preparing to unpack .../53-sssd-proxy_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking sssd-proxy (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package sssd. 246s Preparing to unpack .../54-sssd_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking sssd (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package sssd-dbus. 246s Preparing to unpack .../55-sssd-dbus_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking sssd-dbus (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package sssd-kcm. 246s Preparing to unpack .../56-sssd-kcm_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking sssd-kcm (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package sssd-tools. 246s Preparing to unpack .../57-sssd-tools_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking sssd-tools (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package libipa-hbac-dev. 246s Preparing to unpack .../58-libipa-hbac-dev_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking libipa-hbac-dev (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package libsss-certmap-dev. 246s Preparing to unpack .../59-libsss-certmap-dev_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking libsss-certmap-dev (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package libsss-idmap-dev. 246s Preparing to unpack .../60-libsss-idmap-dev_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking libsss-idmap-dev (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package libsss-nss-idmap-dev. 246s Preparing to unpack .../61-libsss-nss-idmap-dev_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking libsss-nss-idmap-dev (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package libsss-sudo. 246s Preparing to unpack .../62-libsss-sudo_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking libsss-sudo (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package python3-libipa-hbac. 246s Preparing to unpack .../63-python3-libipa-hbac_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking python3-libipa-hbac (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package python3-libsss-nss-idmap. 246s Preparing to unpack .../64-python3-libsss-nss-idmap_2.9.4-1.1ubuntu3_s390x.deb ... 246s Unpacking python3-libsss-nss-idmap (2.9.4-1.1ubuntu3) ... 246s Selecting previously unselected package autopkgtest-satdep. 246s Preparing to unpack .../65-1-autopkgtest-satdep.deb ... 246s Unpacking autopkgtest-satdep (0) ... 246s Setting up libpwquality-common (1.4.5-3) ... 246s Setting up libnfsidmap1:s390x (1:2.6.4-3ubuntu3) ... 246s Setting up libsss-idmap0 (2.9.4-1.1ubuntu3) ... 246s Setting up libbasicobjects0t64:s390x (0.6.2-2.1) ... 246s Setting up libipa-hbac0t64 (2.9.4-1.1ubuntu3) ... 246s Setting up libtirpc3t64:s390x (1.3.4+ds-1.1) ... 246s Setting up libsss-idmap-dev (2.9.4-1.1ubuntu3) ... 246s Setting up libref-array1t64:s390x (0.6.2-2.1) ... 246s Setting up libipa-hbac-dev (2.9.4-1.1ubuntu3) ... 246s Setting up libtdb1:s390x (1.4.10-1) ... 246s Setting up libcollection4t64:s390x (0.6.2-2.1) ... 246s Setting up libpsl5t64:s390x (0.21.2-1.1) ... 246s Setting up libc-ares2:s390x (1.27.0-1) ... 246s Setting up ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 246s Setting up libjose0:s390x (11-3) ... 246s Setting up libwbclient0:s390x (2:4.19.5+dfsg-4ubuntu3) ... 246s Setting up libtalloc2:s390x (2.4.2-1) ... 246s Setting up libpath-utils1t64:s390x (0.6.2-2.1) ... 246s Setting up libavahi-common-data:s390x (0.8-13ubuntu2) ... 246s Setting up libdhash1t64:s390x (0.6.2-2.1) ... 246s Setting up libevent-2.1-7:s390x (2.1.12-stable-9) ... 246s Setting up libtcl8.6:s390x (8.6.13+dfsg-2) ... 246s Setting up libltdl7:s390x (2.4.7-7) ... 246s Setting up libcrack2:s390x (2.9.6-5.1) ... 246s Setting up libodbc2:s390x (2.3.12-1) ... 246s Setting up python3-libipa-hbac (2.9.4-1.1ubuntu3) ... 246s Setting up libnss-sudo (1.9.15p5-3ubuntu1) ... 246s Setting up libsss-nss-idmap0 (2.9.4-1.1ubuntu3) ... 246s Setting up libini-config5t64:s390x (0.6.2-2.1) ... 246s Setting up libtevent0t64:s390x (0.16.1-2) ... 246s Setting up libnss-sss:s390x (2.9.4-1.1ubuntu3) ... 246s Setting up slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 247s Creating new user openldap... done. 247s Creating initial configuration... done. 247s Creating LDAP directory... done. 247s Setting up tcl8.6 (8.6.13+dfsg-2) ... 247s Setting up libcurl4t64:s390x (8.5.0-2ubuntu7) ... 247s Setting up libsss-sudo (2.9.4-1.1ubuntu3) ... 247s Setting up libsss-nss-idmap-dev (2.9.4-1.1ubuntu3) ... 247s Setting up libavahi-common3:s390x (0.8-13ubuntu2) ... 247s Setting up tcl-expect:s390x (5.45.4-2build1) ... 247s Setting up libsss-certmap0 (2.9.4-1.1ubuntu3) ... 247s Setting up libpwquality1:s390x (1.4.5-3) ... 247s Setting up python3-libsss-nss-idmap (2.9.4-1.1ubuntu3) ... 247s Setting up curl (8.5.0-2ubuntu7) ... 247s Setting up libldb2:s390x (2:2.8.0+samba4.19.5+dfsg-4ubuntu3) ... 247s Setting up libavahi-client3:s390x (0.8-13ubuntu2) ... 247s Setting up expect (5.45.4-2build1) ... 247s Setting up libpam-pwquality:s390x (1.4.5-3) ... 247s Setting up samba-libs:s390x (2:4.19.5+dfsg-4ubuntu3) ... 247s Setting up libsss-certmap-dev (2.9.4-1.1ubuntu3) ... 247s Setting up python3-sss (2.9.4-1.1ubuntu3) ... 247s Setting up libsmbclient0:s390x (2:4.19.5+dfsg-4ubuntu3) ... 247s Setting up libpam-sss:s390x (2.9.4-1.1ubuntu3) ... 248s Setting up sssd-common (2.9.4-1.1ubuntu3) ... 248s Creating SSSD system user & group... 248s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 248s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 248s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 248s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 248s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 248s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 248s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 249s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 249s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 249s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 249s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 250s sssd-autofs.service is a disabled or a static unit, not starting it. 250s sssd-nss.service is a disabled or a static unit, not starting it. 250s sssd-pam.service is a disabled or a static unit, not starting it. 250s sssd-ssh.service is a disabled or a static unit, not starting it. 250s sssd-sudo.service is a disabled or a static unit, not starting it. 250s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 250s Setting up sssd-proxy (2.9.4-1.1ubuntu3) ... 250s Setting up sssd-kcm (2.9.4-1.1ubuntu3) ... 250s Created symlink /etc/systemd/system/sockets.target.wants/sssd-kcm.socket → /usr/lib/systemd/system/sssd-kcm.socket. 250s sssd-kcm.service is a disabled or a static unit, not starting it. 250s Setting up sssd-dbus (2.9.4-1.1ubuntu3) ... 250s sssd-ifp.service is a disabled or a static unit, not starting it. 250s Setting up sssd-ad-common (2.9.4-1.1ubuntu3) ... 251s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 251s sssd-pac.service is a disabled or a static unit, not starting it. 251s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 251s Setting up sssd-krb5-common (2.9.4-1.1ubuntu3) ... 251s Setting up sssd-krb5 (2.9.4-1.1ubuntu3) ... 251s Setting up sssd-ldap (2.9.4-1.1ubuntu3) ... 251s Setting up sssd-ad (2.9.4-1.1ubuntu3) ... 251s Setting up sssd-tools (2.9.4-1.1ubuntu3) ... 251s Setting up sssd-ipa (2.9.4-1.1ubuntu3) ... 251s Setting up sssd (2.9.4-1.1ubuntu3) ... 251s Setting up libverto-libevent1:s390x (0.3.1-1ubuntu5) ... 251s Setting up libverto1:s390x (0.3.1-1ubuntu5) ... 251s Setting up libkrad0:s390x (1.20.1-5build1) ... 251s Setting up sssd-passkey (2.9.4-1.1ubuntu3) ... 251s Setting up sssd-idp (2.9.4-1.1ubuntu3) ... 251s Setting up autopkgtest-satdep (0) ... 251s Processing triggers for libc-bin (2.39-0ubuntu2) ... 251s Processing triggers for ufw (0.36.2-5) ... 251s Processing triggers for man-db (2.12.0-3) ... 252s Processing triggers for dbus (1.14.10-4ubuntu1) ... 260s (Reading database ... 53493 files and directories currently installed.) 260s Removing autopkgtest-satdep (0) ... 260s autopkgtest [15:23:13]: test ldap-user-group-ldap-auth: [----------------------- 260s + . debian/tests/util 260s + . debian/tests/common-tests 260s + mydomain=example.com 260s + myhostname=ldap.example.com 260s + mysuffix=dc=example,dc=com 260s + admin_dn=cn=admin,dc=example,dc=com 260s + admin_pw=secret 260s + ldap_user=testuser1 260s + ldap_user_pw=testuser1secret 260s + ldap_group=ldapusers 260s + adjust_hostname ldap.example.com 260s + local myhostname=ldap.example.com 260s + echo ldap.example.com 260s + hostname ldap.example.com 260s + grep -qE ldap.example.com /etc/hosts 260s + echo 127.0.1.10 ldap.example.com 260s + reconfigure_slapd 260s + debconf-set-selections 260s + rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb 260s + dpkg-reconfigure -fnoninteractive -pcritical slapd 261s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 261s Moving old database directory to /var/backups: 261s - directory unknown... done. 261s Creating initial configuration... done. 261s Creating LDAP directory... done. 261s + generate_certs ldap.example.com 261s + local cn=ldap.example.com 261s + local cert=/etc/ldap/server.pem 261s + local key=/etc/ldap/server.key 261s + local cnf=/etc/ldap/openssl.cnf 261s + cat 261s modifying entry "cn=config" 261s 261s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 261s .......................................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 261s .......................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 261s ----- 261s + chmod 0640 /etc/ldap/server.key 261s + chgrp openldap /etc/ldap/server.key 261s + [ ! -f /etc/ldap/server.pem ] 261s + [ ! -f /etc/ldap/server.key ] 261s + enable_ldap_ssl 261s + cat 261s + + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 261s cat 261s + populate_ldap_rfc2307 261s + cat 261s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 261s adding new entry "ou=People,dc=example,dc=com" 261s 261s adding new entry "ou=Group,dc=example,dc=com" 261s 261s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 261s 261s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 261s 261s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 261s 261s + configure_sssd_ldap_rfc2307 261s + cat 261s + chmod 0600 /etc/sssd/sssd.conf 261s + systemctl restart sssd 261s + enable_pam_mkhomedir 261s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 261s + echo session optional pam_mkhomedir.soAssert local user databases do not have our LDAP test data 261s 261s + run_common_tests 261s + echo Assert local user databases do not have our LDAP test data 261s + check_local_user testuser1 261s + local local_user=testuser1 261s + grep -q ^testuser1 /etc/passwd 261s + check_local_group testuser1 261s + local local_group=testuser1 261s + grep -q ^testuser1 /etc/group 261s + check_local_group ldapusers 261s + local local_group=ldapusers 261s + grep -q ^ldapusers /etc/group 261s + The LDAP user is known to the system via getent 261s echo The LDAP user is known to the system via getent 261s + check_getent_user testuser1 261s + local getent_user=testuser1 261s + local output 261s + getent passwd testuser1 261s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 261s The LDAP user's private group is known to the system via getent 261s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 261s + echo The LDAP user's private group is known to the system via getent 261s + check_getent_group testuser1 261s + local getent_group=testuser1 261s + local output 261s + getent group testuser1 261s + output=testuser1:*:10001:testuser1 261s + [ -z testuser1:*:10001:testuser1 ] 261s + echo The LDAP group ldapusers is known to the system via getentThe LDAP group ldapusers is known to the system via getent 261s 261s + check_getent_group ldapusers 261s + local getent_group=ldapusers 261s + local output 261s + getent group ldapusers 261s + output=ldapusers:*:10100:testuser1 261s + [ -z ldapusers:*:10100:testuser1 ] 261s + echoThe id(1) command can resolve the group membership of the LDAP user 261s The id(1) command can resolve the group membership of the LDAP user 261s + id -Gn testuser1 261s + output=testuser1 ldapusers 261s + [ testuser1 ldapusers != testuser1 ldapusers ] 261s + echoThe LDAP user can login on a terminal 261s spawn login 261s ldap.example.com login: testuser1 261s Password: 261s The LDAP user can login on a terminal 261s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1secret 261s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic s390x) 261s 261s * Documentation: https://help.ubuntu.com 261s * Management: https://landscape.canonical.com 261s * Support: https://ubuntu.com/pro 261s 261s 261s The programs included with the Ubuntu system are free software; 261s the exact distribution terms for each program are described in the 261s individual files in /usr/share/doc/*/copyright. 261s 261s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 261s applicable law. 261s 261s 261s The programs included with the Ubuntu system are free software; 261s the exact distribution terms for each program are described in the 261s individual files in /usr/share/doc/*/copyright. 261s 261s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 261s applicable law. 261s 261s Creating directory '/home/testuser1'. 261s [?2004htestuser1@ldap:~$ id -un 261s [?2004l testuser1 262s [?2004htestuser1@ldap:~$ autopkgtest [15:23:15]: test ldap-user-group-ldap-auth: -----------------------] 262s ldap-user-group-ldap-auth PASS 262s autopkgtest [15:23:15]: test ldap-user-group-ldap-auth: - - - - - - - - - - results - - - - - - - - - - 263s autopkgtest [15:23:16]: test ldap-user-group-krb5-auth: preparing testbed 264s Reading package lists... 264s Building dependency tree... 264s Reading state information... 264s Starting pkgProblemResolver with broken count: 0 264s Starting 2 pkgProblemResolver with broken count: 0 264s Done 265s The following additional packages will be installed: 265s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4 265s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 265s Suggested packages: 265s krb5-kdc-ldap krb5-kpropd krb5-k5tls krb5-doc 265s The following NEW packages will be installed: 265s autopkgtest-satdep krb5-admin-server krb5-config krb5-kdc krb5-user 265s libgssrpc4 libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 265s 0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded. 265s Need to get 612 kB/613 kB of archives. 265s After this operation, 2067 kB of additional disk space will be used. 265s Get:1 /tmp/autopkgtest.mWFgi9/2-autopkgtest-satdep.deb autopkgtest-satdep s390x 0 [892 B] 265s Get:2 http://ftpmaster.internal/ubuntu noble/main s390x krb5-config all 2.7 [22.0 kB] 265s Get:3 http://ftpmaster.internal/ubuntu noble/main s390x libgssrpc4 s390x 1.20.1-5build1 [58.9 kB] 265s Get:4 http://ftpmaster.internal/ubuntu noble/main s390x libkadm5clnt-mit12 s390x 1.20.1-5build1 [40.5 kB] 265s Get:5 http://ftpmaster.internal/ubuntu noble/main s390x libkdb5-10 s390x 1.20.1-5build1 [41.4 kB] 265s Get:6 http://ftpmaster.internal/ubuntu noble/main s390x libkadm5srv-mit12 s390x 1.20.1-5build1 [55.2 kB] 265s Get:7 http://ftpmaster.internal/ubuntu noble/universe s390x krb5-user s390x 1.20.1-5build1 [110 kB] 265s Get:8 http://ftpmaster.internal/ubuntu noble/universe s390x krb5-kdc s390x 1.20.1-5build1 [188 kB] 265s Get:9 http://ftpmaster.internal/ubuntu noble/universe s390x krb5-admin-server s390x 1.20.1-5build1 [95.9 kB] 265s Preconfiguring packages ... 266s Fetched 612 kB in 1s (1135 kB/s) 266s Selecting previously unselected package krb5-config. 267s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 53493 files and directories currently installed.) 267s Preparing to unpack .../0-krb5-config_2.7_all.deb ... 267s Unpacking krb5-config (2.7) ... 267s Selecting previously unselected package libgssrpc4:s390x. 267s Preparing to unpack .../1-libgssrpc4_1.20.1-5build1_s390x.deb ... 267s Unpacking libgssrpc4:s390x (1.20.1-5build1) ... 267s Selecting previously unselected package libkadm5clnt-mit12:s390x. 267s Preparing to unpack .../2-libkadm5clnt-mit12_1.20.1-5build1_s390x.deb ... 267s Unpacking libkadm5clnt-mit12:s390x (1.20.1-5build1) ... 267s Selecting previously unselected package libkdb5-10:s390x. 267s Preparing to unpack .../3-libkdb5-10_1.20.1-5build1_s390x.deb ... 267s Unpacking libkdb5-10:s390x (1.20.1-5build1) ... 267s Selecting previously unselected package libkadm5srv-mit12:s390x. 267s Preparing to unpack .../4-libkadm5srv-mit12_1.20.1-5build1_s390x.deb ... 267s Unpacking libkadm5srv-mit12:s390x (1.20.1-5build1) ... 267s Selecting previously unselected package krb5-user. 267s Preparing to unpack .../5-krb5-user_1.20.1-5build1_s390x.deb ... 267s Unpacking krb5-user (1.20.1-5build1) ... 267s Selecting previously unselected package krb5-kdc. 267s Preparing to unpack .../6-krb5-kdc_1.20.1-5build1_s390x.deb ... 267s Unpacking krb5-kdc (1.20.1-5build1) ... 267s Selecting previously unselected package krb5-admin-server. 267s Preparing to unpack .../7-krb5-admin-server_1.20.1-5build1_s390x.deb ... 267s Unpacking krb5-admin-server (1.20.1-5build1) ... 267s Selecting previously unselected package autopkgtest-satdep. 267s Preparing to unpack .../8-2-autopkgtest-satdep.deb ... 267s Unpacking autopkgtest-satdep (0) ... 267s Setting up libgssrpc4:s390x (1.20.1-5build1) ... 267s Setting up krb5-config (2.7) ... 267s Setting up libkadm5clnt-mit12:s390x (1.20.1-5build1) ... 267s Setting up libkdb5-10:s390x (1.20.1-5build1) ... 267s Setting up libkadm5srv-mit12:s390x (1.20.1-5build1) ... 267s Setting up krb5-user (1.20.1-5build1) ... 267s update-alternatives: using /usr/bin/kinit.mit to provide /usr/bin/kinit (kinit) in auto mode 267s update-alternatives: using /usr/bin/klist.mit to provide /usr/bin/klist (klist) in auto mode 267s update-alternatives: using /usr/bin/kswitch.mit to provide /usr/bin/kswitch (kswitch) in auto mode 267s update-alternatives: using /usr/bin/ksu.mit to provide /usr/bin/ksu (ksu) in auto mode 267s update-alternatives: using /usr/bin/kpasswd.mit to provide /usr/bin/kpasswd (kpasswd) in auto mode 267s update-alternatives: using /usr/bin/kdestroy.mit to provide /usr/bin/kdestroy (kdestroy) in auto mode 267s update-alternatives: using /usr/bin/kadmin.mit to provide /usr/bin/kadmin (kadmin) in auto mode 267s update-alternatives: using /usr/bin/ktutil.mit to provide /usr/bin/ktutil (ktutil) in auto mode 267s Setting up krb5-kdc (1.20.1-5build1) ... 267s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-kdc.service → /usr/lib/systemd/system/krb5-kdc.service. 268s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 268s Setting up krb5-admin-server (1.20.1-5build1) ... 268s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-admin-server.service → /usr/lib/systemd/system/krb5-admin-server.service. 268s Setting up autopkgtest-satdep (0) ... 268s Processing triggers for man-db (2.12.0-3) ... 269s Processing triggers for libc-bin (2.39-0ubuntu2) ... 276s (Reading database ... 53586 files and directories currently installed.) 276s Removing autopkgtest-satdep (0) ... 276s autopkgtest [15:23:29]: test ldap-user-group-krb5-auth: [----------------------- 276s + . debian/tests/util 276s + . debian/tests/common-tests 276s + mydomain=example.com 276s + myhostname=ldap.example.com 276s + mysuffix=dc=example,dc=com 276s + myrealm=EXAMPLE.COM 276s + admin_dn=cn=admin,dc=example,dc=com 276s + admin_pw=secret 276s + ldap_user=testuser1 276s + ldap_user_pw=testuser1secret 276s + kerberos_principal_pw=testuser1kerberos 276s + ldap_group=ldapusers 276s + adjust_hostname ldap.example.com 276s + local myhostname=ldap.example.com 276s + echo ldap.example.com 276s + hostname ldap.example.com 276s + grep -qE ldap.example.com /etc/hosts 276s + reconfigure_slapd 276s + debconf-set-selections 276s + rm -rf /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1 /var/backups/unknown-2.6.7+dfsg-1~exp1ubuntu1-20240316-152314.ldapdb 276s + dpkg-reconfigure -fnoninteractive -pcritical slapd 277s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 277s Moving old database directory to /var/backups: 277s - directory unknown... done. 277s Creating initial configuration... done. 277s Creating LDAP directory... done. 277s + generate_certs ldap.example.com 277s + local cn=ldap.example.com 277s + local cert=/etc/ldap/server.pem 277s + local key=/etc/ldap/server.key 277s + local cnf=/etc/ldap/openssl.cnf 277s + cat 277s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 277s ..............++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 277s ...++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 277s ----- 277s + chmod 0640 /etc/ldap/server.key 277s + chgrp openldap /etc/ldap/server.key 277s + [modifying entry "cn=config" 277s 277s adding new entry "ou=People,dc=example,dc=com" 277s 277s adding new entry "ou=Group,dc=example,dc=com" 277s 277s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 277s 277s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 277s 277s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 277s 277s ! -f /etc/ldap/server.pem ] 277s + [ ! -f /etc/ldap/server.key ] 277s + enable_ldap_ssl 277s + cat 277s + cat+ 277s ldapmodify -H ldapi:/// -Y EXTERNAL -Q 277s + populate_ldap_rfc2307 277s + cat 277s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 277s + create_realm EXAMPLE.COM ldap.example.com 277s + local realm_name=EXAMPLE.COM 277s + local kerberos_server=ldap.example.com 277s + rm -rf /var/lib/krb5kdc/* 277s + rm -rf /etc/krb5kdc/kdc.conf 277s + rm -f /etc/krb5.keytab 277s + cat 277s + cat 277s + echo # */admin * 277s + kdb5_util create -s -P secretpassword 277s Initializing database '/var/lib/krb5kdc/principal' for realm 'EXAMPLE.COM', 277s master key name 'K/M@EXAMPLE.COM' 277s + systemctl restart krb5-kdc.service krb5-admin-server.service 277s + create_krb_principal testuser1 testuser1kerberos 277s + local principal=testuser1 277s + local password=testuser1kerberos 277s + kadmin.local -q addprinc -pw testuser1kerberos testuser1 277s No policy specified for testuser1@EXAMPLE.COM; defaulting to no policy 277s Authenticating as principal root/admin@EXAMPLE.COM with password. 277s Principal "testuser1@EXAMPLE.COM" created. 277s + configure_sssd_ldap_rfc2307_krb5_auth 277s + cat 277s + chmod 0600 /etc/sssd/sssd.conf 277s + systemctl restart sssd 277s + enable_pam_mkhomedir 277s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 277s Assert local user databases do not have our LDAP test data 277s + run_common_tests 277s + echo Assert local user databases do not have our LDAP test data 277s + check_local_user testuser1 277s + local local_user=testuser1 277s + grep -q ^testuser1 /etc/passwd 277s + check_local_group testuser1 277s + local local_group=testuser1 277s + grep -q ^testuser1 /etc/group 278s + check_local_group ldapusers 278s + local local_group=ldapusers 278s + grep -q ^ldapusers /etc/group 278s + The LDAP user is known to the system via getent 278s echo The LDAP user is known to the system via getent 278s + check_getent_user testuser1 278s + local getent_user=testuser1 278s + local output 278s + getent passwd testuser1 278s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 278s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 278s + echo The LDAP user's private group is known to the system via getentThe LDAP user's private group is known to the system via getent 278s 278s + check_getent_group testuser1 278s + local getent_group=testuser1 278s + local output 278s + getent group testuser1 278s + output=testuser1:*:10001:testuser1 278s + [ -z testuser1:*:10001:testuser1 ] 278s + echo The LDAP group ldapusers is known to the system via getent 278s The LDAP group ldapusers is known to the system via getent 278s + check_getent_group ldapusers 278s + local getent_group=ldapusers 278s + local output 278s + getent group ldapusers 278s + output=ldapusers:*:10100:testuser1 278s + [ -z ldapusers:*:10100:testuser1 ] 278s + The id(1) command can resolve the group membership of the LDAP user 278s The Kerberos principal can login on a terminal 278s echo The id(1) command can resolve the group membership of the LDAP user 278s + id -Gn testuser1 278s + output=testuser1 ldapusers 278s + [ testuser1 ldapusers != testuser1 ldapusers ] 278s + echo The Kerberos principal can login on a terminal 278s spawn login 278s ldap.example.com login: testuser1 278s Password: 278s + kdestroy 278s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1kerberos testuser1@EXAMPLE.COM 278s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic s390x) 278s 278s * Documentation: https://help.ubuntu.com 278s * Management: https://landscape.canonical.com 278s * Support: https://ubuntu.com/pro 278s 278s 278s The programs included with the Ubuntu system are free software; 278s the exact distribution terms for each program are described in the 278s individual files in /usr/share/doc/*/copyright. 278s 278s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 278s applicable law. 278s 278s Last login: Sat Mar 16 15:23:14 UTC 2024 on pts/0 278s [?2004htestuser1@ldap:~$ id -un 278s [?2004l testuser1 278s [?2004htestuser1@ldap:~$ klist 278s [?2004l Ticket cache: FILE:/tmp/krb5cc_10001_14B5M4 278s Default principal: testuser1@EXAMPLE.COM 278s autopkgtest [15:23:31]: test ldap-user-group-krb5-auth: -----------------------] 279s autopkgtest [15:23:32]: test ldap-user-group-krb5-auth: - - - - - - - - - - results - - - - - - - - - - 279s ldap-user-group-krb5-auth PASS 279s autopkgtest [15:23:32]: test sssd-softhism2-certificates-tests.sh: preparing testbed 450s autopkgtest [15:26:23]: testbed dpkg architecture: s390x 450s autopkgtest [15:26:23]: testbed apt version: 2.7.12 450s autopkgtest [15:26:23]: @@@@@@@@@@@@@@@@@@@@ test bed setup 451s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 451s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [51.4 kB] 451s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [3694 kB] 452s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [473 kB] 452s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [6540 B] 452s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main s390x Packages [632 kB] 452s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main s390x c-n-f Metadata [3032 B] 452s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted s390x Packages [1372 B] 452s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted s390x c-n-f Metadata [116 B] 452s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x Packages [3747 kB] 453s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x c-n-f Metadata [7292 B] 453s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse s390x Packages [33.5 kB] 453s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse s390x c-n-f Metadata [116 B] 454s Fetched 8767 kB in 2s (3703 kB/s) 454s Reading package lists... 457s Reading package lists... 457s Building dependency tree... 457s Reading state information... 457s Calculating upgrade... 457s The following packages will be REMOVED: 457s libssl3 457s The following NEW packages will be installed: 457s libssl3t64 457s The following packages have been kept back: 457s curl 457s The following packages will be upgraded: 457s libtirpc-common openssl ubuntu-minimal ubuntu-standard 457s 4 upgraded, 1 newly installed, 1 to remove and 1 not upgraded. 457s Need to get 2688 kB of archives. 457s After this operation, 23.6 kB of additional disk space will be used. 457s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main s390x openssl s390x 3.0.13-0ubuntu1 [1006 kB] 458s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libssl3t64 s390x 3.0.13-0ubuntu1 [1652 kB] 458s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libtirpc-common all 1.3.4+ds-1.1 [8018 B] 458s Get:4 http://ftpmaster.internal/ubuntu noble/main s390x ubuntu-minimal s390x 1.536 [10.7 kB] 458s Get:5 http://ftpmaster.internal/ubuntu noble/main s390x ubuntu-standard s390x 1.536 [10.7 kB] 458s Fetched 2688 kB in 1s (3779 kB/s) 458s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52171 files and directories currently installed.) 458s Preparing to unpack .../openssl_3.0.13-0ubuntu1_s390x.deb ... 458s Unpacking openssl (3.0.13-0ubuntu1) over (3.0.10-1ubuntu4) ... 458s dpkg: libssl3:s390x: dependency problems, but removing anyway as you requested: 458s wget depends on libssl3 (>= 3.0.0). 458s tnftp depends on libssl3 (>= 3.0.0). 458s tcpdump depends on libssl3 (>= 3.0.0). 458s systemd-resolved depends on libssl3 (>= 3.0.0). 458s systemd depends on libssl3 (>= 3.0.0). 458s sudo depends on libssl3 (>= 3.0.0). 458s s390-tools depends on libssl3 (>= 3.0.0). 458s rsync depends on libssl3 (>= 3.0.0). 458s python3-cryptography depends on libssl3 (>= 3.0.0). 458s openssh-server depends on libssl3 (>= 3.0.10). 458s openssh-client depends on libssl3 (>= 3.0.10). 458s linux-headers-6.8.0-11-generic depends on libssl3 (>= 3.0.0). 458s libsystemd-shared:s390x depends on libssl3 (>= 3.0.0). 458s libssh-4:s390x depends on libssl3 (>= 3.0.0). 458s libsasl2-modules:s390x depends on libssl3 (>= 3.0.0). 458s libsasl2-2:s390x depends on libssl3 (>= 3.0.0). 458s libpython3.12-minimal:s390x depends on libssl3 (>= 3.0.0). 458s libpython3.11-minimal:s390x depends on libssl3 (>= 3.0.0). 458s libnvme1 depends on libssl3 (>= 3.0.0). 458s libkrb5-3:s390x depends on libssl3 (>= 3.0.0). 458s libkmod2:s390x depends on libssl3 (>= 3.0.0). 458s libfido2-1:s390x depends on libssl3 (>= 3.0.0). 458s libcurl4:s390x depends on libssl3 (>= 3.0.0). 458s libcryptsetup12:s390x depends on libssl3 (>= 3.0.0). 458s kmod depends on libssl3 (>= 3.0.0). 458s dhcpcd-base depends on libssl3 (>= 3.0.0). 458s bind9-libs:s390x depends on libssl3 (>= 3.0.0). 458s 458s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52171 files and directories currently installed.) 458s Removing libssl3:s390x (3.0.10-1ubuntu4) ... 458s Selecting previously unselected package libssl3t64:s390x. 458s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52160 files and directories currently installed.) 458s Preparing to unpack .../libssl3t64_3.0.13-0ubuntu1_s390x.deb ... 458s Unpacking libssl3t64:s390x (3.0.13-0ubuntu1) ... 458s Preparing to unpack .../libtirpc-common_1.3.4+ds-1.1_all.deb ... 458s Unpacking libtirpc-common (1.3.4+ds-1.1) over (1.3.4+ds-1build1) ... 458s Preparing to unpack .../ubuntu-minimal_1.536_s390x.deb ... 458s Unpacking ubuntu-minimal (1.536) over (1.535) ... 458s Preparing to unpack .../ubuntu-standard_1.536_s390x.deb ... 458s Unpacking ubuntu-standard (1.536) over (1.535) ... 458s Setting up ubuntu-minimal (1.536) ... 458s Setting up libssl3t64:s390x (3.0.13-0ubuntu1) ... 458s Setting up libtirpc-common (1.3.4+ds-1.1) ... 458s Setting up ubuntu-standard (1.536) ... 458s Setting up openssl (3.0.13-0ubuntu1) ... 458s Processing triggers for man-db (2.12.0-3) ... 459s Processing triggers for libc-bin (2.39-0ubuntu2) ... 459s Reading package lists... 459s Building dependency tree... 459s Reading state information... 460s 0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded. 460s Hit:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease 460s Hit:2 http://ftpmaster.internal/ubuntu noble InRelease 460s Hit:3 http://ftpmaster.internal/ubuntu noble-updates InRelease 460s Hit:4 http://ftpmaster.internal/ubuntu noble-security InRelease 461s Reading package lists... 461s Reading package lists... 461s Building dependency tree... 461s Reading state information... 462s Calculating upgrade... 462s The following packages have been kept back: 462s curl 462s 0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded. 462s Reading package lists... 462s Building dependency tree... 462s Reading state information... 462s 0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded. 466s Reading package lists... 466s Building dependency tree... 466s Reading state information... 466s Starting pkgProblemResolver with broken count: 0 466s Starting 2 pkgProblemResolver with broken count: 0 466s Done 467s The following additional packages will be installed: 467s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 467s libbasicobjects0t64 libc-ares2 libcollection4t64 libcrack2 libdhash1t64 467s libevent-2.1-7 libgnutls-dane0t64 libgnutls30t64 libhogweed6t64 467s libini-config5t64 libipa-hbac0t64 libldb2 libnettle8t64 libnfsidmap1 467s libnss-sss libpam-pwquality libpam-sss libpath-utils1t64 libpwquality-common 467s libpwquality1 libref-array1t64 libsmbclient0 libsofthsm2 libsss-certmap0 467s libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 libtevent0t64 467s libtirpc3t64 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 467s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 467s sssd-krb5-common sssd-ldap sssd-proxy 467s Suggested packages: 467s dns-root-data adcli libsss-sudo sssd-tools libsasl2-modules-ldap 467s Recommended packages: 467s cracklib-runtime libsasl2-modules-gssapi-mit 467s | libsasl2-modules-gssapi-heimdal ldap-utils 467s The following packages will be REMOVED: 467s libgnutls30 libhogweed6 libnettle8 libtirpc3 467s The following NEW packages will be installed: 467s autopkgtest-satdep gnutls-bin libavahi-client3 libavahi-common-data 467s libavahi-common3 libbasicobjects0t64 libc-ares2 libcollection4t64 libcrack2 467s libdhash1t64 libevent-2.1-7 libgnutls-dane0t64 libgnutls30t64 libhogweed6t64 467s libini-config5t64 libipa-hbac0t64 libldb2 libnettle8t64 libnfsidmap1 467s libnss-sss libpam-pwquality libpam-sss libpath-utils1t64 libpwquality-common 467s libpwquality1 libref-array1t64 libsmbclient0 libsofthsm2 libsss-certmap0 467s libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 libtevent0t64 467s libtirpc3t64 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 467s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 467s sssd-krb5-common sssd-ldap sssd-proxy 467s 0 upgraded, 50 newly installed, 4 to remove and 1 not upgraded. 467s Need to get 11.9 MB/11.9 MB of archives. 467s After this operation, 41.1 MB of additional disk space will be used. 467s Get:1 /tmp/autopkgtest.mWFgi9/3-autopkgtest-satdep.deb autopkgtest-satdep s390x 0 [744 B] 467s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libhogweed6t64 s390x 3.9.1-2.2 [204 kB] 467s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libnettle8t64 s390x 3.9.1-2.2 [210 kB] 467s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libgnutls30t64 s390x 3.8.3-1.1ubuntu2 [1044 kB] 467s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libtirpc3t64 s390x 1.3.4+ds-1.1 [85.8 kB] 467s Get:6 http://ftpmaster.internal/ubuntu noble/main s390x libevent-2.1-7 s390x 2.1.12-stable-9 [144 kB] 467s Get:7 http://ftpmaster.internal/ubuntu noble/main s390x libunbound8 s390x 1.19.1-1ubuntu1 [453 kB] 467s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libgnutls-dane0t64 s390x 3.8.3-1.1ubuntu2 [33.3 kB] 467s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x gnutls-bin s390x 3.8.3-1.1ubuntu2 [293 kB] 467s Get:10 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-common-data s390x 0.8-13ubuntu2 [29.5 kB] 467s Get:11 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-common3 s390x 0.8-13ubuntu2 [23.8 kB] 467s Get:12 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-client3 s390x 0.8-13ubuntu2 [26.7 kB] 467s Get:13 http://ftpmaster.internal/ubuntu noble/main s390x libbasicobjects0t64 s390x 0.6.2-2.1 [5810 B] 467s Get:14 http://ftpmaster.internal/ubuntu noble/main s390x libcollection4t64 s390x 0.6.2-2.1 [23.9 kB] 468s Get:15 http://ftpmaster.internal/ubuntu noble/main s390x libcrack2 s390x 2.9.6-5.1 [29.6 kB] 468s Get:16 http://ftpmaster.internal/ubuntu noble/main s390x libdhash1t64 s390x 0.6.2-2.1 [9102 B] 468s Get:17 http://ftpmaster.internal/ubuntu noble/main s390x libpath-utils1t64 s390x 0.6.2-2.1 [9376 B] 468s Get:18 http://ftpmaster.internal/ubuntu noble/main s390x libref-array1t64 s390x 0.6.2-2.1 [7224 B] 468s Get:19 http://ftpmaster.internal/ubuntu noble/main s390x libini-config5t64 s390x 0.6.2-2.1 [46.6 kB] 468s Get:20 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libipa-hbac0t64 s390x 2.9.4-1.1ubuntu3 [17.1 kB] 468s Get:21 http://ftpmaster.internal/ubuntu noble/main s390x libtalloc2 s390x 2.4.2-1 [28.3 kB] 468s Get:22 http://ftpmaster.internal/ubuntu noble/main s390x libtdb1 s390x 1.4.10-1 [49.9 kB] 468s Get:23 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libtevent0t64 s390x 0.16.1-2 [43.3 kB] 468s Get:24 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libldb2 s390x 2:2.8.0+samba4.19.5+dfsg-4ubuntu3 [192 kB] 468s Get:25 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libnfsidmap1 s390x 1:2.6.4-3ubuntu3 [50.1 kB] 468s Get:26 http://ftpmaster.internal/ubuntu noble/main s390x libpwquality-common all 1.4.5-3 [7658 B] 468s Get:27 http://ftpmaster.internal/ubuntu noble/main s390x libpwquality1 s390x 1.4.5-3 [14.7 kB] 468s Get:28 http://ftpmaster.internal/ubuntu noble/main s390x libpam-pwquality s390x 1.4.5-3 [11.6 kB] 468s Get:29 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libwbclient0 s390x 2:4.19.5+dfsg-4ubuntu3 [71.0 kB] 468s Get:30 http://ftpmaster.internal/ubuntu noble-proposed/main s390x samba-libs s390x 2:4.19.5+dfsg-4ubuntu3 [6231 kB] 468s Get:31 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libsmbclient0 s390x 2:4.19.5+dfsg-4ubuntu3 [65.0 kB] 468s Get:32 http://ftpmaster.internal/ubuntu noble/universe s390x softhsm2-common s390x 2.6.1-2.2 [5808 B] 468s Get:33 http://ftpmaster.internal/ubuntu noble/universe s390x libsofthsm2 s390x 2.6.1-2.2 [265 kB] 468s Get:34 http://ftpmaster.internal/ubuntu noble/universe s390x softhsm2 s390x 2.6.1-2.2 [174 kB] 468s Get:35 http://ftpmaster.internal/ubuntu noble-proposed/main s390x python3-sss s390x 2.9.4-1.1ubuntu3 [46.8 kB] 468s Get:36 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libsss-idmap0 s390x 2.9.4-1.1ubuntu3 [22.3 kB] 468s Get:37 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libnss-sss s390x 2.9.4-1.1ubuntu3 [32.7 kB] 468s Get:38 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libpam-sss s390x 2.9.4-1.1ubuntu3 [52.1 kB] 468s Get:39 http://ftpmaster.internal/ubuntu noble/main s390x libc-ares2 s390x 1.27.0-1 [79.2 kB] 468s Get:40 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libsss-certmap0 s390x 2.9.4-1.1ubuntu3 [46.9 kB] 468s Get:41 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libsss-nss-idmap0 s390x 2.9.4-1.1ubuntu3 [31.5 kB] 468s Get:42 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-common s390x 2.9.4-1.1ubuntu3 [1125 kB] 469s Get:43 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-ad-common s390x 2.9.4-1.1ubuntu3 [74.8 kB] 469s Get:44 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-krb5-common s390x 2.9.4-1.1ubuntu3 [90.3 kB] 469s Get:45 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-ad s390x 2.9.4-1.1ubuntu3 [133 kB] 469s Get:46 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-ipa s390x 2.9.4-1.1ubuntu3 [215 kB] 469s Get:47 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-krb5 s390x 2.9.4-1.1ubuntu3 [14.4 kB] 469s Get:48 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-ldap s390x 2.9.4-1.1ubuntu3 [31.0 kB] 469s Get:49 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd-proxy s390x 2.9.4-1.1ubuntu3 [43.9 kB] 469s Get:50 http://ftpmaster.internal/ubuntu noble-proposed/main s390x sssd s390x 2.9.4-1.1ubuntu3 [4118 B] 469s Fetched 11.9 MB in 2s (5945 kB/s) 469s dpkg: libhogweed6:s390x: dependency problems, but removing anyway as you requested: 469s librtmp1:s390x depends on libhogweed6. 469s libjcat1:s390x depends on libhogweed6. 469s libgnutls30:s390x depends on libhogweed6 (>= 3.6). 469s 469s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52173 files and directories currently installed.) 469s Removing libhogweed6:s390x (3.9.1-2) ... 469s Selecting previously unselected package libhogweed6t64:s390x. 469s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52168 files and directories currently installed.) 469s Preparing to unpack .../libhogweed6t64_3.9.1-2.2_s390x.deb ... 469s Unpacking libhogweed6t64:s390x (3.9.1-2.2) ... 469s dpkg: libnettle8:s390x: dependency problems, but removing anyway as you requested: 469s librtmp1:s390x depends on libnettle8. 469s libgnutls30:s390x depends on libnettle8 (>= 3.9~). 469s libcurl3-gnutls:s390x depends on libnettle8. 469s libarchive13:s390x depends on libnettle8. 469s 469s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52174 files and directories currently installed.) 469s Removing libnettle8:s390x (3.9.1-2) ... 469s Selecting previously unselected package libnettle8t64:s390x. 469s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52167 files and directories currently installed.) 469s Preparing to unpack .../libnettle8t64_3.9.1-2.2_s390x.deb ... 469s Unpacking libnettle8t64:s390x (3.9.1-2.2) ... 469s dpkg: libgnutls30:s390x: dependency problems, but removing anyway as you requested: 469s librtmp1:s390x depends on libgnutls30 (>= 3.7.2). 469s libldap2:s390x depends on libgnutls30 (>= 3.8.2). 469s libjcat1:s390x depends on libgnutls30 (>= 3.7.3). 469s libcurl3-gnutls:s390x depends on libgnutls30 (>= 3.8.2). 469s fwupd depends on libgnutls30 (>= 3.7.3). 469s dirmngr depends on libgnutls30 (>= 3.8.1). 469s apt depends on libgnutls30 (>= 3.8.1). 469s 469s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52175 files and directories currently installed.) 469s Removing libgnutls30:s390x (3.8.3-1ubuntu1) ... 469s Selecting previously unselected package libgnutls30t64:s390x. 469s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52166 files and directories currently installed.) 469s Preparing to unpack .../libgnutls30t64_3.8.3-1.1ubuntu2_s390x.deb ... 469s Unpacking libgnutls30t64:s390x (3.8.3-1.1ubuntu2) ... 469s Setting up libnettle8t64:s390x (3.9.1-2.2) ... 469s Setting up libhogweed6t64:s390x (3.9.1-2.2) ... 469s Setting up libgnutls30t64:s390x (3.8.3-1.1ubuntu2) ... 469s dpkg: libtirpc3:s390x: dependency problems, but removing anyway as you requested: 469s lsof depends on libtirpc3 (>= 1.0.2). 469s libpython3.12-stdlib:s390x depends on libtirpc3 (>= 1.0.2). 469s libpython3.11-stdlib:s390x depends on libtirpc3 (>= 1.0.2). 469s libnsl2:s390x depends on libtirpc3 (>= 1.0.2). 469s iproute2 depends on libtirpc3 (>= 1.0.2). 469s 469s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52194 files and directories currently installed.) 469s Removing libtirpc3:s390x (1.3.4+ds-1build1) ... 469s Selecting previously unselected package libtirpc3t64:s390x. 469s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52188 files and directories currently installed.) 469s Preparing to unpack .../00-libtirpc3t64_1.3.4+ds-1.1_s390x.deb ... 469s Adding 'diversion of /lib/s390x-linux-gnu/libtirpc.so.3 to /lib/s390x-linux-gnu/libtirpc.so.3.usr-is-merged by libtirpc3t64' 469s Adding 'diversion of /lib/s390x-linux-gnu/libtirpc.so.3.0.0 to /lib/s390x-linux-gnu/libtirpc.so.3.0.0.usr-is-merged by libtirpc3t64' 469s Unpacking libtirpc3t64:s390x (1.3.4+ds-1.1) ... 469s Selecting previously unselected package libevent-2.1-7:s390x. 469s Preparing to unpack .../01-libevent-2.1-7_2.1.12-stable-9_s390x.deb ... 469s Unpacking libevent-2.1-7:s390x (2.1.12-stable-9) ... 469s Selecting previously unselected package libunbound8:s390x. 469s Preparing to unpack .../02-libunbound8_1.19.1-1ubuntu1_s390x.deb ... 469s Unpacking libunbound8:s390x (1.19.1-1ubuntu1) ... 469s Selecting previously unselected package libgnutls-dane0t64:s390x. 469s Preparing to unpack .../03-libgnutls-dane0t64_3.8.3-1.1ubuntu2_s390x.deb ... 469s Unpacking libgnutls-dane0t64:s390x (3.8.3-1.1ubuntu2) ... 469s Selecting previously unselected package gnutls-bin. 469s Preparing to unpack .../04-gnutls-bin_3.8.3-1.1ubuntu2_s390x.deb ... 469s Unpacking gnutls-bin (3.8.3-1.1ubuntu2) ... 470s Selecting previously unselected package libavahi-common-data:s390x. 470s Preparing to unpack .../05-libavahi-common-data_0.8-13ubuntu2_s390x.deb ... 470s Unpacking libavahi-common-data:s390x (0.8-13ubuntu2) ... 470s Selecting previously unselected package libavahi-common3:s390x. 470s Preparing to unpack .../06-libavahi-common3_0.8-13ubuntu2_s390x.deb ... 470s Unpacking libavahi-common3:s390x (0.8-13ubuntu2) ... 470s Selecting previously unselected package libavahi-client3:s390x. 470s Preparing to unpack .../07-libavahi-client3_0.8-13ubuntu2_s390x.deb ... 470s Unpacking libavahi-client3:s390x (0.8-13ubuntu2) ... 470s Selecting previously unselected package libbasicobjects0t64:s390x. 470s Preparing to unpack .../08-libbasicobjects0t64_0.6.2-2.1_s390x.deb ... 470s Unpacking libbasicobjects0t64:s390x (0.6.2-2.1) ... 470s Selecting previously unselected package libcollection4t64:s390x. 470s Preparing to unpack .../09-libcollection4t64_0.6.2-2.1_s390x.deb ... 470s Unpacking libcollection4t64:s390x (0.6.2-2.1) ... 470s Selecting previously unselected package libcrack2:s390x. 470s Preparing to unpack .../10-libcrack2_2.9.6-5.1_s390x.deb ... 470s Unpacking libcrack2:s390x (2.9.6-5.1) ... 470s Selecting previously unselected package libdhash1t64:s390x. 470s Preparing to unpack .../11-libdhash1t64_0.6.2-2.1_s390x.deb ... 470s Unpacking libdhash1t64:s390x (0.6.2-2.1) ... 470s Selecting previously unselected package libpath-utils1t64:s390x. 470s Preparing to unpack .../12-libpath-utils1t64_0.6.2-2.1_s390x.deb ... 470s Unpacking libpath-utils1t64:s390x (0.6.2-2.1) ... 470s Selecting previously unselected package libref-array1t64:s390x. 470s Preparing to unpack .../13-libref-array1t64_0.6.2-2.1_s390x.deb ... 470s Unpacking libref-array1t64:s390x (0.6.2-2.1) ... 470s Selecting previously unselected package libini-config5t64:s390x. 470s Preparing to unpack .../14-libini-config5t64_0.6.2-2.1_s390x.deb ... 470s Unpacking libini-config5t64:s390x (0.6.2-2.1) ... 470s Selecting previously unselected package libipa-hbac0t64. 470s Preparing to unpack .../15-libipa-hbac0t64_2.9.4-1.1ubuntu3_s390x.deb ... 470s Unpacking libipa-hbac0t64 (2.9.4-1.1ubuntu3) ... 470s Selecting previously unselected package libtalloc2:s390x. 470s Preparing to unpack .../16-libtalloc2_2.4.2-1_s390x.deb ... 470s Unpacking libtalloc2:s390x (2.4.2-1) ... 470s Selecting previously unselected package libtdb1:s390x. 470s Preparing to unpack .../17-libtdb1_1.4.10-1_s390x.deb ... 470s Unpacking libtdb1:s390x (1.4.10-1) ... 470s Selecting previously unselected package libtevent0t64:s390x. 470s Preparing to unpack .../18-libtevent0t64_0.16.1-2_s390x.deb ... 470s Unpacking libtevent0t64:s390x (0.16.1-2) ... 470s Selecting previously unselected package libldb2:s390x. 470s Preparing to unpack .../19-libldb2_2%3a2.8.0+samba4.19.5+dfsg-4ubuntu3_s390x.deb ... 470s Unpacking libldb2:s390x (2:2.8.0+samba4.19.5+dfsg-4ubuntu3) ... 470s Selecting previously unselected package libnfsidmap1:s390x. 470s Preparing to unpack .../20-libnfsidmap1_1%3a2.6.4-3ubuntu3_s390x.deb ... 470s Unpacking libnfsidmap1:s390x (1:2.6.4-3ubuntu3) ... 470s Selecting previously unselected package libpwquality-common. 470s Preparing to unpack .../21-libpwquality-common_1.4.5-3_all.deb ... 470s Unpacking libpwquality-common (1.4.5-3) ... 470s Selecting previously unselected package libpwquality1:s390x. 470s Preparing to unpack .../22-libpwquality1_1.4.5-3_s390x.deb ... 470s Unpacking libpwquality1:s390x (1.4.5-3) ... 470s Selecting previously unselected package libpam-pwquality:s390x. 470s Preparing to unpack .../23-libpam-pwquality_1.4.5-3_s390x.deb ... 470s Unpacking libpam-pwquality:s390x (1.4.5-3) ... 470s Selecting previously unselected package libwbclient0:s390x. 470s Preparing to unpack .../24-libwbclient0_2%3a4.19.5+dfsg-4ubuntu3_s390x.deb ... 470s Unpacking libwbclient0:s390x (2:4.19.5+dfsg-4ubuntu3) ... 470s Selecting previously unselected package samba-libs:s390x. 470s Preparing to unpack .../25-samba-libs_2%3a4.19.5+dfsg-4ubuntu3_s390x.deb ... 470s Unpacking samba-libs:s390x (2:4.19.5+dfsg-4ubuntu3) ... 470s Selecting previously unselected package libsmbclient0:s390x. 470s Preparing to unpack .../26-libsmbclient0_2%3a4.19.5+dfsg-4ubuntu3_s390x.deb ... 470s Unpacking libsmbclient0:s390x (2:4.19.5+dfsg-4ubuntu3) ... 470s Selecting previously unselected package softhsm2-common. 470s Preparing to unpack .../27-softhsm2-common_2.6.1-2.2_s390x.deb ... 470s Unpacking softhsm2-common (2.6.1-2.2) ... 470s Selecting previously unselected package libsofthsm2. 470s Preparing to unpack .../28-libsofthsm2_2.6.1-2.2_s390x.deb ... 470s Unpacking libsofthsm2 (2.6.1-2.2) ... 470s Selecting previously unselected package softhsm2. 470s Preparing to unpack .../29-softhsm2_2.6.1-2.2_s390x.deb ... 470s Unpacking softhsm2 (2.6.1-2.2) ... 470s Selecting previously unselected package python3-sss. 470s Preparing to unpack .../30-python3-sss_2.9.4-1.1ubuntu3_s390x.deb ... 470s Unpacking python3-sss (2.9.4-1.1ubuntu3) ... 470s Selecting previously unselected package libsss-idmap0. 470s Preparing to unpack .../31-libsss-idmap0_2.9.4-1.1ubuntu3_s390x.deb ... 470s Unpacking libsss-idmap0 (2.9.4-1.1ubuntu3) ... 470s Selecting previously unselected package libnss-sss:s390x. 470s Preparing to unpack .../32-libnss-sss_2.9.4-1.1ubuntu3_s390x.deb ... 470s Unpacking libnss-sss:s390x (2.9.4-1.1ubuntu3) ... 470s Selecting previously unselected package libpam-sss:s390x. 470s Preparing to unpack .../33-libpam-sss_2.9.4-1.1ubuntu3_s390x.deb ... 470s Unpacking libpam-sss:s390x (2.9.4-1.1ubuntu3) ... 470s Selecting previously unselected package libc-ares2:s390x. 470s Preparing to unpack .../34-libc-ares2_1.27.0-1_s390x.deb ... 470s Unpacking libc-ares2:s390x (1.27.0-1) ... 470s Selecting previously unselected package libsss-certmap0. 470s Preparing to unpack .../35-libsss-certmap0_2.9.4-1.1ubuntu3_s390x.deb ... 470s Unpacking libsss-certmap0 (2.9.4-1.1ubuntu3) ... 470s Selecting previously unselected package libsss-nss-idmap0. 470s Preparing to unpack .../36-libsss-nss-idmap0_2.9.4-1.1ubuntu3_s390x.deb ... 470s Unpacking libsss-nss-idmap0 (2.9.4-1.1ubuntu3) ... 470s Selecting previously unselected package sssd-common. 470s Preparing to unpack .../37-sssd-common_2.9.4-1.1ubuntu3_s390x.deb ... 470s Unpacking sssd-common (2.9.4-1.1ubuntu3) ... 470s Selecting previously unselected package sssd-ad-common. 470s Preparing to unpack .../38-sssd-ad-common_2.9.4-1.1ubuntu3_s390x.deb ... 470s Unpacking sssd-ad-common (2.9.4-1.1ubuntu3) ... 470s Selecting previously unselected package sssd-krb5-common. 470s Preparing to unpack .../39-sssd-krb5-common_2.9.4-1.1ubuntu3_s390x.deb ... 470s Unpacking sssd-krb5-common (2.9.4-1.1ubuntu3) ... 470s Selecting previously unselected package sssd-ad. 470s Preparing to unpack .../40-sssd-ad_2.9.4-1.1ubuntu3_s390x.deb ... 470s Unpacking sssd-ad (2.9.4-1.1ubuntu3) ... 470s Selecting previously unselected package sssd-ipa. 470s Preparing to unpack .../41-sssd-ipa_2.9.4-1.1ubuntu3_s390x.deb ... 470s Unpacking sssd-ipa (2.9.4-1.1ubuntu3) ... 470s Selecting previously unselected package sssd-krb5. 470s Preparing to unpack .../42-sssd-krb5_2.9.4-1.1ubuntu3_s390x.deb ... 470s Unpacking sssd-krb5 (2.9.4-1.1ubuntu3) ... 470s Selecting previously unselected package sssd-ldap. 470s Preparing to unpack .../43-sssd-ldap_2.9.4-1.1ubuntu3_s390x.deb ... 470s Unpacking sssd-ldap (2.9.4-1.1ubuntu3) ... 470s Selecting previously unselected package sssd-proxy. 470s Preparing to unpack .../44-sssd-proxy_2.9.4-1.1ubuntu3_s390x.deb ... 470s Unpacking sssd-proxy (2.9.4-1.1ubuntu3) ... 470s Selecting previously unselected package sssd. 470s Preparing to unpack .../45-sssd_2.9.4-1.1ubuntu3_s390x.deb ... 470s Unpacking sssd (2.9.4-1.1ubuntu3) ... 470s Selecting previously unselected package autopkgtest-satdep. 470s Preparing to unpack .../46-3-autopkgtest-satdep.deb ... 470s Unpacking autopkgtest-satdep (0) ... 470s Setting up libpwquality-common (1.4.5-3) ... 470s Setting up softhsm2-common (2.6.1-2.2) ... 471s 471s Creating config file /etc/softhsm/softhsm2.conf with new version 471s Setting up libnfsidmap1:s390x (1:2.6.4-3ubuntu3) ... 471s Setting up libsss-idmap0 (2.9.4-1.1ubuntu3) ... 471s Setting up libbasicobjects0t64:s390x (0.6.2-2.1) ... 471s Setting up libipa-hbac0t64 (2.9.4-1.1ubuntu3) ... 471s Setting up libtirpc3t64:s390x (1.3.4+ds-1.1) ... 471s Setting up libref-array1t64:s390x (0.6.2-2.1) ... 471s Setting up libtdb1:s390x (1.4.10-1) ... 471s Setting up libcollection4t64:s390x (0.6.2-2.1) ... 471s Setting up libc-ares2:s390x (1.27.0-1) ... 471s Setting up libwbclient0:s390x (2:4.19.5+dfsg-4ubuntu3) ... 471s Setting up libtalloc2:s390x (2.4.2-1) ... 471s Setting up libpath-utils1t64:s390x (0.6.2-2.1) ... 471s Setting up libavahi-common-data:s390x (0.8-13ubuntu2) ... 471s Setting up libdhash1t64:s390x (0.6.2-2.1) ... 471s Setting up libevent-2.1-7:s390x (2.1.12-stable-9) ... 471s Setting up libcrack2:s390x (2.9.6-5.1) ... 471s Setting up libsss-nss-idmap0 (2.9.4-1.1ubuntu3) ... 471s Setting up libini-config5t64:s390x (0.6.2-2.1) ... 471s Setting up libtevent0t64:s390x (0.16.1-2) ... 471s Setting up libnss-sss:s390x (2.9.4-1.1ubuntu3) ... 471s Setting up libsofthsm2 (2.6.1-2.2) ... 471s Setting up softhsm2 (2.6.1-2.2) ... 471s Setting up libavahi-common3:s390x (0.8-13ubuntu2) ... 471s Setting up libsss-certmap0 (2.9.4-1.1ubuntu3) ... 471s Setting up libunbound8:s390x (1.19.1-1ubuntu1) ... 471s Setting up libpwquality1:s390x (1.4.5-3) ... 471s Setting up libgnutls-dane0t64:s390x (3.8.3-1.1ubuntu2) ... 471s Setting up libldb2:s390x (2:2.8.0+samba4.19.5+dfsg-4ubuntu3) ... 471s Setting up libavahi-client3:s390x (0.8-13ubuntu2) ... 471s Setting up gnutls-bin (3.8.3-1.1ubuntu2) ... 471s Setting up libpam-pwquality:s390x (1.4.5-3) ... 471s Setting up samba-libs:s390x (2:4.19.5+dfsg-4ubuntu3) ... 471s Setting up python3-sss (2.9.4-1.1ubuntu3) ... 471s Setting up libsmbclient0:s390x (2:4.19.5+dfsg-4ubuntu3) ... 471s Setting up libpam-sss:s390x (2.9.4-1.1ubuntu3) ... 471s Setting up sssd-common (2.9.4-1.1ubuntu3) ... 471s Creating SSSD system user & group... 471s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 471s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 471s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 471s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 472s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 472s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 472s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 472s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 472s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 473s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 473s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 473s sssd-autofs.service is a disabled or a static unit, not starting it. 473s sssd-nss.service is a disabled or a static unit, not starting it. 473s sssd-pam.service is a disabled or a static unit, not starting it. 473s sssd-ssh.service is a disabled or a static unit, not starting it. 473s sssd-sudo.service is a disabled or a static unit, not starting it. 473s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 473s Setting up sssd-proxy (2.9.4-1.1ubuntu3) ... 473s Setting up sssd-ad-common (2.9.4-1.1ubuntu3) ... 473s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 474s sssd-pac.service is a disabled or a static unit, not starting it. 474s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 474s Setting up sssd-krb5-common (2.9.4-1.1ubuntu3) ... 474s Setting up sssd-krb5 (2.9.4-1.1ubuntu3) ... 474s Setting up sssd-ldap (2.9.4-1.1ubuntu3) ... 474s Setting up sssd-ad (2.9.4-1.1ubuntu3) ... 474s Setting up sssd-ipa (2.9.4-1.1ubuntu3) ... 474s Setting up sssd (2.9.4-1.1ubuntu3) ... 474s Setting up autopkgtest-satdep (0) ... 474s Processing triggers for man-db (2.12.0-3) ... 474s Processing triggers for libc-bin (2.39-0ubuntu2) ... 477s (Reading database ... 52795 files and directories currently installed.) 477s Removing autopkgtest-satdep (0) ... 481s autopkgtest [15:26:54]: test sssd-softhism2-certificates-tests.sh: [----------------------- 481s + '[' -z ubuntu ']' 481s + required_tools=(p11tool openssl softhsm2-util) 481s + for cmd in "${required_tools[@]}" 481s + command -v p11tool 481s + for cmd in "${required_tools[@]}" 481s + command -v openssl 481s + for cmd in "${required_tools[@]}" 481s + command -v softhsm2-util 481s + PIN=053350 481s +++ find /usr/lib/softhsm/libsofthsm2.so 481s +++ head -n 1 481s ++ realpath /usr/lib/softhsm/libsofthsm2.so 481s + SOFTHSM2_MODULE=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 481s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 481s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 481s + '[' '!' -v NO_SSSD_TESTS ']' 481s + '[' '!' -x /usr/libexec/sssd/p11_child ']' 481s + ca_db_arg=ca_db 481s ++ /usr/libexec/sssd/p11_child --help 481s + p11_child_help='Usage: p11_child [OPTION...] 481s -d, --debug-level=INT Debug level 481s --debug-timestamps=INT Add debug timestamps 481s --debug-microseconds=INT Show timestamps with microseconds 481s --dumpable=INT Allow core dumps 481s --debug-fd=INT An open file descriptor for the debug 481s logs 481s --logger=stderr|files|journald Set logger 481s --auth Run in auth mode 481s --pre Run in pre-auth mode 481s --wait_for_card Wait until card is available 481s --verification Run in verification mode 481s --pin Expect PIN on stdin 481s --keypad Expect PIN on keypad 481s --verify=STRING Tune validation 481s --ca_db=STRING CA DB to use 481s --module_name=STRING Module name for authentication 481s --token_name=STRING Token name for authentication 481s --key_id=STRING Key ID for authentication 481s --label=STRING Label for authentication 481s --certificate=STRING certificate to verify, base64 encoded 481s --uri=STRING PKCS#11 URI to restrict selection 481s --chain-id=LONG Tevent chain ID used for logging 481s purposes 481s 481s Help options: 481s -?, --help Show this help message 481s --usage Display brief usage message' 481s + grep nssdb -qs 481s + echo 'Usage: p11_child [OPTION...] 481s -d, --debug-level=INT Debug level 481s --debug-timestamps=INT Add debug timestamps 481s --debug-microseconds=INT Show timestamps with microseconds 481s --dumpable=INT Allow core dumps 481s --debug-fd=INT An open file descriptor for the debug 481s logs 481s --logger=stderr|files|journald Set logger 481s --auth Run in auth mode 481s --pre Run in pre-auth mode 481s --wait_for_card Wait until card is available 481s --verification Run in verification mode 481s --pin Expect PIN on stdin 481s --keypad Expect PIN on keypad 481s --verify=STRING Tune validation 481s --ca_db=STRING CA DB to use 481s --module_name=STRING Module name for authentication 481s --token_name=STRING Token name for authentication 481s --key_id=STRING Key ID for authentication 481s --label=STRING Label for authentication 481s --certificate=STRING certificate to verify, base64 encoded 481s --uri=STRING PKCS#11 URI to restrict selection 481s --chain-id=LONG Tevent chain ID used for logging 481s purposes 481s 481s Help options: 481s -?, --help Show this help message 481s --usage Display brief usage message' 481s + echo 'Usage: p11_child [OPTION...] 481s -d, --debug-level=INT Debug level 481s + grep -qs -- --ca_db 481s --debug-timestamps=INT Add debug timestamps 481s --debug-microseconds=INT Show timestamps with microseconds 481s --dumpable=INT Allow core dumps 481s --debug-fd=INT An open file descriptor for the debug 481s logs 481s --logger=stderr|files|journald Set logger 481s --auth Run in auth mode 481s --pre Run in pre-auth mode 481s --wait_for_card Wait until card is available 481s --verification Run in verification mode 481s --pin Expect PIN on stdin 481s --keypad Expect PIN on keypad 481s --verify=STRING Tune validation 481s --ca_db=STRING CA DB to use 481s --module_name=STRING Module name for authentication 481s --token_name=STRING Token name for authentication 481s --key_id=STRING Key ID for authentication 481s --label=STRING Label for authentication 481s --certificate=STRING certificate to verify, base64 encoded 481s --uri=STRING PKCS#11 URI to restrict selection 481s --chain-id=LONG Tevent chain ID used for logging 481s purposes 481s 481s Help options: 481s -?, --help Show this help message 481s --usage Display brief usage message' 481s + '[' '!' -e /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so ']' 481s ++ mktemp -d -t sssd-softhsm2-XXXXXX 481s + tmpdir=/tmp/sssd-softhsm2-48L3mX 481s + keys_size=1024 481s + [[ ! -v KEEP_TEMPORARY_FILES ]] 481s + trap 'rm -rf "$tmpdir"' EXIT 481s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 481s + echo -n 01 481s + touch /tmp/sssd-softhsm2-48L3mX/index.txt 481s + mkdir -p /tmp/sssd-softhsm2-48L3mX/new_certs 481s + cat 481s + root_ca_key_pass=pass:random-root-CA-password-5123 481s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-48L3mX/test-root-CA-key.pem -passout pass:random-root-CA-password-5123 1024 481s + openssl req -passin pass:random-root-CA-password-5123 -batch -config /tmp/sssd-softhsm2-48L3mX/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-48L3mX/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 481s + openssl x509 -noout -in /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 481s + cat 481s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-18530 481s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-18530 1024 481s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-18530 -config /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.config -key /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-5123 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-certificate-request.pem 481s + openssl req -text -noout -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-certificate-request.pem 481s Certificate Request: 481s Data: 481s Version: 1 (0x0) 481s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 481s Subject Public Key Info: 481s Public Key Algorithm: rsaEncryption 481s Public-Key: (1024 bit) 481s Modulus: 481s 00:bb:b5:51:f8:ce:4d:1a:0f:cc:06:59:6e:25:4b: 481s c6:6f:0e:45:8a:ff:a3:cf:b8:71:fb:ce:0b:30:cb: 481s 89:95:c6:9f:16:7a:56:af:0a:49:6d:68:66:ad:01: 481s 7b:a0:a8:3a:14:65:d1:7a:97:cc:bd:84:f4:f4:55: 481s 48:0f:6f:34:f8:df:73:b2:5f:a3:bf:57:15:ae:8d: 481s db:69:6d:9e:e2:d2:a2:9f:63:1f:73:84:cc:ef:ec: 481s af:f5:02:ad:4a:c5:93:50:f4:bd:1b:c8:a8:9d:ec: 481s 57:d8:9b:cd:d3:2f:6a:5d:aa:ba:3c:7f:4e:1b:b7: 481s 65:ad:8e:72:bd:07:f9:4e:f7 481s Exponent: 65537 (0x10001) 481s Attributes: 481s (none) 481s Requested Extensions: 481s Signature Algorithm: sha256WithRSAEncryption 481s Signature Value: 481s 45:70:c8:a0:25:6a:cf:23:24:61:dd:20:d2:d8:aa:02:5b:e1: 481s 5f:fe:45:77:6a:29:b6:49:da:3b:89:c1:4b:5c:63:c0:cc:06: 481s 2f:bd:fa:4f:6a:df:3b:bc:f3:15:f0:94:a4:7b:b3:37:e4:03: 481s 07:ca:b2:0d:49:78:49:66:ba:63:e5:09:d5:56:42:05:1f:5f: 481s c6:f7:92:f8:82:6b:bf:47:45:59:38:5e:bd:b5:d0:11:7d:e3: 481s b5:cd:25:fd:ff:2a:cb:a0:7b:66:34:a4:31:a3:c7:c9:b6:3b: 481s b1:28:d3:e7:f0:d0:70:cc:71:2b:f9:eb:68:83:b7:8f:0d:6c: 481s 82:42 481s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-48L3mX/test-root-CA.config -passin pass:random-root-CA-password-5123 -keyfile /tmp/sssd-softhsm2-48L3mX/test-root-CA-key.pem -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem 481s Using configuration from /tmp/sssd-softhsm2-48L3mX/test-root-CA.config 481s Check that the request matches the signature 481s Signature ok 481s Certificate Details: 481s Serial Number: 1 (0x1) 481s Validity 481s Not Before: Mar 16 15:26:54 2024 GMT 481s Not After : Mar 16 15:26:54 2025 GMT 481s Subject: 481s organizationName = Test Organization 481s organizationalUnitName = Test Organization Unit 481s commonName = Test Organization Intermediate CA 481s X509v3 extensions: 481s X509v3 Subject Key Identifier: 481s E4:C1:7F:14:15:48:D9:2C:35:FE:BA:A8:3B:C7:16:9D:AD:34:9A:65 481s X509v3 Authority Key Identifier: 481s keyid:DE:E3:7D:99:51:8C:DA:8C:90:FB:72:7E:0F:15:86:09:A4:A4:61:B4 481s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 481s serial:00 481s X509v3 Basic Constraints: 481s CA:TRUE 481s X509v3 Key Usage: critical 481s Digital Signature, Certificate Sign, CRL Sign 481s Certificate is to be certified until Mar 16 15:26:54 2025 GMT (365 days) 481s 481s Write out database with 1 new entries 481s Database updated 481s + openssl x509 -noout -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem 482s + openssl verify -CAfile /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem 482s /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem: OK 482s + cat 482s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-27541 482s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-27541 1024 482s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-27541 -config /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-18530 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-certificate-request.pem 482s + openssl req -text -noout -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-certificate-request.pem 482s Certificate Request: 482s Data: 482s Version: 1 (0x0) 482s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 482s Subject Public Key Info: 482s Public Key Algorithm: rsaEncryption 482s Public-Key: (1024 bit) 482s Modulus: 482s 00:cc:92:53:d4:ec:38:05:3a:10:4b:27:e3:95:c8: 482s 4b:73:75:22:d7:c0:e1:7b:ee:2c:c0:a8:ac:06:33: 482s 37:63:8b:36:b3:d7:f3:47:fe:57:cd:35:b3:5c:28: 482s 29:c1:df:c0:7e:39:55:62:84:5c:10:34:b8:a3:a9: 482s 60:8b:a8:ec:c6:96:b8:d7:86:90:57:99:c8:bf:4a: 482s 9a:f4:7b:b1:8f:84:78:7f:23:b2:6f:2d:a0:25:b7: 482s 6b:9f:6f:b8:c5:7a:bb:9d:d5:be:43:04:b7:11:d8: 482s 27:dc:55:f3:2a:d4:38:c3:c2:31:b2:46:ee:1e:ae: 482s b9:15:9c:45:94:4b:bf:d5:87 482s Exponent: 65537 (0x10001) 482s Attributes: 482s (none) 482s Requested Extensions: 482s Signature Algorithm: sha256WithRSAEncryption 482s Signature Value: 482s a9:0b:1d:a0:9a:88:6e:41:eb:34:39:de:c9:bc:d7:b3:b5:2c: 482s c5:d2:24:d8:e1:6e:84:77:20:7f:6c:88:3e:77:e8:55:f9:61: 482s 13:a0:09:1f:80:d1:d0:b7:63:02:4d:10:64:93:b6:23:d1:a0: 482s ba:c7:c0:50:48:2c:a6:99:49:e2:c1:87:8a:c9:e1:38:c6:0b: 482s 0d:2d:b6:9a:88:75:fd:ba:d9:98:e1:64:64:8d:06:11:5d:81: 482s 40:2f:a1:cf:63:e5:ed:61:93:6c:00:70:3d:28:28:33:c6:03: 482s 75:85:f3:e9:a0:e4:ba:c1:4f:39:26:a5:d3:8d:19:fd:2f:71: 482s f2:da 482s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-18530 -keyfile /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem 482s Using configuration from /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.config 482s Check that the request matches the signature 482s Signature ok 482s Certificate Details: 482s Serial Number: 2 (0x2) 482s Validity 482s Not Before: Mar 16 15:26:55 2024 GMT 482s Not After : Mar 16 15:26:55 2025 GMT 482s Subject: 482s organizationName = Test Organization 482s organizationalUnitName = Test Organization Unit 482s commonName = Test Organization Sub Intermediate CA 482s X509v3 extensions: 482s X509v3 Subject Key Identifier: 482s E2:A2:28:C0:BA:E3:E3:0F:45:F3:A7:78:B4:F9:81:99:0A:CD:7A:6C 482s X509v3 Authority Key Identifier: 482s keyid:E4:C1:7F:14:15:48:D9:2C:35:FE:BA:A8:3B:C7:16:9D:AD:34:9A:65 482s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 482s serial:01 482s X509v3 Basic Constraints: 482s CA:TRUE 482s X509v3 Key Usage: critical 482s Digital Signature, Certificate Sign, CRL Sign 482s Certificate is to be certified until Mar 16 15:26:55 2025 GMT (365 days) 482s 482s Write out database with 1 new entries 482s Database updated 482s + openssl x509 -noout -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem 482s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem 482s /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem: OK 482s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem 482s + local cmd=openssl 482s + shift 482s + openssl verify -CAfile /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem 482s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 482s error 20 at 0 depth lookup: unable to get local issuer certificate 482s error /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem: verification failed 482s + cat 482s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-20202 482s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-20202 1024 482s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-20202 -key /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001-request.pem 482s + openssl req -text -noout -in /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001-request.pem 482s Certificate Request: 482s Data: 482s Version: 1 (0x0) 482s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 482s Subject Public Key Info: 482s Public Key Algorithm: rsaEncryption 482s Public-Key: (1024 bit) 482s Modulus: 482s 00:a2:92:3b:89:46:f0:83:2f:81:b1:6a:31:78:f1: 482s 9d:e1:4a:be:a1:7c:4a:28:21:60:e4:ed:b6:52:01: 482s 96:7d:19:76:50:26:d1:a3:85:f2:ac:50:ed:69:18: 482s 77:13:df:cc:d0:d3:11:75:9a:51:da:de:30:5e:e7: 482s 3a:af:ad:35:54:37:73:be:21:ea:75:19:da:ca:69: 482s b7:58:c6:85:5c:6e:0a:4f:6a:ae:dd:88:51:76:c9: 482s ae:f2:6a:4a:ba:a7:91:0a:aa:af:84:2b:7d:9c:ed: 482s b8:dd:07:cb:2f:32:51:4d:c0:a3:05:aa:5a:28:32: 482s 89:31:81:5f:b3:39:bf:a6:77 482s Exponent: 65537 (0x10001) 482s Attributes: 482s Requested Extensions: 482s X509v3 Basic Constraints: 482s CA:FALSE 482s Netscape Cert Type: 482s SSL Client, S/MIME 482s Netscape Comment: 482s Test Organization Root CA trusted Certificate 482s X509v3 Subject Key Identifier: 482s D7:D3:CA:8C:B8:7C:7C:DF:44:DD:29:BE:2C:6C:62:99:2B:C6:BC:F1 482s X509v3 Key Usage: critical 482s Digital Signature, Non Repudiation, Key Encipherment 482s X509v3 Extended Key Usage: 482s TLS Web Client Authentication, E-mail Protection 482s X509v3 Subject Alternative Name: 482s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 482s Signature Algorithm: sha256WithRSAEncryption 482s Signature Value: 482s 33:fc:e1:47:e6:1c:f6:4f:08:c0:b7:eb:a2:2b:b6:d1:cb:5e: 482s 5a:24:20:e1:29:eb:01:0a:a4:54:59:66:7b:e5:21:c6:66:bc: 482s 78:6f:ce:f2:a2:40:93:1d:d9:39:fa:cb:5b:78:6f:45:bf:4a: 482s 59:f4:3c:8b:d6:f6:8c:d1:0f:ef:ea:02:98:08:db:d6:43:5e: 482s 26:bd:3c:16:53:50:c9:8c:ab:09:e4:4d:7a:3c:bd:12:7d:fc: 482s 43:f1:1b:e7:0b:4c:d4:25:b5:a1:1c:55:e8:0f:cd:51:e1:de: 482s 37:61:4e:b0:49:a7:e4:a0:5a:61:23:d5:fc:0e:83:b7:07:73: 482s ee:7e 482s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-48L3mX/test-root-CA.config -passin pass:random-root-CA-password-5123 -keyfile /tmp/sssd-softhsm2-48L3mX/test-root-CA-key.pem -in /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 482s Using configuration from /tmp/sssd-softhsm2-48L3mX/test-root-CA.config 482s Check that the request matches the signature 482s Signature ok 482s Certificate Details: 482s Serial Number: 3 (0x3) 482s Validity 482s Not Before: Mar 16 15:26:55 2024 GMT 482s Not After : Mar 16 15:26:55 2025 GMT 482s Subject: 482s organizationName = Test Organization 482s organizationalUnitName = Test Organization Unit 482s commonName = Test Organization Root Trusted Certificate 0001 482s X509v3 extensions: 482s X509v3 Authority Key Identifier: 482s DE:E3:7D:99:51:8C:DA:8C:90:FB:72:7E:0F:15:86:09:A4:A4:61:B4 482s X509v3 Basic Constraints: 482s CA:FALSE 482s Netscape Cert Type: 482s SSL Client, S/MIME 482s Netscape Comment: 482s Test Organization Root CA trusted Certificate 482s X509v3 Subject Key Identifier: 482s D7:D3:CA:8C:B8:7C:7C:DF:44:DD:29:BE:2C:6C:62:99:2B:C6:BC:F1 482s X509v3 Key Usage: critical 482s Digital Signature, Non Repudiation, Key Encipherment 482s X509v3 Extended Key Usage: 482s TLS Web Client Authentication, E-mail Protection 482s X509v3 Subject Alternative Name: 482s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 482s Certificate is to be certified until Mar 16 15:26:55 2025 GMT (365 days) 482s 482s Write out database with 1 new entries 482s Database updated 482s + openssl x509 -noout -in /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 482s + openssl verify -CAfile /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 482s /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem: OK 482s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 482s + local cmd=openssl 482s + shift 482s + openssl verify -CAfile /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 482s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 482s error 20 at 0 depth lookup: unable to get local issuer certificate 482s error /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem: verification failed 482s + cat 482s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-27618 482s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-27618 1024 482s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-27618 -key /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001-request.pem 482s + openssl req -text -noout -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001-request.pem 482s Certificate Request: 482s Data: 482s Version: 1 (0x0) 482s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 482s Subject Public Key Info: 482s Public Key Algorithm: rsaEncryption 482s Public-Key: (1024 bit) 482s Modulus: 482s 00:cb:df:c8:5a:77:11:2a:d5:f5:82:3e:ba:b4:29: 482s 2b:1e:bb:03:2e:b2:73:45:19:11:e9:54:e6:02:a9: 482s dd:c4:ef:94:45:fd:b0:f0:b7:29:d8:77:a0:b3:5d: 482s 77:93:e2:bc:8e:23:38:a6:1e:c9:5e:ea:a8:c7:7f: 482s 79:fe:6f:ae:5c:50:a9:ba:4c:7c:34:53:a2:da:c7: 482s 29:97:1b:06:7a:25:53:a6:e0:a7:65:1e:c8:f1:60: 482s f2:f1:8b:54:a4:b2:64:4d:6b:ef:27:66:d6:91:1d: 482s ff:9e:8f:01:d4:98:df:13:e2:19:5c:c7:e3:46:37: 482s 0b:a1:4b:99:69:f6:b1:3d:73 482s Exponent: 65537 (0x10001) 482s Attributes: 482s Requested Extensions: 482s X509v3 Basic Constraints: 482s CA:FALSE 482s Netscape Cert Type: 482s SSL Client, S/MIME 482s Netscape Comment: 482s Test Organization Intermediate CA trusted Certificate 482s X509v3 Subject Key Identifier: 482s 2A:8A:41:49:63:95:BA:8C:D7:7D:F4:7B:63:A4:43:9A:48:34:56:9A 482s X509v3 Key Usage: critical 482s Digital Signature, Non Repudiation, Key Encipherment 482s X509v3 Extended Key Usage: 482s TLS Web Client Authentication, E-mail Protection 482s X509v3 Subject Alternative Name: 482s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 482s Signature Algorithm: sha256WithRSAEncryption 482s Signature Value: 482s 52:9f:e7:7a:3b:0a:9e:d3:55:9d:e4:e0:e9:94:fa:12:3b:76: 482s ab:17:04:bd:0b:d7:42:37:5a:a4:08:b6:27:c9:ed:79:c4:16: 482s de:d3:22:6a:06:89:93:7e:68:1c:b4:96:a0:15:ed:62:70:32: 482s ef:9e:09:7c:1c:0c:66:31:23:5e:ce:7f:b6:b5:f3:a0:c4:ac: 482s 55:39:85:6a:86:87:14:b4:b3:97:97:bf:c0:27:29:fc:e1:cf: 482s 26:aa:a6:53:dc:c7:9c:84:89:4b:d6:c3:eb:99:8c:69:e7:18: 482s 4f:76:26:87:85:6e:4b:7e:f4:f8:da:ed:24:bc:6d:a0:41:68: 482s 24:94 482s + openssl ca -passin pass:random-intermediate-CA-password-18530 -config /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 482s Using configuration from /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.config 482s Check that the request matches the signature 482s Signature ok 482s Certificate Details: 482s Serial Number: 4 (0x4) 482s Validity 482s Not Before: Mar 16 15:26:55 2024 GMT 482s Not After : Mar 16 15:26:55 2025 GMT 482s Subject: 482s organizationName = Test Organization 482s organizationalUnitName = Test Organization Unit 482s commonName = Test Organization Intermediate Trusted Certificate 0001 482s X509v3 extensions: 482s X509v3 Authority Key Identifier: 482s E4:C1:7F:14:15:48:D9:2C:35:FE:BA:A8:3B:C7:16:9D:AD:34:9A:65 482s X509v3 Basic Constraints: 482s CA:FALSE 482s Netscape Cert Type: 482s SSL Client, S/MIME 482s Netscape Comment: 482s Test Organization Intermediate CA trusted Certificate 482s X509v3 Subject Key Identifier: 482s 2A:8A:41:49:63:95:BA:8C:D7:7D:F4:7B:63:A4:43:9A:48:34:56:9A 482s X509v3 Key Usage: critical 482s Digital Signature, Non Repudiation, Key Encipherment 482s X509v3 Extended Key Usage: 482s TLS Web Client Authentication, E-mail Protection 482s X509v3 Subject Alternative Name: 482s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 482s Certificate is to be certified until Mar 16 15:26:55 2025 GMT (365 days) 482s 482s Write out database with 1 new entries 482s Database updated 482s + openssl x509 -noout -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 482s + echo 'This certificate should not be trusted fully' 482s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 482s + local cmd=openssl 482s + shift 482s + openssl verify -CAfile /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 482s This certificate should not be trusted fully 482s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 482s error 2 at 1 depth lookup: unable to get issuer certificate 482s error /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 482s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 482s + cat 482s /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem: OK 482s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6004 482s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-6004 1024 482s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-6004 -key /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 482s + openssl req -text -noout -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 482s Certificate Request: 482s Data: 482s Version: 1 (0x0) 482s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 482s Subject Public Key Info: 482s Public Key Algorithm: rsaEncryption 482s Public-Key: (1024 bit) 482s Modulus: 482s 00:d0:73:2e:69:10:1f:f1:cf:28:ba:a5:69:45:5d: 482s d8:91:25:bb:43:27:8b:cf:ff:1a:a5:b9:18:d3:bd: 482s d0:6d:42:43:e6:f5:ed:64:7c:a0:7b:5d:88:66:43: 482s 54:f3:d8:46:02:a2:a9:a7:b9:78:93:0d:e0:91:ba: 482s 7c:71:78:a7:65:12:75:98:a4:ab:ba:e0:84:70:79: 482s 84:5f:95:94:5d:96:99:6a:17:38:25:02:59:39:2f: 482s 99:3d:0e:87:4e:7c:3b:7c:ec:18:2e:11:fe:b7:0f: 482s 42:b2:d7:db:de:b0:67:11:26:2d:58:81:73:dc:82: 482s a9:58:46:4e:04:47:4f:ac:0d 482s Exponent: 65537 (0x10001) 482s Attributes: 482s Requested Extensions: 482s X509v3 Basic Constraints: 482s CA:FALSE 482s Netscape Cert Type: 482s SSL Client, S/MIME 482s Netscape Comment: 482s Test Organization Sub Intermediate CA trusted Certificate 482s X509v3 Subject Key Identifier: 482s 7A:A5:70:10:95:0C:F2:EB:C1:9D:7B:2F:FB:CC:15:D0:A7:C8:90:AA 482s X509v3 Key Usage: critical 482s Digital Signature, Non Repudiation, Key Encipherment 482s X509v3 Extended Key Usage: 482s TLS Web Client Authentication, E-mail Protection 482s X509v3 Subject Alternative Name: 482s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 482s Signature Algorithm: sha256WithRSAEncryption 482s Signature Value: 482s bc:04:14:0f:f5:56:d8:a9:cd:5d:83:5d:41:8e:98:18:ee:cb: 482s 42:7f:c7:80:c5:48:a7:3c:77:6d:0b:8f:b3:c6:7d:37:3c:fc: 482s 34:08:55:37:6b:ae:e8:92:08:50:33:88:ff:57:9e:63:a4:fd: 482s 8c:d7:e1:22:9d:eb:e7:23:cf:3a:52:2f:f6:e1:b0:2a:78:28: 482s fc:1b:19:f3:ae:e3:b0:05:9a:32:c5:fd:9e:7a:d0:05:00:5a: 482s 05:9d:60:32:61:cd:ef:2e:d4:b4:a2:51:02:50:f5:f6:6e:83: 482s 22:2b:cc:5a:17:ea:c7:36:8d:48:48:e7:f0:92:74:6f:a8:8e: 482s 76:c4 482s + openssl ca -passin pass:random-sub-intermediate-CA-password-27541 -config /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 482s Using configuration from /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.config 482s Check that the request matches the signature 482s Signature ok 482s Certificate Details: 482s Serial Number: 5 (0x5) 482s Validity 482s Not Before: Mar 16 15:26:55 2024 GMT 482s Not After : Mar 16 15:26:55 2025 GMT 482s Subject: 482s organizationName = Test Organization 482s organizationalUnitName = Test Organization Unit 482s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 482s X509v3 extensions: 482s X509v3 Authority Key Identifier: 482s E2:A2:28:C0:BA:E3:E3:0F:45:F3:A7:78:B4:F9:81:99:0A:CD:7A:6C 482s X509v3 Basic Constraints: 482s CA:FALSE 482s Netscape Cert Type: 482s SSL Client, S/MIME 482s Netscape Comment: 482s Test Organization Sub Intermediate CA trusted Certificate 482s X509v3 Subject Key Identifier: 482s 7A:A5:70:10:95:0C:F2:EB:C1:9D:7B:2F:FB:CC:15:D0:A7:C8:90:AA 482s X509v3 Key Usage: critical 482s Digital Signature, Non Repudiation, Key Encipherment 482s X509v3 Extended Key Usage: 482s TLS Web Client Authentication, E-mail Protection 482s X509v3 Subject Alternative Name: 482s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 482s Certificate is to be certified until Mar 16 15:26:55 2025 GMT (365 days) 482s 482s Write out database with 1 new entries 482s Database updated 482s + openssl x509 -noout -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 482s This certificate should not be trusted fully 482s + echo 'This certificate should not be trusted fully' 482s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 482s + local cmd=openssl 482s + shift 482s + openssl verify -CAfile /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 482s O = Test Organi/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 482s Building a the full-chain CA file... 482s zation, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 482s error 2 at 1 depth lookup: unable to get issuer certificate 482s error /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 482s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 482s + local cmd=openssl 482s + shift 482s + openssl verify -CAfile /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 482s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 482s error 20 at 0 depth lookup: unable to get local issuer certificate 482s error /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 482s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 482s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 482s + local cmd=openssl 482s + shift 482s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 482s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 482s error 20 at 0 depth lookup: unable to get local issuer certificate 482s error /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 482s + echo 'Building a the full-chain CA file...' 482s + cat /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem 482s + cat /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem 482s + cat /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem 482s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 482s + openssl pkcs7 -print_certs -noout 482s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 482s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 482s 482s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 482s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 482s 482s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 482s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 482s 482s + openssl verify -CAfile /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem 482s /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem: OK 482s + openssl verify -CAfile /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 482s /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem: OK 482s + openssl verify -CAfile /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 482s /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem: OK 482s + openssl verify -CAfile /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem /tmp/sssd-softhsm2-48L3mX/test-root-intermediate-chain-CA.pem 482s /tmp/sssd-softhsm2-48L3mX/test-root-intermediate-chain-CA.pem: OK 482s + openssl verify -CAfile /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 482s + echo 'Certificates generation completed!' 482s + [[ -v NO_SSSD_TESTS ]] 482s + invalid_certificate /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 /dev/null 482s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 /dev/null 482s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 482s + local key_pass=pass:random-root-ca-trusted-cert-0001-20202 482s /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 482s Certificates generation completed! 482s + local key_ring=/dev/null 482s + local verify_option= 482s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 482s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 482s + local key_pass=pass:random-root-ca-trusted-cert-0001-20202 482s + local key_cn 482s + local key_name 482s + local tokens_dir 482s + local output_cert_file 482s + token_name= 482s ++ basename /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem .pem 482s + key_name=test-root-CA-trusted-certificate-0001 482s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 482s ++ sed -n 's/ *commonName *= //p' 482s + key_cn='Test Organization Root Trusted Certificate 0001' 482s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 482s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf 482s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf 482s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 482s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001 482s + token_name='Test Organization Root Tr Token' 482s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 482s + local key_file 482s + local decrypted_key 482s + mkdir -p /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001 482s + key_file=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001-key.pem 482s + decrypted_key=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001-key-decrypted.pem 482s + cat 482s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 053350 --so-pin 053350 --free 482s Slot 0 has a free/uninitialized token. 482s The token has been initialized and is reassigned to slot 627586687 482s + softhsm2-util --show-slots 482s Available slots: 482s Slot 627586687 482s Slot info: 482s Description: SoftHSM slot ID 0x2568367f 482s Manufacturer ID: SoftHSM project 482s Hardware version: 2.6 482s Firmware version: 2.6 482s Token present: yes 482s Token info: 482s Manufacturer ID: SoftHSM project 482s Model: SoftHSM v2 482s Hardware version: 2.6 482s Firmware version: 2.6 482s Serial number: 5cf9e4ce2568367f 482s Initialized: yes 482s User PIN init.: yes 482s Label: Test Organization Root Tr Token 482s Slot 1 482s Slot info: 482s Description: SoftHSM slot ID 0x1 482s Manufacturer ID: SoftHSM project 482s Hardware version: 2.6 482s Firmware version: 2.6 482s Token present: yes 482s Token info: 482s Manufacturer ID: SoftHSM project 482s Model: SoftHSM v2 482s Hardware version: 2.6 482s Firmware version: 2.6 482s Serial number: 482s Initialized: no 482s User PIN init.: no 482s Label: 482s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 482s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-20202 -in /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001-key-decrypted.pem 482s writing RSA key 482s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 482s + rm /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001-key-decrypted.pem 482s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 482s Object 0: 482s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5cf9e4ce2568367f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 482s Type: X.509 Certificate (RSA-1024) 482s Expires: Sun Mar 16 15:26:55 2025 482s Label: Test Organization Root Trusted Certificate 0001 482s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 482s 482s Test Organization Root Tr Token 482s + echo 'Test Organization Root Tr Token' 482s + '[' -n '' ']' 482s + local output_base_name=SSSD-child-23942 482s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-23942.output 482s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-23942.pem 482s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 482s [p11_child[3120]] [main] (0x0400): p11_child started. 482s [p11_child[3120]] [main] (0x2000): Running in [pre-auth] mode. 482s [p11_child[3120]] [main] (0x2000): Running with effective IDs: [0][0]. 482s [p11_child[3120]] [main] (0x2000): Running with real IDs [0][0]. 482s [p11_child[3120]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 482s [p11_child[3120]] [do_work] (0x0040): init_verification failed. 482s [p11_child[3120]] [main] (0x0020): p11_child failed (5) 482s + return 2 482s + valid_certificate /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 /dev/null no_verification 482s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 /dev/null no_verification 482s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 482s + local key_pass=pass:random-root-ca-trusted-cert-0001-20202 482s + local key_ring=/dev/null 482s + local verify_option=no_verification 482s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 482s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 482s + local key_pass=pass:random-root-ca-trusted-cert-0001-20202 482s + local key_cn 482s + local key_name 482s + local tokens_dir 482s + local output_cert_file 482s + token_name= 482s ++ basename /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem .pem 482s + key_name=test-root-CA-trusted-certificate-0001 482s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 482s ++ sed -n 's/ *commonName *= //p' 482s + key_cn='Test Organization Root Trusted Certificate 0001' 482s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 482s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf 482s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf 482s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 482s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001 482s + token_name='Test Organization Root Tr Token' 482s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 482s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001 ']' 482s + echo 'Test Organization Root Tr Token' 482s Test Organization Root Tr Token 482s + '[' -n no_verification ']' 482s + local verify_arg=--verify=no_verification 482s + local output_base_name=SSSD-child-19722 482s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-19722.output 482s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-19722.pem 482s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 482s [p11_child[3126]] [main] (0x0400): p11_child started. 482s [p11_child[3126]] [main] (0x2000): Running in [pre-auth] mode. 482s [p11_child[3126]] [main] (0x2000): Running with effective IDs: [0][0]. 482s [p11_child[3126]] [main] (0x2000): Running with real IDs [0][0]. 482s [p11_child[3126]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 482s [p11_child[3126]] [do_card] (0x4000): Module List: 482s [p11_child[3126]] [do_card] (0x4000): common name: [softhsm2]. 482s [p11_child[3126]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 482s [p11_child[3126]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2568367f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 482s [p11_child[3126]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 482s [p11_child[3126]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2568367f][627586687] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 482s [p11_child[3126]] [do_card] (0x4000): Login NOT required. 482s [p11_child[3126]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 482s [p11_child[3126]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 482s [p11_child[3126]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2568367f;slot-manufacturer=SoftHSM%20project;slot-id=627586687;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5cf9e4ce2568367f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 482s [p11_child[3126]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 482s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-19722.output 482s + echo '-----BEGIN CERTIFICATE-----' 482s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-19722.output 482s + echo '-----END CERTIFICATE-----' 482s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-19722.pem 482s Certificate: 482s Data: 482s Version: 3 (0x2) 482s Serial Number: 3 (0x3) 482s Signature Algorithm: sha256WithRSAEncryption 482s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 482s Validity 482s Not Before: Mar 16 15:26:55 2024 GMT 482s Not After : Mar 16 15:26:55 2025 GMT 482s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 482s Subject Public Key Info: 482s Public Key Algorithm: rsaEncryption 482s Public-Key: (1024 bit) 482s Modulus: 482s 00:a2:92:3b:89:46:f0:83:2f:81:b1:6a:31:78:f1: 482s 9d:e1:4a:be:a1:7c:4a:28:21:60:e4:ed:b6:52:01: 482s 96:7d:19:76:50:26:d1:a3:85:f2:ac:50:ed:69:18: 482s 77:13:df:cc:d0:d3:11:75:9a:51:da:de:30:5e:e7: 482s 3a:af:ad:35:54:37:73:be:21:ea:75:19:da:ca:69: 482s b7:58:c6:85:5c:6e:0a:4f:6a:ae:dd:88:51:76:c9: 482s ae:f2:6a:4a:ba:a7:91:0a:aa:af:84:2b:7d:9c:ed: 482s b8:dd:07:cb:2f:32:51:4d:c0:a3:05:aa:5a:28:32: 482s 89:31:81:5f:b3:39:bf:a6:77 482s Exponent: 65537 (0x10001) 482s X509v3 extensions: 482s X509v3 Authority Key Identifier: 482s DE:E3:7D:99:51:8C:DA:8C:90:FB:72:7E:0F:15:86:09:A4:A4:61:B4 482s X509v3 Basic Constraints: 482s CA:FALSE 482s Netscape Cert Type: 482s SSL Client, S/MIME 482s Netscape Comment: 482s Test Organization Root CA trusted Certificate 482s X509v3 Subject Key Identifier: 482s D7:D3:CA:8C:B8:7C:7C:DF:44:DD:29:BE:2C:6C:62:99:2B:C6:BC:F1 482s X509v3 Key Usage: critical 482s Digital Signature, Non Repudiation, Key Encipherment 482s X509v3 Extended Key Usage: 482s TLS Web Client Authentication, E-mail Protection 482s X509v3 Subject Alternative Name: 482s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 482s Signature Algorithm: sha256WithRSAEncryption 482s Signature Value: 482s 6f:f6:2b:01:ef:b5:49:48:0d:11:01:4a:0c:8a:e3:cb:53:bf: 482s 28:54:0f:1b:4d:1a:55:d6:b8:9c:0b:c2:df:dc:f2:00:06:03: 482s 93:b4:a7:70:f6:41:47:88:46:6e:d8:90:af:8c:29:8a:2a:eb: 482s d6:a8:53:c0:f7:0d:d5:ba:52:18:35:da:e5:86:48:29:9f:27: 482s a0:c2:46:94:01:d6:7b:ff:b8:7d:03:ca:8e:8c:74:56:67:03: 482s 56:63:d0:5c:a2:88:ca:f5:7f:4a:ae:5f:5f:a6:89:cf:cf:96: 482s 2c:ac:c2:7f:dd:63:ae:0c:16:b6:26:47:dd:8c:a1:6c:a8:e4: 482s 37:c1 482s + local found_md5 expected_md5 482s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 482s + expected_md5=Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 482s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-19722.pem 482s + found_md5=Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 482s + '[' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 '!=' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 ']' 482s + output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-19722-auth.output 482s ++ basename /tmp/sssd-softhsm2-48L3mX/SSSD-child-19722-auth.output .output 482s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-19722-auth.pem 482s + echo -n 053350 482s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 482s [p11_child[3134]] [main] (0x0400): p11_child started. 482s [p11_child[3134]] [main] (0x2000): Running in [auth] mode. 482s [p11_child[3134]] [main] (0x2000): Running with effective IDs: [0][0]. 482s [p11_child[3134]] [main] (0x2000): Running with real IDs [0][0]. 482s [p11_child[3134]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 482s [p11_child[3134]] [do_card] (0x4000): Module List: 482s [p11_child[3134]] [do_card] (0x4000): common name: [softhsm2]. 482s [p11_child[3134]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 482s [p11_child[3134]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2568367f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 482s [p11_child[3134]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 482s [p11_child[3134]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2568367f][627586687] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 482s [p11_child[3134]] [do_card] (0x4000): Login required. 482s [p11_child[3134]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 482s [p11_child[3134]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 482s [p11_child[3134]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2568367f;slot-manufacturer=SoftHSM%20project;slot-id=627586687;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5cf9e4ce2568367f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 482s [p11_child[3134]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 482s [p11_child[3134]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 482s [p11_child[3134]] [do_card] (0x4000): Certificate verified and validated. 482s [p11_child[3134]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 482s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-19722-auth.output 482s + echo '-----BEGIN CERTIFICATE-----' 482s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-19722-auth.output 482s + echo '-----END CERTIFICATE-----' 482s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-19722-auth.pem 482s Certificate: 482s Data: 482s Version: 3 (0x2) 482s Serial Number: 3 (0x3) 482s Signature Algorithm: sha256WithRSAEncryption 482s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 482s Validity 482s Not Before: Mar 16 15:26:55 2024 GMT 482s Not After : Mar 16 15:26:55 2025 GMT 482s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 482s Subject Public Key Info: 482s Public Key Algorithm: rsaEncryption 482s Public-Key: (1024 bit) 482s Modulus: 482s 00:a2:92:3b:89:46:f0:83:2f:81:b1:6a:31:78:f1: 482s 9d:e1:4a:be:a1:7c:4a:28:21:60:e4:ed:b6:52:01: 482s 96:7d:19:76:50:26:d1:a3:85:f2:ac:50:ed:69:18: 482s 77:13:df:cc:d0:d3:11:75:9a:51:da:de:30:5e:e7: 482s 3a:af:ad:35:54:37:73:be:21:ea:75:19:da:ca:69: 482s b7:58:c6:85:5c:6e:0a:4f:6a:ae:dd:88:51:76:c9: 482s ae:f2:6a:4a:ba:a7:91:0a:aa:af:84:2b:7d:9c:ed: 482s b8:dd:07:cb:2f:32:51:4d:c0:a3:05:aa:5a:28:32: 482s 89:31:81:5f:b3:39:bf:a6:77 482s Exponent: 65537 (0x10001) 482s X509v3 extensions: 482s X509v3 Authority Key Identifier: 482s DE:E3:7D:99:51:8C:DA:8C:90:FB:72:7E:0F:15:86:09:A4:A4:61:B4 482s X509v3 Basic Constraints: 482s CA:FALSE 482s Netscape Cert Type: 482s SSL Client, S/MIME 482s Netscape Comment: 482s Test Organization Root CA trusted Certificate 482s X509v3 Subject Key Identifier: 482s D7:D3:CA:8C:B8:7C:7C:DF:44:DD:29:BE:2C:6C:62:99:2B:C6:BC:F1 482s X509v3 Key Usage: critical 482s Digital Signature, Non Repudiation, Key Encipherment 482s X509v3 Extended Key Usage: 482s TLS Web Client Authentication, E-mail Protection 482s X509v3 Subject Alternative Name: 482s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 482s Signature Algorithm: sha256WithRSAEncryption 482s Signature Value: 482s 6f:f6:2b:01:ef:b5:49:48:0d:11:01:4a:0c:8a:e3:cb:53:bf: 482s 28:54:0f:1b:4d:1a:55:d6:b8:9c:0b:c2:df:dc:f2:00:06:03: 482s 93:b4:a7:70:f6:41:47:88:46:6e:d8:90:af:8c:29:8a:2a:eb: 482s d6:a8:53:c0:f7:0d:d5:ba:52:18:35:da:e5:86:48:29:9f:27: 482s a0:c2:46:94:01:d6:7b:ff:b8:7d:03:ca:8e:8c:74:56:67:03: 482s 56:63:d0:5c:a2:88:ca:f5:7f:4a:ae:5f:5f:a6:89:cf:cf:96: 482s 2c:ac:c2:7f:dd:63:ae:0c:16:b6:26:47:dd:8c:a1:6c:a8:e4: 482s 37:c1 482s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-19722-auth.pem 482s + found_md5=Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 482s + '[' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 '!=' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 ']' 482s + valid_certificate /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 482s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 482s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 482s + local key_pass=pass:random-root-ca-trusted-cert-0001-20202 482s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 482s + local verify_option= 482s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 482s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 482s + local key_pass=pass:random-root-ca-trusted-cert-0001-20202 482s + local key_cn 482s + local key_name 482s + local tokens_dir 482s + local output_cert_file 482s + token_name= 482s ++ basename /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem .pem 482s + key_name=test-root-CA-trusted-certificate-0001 482s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 482s ++ sed -n 's/ *commonName *= //p' 482s + key_cn='Test Organization Root Trusted Certificate 0001' 482s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 482s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf 482s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf 482s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 482s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001 482s + token_name='Test Organization Root Tr Token' 482s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 482s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001 ']' 482s + echo 'Test Organization Root Tr Token' 482s + '[' -n '' ']' 482s + local output_base_name=SSSD-child-7876 482s Test Organization Root Tr Token 482s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-7876.output 482s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-7876.pem 482s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 482s [p11_child[3144]] [main] (0x0400): p11_child started. 482s [p11_child[3144]] [main] (0x2000): Running in [pre-auth] mode. 482s [p11_child[3144]] [main] (0x2000): Running with effective IDs: [0][0]. 482s [p11_child[3144]] [main] (0x2000): Running with real IDs [0][0]. 482s [p11_child[3144]] [do_card] (0x4000): Module List: 482s [p11_child[3144]] [do_card] (0x4000): common name: [softhsm2]. 482s [p11_child[3144]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 482s [p11_child[3144]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2568367f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 482s [p11_child[3144]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 482s [p11_child[3144]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2568367f][627586687] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 482s [p11_child[3144]] [do_card] (0x4000): Login NOT required. 482s [p11_child[3144]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 482s [p11_child[3144]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 482s [p11_child[3144]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 482s [p11_child[3144]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2568367f;slot-manufacturer=SoftHSM%20project;slot-id=627586687;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5cf9e4ce2568367f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 482s [p11_child[3144]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 482s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-7876.output 482s + echo '-----BEGIN CERTIFICATE-----' 482s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-7876.output 482s + echo '-----END CERTIFICATE-----' 482s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-7876.pem 482s + local found_md5 expected_md5 482s Certificate: 482s Data: 482s Version: 3 (0x2) 482s Serial Number: 3 (0x3) 482s Signature Algorithm: sha256WithRSAEncryption 482s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 482s Validity 482s Not Before: Mar 16 15:26:55 2024 GMT 482s Not After : Mar 16 15:26:55 2025 GMT 482s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 482s Subject Public Key Info: 482s Public Key Algorithm: rsaEncryption 482s Public-Key: (1024 bit) 482s Modulus: 482s 00:a2:92:3b:89:46:f0:83:2f:81:b1:6a:31:78:f1: 482s 9d:e1:4a:be:a1:7c:4a:28:21:60:e4:ed:b6:52:01: 482s 96:7d:19:76:50:26:d1:a3:85:f2:ac:50:ed:69:18: 482s 77:13:df:cc:d0:d3:11:75:9a:51:da:de:30:5e:e7: 482s 3a:af:ad:35:54:37:73:be:21:ea:75:19:da:ca:69: 482s b7:58:c6:85:5c:6e:0a:4f:6a:ae:dd:88:51:76:c9: 482s ae:f2:6a:4a:ba:a7:91:0a:aa:af:84:2b:7d:9c:ed: 482s b8:dd:07:cb:2f:32:51:4d:c0:a3:05:aa:5a:28:32: 482s 89:31:81:5f:b3:39:bf:a6:77 482s Exponent: 65537 (0x10001) 482s X509v3 extensions: 482s X509v3 Authority Key Identifier: 482s DE:E3:7D:99:51:8C:DA:8C:90:FB:72:7E:0F:15:86:09:A4:A4:61:B4 482s X509v3 Basic Constraints: 482s CA:FALSE 482s Netscape Cert Type: 482s SSL Client, S/MIME 482s Netscape Comment: 482s Test Organization Root CA trusted Certificate 482s X509v3 Subject Key Identifier: 482s D7:D3:CA:8C:B8:7C:7C:DF:44:DD:29:BE:2C:6C:62:99:2B:C6:BC:F1 482s X509v3 Key Usage: critical 482s Digital Signature, Non Repudiation, Key Encipherment 482s X509v3 Extended Key Usage: 482s TLS Web Client Authentication, E-mail Protection 482s X509v3 Subject Alternative Name: 482s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 482s Signature Algorithm: sha256WithRSAEncryption 482s Signature Value: 482s 6f:f6:2b:01:ef:b5:49:48:0d:11:01:4a:0c:8a:e3:cb:53:bf: 482s 28:54:0f:1b:4d:1a:55:d6:b8:9c:0b:c2:df:dc:f2:00:06:03: 482s 93:b4:a7:70:f6:41:47:88:46:6e:d8:90:af:8c:29:8a:2a:eb: 482s d6:a8:53:c0:f7:0d:d5:ba:52:18:35:da:e5:86:48:29:9f:27: 482s a0:c2:46:94:01:d6:7b:ff:b8:7d:03:ca:8e:8c:74:56:67:03: 482s 56:63:d0:5c:a2:88:ca:f5:7f:4a:ae:5f:5f:a6:89:cf:cf:96: 482s 2c:ac:c2:7f:dd:63:ae:0c:16:b6:26:47:dd:8c:a1:6c:a8:e4: 482s 37:c1 482s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 482s + expected_md5=Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 482s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-7876.pem 482s + found_md5=Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 482s + '[' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 '!=' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 ']' 482s + output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-7876-auth.output 482s ++ basename /tmp/sssd-softhsm2-48L3mX/SSSD-child-7876-auth.output .output 482s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-7876-auth.pem 482s + echo -n 053350 482s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-48L3mX/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 482s [p11_child[3152]] [main] (0x0400): p11_child started. 482s [p11_child[3152]] [main] (0x2000): Running in [auth] mode. 482s [p11_child[3152]] [main] (0x2000): Running with effective IDs: [0][0]. 482s [p11_child[3152]] [main] (0x2000): Running with real IDs [0][0]. 482s [p11_child[3152]] [do_card] (0x4000): Module List: 482s [p11_child[3152]] [do_card] (0x4000): common name: [softhsm2]. 482s [p11_child[3152]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 482s [p11_child[3152]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2568367f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 482s [p11_child[3152]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 482s [p11_child[3152]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2568367f][627586687] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 482s [p11_child[3152]] [do_card] (0x4000): Login required. 482s [p11_child[3152]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 482s [p11_child[3152]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 482s [p11_child[3152]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 482s [p11_child[3152]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2568367f;slot-manufacturer=SoftHSM%20project;slot-id=627586687;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5cf9e4ce2568367f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 482s [p11_child[3152]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 482s [p11_child[3152]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 482s [p11_child[3152]] [do_card] (0x4000): Certificate verified and validated. 482s [p11_child[3152]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 482s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-7876-auth.output 482s + echo '-----BEGIN CERTIFICATE-----' 482s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-7876-auth.output 482s + echo '-----END CERTIFICATE-----' 482s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-7876-auth.pem 483s Certificate: 483s Data: 483s Version: 3 (0x2) 483s Serial Number: 3 (0x3) 483s Signature Algorithm: sha256WithRSAEncryption 483s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 483s Validity 483s Not Before: Mar 16 15:26:55 2024 GMT 483s Not After : Mar 16 15:26:55 2025 GMT 483s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 483s Subject Public Key Info: 483s Public Key Algorithm: rsaEncryption 483s Public-Key: (1024 bit) 483s Modulus: 483s 00:a2:92:3b:89:46:f0:83:2f:81:b1:6a:31:78:f1: 483s 9d:e1:4a:be:a1:7c:4a:28:21:60:e4:ed:b6:52:01: 483s 96:7d:19:76:50:26:d1:a3:85:f2:ac:50:ed:69:18: 483s 77:13:df:cc:d0:d3:11:75:9a:51:da:de:30:5e:e7: 483s 3a:af:ad:35:54:37:73:be:21:ea:75:19:da:ca:69: 483s b7:58:c6:85:5c:6e:0a:4f:6a:ae:dd:88:51:76:c9: 483s ae:f2:6a:4a:ba:a7:91:0a:aa:af:84:2b:7d:9c:ed: 483s b8:dd:07:cb:2f:32:51:4d:c0:a3:05:aa:5a:28:32: 483s 89:31:81:5f:b3:39:bf:a6:77 483s Exponent: 65537 (0x10001) 483s X509v3 extensions: 483s X509v3 Authority Key Identifier: 483s DE:E3:7D:99:51:8C:DA:8C:90:FB:72:7E:0F:15:86:09:A4:A4:61:B4 483s X509v3 Basic Constraints: 483s CA:FALSE 483s Netscape Cert Type: 483s SSL Client, S/MIME 483s Netscape Comment: 483s Test Organization Root CA trusted Certificate 483s X509v3 Subject Key Identifier: 483s D7:D3:CA:8C:B8:7C:7C:DF:44:DD:29:BE:2C:6C:62:99:2B:C6:BC:F1 483s X509v3 Key Usage: critical 483s Digital Signature, Non Repudiation, Key Encipherment 483s X509v3 Extended Key Usage: 483s TLS Web Client Authentication, E-mail Protection 483s X509v3 Subject Alternative Name: 483s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 483s Signature Algorithm: sha256WithRSAEncryption 483s Signature Value: 483s 6f:f6:2b:01:ef:b5:49:48:0d:11:01:4a:0c:8a:e3:cb:53:bf: 483s 28:54:0f:1b:4d:1a:55:d6:b8:9c:0b:c2:df:dc:f2:00:06:03: 483s 93:b4:a7:70:f6:41:47:88:46:6e:d8:90:af:8c:29:8a:2a:eb: 483s d6:a8:53:c0:f7:0d:d5:ba:52:18:35:da:e5:86:48:29:9f:27: 483s a0:c2:46:94:01:d6:7b:ff:b8:7d:03:ca:8e:8c:74:56:67:03: 483s 56:63:d0:5c:a2:88:ca:f5:7f:4a:ae:5f:5f:a6:89:cf:cf:96: 483s 2c:ac:c2:7f:dd:63:ae:0c:16:b6:26:47:dd:8c:a1:6c:a8:e4: 483s 37:c1 483s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-7876-auth.pem 483s + found_md5=Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 483s + '[' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 '!=' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 ']' 483s + valid_certificate /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem partial_chain 483s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem partial_chain 483s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s + local key_pass=pass:random-root-ca-trusted-cert-0001-20202 483s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 483s + local verify_option=partial_chain 483s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 483s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s + local key_pass=pass:random-root-ca-trusted-cert-0001-20202 483s + local key_cn 483s + local key_name 483s + local tokens_dir 483s + local output_cert_file 483s + token_name= 483s ++ basename /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem .pem 483s + key_name=test-root-CA-trusted-certificate-0001 483s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s ++ sed -n 's/ *commonName *= //p' 483s + key_cn='Test Organization Root Trusted Certificate 0001' 483s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 483s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf 483s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf 483s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 483s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001 483s + token_name='Test Organization Root Tr Token' 483s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 483s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001 ']' 483s + echo 'Test Organization Root Tr Token' 483s Test Organization Root Tr Token 483s + '[' -n partial_chain ']' 483s + local verify_arg=--verify=partial_chain 483s + local output_base_name=SSSD-child-24601 483s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-24601.output 483s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-24601.pem 483s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 483s [p11_child[3162]] [main] (0x0400): p11_child started. 483s [p11_child[3162]] [main] (0x2000): Running in [pre-auth] mode. 483s [p11_child[3162]] [main] (0x2000): Running with effective IDs: [0][0]. 483s [p11_child[3162]] [main] (0x2000): Running with real IDs [0][0]. 483s [p11_child[3162]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 483s [p11_child[3162]] [do_card] (0x4000): Module List: 483s [p11_child[3162]] [do_card] (0x4000): common name: [softhsm2]. 483s [p11_child[3162]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3162]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2568367f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 483s [p11_child[3162]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 483s [p11_child[3162]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2568367f][627586687] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3162]] [do_card] (0x4000): Login NOT required. 483s [p11_child[3162]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 483s [p11_child[3162]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 483s [p11_child[3162]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 483s [p11_child[3162]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2568367f;slot-manufacturer=SoftHSM%20project;slot-id=627586687;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5cf9e4ce2568367f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 483s [p11_child[3162]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 483s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-24601.output 483s + echo '-----BEGIN CERTIFICATE-----' 483s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-24601.output 483s + echo '-----END CERTIFICATE-----' 483s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-24601.pem 483s Certificate: 483s Data: 483s Version: 3 (0x2) 483s Serial Number: 3 (0x3) 483s Signature Algorithm: sha256WithRSAEncryption 483s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 483s Validity 483s Not Before: Mar 16 15:26:55 2024 GMT 483s Not After : Mar 16 15:26:55 2025 GMT 483s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 483s Subject Public Key Info: 483s Public Key Algorithm: rsaEncryption 483s Public-Key: (1024 bit) 483s Modulus: 483s 00:a2:92:3b:89:46:f0:83:2f:81:b1:6a:31:78:f1: 483s 9d:e1:4a:be:a1:7c:4a:28:21:60:e4:ed:b6:52:01: 483s 96:7d:19:76:50:26:d1:a3:85:f2:ac:50:ed:69:18: 483s 77:13:df:cc:d0:d3:11:75:9a:51:da:de:30:5e:e7: 483s 3a:af:ad:35:54:37:73:be:21:ea:75:19:da:ca:69: 483s b7:58:c6:85:5c:6e:0a:4f:6a:ae:dd:88:51:76:c9: 483s ae:f2:6a:4a:ba:a7:91:0a:aa:af:84:2b:7d:9c:ed: 483s b8:dd:07:cb:2f:32:51:4d:c0:a3:05:aa:5a:28:32: 483s 89:31:81:5f:b3:39:bf:a6:77 483s Exponent: 65537 (0x10001) 483s X509v3 extensions: 483s X509v3 Authority Key Identifier: 483s DE:E3:7D:99:51:8C:DA:8C:90:FB:72:7E:0F:15:86:09:A4:A4:61:B4 483s X509v3 Basic Constraints: 483s CA:FALSE 483s Netscape Cert Type: 483s SSL Client, S/MIME 483s Netscape Comment: 483s Test Organization Root CA trusted Certificate 483s X509v3 Subject Key Identifier: 483s D7:D3:CA:8C:B8:7C:7C:DF:44:DD:29:BE:2C:6C:62:99:2B:C6:BC:F1 483s X509v3 Key Usage: critical 483s Digital Signature, Non Repudiation, Key Encipherment 483s X509v3 Extended Key Usage: 483s TLS Web Client Authentication, E-mail Protection 483s X509v3 Subject Alternative Name: 483s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 483s Signature Algorithm: sha256WithRSAEncryption 483s Signature Value: 483s 6f:f6:2b:01:ef:b5:49:48:0d:11:01:4a:0c:8a:e3:cb:53:bf: 483s 28:54:0f:1b:4d:1a:55:d6:b8:9c:0b:c2:df:dc:f2:00:06:03: 483s 93:b4:a7:70:f6:41:47:88:46:6e:d8:90:af:8c:29:8a:2a:eb: 483s d6:a8:53:c0:f7:0d:d5:ba:52:18:35:da:e5:86:48:29:9f:27: 483s a0:c2:46:94:01:d6:7b:ff:b8:7d:03:ca:8e:8c:74:56:67:03: 483s 56:63:d0:5c:a2:88:ca:f5:7f:4a:ae:5f:5f:a6:89:cf:cf:96: 483s 2c:ac:c2:7f:dd:63:ae:0c:16:b6:26:47:dd:8c:a1:6c:a8:e4: 483s 37:c1 483s + local found_md5 expected_md5 483s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s + expected_md5=Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 483s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-24601.pem 483s + found_md5=Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 483s + '[' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 '!=' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 ']' 483s + output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-24601-auth.output 483s ++ basename /tmp/sssd-softhsm2-48L3mX/SSSD-child-24601-auth.output .output 483s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-24601-auth.pem 483s + echo -n 053350 483s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-48L3mX/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 483s [p11_child[3170]] [main] (0x0400): p11_child started. 483s [p11_child[3170]] [main] (0x2000): Running in [auth] mode. 483s [p11_child[3170]] [main] (0x2000): Running with effective IDs: [0][0]. 483s [p11_child[3170]] [main] (0x2000): Running with real IDs [0][0]. 483s [p11_child[3170]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 483s [p11_child[3170]] [do_card] (0x4000): Module List: 483s [p11_child[3170]] [do_card] (0x4000): common name: [softhsm2]. 483s [p11_child[3170]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3170]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2568367f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 483s [p11_child[3170]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 483s [p11_child[3170]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2568367f][627586687] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3170]] [do_card] (0x4000): Login required. 483s [p11_child[3170]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 483s [p11_child[3170]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 483s [p11_child[3170]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 483s [p11_child[3170]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2568367f;slot-manufacturer=SoftHSM%20project;slot-id=627586687;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5cf9e4ce2568367f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 483s [p11_child[3170]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 483s [p11_child[3170]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 483s [p11_child[3170]] [do_card] (0x4000): Certificate verified and validated. 483s [p11_child[3170]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 483s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-24601-auth.output 483s + echo '-----BEGIN CERTIFICATE-----' 483s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-24601-auth.output 483s + echo '-----END CERTIFICATE-----' 483s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-24601-auth.pem 483s Certificate: 483s Data: 483s Version: 3 (0x2) 483s Serial Number: 3 (0x3) 483s Signature Algorithm: sha256WithRSAEncryption 483s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 483s Validity 483s Not Before: Mar 16 15:26:55 2024 GMT 483s Not After : Mar 16 15:26:55 2025 GMT 483s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 483s Subject Public Key Info: 483s Public Key Algorithm: rsaEncryption 483s Public-Key: (1024 bit) 483s Modulus: 483s 00:a2:92:3b:89:46:f0:83:2f:81:b1:6a:31:78:f1: 483s 9d:e1:4a:be:a1:7c:4a:28:21:60:e4:ed:b6:52:01: 483s 96:7d:19:76:50:26:d1:a3:85:f2:ac:50:ed:69:18: 483s 77:13:df:cc:d0:d3:11:75:9a:51:da:de:30:5e:e7: 483s 3a:af:ad:35:54:37:73:be:21:ea:75:19:da:ca:69: 483s b7:58:c6:85:5c:6e:0a:4f:6a:ae:dd:88:51:76:c9: 483s ae:f2:6a:4a:ba:a7:91:0a:aa:af:84:2b:7d:9c:ed: 483s b8:dd:07:cb:2f:32:51:4d:c0:a3:05:aa:5a:28:32: 483s 89:31:81:5f:b3:39:bf:a6:77 483s Exponent: 65537 (0x10001) 483s X509v3 extensions: 483s X509v3 Authority Key Identifier: 483s DE:E3:7D:99:51:8C:DA:8C:90:FB:72:7E:0F:15:86:09:A4:A4:61:B4 483s X509v3 Basic Constraints: 483s CA:FALSE 483s Netscape Cert Type: 483s SSL Client, S/MIME 483s Netscape Comment: 483s Test Organization Root CA trusted Certificate 483s X509v3 Subject Key Identifier: 483s D7:D3:CA:8C:B8:7C:7C:DF:44:DD:29:BE:2C:6C:62:99:2B:C6:BC:F1 483s X509v3 Key Usage: critical 483s Digital Signature, Non Repudiation, Key Encipherment 483s X509v3 Extended Key Usage: 483s TLS Web Client Authentication, E-mail Protection 483s X509v3 Subject Alternative Name: 483s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 483s Signature Algorithm: sha256WithRSAEncryption 483s Signature Value: 483s 6f:f6:2b:01:ef:b5:49:48:0d:11:01:4a:0c:8a:e3:cb:53:bf: 483s 28:54:0f:1b:4d:1a:55:d6:b8:9c:0b:c2:df:dc:f2:00:06:03: 483s 93:b4:a7:70:f6:41:47:88:46:6e:d8:90:af:8c:29:8a:2a:eb: 483s d6:a8:53:c0:f7:0d:d5:ba:52:18:35:da:e5:86:48:29:9f:27: 483s a0:c2:46:94:01:d6:7b:ff:b8:7d:03:ca:8e:8c:74:56:67:03: 483s 56:63:d0:5c:a2:88:ca:f5:7f:4a:ae:5f:5f:a6:89:cf:cf:96: 483s 2c:ac:c2:7f:dd:63:ae:0c:16:b6:26:47:dd:8c:a1:6c:a8:e4: 483s 37:c1 483s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-24601-auth.pem 483s + found_md5=Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 483s + '[' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 '!=' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 ']' 483s + valid_certificate /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 483s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 483s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s + local key_pass=pass:random-root-ca-trusted-cert-0001-20202 483s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 483s + local verify_option= 483s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 483s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s + local key_pass=pass:random-root-ca-trusted-cert-0001-20202 483s + local key_cn 483s + local key_name 483s + local tokens_dir 483s + local output_cert_file 483s + token_name= 483s ++ basename /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem .pem 483s + key_name=test-root-CA-trusted-certificate-0001 483s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s ++ sed -n 's/ *commonName *= //p' 483s + key_cn='Test Organization Root Trusted Certificate 0001' 483s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 483s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf 483s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf 483s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 483s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001 483s + token_name='Test Organization Root Tr Token' 483s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 483s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001 ']' 483s Test Organization Root Tr Token 483s + echo 'Test Organization Root Tr Token' 483s + '[' -n '' ']' 483s + local output_base_name=SSSD-child-24650 483s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-24650.output 483s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-24650.pem 483s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 483s [p11_child[3180]] [main] (0x0400): p11_child started. 483s [p11_child[3180]] [main] (0x2000): Running in [pre-auth] mode. 483s [p11_child[3180]] [main] (0x2000): Running with effective IDs: [0][0]. 483s [p11_child[3180]] [main] (0x2000): Running with real IDs [0][0]. 483s [p11_child[3180]] [do_card] (0x4000): Module List: 483s [p11_child[3180]] [do_card] (0x4000): common name: [softhsm2]. 483s [p11_child[3180]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3180]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2568367f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 483s [p11_child[3180]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 483s [p11_child[3180]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2568367f][627586687] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3180]] [do_card] (0x4000): Login NOT required. 483s [p11_child[3180]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 483s [p11_child[3180]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 483s [p11_child[3180]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 483s [p11_child[3180]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2568367f;slot-manufacturer=SoftHSM%20project;slot-id=627586687;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5cf9e4ce2568367f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 483s [p11_child[3180]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 483s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-24650.output 483s + echo '-----BEGIN CERTIFICATE-----' 483s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-24650.output 483s + echo '-----END CERTIFICATE-----' 483s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-24650.pem 483s Certificate: 483s Data: 483s Version: 3 (0x2) 483s Serial Number: 3 (0x3) 483s Signature Algorithm: sha256WithRSAEncryption 483s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 483s Validity 483s Not Before: Mar 16 15:26:55 2024 GMT 483s Not After : Mar 16 15:26:55 2025 GMT 483s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 483s Subject Public Key Info: 483s Public Key Algorithm: rsaEncryption 483s Public-Key: (1024 bit) 483s Modulus: 483s 00:a2:92:3b:89:46:f0:83:2f:81:b1:6a:31:78:f1: 483s 9d:e1:4a:be:a1:7c:4a:28:21:60:e4:ed:b6:52:01: 483s 96:7d:19:76:50:26:d1:a3:85:f2:ac:50:ed:69:18: 483s 77:13:df:cc:d0:d3:11:75:9a:51:da:de:30:5e:e7: 483s 3a:af:ad:35:54:37:73:be:21:ea:75:19:da:ca:69: 483s b7:58:c6:85:5c:6e:0a:4f:6a:ae:dd:88:51:76:c9: 483s ae:f2:6a:4a:ba:a7:91:0a:aa:af:84:2b:7d:9c:ed: 483s b8:dd:07:cb:2f:32:51:4d:c0:a3:05:aa:5a:28:32: 483s 89:31:81:5f:b3:39:bf:a6:77 483s Exponent: 65537 (0x10001) 483s X509v3 extensions: 483s X509v3 Authority Key Identifier: 483s DE:E3:7D:99:51:8C:DA:8C:90:FB:72:7E:0F:15:86:09:A4:A4:61:B4 483s X509v3 Basic Constraints: 483s CA:FALSE 483s Netscape Cert Type: 483s SSL Client, S/MIME 483s Netscape Comment: 483s Test Organization Root CA trusted Certificate 483s X509v3 Subject Key Identifier: 483s D7:D3:CA:8C:B8:7C:7C:DF:44:DD:29:BE:2C:6C:62:99:2B:C6:BC:F1 483s X509v3 Key Usage: critical 483s Digital Signature, Non Repudiation, Key Encipherment 483s X509v3 Extended Key Usage: 483s TLS Web Client Authentication, E-mail Protection 483s X509v3 Subject Alternative Name: 483s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 483s Signature Algorithm: sha256WithRSAEncryption 483s Signature Value: 483s 6f:f6:2b:01:ef:b5:49:48:0d:11:01:4a:0c:8a:e3:cb:53:bf: 483s 28:54:0f:1b:4d:1a:55:d6:b8:9c:0b:c2:df:dc:f2:00:06:03: 483s 93:b4:a7:70:f6:41:47:88:46:6e:d8:90:af:8c:29:8a:2a:eb: 483s d6:a8:53:c0:f7:0d:d5:ba:52:18:35:da:e5:86:48:29:9f:27: 483s a0:c2:46:94:01:d6:7b:ff:b8:7d:03:ca:8e:8c:74:56:67:03: 483s 56:63:d0:5c:a2:88:ca:f5:7f:4a:ae:5f:5f:a6:89:cf:cf:96: 483s 2c:ac:c2:7f:dd:63:ae:0c:16:b6:26:47:dd:8c:a1:6c:a8:e4: 483s 37:c1 483s + local found_md5 expected_md5 483s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s + expected_md5=Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 483s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-24650.pem 483s + found_md5=Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 483s + '[' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 '!=' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 ']' 483s + output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-24650-auth.output 483s ++ basename /tmp/sssd-softhsm2-48L3mX/SSSD-child-24650-auth.output .output 483s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-24650-auth.pem 483s + echo -n 053350 483s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 483s [p11_child[3188]] [main] (0x0400): p11_child started. 483s [p11_child[3188]] [main] (0x2000): Running in [auth] mode. 483s [p11_child[3188]] [main] (0x2000): Running with effective IDs: [0][0]. 483s [p11_child[3188]] [main] (0x2000): Running with real IDs [0][0]. 483s [p11_child[3188]] [do_card] (0x4000): Module List: 483s [p11_child[3188]] [do_card] (0x4000): common name: [softhsm2]. 483s [p11_child[3188]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3188]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2568367f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 483s [p11_child[3188]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 483s [p11_child[3188]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2568367f][627586687] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3188]] [do_card] (0x4000): Login required. 483s [p11_child[3188]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 483s [p11_child[3188]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 483s [p11_child[3188]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 483s [p11_child[3188]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2568367f;slot-manufacturer=SoftHSM%20project;slot-id=627586687;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5cf9e4ce2568367f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 483s [p11_child[3188]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 483s [p11_child[3188]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 483s [p11_child[3188]] [do_card] (0x4000): Certificate verified and validated. 483s [p11_child[3188]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 483s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-24650-auth.output 483s + echo '-----BEGIN CERTIFICATE-----' 483s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-24650-auth.output 483s + echo '-----END CERTIFICATE-----' 483s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-24650-auth.pem 483s Certificate: 483s Data: 483s Version: 3 (0x2) 483s Serial Number: 3 (0x3) 483s Signature Algorithm: sha256WithRSAEncryption 483s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 483s Validity 483s Not Before: Mar 16 15:26:55 2024 GMT 483s Not After : Mar 16 15:26:55 2025 GMT 483s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 483s Subject Public Key Info: 483s Public Key Algorithm: rsaEncryption 483s Public-Key: (1024 bit) 483s Modulus: 483s 00:a2:92:3b:89:46:f0:83:2f:81:b1:6a:31:78:f1: 483s 9d:e1:4a:be:a1:7c:4a:28:21:60:e4:ed:b6:52:01: 483s 96:7d:19:76:50:26:d1:a3:85:f2:ac:50:ed:69:18: 483s 77:13:df:cc:d0:d3:11:75:9a:51:da:de:30:5e:e7: 483s 3a:af:ad:35:54:37:73:be:21:ea:75:19:da:ca:69: 483s b7:58:c6:85:5c:6e:0a:4f:6a:ae:dd:88:51:76:c9: 483s ae:f2:6a:4a:ba:a7:91:0a:aa:af:84:2b:7d:9c:ed: 483s b8:dd:07:cb:2f:32:51:4d:c0:a3:05:aa:5a:28:32: 483s 89:31:81:5f:b3:39:bf:a6:77 483s Exponent: 65537 (0x10001) 483s X509v3 extensions: 483s X509v3 Authority Key Identifier: 483s DE:E3:7D:99:51:8C:DA:8C:90:FB:72:7E:0F:15:86:09:A4:A4:61:B4 483s X509v3 Basic Constraints: 483s CA:FALSE 483s Netscape Cert Type: 483s SSL Client, S/MIME 483s Netscape Comment: 483s Test Organization Root CA trusted Certificate 483s X509v3 Subject Key Identifier: 483s D7:D3:CA:8C:B8:7C:7C:DF:44:DD:29:BE:2C:6C:62:99:2B:C6:BC:F1 483s X509v3 Key Usage: critical 483s Digital Signature, Non Repudiation, Key Encipherment 483s X509v3 Extended Key Usage: 483s TLS Web Client Authentication, E-mail Protection 483s X509v3 Subject Alternative Name: 483s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 483s Signature Algorithm: sha256WithRSAEncryption 483s Signature Value: 483s 6f:f6:2b:01:ef:b5:49:48:0d:11:01:4a:0c:8a:e3:cb:53:bf: 483s 28:54:0f:1b:4d:1a:55:d6:b8:9c:0b:c2:df:dc:f2:00:06:03: 483s 93:b4:a7:70:f6:41:47:88:46:6e:d8:90:af:8c:29:8a:2a:eb: 483s d6:a8:53:c0:f7:0d:d5:ba:52:18:35:da:e5:86:48:29:9f:27: 483s a0:c2:46:94:01:d6:7b:ff:b8:7d:03:ca:8e:8c:74:56:67:03: 483s 56:63:d0:5c:a2:88:ca:f5:7f:4a:ae:5f:5f:a6:89:cf:cf:96: 483s 2c:ac:c2:7f:dd:63:ae:0c:16:b6:26:47:dd:8c:a1:6c:a8:e4: 483s 37:c1 483s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-24650-auth.pem 483s + found_md5=Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 483s + '[' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 '!=' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 ']' 483s + valid_certificate /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem partial_chain 483s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem partial_chain 483s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s + local key_pass=pass:random-root-ca-trusted-cert-0001-20202 483s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 483s + local verify_option=partial_chain 483s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 483s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s + local key_pass=pass:random-root-ca-trusted-cert-0001-20202 483s + local key_cn 483s + local key_name 483s + local tokens_dir 483s + local output_cert_file 483s + token_name= 483s ++ basename /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem .pem 483s + key_name=test-root-CA-trusted-certificate-0001 483s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s ++ sed -n 's/ *commonName *= //p' 483s + key_cn='Test Organization Root Trusted Certificate 0001' 483s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 483s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf 483s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf 483s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 483s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001 483s + token_name='Test Organization Root Tr Token' 483s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 483s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001 ']' 483s Test Organization Root Tr Token 483s + echo 'Test Organization Root Tr Token' 483s + '[' -n partial_chain ']' 483s + local verify_arg=--verify=partial_chain 483s + local output_base_name=SSSD-child-3175 483s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-3175.output 483s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-3175.pem 483s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 483s [p11_child[3198]] [main] (0x0400): p11_child started. 483s [p11_child[3198]] [main] (0x2000): Running in [pre-auth] mode. 483s [p11_child[3198]] [main] (0x2000): Running with effective IDs: [0][0]. 483s [p11_child[3198]] [main] (0x2000): Running with real IDs [0][0]. 483s [p11_child[3198]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 483s [p11_child[3198]] [do_card] (0x4000): Module List: 483s [p11_child[3198]] [do_card] (0x4000): common name: [softhsm2]. 483s [p11_child[3198]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3198]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2568367f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 483s [p11_child[3198]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 483s [p11_child[3198]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2568367f][627586687] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3198]] [do_card] (0x4000): Login NOT required. 483s [p11_child[3198]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 483s [p11_child[3198]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 483s [p11_child[3198]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 483s [p11_child[3198]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2568367f;slot-manufacturer=SoftHSM%20project;slot-id=627586687;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5cf9e4ce2568367f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 483s [p11_child[3198]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 483s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-3175.output 483s + echo '-----BEGIN CERTIFICATE-----' 483s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-3175.output 483s + echo '-----END CERTIFICATE-----' 483s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-3175.pem 483s Certificate: 483s Data: 483s Version: 3 (0x2) 483s Serial Number: 3 (0x3) 483s Signature Algorithm: sha256WithRSAEncryption 483s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 483s Validity 483s Not Before: Mar 16 15:26:55 2024 GMT 483s Not After : Mar 16 15:26:55 2025 GMT 483s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 483s Subject Public Key Info: 483s Public Key Algorithm: rsaEncryption 483s Public-Key: (1024 bit) 483s Modulus: 483s 00:a2:92:3b:89:46:f0:83:2f:81:b1:6a:31:78:f1: 483s 9d:e1:4a:be:a1:7c:4a:28:21:60:e4:ed:b6:52:01: 483s 96:7d:19:76:50:26:d1:a3:85:f2:ac:50:ed:69:18: 483s 77:13:df:cc:d0:d3:11:75:9a:51:da:de:30:5e:e7: 483s 3a:af:ad:35:54:37:73:be:21:ea:75:19:da:ca:69: 483s b7:58:c6:85:5c:6e:0a:4f:6a:ae:dd:88:51:76:c9: 483s ae:f2:6a:4a:ba:a7:91:0a:aa:af:84:2b:7d:9c:ed: 483s b8:dd:07:cb:2f:32:51:4d:c0:a3:05:aa:5a:28:32: 483s 89:31:81:5f:b3:39:bf:a6:77 483s Exponent: 65537 (0x10001) 483s X509v3 extensions: 483s X509v3 Authority Key Identifier: 483s DE:E3:7D:99:51:8C:DA:8C:90:FB:72:7E:0F:15:86:09:A4:A4:61:B4 483s X509v3 Basic Constraints: 483s CA:FALSE 483s Netscape Cert Type: 483s SSL Client, S/MIME 483s Netscape Comment: 483s Test Organization Root CA trusted Certificate 483s X509v3 Subject Key Identifier: 483s D7:D3:CA:8C:B8:7C:7C:DF:44:DD:29:BE:2C:6C:62:99:2B:C6:BC:F1 483s X509v3 Key Usage: critical 483s Digital Signature, Non Repudiation, Key Encipherment 483s X509v3 Extended Key Usage: 483s TLS Web Client Authentication, E-mail Protection 483s X509v3 Subject Alternative Name: 483s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 483s Signature Algorithm: sha256WithRSAEncryption 483s Signature Value: 483s 6f:f6:2b:01:ef:b5:49:48:0d:11:01:4a:0c:8a:e3:cb:53:bf: 483s 28:54:0f:1b:4d:1a:55:d6:b8:9c:0b:c2:df:dc:f2:00:06:03: 483s 93:b4:a7:70:f6:41:47:88:46:6e:d8:90:af:8c:29:8a:2a:eb: 483s d6:a8:53:c0:f7:0d:d5:ba:52:18:35:da:e5:86:48:29:9f:27: 483s a0:c2:46:94:01:d6:7b:ff:b8:7d:03:ca:8e:8c:74:56:67:03: 483s 56:63:d0:5c:a2:88:ca:f5:7f:4a:ae:5f:5f:a6:89:cf:cf:96: 483s 2c:ac:c2:7f:dd:63:ae:0c:16:b6:26:47:dd:8c:a1:6c:a8:e4: 483s 37:c1 483s + local found_md5 expected_md5 483s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s + expected_md5=Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 483s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-3175.pem 483s + found_md5=Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 483s + '[' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 '!=' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 ']' 483s + output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-3175-auth.output 483s ++ basename /tmp/sssd-softhsm2-48L3mX/SSSD-child-3175-auth.output .output 483s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-3175-auth.pem 483s + echo -n 053350 483s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 483s [p11_child[3206]] [main] (0x0400): p11_child started. 483s [p11_child[3206]] [main] (0x2000): Running in [auth] mode. 483s [p11_child[3206]] [main] (0x2000): Running with effective IDs: [0][0]. 483s [p11_child[3206]] [main] (0x2000): Running with real IDs [0][0]. 483s [p11_child[3206]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 483s [p11_child[3206]] [do_card] (0x4000): Module List: 483s [p11_child[3206]] [do_card] (0x4000): common name: [softhsm2]. 483s [p11_child[3206]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3206]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2568367f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 483s [p11_child[3206]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 483s [p11_child[3206]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2568367f][627586687] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3206]] [do_card] (0x4000): Login required. 483s [p11_child[3206]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 483s [p11_child[3206]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 483s [p11_child[3206]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 483s [p11_child[3206]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x2568367f;slot-manufacturer=SoftHSM%20project;slot-id=627586687;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5cf9e4ce2568367f;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 483s [p11_child[3206]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 483s [p11_child[3206]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 483s [p11_child[3206]] [do_card] (0x4000): Certificate verified and validated. 483s [p11_child[3206]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 483s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-3175-auth.output 483s + echo '-----BEGIN CERTIFICATE-----' 483s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-3175-auth.output 483s + echo '-----END CERTIFICATE-----' 483s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-3175-auth.pem 483s Certificate: 483s Data: 483s Version: 3 (0x2) 483s Serial Number: 3 (0x3) 483s Signature Algorithm: sha256WithRSAEncryption 483s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 483s Validity 483s Not Before: Mar 16 15:26:55 2024 GMT 483s Not After : Mar 16 15:26:55 2025 GMT 483s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 483s Subject Public Key Info: 483s Public Key Algorithm: rsaEncryption 483s Public-Key: (1024 bit) 483s Modulus: 483s 00:a2:92:3b:89:46:f0:83:2f:81:b1:6a:31:78:f1: 483s 9d:e1:4a:be:a1:7c:4a:28:21:60:e4:ed:b6:52:01: 483s 96:7d:19:76:50:26:d1:a3:85:f2:ac:50:ed:69:18: 483s 77:13:df:cc:d0:d3:11:75:9a:51:da:de:30:5e:e7: 483s 3a:af:ad:35:54:37:73:be:21:ea:75:19:da:ca:69: 483s b7:58:c6:85:5c:6e:0a:4f:6a:ae:dd:88:51:76:c9: 483s ae:f2:6a:4a:ba:a7:91:0a:aa:af:84:2b:7d:9c:ed: 483s b8:dd:07:cb:2f:32:51:4d:c0:a3:05:aa:5a:28:32: 483s 89:31:81:5f:b3:39:bf:a6:77 483s Exponent: 65537 (0x10001) 483s X509v3 extensions: 483s X509v3 Authority Key Identifier: 483s DE:E3:7D:99:51:8C:DA:8C:90:FB:72:7E:0F:15:86:09:A4:A4:61:B4 483s X509v3 Basic Constraints: 483s CA:FALSE 483s Netscape Cert Type: 483s SSL Client, S/MIME 483s Netscape Comment: 483s Test Organization Root CA trusted Certificate 483s X509v3 Subject Key Identifier: 483s D7:D3:CA:8C:B8:7C:7C:DF:44:DD:29:BE:2C:6C:62:99:2B:C6:BC:F1 483s X509v3 Key Usage: critical 483s Digital Signature, Non Repudiation, Key Encipherment 483s X509v3 Extended Key Usage: 483s TLS Web Client Authentication, E-mail Protection 483s X509v3 Subject Alternative Name: 483s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 483s Signature Algorithm: sha256WithRSAEncryption 483s Signature Value: 483s 6f:f6:2b:01:ef:b5:49:48:0d:11:01:4a:0c:8a:e3:cb:53:bf: 483s 28:54:0f:1b:4d:1a:55:d6:b8:9c:0b:c2:df:dc:f2:00:06:03: 483s 93:b4:a7:70:f6:41:47:88:46:6e:d8:90:af:8c:29:8a:2a:eb: 483s d6:a8:53:c0:f7:0d:d5:ba:52:18:35:da:e5:86:48:29:9f:27: 483s a0:c2:46:94:01:d6:7b:ff:b8:7d:03:ca:8e:8c:74:56:67:03: 483s 56:63:d0:5c:a2:88:ca:f5:7f:4a:ae:5f:5f:a6:89:cf:cf:96: 483s 2c:ac:c2:7f:dd:63:ae:0c:16:b6:26:47:dd:8c:a1:6c:a8:e4: 483s 37:c1 483s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-3175-auth.pem 483s + found_md5=Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 483s + '[' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 '!=' Modulus=A2923B8946F0832F81B16A3178F19DE14ABEA17C4A282160E4EDB65201967D19765026D1A385F2AC50ED69187713DFCCD0D311759A51DADE305EE73AAFAD35543773BE21EA7519DACA69B758C6855C6E0A4F6AAEDD885176C9AEF26A4ABAA7910AAAAF842B7D9CEDB8DD07CB2F32514DC0A305AA5A28328931815FB339BFA677 ']' 483s + invalid_certificate /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem 483s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem 483s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s + local key_pass=pass:random-root-ca-trusted-cert-0001-20202 483s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem 483s + local verify_option= 483s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 483s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s + local key_pass=pass:random-root-ca-trusted-cert-0001-20202 483s + local key_cn 483s + local key_name 483s + local tokens_dir 483s + local output_cert_file 483s + token_name= 483s ++ basename /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem .pem 483s + key_name=test-root-CA-trusted-certificate-0001 483s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s ++ sed -n 's/ *commonName *= //p' 483s + key_cn='Test Organization Root Trusted Certificate 0001' 483s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 483s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf 483s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf 483s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 483s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001 483s + token_name='Test Organization Root Tr Token' 483s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 483s Test Organization Root Tr Token 483s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001 ']' 483s + echo 'Test Organization Root Tr Token' 483s + '[' -n '' ']' 483s + local output_base_name=SSSD-child-3306 483s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-3306.output 483s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-3306.pem 483s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem 483s [p11_child[3216]] [main] (0x0400): p11_child started. 483s [p11_child[3216]] [main] (0x2000): Running in [pre-auth] mode. 483s [p11_child[3216]] [main] (0x2000): Running with effective IDs: [0][0]. 483s [p11_child[3216]] [main] (0x2000): Running with real IDs [0][0]. 483s [p11_child[3216]] [do_card] (0x4000): Module List: 483s [p11_child[3216]] [do_card] (0x4000): common name: [softhsm2]. 483s [p11_child[3216]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3216]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2568367f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 483s [p11_child[3216]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 483s [p11_child[3216]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2568367f][627586687] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3216]] [do_card] (0x4000): Login NOT required. 483s [p11_child[3216]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 483s [p11_child[3216]] [do_verification] (0x0040): X509_verify_cert failed [0]. 483s [p11_child[3216]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 483s [p11_child[3216]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 483s [p11_child[3216]] [do_card] (0x4000): No certificate found. 483s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-3306.output 483s + return 2 483s + invalid_certificate /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem partial_chain 483s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem partial_chain 483s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s + local key_pass=pass:random-root-ca-trusted-cert-0001-20202 483s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem 483s + local verify_option=partial_chain 483s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-20202 483s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s + local key_pass=pass:random-root-ca-trusted-cert-0001-20202 483s + local key_cn 483s + local key_name 483s + local tokens_dir 483s + local output_cert_file 483s + token_name= 483s ++ basename /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem .pem 483s + key_name=test-root-CA-trusted-certificate-0001 483s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-root-CA-trusted-certificate-0001.pem 483s ++ sed -n 's/ *commonName *= //p' 483s + key_cn='Test Organization Root Trusted Certificate 0001' 483s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 483s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf 483s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf 483s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 483s Test Organization Root Tr Token 483s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001 483s + token_name='Test Organization Root Tr Token' 483s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 483s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-root-CA-trusted-certificate-0001 ']' 483s + echo 'Test Organization Root Tr Token' 483s + '[' -n partial_chain ']' 483s + local verify_arg=--verify=partial_chain 483s + local output_base_name=SSSD-child-25369 483s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-25369.output 483s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-25369.pem 483s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem 483s [p11_child[3223]] [main] (0x0400): p11_child started. 483s [p11_child[3223]] [main] (0x2000): Running in [pre-auth] mode. 483s [p11_child[3223]] [main] (0x2000): Running with effective IDs: [0][0]. 483s [p11_child[3223]] [main] (0x2000): Running with real IDs [0][0]. 483s [p11_child[3223]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 483s [p11_child[3223]] [do_card] (0x4000): Module List: 483s [p11_child[3223]] [do_card] (0x4000): common name: [softhsm2]. 483s [p11_child[3223]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3223]] [do_card] (0x4000): Description [SoftHSM slot ID 0x2568367f] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 483s [p11_child[3223]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 483s [p11_child[3223]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x2568367f][627586687] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3223]] [do_card] (0x4000): Login NOT required. 483s [p11_child[3223]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 483s [p11_child[3223]] [do_verification] (0x0040): X509_verify_cert failed [0]. 483s [p11_child[3223]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 483s [p11_child[3223]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 483s [p11_child[3223]] [do_card] (0x4000): No certificate found. 483s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-25369.output 483s + return 2 483s + invalid_certificate /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 /dev/null 483s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 /dev/null 483s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 483s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27618 483s + local key_ring=/dev/null 483s + local verify_option= 483s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 483s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 483s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27618 483s + local key_cn 483s + local key_name 483s + local tokens_dir 483s + local output_cert_file 483s + token_name= 483s ++ basename /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem .pem 483s + key_name=test-intermediate-CA-trusted-certificate-0001 483s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 483s ++ sed -n 's/ *commonName *= //p' 483s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 483s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 483s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 483s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 483s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 483s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001 483s + token_name='Test Organization Interme Token' 483s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 483s + local key_file 483s + local decrypted_key 483s + mkdir -p /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001 483s + key_file=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001-key.pem 483s + decrypted_key=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 483s + cat 483s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 053350 --so-pin 053350 --free 483s Slot 0 has a free/uninitialized token. 483s The token has been initialized and is reassigned to slot 1397457269 483s + softhsm2-util --show-slots 483s Available slots: 483s Slot 1397457269 483s Slot info: 483s Description: SoftHSM slot ID 0x534b8175 483s Manufacturer ID: SoftHSM project 483s Hardware version: 2.6 483s Firmware version: 2.6 483s Token present: yes 483s Token info: 483s Manufacturer ID: SoftHSM project 483s Model: SoftHSM v2 483s Hardware version: 2.6 483s Firmware version: 2.6 483s Serial number: ce003ac2d34b8175 483s Initialized: yes 483s User PIN init.: yes 483s Label: Test Organization Interme Token 483s Slot 1 483s Slot info: 483s Description: SoftHSM slot ID 0x1 483s Manufacturer ID: SoftHSM project 483s Hardware version: 2.6 483s Firmware version: 2.6 483s Token present: yes 483s Token info: 483s Manufacturer ID: SoftHSM project 483s Model: SoftHSM v2 483s Hardware version: 2.6 483s Firmware version: 2.6 483s Serial number: 483s Initialized: no 483s User PIN init.: no 483s Label: 483s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 483s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-27618 -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 483s writing RSA key 483s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 483s + rm /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 483s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 483s Object 0: 483s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ce003ac2d34b8175;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 483s Type: X.509 Certificate (RSA-1024) 483s Expires: Sun Mar 16 15:26:55 2025 483s Label: Test Organization Intermediate Trusted Certificate 0001 483s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 483s 483s + echo 'Test Organization Interme Token' 483s Test Organization Interme Token 483s + '[' -n '' ']' 483s + local output_base_name=SSSD-child-32406 483s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-32406.output 483s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-32406.pem 483s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 483s [p11_child[3239]] [main] (0x0400): p11_child started. 483s [p11_child[3239]] [main] (0x2000): Running in [pre-auth] mode. 483s [p11_child[3239]] [main] (0x2000): Running with effective IDs: [0][0]. 483s [p11_child[3239]] [main] (0x2000): Running with real IDs [0][0]. 483s [p11_child[3239]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 483s [p11_child[3239]] [do_work] (0x0040): init_verification failed. 483s [p11_child[3239]] [main] (0x0020): p11_child failed (5) 483s + return 2 483s + valid_certificate /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 /dev/null no_verification 483s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 /dev/null no_verification 483s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 483s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27618 483s + local key_ring=/dev/null 483s + local verify_option=no_verification 483s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 483s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 483s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27618 483s + local key_cn 483s + local key_name 483s + local tokens_dir 483s + local output_cert_file 483s + token_name= 483s ++ basename /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem .pem 483s + key_name=test-intermediate-CA-trusted-certificate-0001 483s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 483s ++ sed -n 's/ *commonName *= //p' 483s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 483s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 483s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 483s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 483s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 483s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001 483s + token_name='Test Organization Interme Token' 483s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 483s Test Organization Interme Token 483s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 483s + echo 'Test Organization Interme Token' 483s + '[' -n no_verification ']' 483s + local verify_arg=--verify=no_verification 483s + local output_base_name=SSSD-child-8785 483s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-8785.output 483s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-8785.pem 483s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 483s [p11_child[3245]] [main] (0x0400): p11_child started. 483s [p11_child[3245]] [main] (0x2000): Running in [pre-auth] mode. 483s [p11_child[3245]] [main] (0x2000): Running with effective IDs: [0][0]. 483s [p11_child[3245]] [main] (0x2000): Running with real IDs [0][0]. 483s [p11_child[3245]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 483s [p11_child[3245]] [do_card] (0x4000): Module List: 483s [p11_child[3245]] [do_card] (0x4000): common name: [softhsm2]. 483s [p11_child[3245]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3245]] [do_card] (0x4000): Description [SoftHSM slot ID 0x534b8175] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 483s [p11_child[3245]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 483s [p11_child[3245]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x534b8175][1397457269] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 483s [p11_child[3245]] [do_card] (0x4000): Login NOT required. 483s [p11_child[3245]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 483s [p11_child[3245]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 483s [p11_child[3245]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x534b8175;slot-manufacturer=SoftHSM%20project;slot-id=1397457269;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ce003ac2d34b8175;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 483s [p11_child[3245]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 483s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-8785.output 483s + echo '-----BEGIN CERTIFICATE-----' 483s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-8785.output 483s + echo '-----END CERTIFICATE-----' 483s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-8785.pem 483s Certificate: 483s Data: 483s Version: 3 (0x2) 483s Serial Number: 4 (0x4) 483s Signature Algorithm: sha256WithRSAEncryption 483s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 483s Validity 483s Not Before: Mar 16 15:26:55 2024 GMT 483s Not After : Mar 16 15:26:55 2025 GMT 483s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 483s Subject Public Key Info: 483s Public Key Algorithm: rsaEncryption 483s Public-Key: (1024 bit) 483s Modulus: 483s 00:cb:df:c8:5a:77:11:2a:d5:f5:82:3e:ba:b4:29: 483s 2b:1e:bb:03:2e:b2:73:45:19:11:e9:54:e6:02:a9: 483s dd:c4:ef:94:45:fd:b0:f0:b7:29:d8:77:a0:b3:5d: 483s 77:93:e2:bc:8e:23:38:a6:1e:c9:5e:ea:a8:c7:7f: 483s 79:fe:6f:ae:5c:50:a9:ba:4c:7c:34:53:a2:da:c7: 483s 29:97:1b:06:7a:25:53:a6:e0:a7:65:1e:c8:f1:60: 483s f2:f1:8b:54:a4:b2:64:4d:6b:ef:27:66:d6:91:1d: 483s ff:9e:8f:01:d4:98:df:13:e2:19:5c:c7:e3:46:37: 483s 0b:a1:4b:99:69:f6:b1:3d:73 483s Exponent: 65537 (0x10001) 483s X509v3 extensions: 483s X509v3 Authority Key Identifier: 483s E4:C1:7F:14:15:48:D9:2C:35:FE:BA:A8:3B:C7:16:9D:AD:34:9A:65 483s X509v3 Basic Constraints: 483s CA:FALSE 483s Netscape Cert Type: 483s SSL Client, S/MIME 483s Netscape Comment: 483s Test Organization Intermediate CA trusted Certificate 483s X509v3 Subject Key Identifier: 483s 2A:8A:41:49:63:95:BA:8C:D7:7D:F4:7B:63:A4:43:9A:48:34:56:9A 483s X509v3 Key Usage: critical 483s Digital Signature, Non Repudiation, Key Encipherment 483s X509v3 Extended Key Usage: 483s TLS Web Client Authentication, E-mail Protection 483s X509v3 Subject Alternative Name: 483s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 483s Signature Algorithm: sha256WithRSAEncryption 483s Signature Value: 483s 96:64:29:f7:07:e9:fc:19:e6:20:1e:75:c2:f6:54:54:b5:e1: 483s fb:09:a4:3f:f4:a4:a9:35:34:13:fc:58:65:56:59:d7:10:86: 483s ad:2c:fd:a5:13:f1:29:fe:52:e6:47:2f:1e:72:85:ae:f1:c5: 483s 3f:35:02:87:57:7d:65:18:95:c2:a6:4c:43:a5:34:0d:d1:43: 483s 9b:33:ce:1d:e5:12:71:f6:4e:ab:2a:3b:b1:8b:28:36:05:d0: 483s 59:52:59:ca:49:29:c5:48:f6:cd:a0:2d:75:bf:93:7b:87:67: 483s da:77:c0:b0:b7:1e:7b:78:bf:6c:40:e9:86:2c:11:34:01:1c: 483s 8c:0a 483s + local found_md5 expected_md5 483s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s + expected_md5=Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 484s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-8785.pem 484s + found_md5=Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 484s + '[' Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 '!=' Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 ']' 484s + output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-8785-auth.output 484s ++ basename /tmp/sssd-softhsm2-48L3mX/SSSD-child-8785-auth.output .output 484s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-8785-auth.pem 484s + echo -n 053350 484s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Interme Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 484s [p11_child[3253]] [main] (0x0400): p11_child started. 484s [p11_child[3253]] [main] (0x2000): Running in [auth] mode. 484s [p11_child[3253]] [main] (0x2000): Running with effective IDs: [0][0]. 484s [p11_child[3253]] [main] (0x2000): Running with real IDs [0][0]. 484s [p11_child[3253]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 484s [p11_child[3253]] [do_card] (0x4000): Module List: 484s [p11_child[3253]] [do_card] (0x4000): common name: [softhsm2]. 484s [p11_child[3253]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3253]] [do_card] (0x4000): Description [SoftHSM slot ID 0x534b8175] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 484s [p11_child[3253]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 484s [p11_child[3253]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x534b8175][1397457269] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3253]] [do_card] (0x4000): Login required. 484s [p11_child[3253]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 484s [p11_child[3253]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 484s [p11_child[3253]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x534b8175;slot-manufacturer=SoftHSM%20project;slot-id=1397457269;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ce003ac2d34b8175;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 484s [p11_child[3253]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 484s [p11_child[3253]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 484s [p11_child[3253]] [do_card] (0x4000): Certificate verified and validated. 484s [p11_child[3253]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 484s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-8785-auth.output 484s + echo '-----BEGIN CERTIFICATE-----' 484s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-8785-auth.output 484s + echo '-----END CERTIFICATE-----' 484s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-8785-auth.pem 484s Certificate: 484s Data: 484s Version: 3 (0x2) 484s Serial Number: 4 (0x4) 484s Signature Algorithm: sha256WithRSAEncryption 484s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 484s Validity 484s Not Before: Mar 16 15:26:55 2024 GMT 484s Not After : Mar 16 15:26:55 2025 GMT 484s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 484s Subject Public Key Info: 484s Public Key Algorithm: rsaEncryption 484s Public-Key: (1024 bit) 484s Modulus: 484s 00:cb:df:c8:5a:77:11:2a:d5:f5:82:3e:ba:b4:29: 484s 2b:1e:bb:03:2e:b2:73:45:19:11:e9:54:e6:02:a9: 484s dd:c4:ef:94:45:fd:b0:f0:b7:29:d8:77:a0:b3:5d: 484s 77:93:e2:bc:8e:23:38:a6:1e:c9:5e:ea:a8:c7:7f: 484s 79:fe:6f:ae:5c:50:a9:ba:4c:7c:34:53:a2:da:c7: 484s 29:97:1b:06:7a:25:53:a6:e0:a7:65:1e:c8:f1:60: 484s f2:f1:8b:54:a4:b2:64:4d:6b:ef:27:66:d6:91:1d: 484s ff:9e:8f:01:d4:98:df:13:e2:19:5c:c7:e3:46:37: 484s 0b:a1:4b:99:69:f6:b1:3d:73 484s Exponent: 65537 (0x10001) 484s X509v3 extensions: 484s X509v3 Authority Key Identifier: 484s E4:C1:7F:14:15:48:D9:2C:35:FE:BA:A8:3B:C7:16:9D:AD:34:9A:65 484s X509v3 Basic Constraints: 484s CA:FALSE 484s Netscape Cert Type: 484s SSL Client, S/MIME 484s Netscape Comment: 484s Test Organization Intermediate CA trusted Certificate 484s X509v3 Subject Key Identifier: 484s 2A:8A:41:49:63:95:BA:8C:D7:7D:F4:7B:63:A4:43:9A:48:34:56:9A 484s X509v3 Key Usage: critical 484s Digital Signature, Non Repudiation, Key Encipherment 484s X509v3 Extended Key Usage: 484s TLS Web Client Authentication, E-mail Protection 484s X509v3 Subject Alternative Name: 484s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 484s Signature Algorithm: sha256WithRSAEncryption 484s Signature Value: 484s 96:64:29:f7:07:e9:fc:19:e6:20:1e:75:c2:f6:54:54:b5:e1: 484s fb:09:a4:3f:f4:a4:a9:35:34:13:fc:58:65:56:59:d7:10:86: 484s ad:2c:fd:a5:13:f1:29:fe:52:e6:47:2f:1e:72:85:ae:f1:c5: 484s 3f:35:02:87:57:7d:65:18:95:c2:a6:4c:43:a5:34:0d:d1:43: 484s 9b:33:ce:1d:e5:12:71:f6:4e:ab:2a:3b:b1:8b:28:36:05:d0: 484s 59:52:59:ca:49:29:c5:48:f6:cd:a0:2d:75:bf:93:7b:87:67: 484s da:77:c0:b0:b7:1e:7b:78:bf:6c:40:e9:86:2c:11:34:01:1c: 484s 8c:0a 484s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-8785-auth.pem 484s + found_md5=Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 484s + '[' Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 '!=' Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 ']' 484s + invalid_certificate /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 484s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 484s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 484s + local verify_option= 484s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local key_cn 484s + local key_name 484s + local tokens_dir 484s + local output_cert_file 484s + token_name= 484s ++ basename /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem .pem 484s + key_name=test-intermediate-CA-trusted-certificate-0001 484s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s ++ sed -n 's/ *commonName *= //p' 484s Test Organization Interme Token 484s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 484s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 484s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 484s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 484s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 484s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001 484s + token_name='Test Organization Interme Token' 484s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 484s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 484s + echo 'Test Organization Interme Token' 484s + '[' -n '' ']' 484s + local output_base_name=SSSD-child-14146 484s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-14146.output 484s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-14146.pem 484s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 484s [p11_child[3263]] [main] (0x0400): p11_child started. 484s [p11_child[3263]] [main] (0x2000): Running in [pre-auth] mode. 484s [p11_child[3263]] [main] (0x2000): Running with effective IDs: [0][0]. 484s [p11_child[3263]] [main] (0x2000): Running with real IDs [0][0]. 484s [p11_child[3263]] [do_card] (0x4000): Module List: 484s [p11_child[3263]] [do_card] (0x4000): common name: [softhsm2]. 484s [p11_child[3263]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3263]] [do_card] (0x4000): Description [SoftHSM slot ID 0x534b8175] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 484s [p11_child[3263]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 484s [p11_child[3263]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x534b8175][1397457269] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3263]] [do_card] (0x4000): Login NOT required. 484s [p11_child[3263]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 484s [p11_child[3263]] [do_verification] (0x0040): X509_verify_cert failed [0]. 484s [p11_child[3263]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 484s [p11_child[3263]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 484s [p11_child[3263]] [do_card] (0x4000): No certificate found. 484s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-14146.output 484s + return 2 484s + invalid_certificate /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem partial_chain 484s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem partial_chain 484s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 484s + local verify_option=partial_chain 484s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local key_cn 484s + local key_name 484s + local tokens_dir 484s + local output_cert_file 484s + token_name= 484s ++ basename /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem .pem 484s + key_name=test-intermediate-CA-trusted-certificate-0001 484s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s ++ sed -n 's/ *commonName *= //p' 484s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 484s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 484s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 484s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 484s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 484s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001 484s + token_name='Test Organization Interme Token' 484s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 484s Test Organization Interme Token 484s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 484s + echo 'Test Organization Interme Token' 484s + '[' -n partial_chain ']' 484s + local verify_arg=--verify=partial_chain 484s + local output_base_name=SSSD-child-13143 484s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-13143.output 484s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-13143.pem 484s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 484s [p11_child[3270]] [main] (0x0400): p11_child started. 484s [p11_child[3270]] [main] (0x2000): Running in [pre-auth] mode. 484s [p11_child[3270]] [main] (0x2000): Running with effective IDs: [0][0]. 484s [p11_child[3270]] [main] (0x2000): Running with real IDs [0][0]. 484s [p11_child[3270]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 484s [p11_child[3270]] [do_card] (0x4000): Module List: 484s [p11_child[3270]] [do_card] (0x4000): common name: [softhsm2]. 484s [p11_child[3270]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3270]] [do_card] (0x4000): Description [SoftHSM slot ID 0x534b8175] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 484s [p11_child[3270]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 484s [p11_child[3270]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x534b8175][1397457269] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3270]] [do_card] (0x4000): Login NOT required. 484s [p11_child[3270]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 484s [p11_child[3270]] [do_verification] (0x0040): X509_verify_cert failed [0]. 484s [p11_child[3270]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 484s [p11_child[3270]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 484s [p11_child[3270]] [do_card] (0x4000): No certificate found. 484s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-13143.output 484s + return 2 484s + valid_certificate /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 484s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 484s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 484s + local verify_option= 484s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local key_cn 484s + local key_name 484s + local tokens_dir 484s + local output_cert_file 484s + token_name= 484s ++ basename /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem .pem 484s + key_name=test-intermediate-CA-trusted-certificate-0001 484s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s ++ sed -n 's/ *commonName *= //p' 484s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 484s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 484s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 484s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 484s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 484s Test Organization Interme Token 484s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001 484s + token_name='Test Organization Interme Token' 484s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 484s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 484s + echo 'Test Organization Interme Token' 484s + '[' -n '' ']' 484s + local output_base_name=SSSD-child-14324 484s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-14324.output 484s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-14324.pem 484s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 484s [p11_child[3277]] [main] (0x0400): p11_child started. 484s [p11_child[3277]] [main] (0x2000): Running in [pre-auth] mode. 484s [p11_child[3277]] [main] (0x2000): Running with effective IDs: [0][0]. 484s [p11_child[3277]] [main] (0x2000): Running with real IDs [0][0]. 484s [p11_child[3277]] [do_card] (0x4000): Module List: 484s [p11_child[3277]] [do_card] (0x4000): common name: [softhsm2]. 484s [p11_child[3277]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3277]] [do_card] (0x4000): Description [SoftHSM slot ID 0x534b8175] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 484s [p11_child[3277]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 484s [p11_child[3277]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x534b8175][1397457269] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3277]] [do_card] (0x4000): Login NOT required. 484s [p11_child[3277]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 484s [p11_child[3277]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 484s [p11_child[3277]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 484s [p11_child[3277]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x534b8175;slot-manufacturer=SoftHSM%20project;slot-id=1397457269;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ce003ac2d34b8175;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 484s [p11_child[3277]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 484s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-14324.output 484s + echo '-----BEGIN CERTIFICATE-----' 484s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-14324.output 484s + echo '-----END CERTIFICATE-----' 484s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-14324.pem 484s Certificate: 484s Data: 484s Version: 3 (0x2) 484s Serial Number: 4 (0x4) 484s Signature Algorithm: sha256WithRSAEncryption 484s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 484s Validity 484s Not Before: Mar 16 15:26:55 2024 GMT 484s Not After : Mar 16 15:26:55 2025 GMT 484s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 484s Subject Public Key Info: 484s Public Key Algorithm: rsaEncryption 484s Public-Key: (1024 bit) 484s Modulus: 484s 00:cb:df:c8:5a:77:11:2a:d5:f5:82:3e:ba:b4:29: 484s 2b:1e:bb:03:2e:b2:73:45:19:11:e9:54:e6:02:a9: 484s dd:c4:ef:94:45:fd:b0:f0:b7:29:d8:77:a0:b3:5d: 484s 77:93:e2:bc:8e:23:38:a6:1e:c9:5e:ea:a8:c7:7f: 484s 79:fe:6f:ae:5c:50:a9:ba:4c:7c:34:53:a2:da:c7: 484s 29:97:1b:06:7a:25:53:a6:e0:a7:65:1e:c8:f1:60: 484s f2:f1:8b:54:a4:b2:64:4d:6b:ef:27:66:d6:91:1d: 484s ff:9e:8f:01:d4:98:df:13:e2:19:5c:c7:e3:46:37: 484s 0b:a1:4b:99:69:f6:b1:3d:73 484s Exponent: 65537 (0x10001) 484s X509v3 extensions: 484s X509v3 Authority Key Identifier: 484s E4:C1:7F:14:15:48:D9:2C:35:FE:BA:A8:3B:C7:16:9D:AD:34:9A:65 484s X509v3 Basic Constraints: 484s CA:FALSE 484s Netscape Cert Type: 484s SSL Client, S/MIME 484s Netscape Comment: 484s Test Organization Intermediate CA trusted Certificate 484s X509v3 Subject Key Identifier: 484s 2A:8A:41:49:63:95:BA:8C:D7:7D:F4:7B:63:A4:43:9A:48:34:56:9A 484s X509v3 Key Usage: critical 484s Digital Signature, Non Repudiation, Key Encipherment 484s X509v3 Extended Key Usage: 484s TLS Web Client Authentication, E-mail Protection 484s X509v3 Subject Alternative Name: 484s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 484s Signature Algorithm: sha256WithRSAEncryption 484s Signature Value: 484s 96:64:29:f7:07:e9:fc:19:e6:20:1e:75:c2:f6:54:54:b5:e1: 484s fb:09:a4:3f:f4:a4:a9:35:34:13:fc:58:65:56:59:d7:10:86: 484s ad:2c:fd:a5:13:f1:29:fe:52:e6:47:2f:1e:72:85:ae:f1:c5: 484s 3f:35:02:87:57:7d:65:18:95:c2:a6:4c:43:a5:34:0d:d1:43: 484s 9b:33:ce:1d:e5:12:71:f6:4e:ab:2a:3b:b1:8b:28:36:05:d0: 484s 59:52:59:ca:49:29:c5:48:f6:cd:a0:2d:75:bf:93:7b:87:67: 484s da:77:c0:b0:b7:1e:7b:78:bf:6c:40:e9:86:2c:11:34:01:1c: 484s 8c:0a 484s + local found_md5 expected_md5 484s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s + expected_md5=Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 484s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-14324.pem 484s + found_md5=Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 484s + '[' Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 '!=' Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 ']' 484s + output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-14324-auth.output 484s ++ basename /tmp/sssd-softhsm2-48L3mX/SSSD-child-14324-auth.output .output 484s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-14324-auth.pem 484s + echo -n 053350 484s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Interme Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 484s [p11_child[3285]] [main] (0x0400): p11_child started. 484s [p11_child[3285]] [main] (0x2000): Running in [auth] mode. 484s [p11_child[3285]] [main] (0x2000): Running with effective IDs: [0][0]. 484s [p11_child[3285]] [main] (0x2000): Running with real IDs [0][0]. 484s [p11_child[3285]] [do_card] (0x4000): Module List: 484s [p11_child[3285]] [do_card] (0x4000): common name: [softhsm2]. 484s [p11_child[3285]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3285]] [do_card] (0x4000): Description [SoftHSM slot ID 0x534b8175] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 484s [p11_child[3285]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 484s [p11_child[3285]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x534b8175][1397457269] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3285]] [do_card] (0x4000): Login required. 484s [p11_child[3285]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 484s [p11_child[3285]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 484s [p11_child[3285]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 484s [p11_child[3285]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x534b8175;slot-manufacturer=SoftHSM%20project;slot-id=1397457269;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ce003ac2d34b8175;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 484s [p11_child[3285]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 484s [p11_child[3285]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 484s [p11_child[3285]] [do_card] (0x4000): Certificate verified and validated. 484s [p11_child[3285]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 484s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-14324-auth.output 484s + echo '-----BEGIN CERTIFICATE-----' 484s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-14324-auth.output 484s + echo '-----END CERTIFICATE-----' 484s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-14324-auth.pem 484s Certificate: 484s Data: 484s Version: 3 (0x2) 484s Serial Number: 4 (0x4) 484s Signature Algorithm: sha256WithRSAEncryption 484s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 484s Validity 484s Not Before: Mar 16 15:26:55 2024 GMT 484s Not After : Mar 16 15:26:55 2025 GMT 484s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 484s Subject Public Key Info: 484s Public Key Algorithm: rsaEncryption 484s Public-Key: (1024 bit) 484s Modulus: 484s 00:cb:df:c8:5a:77:11:2a:d5:f5:82:3e:ba:b4:29: 484s 2b:1e:bb:03:2e:b2:73:45:19:11:e9:54:e6:02:a9: 484s dd:c4:ef:94:45:fd:b0:f0:b7:29:d8:77:a0:b3:5d: 484s 77:93:e2:bc:8e:23:38:a6:1e:c9:5e:ea:a8:c7:7f: 484s 79:fe:6f:ae:5c:50:a9:ba:4c:7c:34:53:a2:da:c7: 484s 29:97:1b:06:7a:25:53:a6:e0:a7:65:1e:c8:f1:60: 484s f2:f1:8b:54:a4:b2:64:4d:6b:ef:27:66:d6:91:1d: 484s ff:9e:8f:01:d4:98:df:13:e2:19:5c:c7:e3:46:37: 484s 0b:a1:4b:99:69:f6:b1:3d:73 484s Exponent: 65537 (0x10001) 484s X509v3 extensions: 484s X509v3 Authority Key Identifier: 484s E4:C1:7F:14:15:48:D9:2C:35:FE:BA:A8:3B:C7:16:9D:AD:34:9A:65 484s X509v3 Basic Constraints: 484s CA:FALSE 484s Netscape Cert Type: 484s SSL Client, S/MIME 484s Netscape Comment: 484s Test Organization Intermediate CA trusted Certificate 484s X509v3 Subject Key Identifier: 484s 2A:8A:41:49:63:95:BA:8C:D7:7D:F4:7B:63:A4:43:9A:48:34:56:9A 484s X509v3 Key Usage: critical 484s Digital Signature, Non Repudiation, Key Encipherment 484s X509v3 Extended Key Usage: 484s TLS Web Client Authentication, E-mail Protection 484s X509v3 Subject Alternative Name: 484s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 484s Signature Algorithm: sha256WithRSAEncryption 484s Signature Value: 484s 96:64:29:f7:07:e9:fc:19:e6:20:1e:75:c2:f6:54:54:b5:e1: 484s fb:09:a4:3f:f4:a4:a9:35:34:13:fc:58:65:56:59:d7:10:86: 484s ad:2c:fd:a5:13:f1:29:fe:52:e6:47:2f:1e:72:85:ae:f1:c5: 484s 3f:35:02:87:57:7d:65:18:95:c2:a6:4c:43:a5:34:0d:d1:43: 484s 9b:33:ce:1d:e5:12:71:f6:4e:ab:2a:3b:b1:8b:28:36:05:d0: 484s 59:52:59:ca:49:29:c5:48:f6:cd:a0:2d:75:bf:93:7b:87:67: 484s da:77:c0:b0:b7:1e:7b:78:bf:6c:40:e9:86:2c:11:34:01:1c: 484s 8c:0a 484s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-14324-auth.pem 484s + found_md5=Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 484s + '[' Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 '!=' Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 ']' 484s + valid_certificate /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem partial_chain 484s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem partial_chain 484s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 484s + local verify_option=partial_chain 484s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local key_cn 484s + local key_name 484s + local tokens_dir 484s + local output_cert_file 484s + token_name= 484s ++ basename /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem .pem 484s + key_name=test-intermediate-CA-trusted-certificate-0001 484s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s ++ sed -n 's/ *commonName *= //p' 484s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 484s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 484s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 484s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 484s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 484s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001 484s + token_name='Test Organization Interme Token' 484s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 484s Test Organization Interme Token 484s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 484s + echo 'Test Organization Interme Token' 484s + '[' -n partial_chain ']' 484s + local verify_arg=--verify=partial_chain 484s + local output_base_name=SSSD-child-32152 484s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-32152.output 484s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-32152.pem 484s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 484s [p11_child[3295]] [main] (0x0400): p11_child started. 484s [p11_child[3295]] [main] (0x2000): Running in [pre-auth] mode. 484s [p11_child[3295]] [main] (0x2000): Running with effective IDs: [0][0]. 484s [p11_child[3295]] [main] (0x2000): Running with real IDs [0][0]. 484s [p11_child[3295]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 484s [p11_child[3295]] [do_card] (0x4000): Module List: 484s [p11_child[3295]] [do_card] (0x4000): common name: [softhsm2]. 484s [p11_child[3295]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3295]] [do_card] (0x4000): Description [SoftHSM slot ID 0x534b8175] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 484s [p11_child[3295]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 484s [p11_child[3295]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x534b8175][1397457269] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3295]] [do_card] (0x4000): Login NOT required. 484s [p11_child[3295]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 484s [p11_child[3295]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 484s [p11_child[3295]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 484s [p11_child[3295]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x534b8175;slot-manufacturer=SoftHSM%20project;slot-id=1397457269;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ce003ac2d34b8175;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 484s [p11_child[3295]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 484s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-32152.output 484s + echo '-----BEGIN CERTIFICATE-----' 484s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-32152.output 484s + echo '-----END CERTIFICATE-----' 484s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-32152.pem 484s Certificate: 484s Data: 484s Version: 3 (0x2) 484s Serial Number: 4 (0x4) 484s Signature Algorithm: sha256WithRSAEncryption 484s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 484s Validity 484s Not Before: Mar 16 15:26:55 2024 GMT 484s Not After : Mar 16 15:26:55 2025 GMT 484s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 484s Subject Public Key Info: 484s Public Key Algorithm: rsaEncryption 484s Public-Key: (1024 bit) 484s Modulus: 484s 00:cb:df:c8:5a:77:11:2a:d5:f5:82:3e:ba:b4:29: 484s 2b:1e:bb:03:2e:b2:73:45:19:11:e9:54:e6:02:a9: 484s dd:c4:ef:94:45:fd:b0:f0:b7:29:d8:77:a0:b3:5d: 484s 77:93:e2:bc:8e:23:38:a6:1e:c9:5e:ea:a8:c7:7f: 484s 79:fe:6f:ae:5c:50:a9:ba:4c:7c:34:53:a2:da:c7: 484s 29:97:1b:06:7a:25:53:a6:e0:a7:65:1e:c8:f1:60: 484s f2:f1:8b:54:a4:b2:64:4d:6b:ef:27:66:d6:91:1d: 484s ff:9e:8f:01:d4:98:df:13:e2:19:5c:c7:e3:46:37: 484s 0b:a1:4b:99:69:f6:b1:3d:73 484s Exponent: 65537 (0x10001) 484s X509v3 extensions: 484s X509v3 Authority Key Identifier: 484s E4:C1:7F:14:15:48:D9:2C:35:FE:BA:A8:3B:C7:16:9D:AD:34:9A:65 484s X509v3 Basic Constraints: 484s CA:FALSE 484s Netscape Cert Type: 484s SSL Client, S/MIME 484s Netscape Comment: 484s Test Organization Intermediate CA trusted Certificate 484s X509v3 Subject Key Identifier: 484s 2A:8A:41:49:63:95:BA:8C:D7:7D:F4:7B:63:A4:43:9A:48:34:56:9A 484s X509v3 Key Usage: critical 484s Digital Signature, Non Repudiation, Key Encipherment 484s X509v3 Extended Key Usage: 484s TLS Web Client Authentication, E-mail Protection 484s X509v3 Subject Alternative Name: 484s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 484s Signature Algorithm: sha256WithRSAEncryption 484s Signature Value: 484s 96:64:29:f7:07:e9:fc:19:e6:20:1e:75:c2:f6:54:54:b5:e1: 484s fb:09:a4:3f:f4:a4:a9:35:34:13:fc:58:65:56:59:d7:10:86: 484s ad:2c:fd:a5:13:f1:29:fe:52:e6:47:2f:1e:72:85:ae:f1:c5: 484s 3f:35:02:87:57:7d:65:18:95:c2:a6:4c:43:a5:34:0d:d1:43: 484s 9b:33:ce:1d:e5:12:71:f6:4e:ab:2a:3b:b1:8b:28:36:05:d0: 484s 59:52:59:ca:49:29:c5:48:f6:cd:a0:2d:75:bf:93:7b:87:67: 484s da:77:c0:b0:b7:1e:7b:78:bf:6c:40:e9:86:2c:11:34:01:1c: 484s 8c:0a 484s + local found_md5 expected_md5 484s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s + expected_md5=Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 484s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-32152.pem 484s + found_md5=Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 484s + '[' Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 '!=' Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 ']' 484s + output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-32152-auth.output 484s ++ basename /tmp/sssd-softhsm2-48L3mX/SSSD-child-32152-auth.output .output 484s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-32152-auth.pem 484s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 484s + echo -n 053350 484s [p11_child[3303]] [main] (0x0400): p11_child started. 484s [p11_child[3303]] [main] (0x2000): Running in [auth] mode. 484s [p11_child[3303]] [main] (0x2000): Running with effective IDs: [0][0]. 484s [p11_child[3303]] [main] (0x2000): Running with real IDs [0][0]. 484s [p11_child[3303]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 484s [p11_child[3303]] [do_card] (0x4000): Module List: 484s [p11_child[3303]] [do_card] (0x4000): common name: [softhsm2]. 484s [p11_child[3303]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3303]] [do_card] (0x4000): Description [SoftHSM slot ID 0x534b8175] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 484s [p11_child[3303]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 484s [p11_child[3303]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x534b8175][1397457269] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3303]] [do_card] (0x4000): Login required. 484s [p11_child[3303]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 484s [p11_child[3303]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 484s [p11_child[3303]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 484s [p11_child[3303]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x534b8175;slot-manufacturer=SoftHSM%20project;slot-id=1397457269;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ce003ac2d34b8175;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 484s [p11_child[3303]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 484s [p11_child[3303]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 484s [p11_child[3303]] [do_card] (0x4000): Certificate verified and validated. 484s [p11_child[3303]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 484s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-32152-auth.output 484s + echo '-----BEGIN CERTIFICATE-----' 484s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-32152-auth.output 484s + echo '-----END CERTIFICATE-----' 484s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-32152-auth.pem 484s Certificate: 484s Data: 484s Version: 3 (0x2) 484s Serial Number: 4 (0x4) 484s Signature Algorithm: sha256WithRSAEncryption 484s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 484s Validity 484s Not Before: Mar 16 15:26:55 2024 GMT 484s Not After : Mar 16 15:26:55 2025 GMT 484s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 484s Subject Public Key Info: 484s Public Key Algorithm: rsaEncryption 484s Public-Key: (1024 bit) 484s Modulus: 484s 00:cb:df:c8:5a:77:11:2a:d5:f5:82:3e:ba:b4:29: 484s 2b:1e:bb:03:2e:b2:73:45:19:11:e9:54:e6:02:a9: 484s dd:c4:ef:94:45:fd:b0:f0:b7:29:d8:77:a0:b3:5d: 484s 77:93:e2:bc:8e:23:38:a6:1e:c9:5e:ea:a8:c7:7f: 484s 79:fe:6f:ae:5c:50:a9:ba:4c:7c:34:53:a2:da:c7: 484s 29:97:1b:06:7a:25:53:a6:e0:a7:65:1e:c8:f1:60: 484s f2:f1:8b:54:a4:b2:64:4d:6b:ef:27:66:d6:91:1d: 484s ff:9e:8f:01:d4:98:df:13:e2:19:5c:c7:e3:46:37: 484s 0b:a1:4b:99:69:f6:b1:3d:73 484s Exponent: 65537 (0x10001) 484s X509v3 extensions: 484s X509v3 Authority Key Identifier: 484s E4:C1:7F:14:15:48:D9:2C:35:FE:BA:A8:3B:C7:16:9D:AD:34:9A:65 484s X509v3 Basic Constraints: 484s CA:FALSE 484s Netscape Cert Type: 484s SSL Client, S/MIME 484s Netscape Comment: 484s Test Organization Intermediate CA trusted Certificate 484s X509v3 Subject Key Identifier: 484s 2A:8A:41:49:63:95:BA:8C:D7:7D:F4:7B:63:A4:43:9A:48:34:56:9A 484s X509v3 Key Usage: critical 484s Digital Signature, Non Repudiation, Key Encipherment 484s X509v3 Extended Key Usage: 484s TLS Web Client Authentication, E-mail Protection 484s X509v3 Subject Alternative Name: 484s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 484s Signature Algorithm: sha256WithRSAEncryption 484s Signature Value: 484s 96:64:29:f7:07:e9:fc:19:e6:20:1e:75:c2:f6:54:54:b5:e1: 484s fb:09:a4:3f:f4:a4:a9:35:34:13:fc:58:65:56:59:d7:10:86: 484s ad:2c:fd:a5:13:f1:29:fe:52:e6:47:2f:1e:72:85:ae:f1:c5: 484s 3f:35:02:87:57:7d:65:18:95:c2:a6:4c:43:a5:34:0d:d1:43: 484s 9b:33:ce:1d:e5:12:71:f6:4e:ab:2a:3b:b1:8b:28:36:05:d0: 484s 59:52:59:ca:49:29:c5:48:f6:cd:a0:2d:75:bf:93:7b:87:67: 484s da:77:c0:b0:b7:1e:7b:78:bf:6c:40:e9:86:2c:11:34:01:1c: 484s 8c:0a 484s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-32152-auth.pem 484s + found_md5=Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 484s + '[' Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 '!=' Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 ']' 484s + invalid_certificate /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem 484s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem 484s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem 484s + local verify_option= 484s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local key_cn 484s + local key_name 484s + local tokens_dir 484s + local output_cert_file 484s + token_name= 484s ++ basename /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem .pem 484s + key_name=test-intermediate-CA-trusted-certificate-0001 484s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s ++ sed -n 's/ *commonName *= //p' 484s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 484s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 484s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 484s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 484s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 484s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001 484s + token_name='Test Organization Interme Token' 484s Test Organization Interme Token 484s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 484s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 484s + echo 'Test Organization Interme Token' 484s + '[' -n '' ']' 484s + local output_base_name=SSSD-child-10918 484s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-10918.output 484s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-10918.pem 484s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem 484s [p11_child[3313]] [main] (0x0400): p11_child started. 484s [p11_child[3313]] [main] (0x2000): Running in [pre-auth] mode. 484s [p11_child[3313]] [main] (0x2000): Running with effective IDs: [0][0]. 484s [p11_child[3313]] [main] (0x2000): Running with real IDs [0][0]. 484s [p11_child[3313]] [do_card] (0x4000): Module List: 484s [p11_child[3313]] [do_card] (0x4000): common name: [softhsm2]. 484s [p11_child[3313]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3313]] [do_card] (0x4000): Description [SoftHSM slot ID 0x534b8175] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 484s [p11_child[3313]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 484s [p11_child[3313]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x534b8175][1397457269] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3313]] [do_card] (0x4000): Login NOT required. 484s [p11_child[3313]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 484s [p11_child[3313]] [do_verification] (0x0040): X509_verify_cert failed [0]. 484s [p11_child[3313]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 484s [p11_child[3313]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 484s [p11_child[3313]] [do_card] (0x4000): No certificate found. 484s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-10918.output 484s + return 2 484s + valid_certificate /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem partial_chain 484s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem partial_chain 484s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem 484s + local verify_option=partial_chain 484s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27618 484s + local key_cn 484s + local key_name 484s + local tokens_dir 484s + local output_cert_file 484s + token_name= 484s ++ basename /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem .pem 484s + key_name=test-intermediate-CA-trusted-certificate-0001 484s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s ++ sed -n 's/ *commonName *= //p' 484s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 484s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 484s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 484s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 484s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 484s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001 484s Test Organization Interme Token 484s + token_name='Test Organization Interme Token' 484s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 484s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 484s + echo 'Test Organization Interme Token' 484s + '[' -n partial_chain ']' 484s + local verify_arg=--verify=partial_chain 484s + local output_base_name=SSSD-child-28562 484s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-28562.output 484s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-28562.pem 484s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem 484s [p11_child[3320]] [main] (0x0400): p11_child started. 484s [p11_child[3320]] [main] (0x2000): Running in [pre-auth] mode. 484s [p11_child[3320]] [main] (0x2000): Running with effective IDs: [0][0]. 484s [p11_child[3320]] [main] (0x2000): Running with real IDs [0][0]. 484s [p11_child[3320]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 484s [p11_child[3320]] [do_card] (0x4000): Module List: 484s [p11_child[3320]] [do_card] (0x4000): common name: [softhsm2]. 484s [p11_child[3320]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3320]] [do_card] (0x4000): Description [SoftHSM slot ID 0x534b8175] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 484s [p11_child[3320]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 484s [p11_child[3320]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x534b8175][1397457269] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3320]] [do_card] (0x4000): Login NOT required. 484s [p11_child[3320]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 484s [p11_child[3320]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 484s [p11_child[3320]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 484s [p11_child[3320]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x534b8175;slot-manufacturer=SoftHSM%20project;slot-id=1397457269;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ce003ac2d34b8175;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 484s [p11_child[3320]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 484s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-28562.output 484s + echo '-----BEGIN CERTIFICATE-----' 484s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-28562.output 484s + echo '-----END CERTIFICATE-----' 484s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-28562.pem 484s Certificate: 484s Data: 484s Version: 3 (0x2) 484s Serial Number: 4 (0x4) 484s Signature Algorithm: sha256WithRSAEncryption 484s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 484s Validity 484s Not Before: Mar 16 15:26:55 2024 GMT 484s Not After : Mar 16 15:26:55 2025 GMT 484s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 484s Subject Public Key Info: 484s Public Key Algorithm: rsaEncryption 484s Public-Key: (1024 bit) 484s Modulus: 484s 00:cb:df:c8:5a:77:11:2a:d5:f5:82:3e:ba:b4:29: 484s 2b:1e:bb:03:2e:b2:73:45:19:11:e9:54:e6:02:a9: 484s dd:c4:ef:94:45:fd:b0:f0:b7:29:d8:77:a0:b3:5d: 484s 77:93:e2:bc:8e:23:38:a6:1e:c9:5e:ea:a8:c7:7f: 484s 79:fe:6f:ae:5c:50:a9:ba:4c:7c:34:53:a2:da:c7: 484s 29:97:1b:06:7a:25:53:a6:e0:a7:65:1e:c8:f1:60: 484s f2:f1:8b:54:a4:b2:64:4d:6b:ef:27:66:d6:91:1d: 484s ff:9e:8f:01:d4:98:df:13:e2:19:5c:c7:e3:46:37: 484s 0b:a1:4b:99:69:f6:b1:3d:73 484s Exponent: 65537 (0x10001) 484s X509v3 extensions: 484s X509v3 Authority Key Identifier: 484s E4:C1:7F:14:15:48:D9:2C:35:FE:BA:A8:3B:C7:16:9D:AD:34:9A:65 484s X509v3 Basic Constraints: 484s CA:FALSE 484s Netscape Cert Type: 484s SSL Client, S/MIME 484s Netscape Comment: 484s Test Organization Intermediate CA trusted Certificate 484s X509v3 Subject Key Identifier: 484s 2A:8A:41:49:63:95:BA:8C:D7:7D:F4:7B:63:A4:43:9A:48:34:56:9A 484s X509v3 Key Usage: critical 484s Digital Signature, Non Repudiation, Key Encipherment 484s X509v3 Extended Key Usage: 484s TLS Web Client Authentication, E-mail Protection 484s X509v3 Subject Alternative Name: 484s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 484s Signature Algorithm: sha256WithRSAEncryption 484s Signature Value: 484s 96:64:29:f7:07:e9:fc:19:e6:20:1e:75:c2:f6:54:54:b5:e1: 484s fb:09:a4:3f:f4:a4:a9:35:34:13:fc:58:65:56:59:d7:10:86: 484s ad:2c:fd:a5:13:f1:29:fe:52:e6:47:2f:1e:72:85:ae:f1:c5: 484s 3f:35:02:87:57:7d:65:18:95:c2:a6:4c:43:a5:34:0d:d1:43: 484s 9b:33:ce:1d:e5:12:71:f6:4e:ab:2a:3b:b1:8b:28:36:05:d0: 484s 59:52:59:ca:49:29:c5:48:f6:cd:a0:2d:75:bf:93:7b:87:67: 484s da:77:c0:b0:b7:1e:7b:78:bf:6c:40:e9:86:2c:11:34:01:1c: 484s 8c:0a 484s + local found_md5 expected_md5 484s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/test-intermediate-CA-trusted-certificate-0001.pem 484s + expected_md5=Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 484s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-28562.pem 484s + found_md5=Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 484s + '[' Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 '!=' Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 ']' 484s + output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-28562-auth.output 484s ++ basename /tmp/sssd-softhsm2-48L3mX/SSSD-child-28562-auth.output .output 484s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-28562-auth.pem 484s + echo -n 053350 484s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-48L3mX/test-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 484s [p11_child[3328]] [main] (0x0400): p11_child started. 484s [p11_child[3328]] [main] (0x2000): Running in [auth] mode. 484s [p11_child[3328]] [main] (0x2000): Running with effective IDs: [0][0]. 484s [p11_child[3328]] [main] (0x2000): Running with real IDs [0][0]. 484s [p11_child[3328]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 484s [p11_child[3328]] [do_card] (0x4000): Module List: 484s [p11_child[3328]] [do_card] (0x4000): common name: [softhsm2]. 484s [p11_child[3328]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3328]] [do_card] (0x4000): Description [SoftHSM slot ID 0x534b8175] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 484s [p11_child[3328]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 484s [p11_child[3328]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x534b8175][1397457269] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 484s [p11_child[3328]] [do_card] (0x4000): Login required. 484s [p11_child[3328]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 484s [p11_child[3328]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 484s [p11_child[3328]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 484s [p11_child[3328]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x534b8175;slot-manufacturer=SoftHSM%20project;slot-id=1397457269;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ce003ac2d34b8175;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 484s [p11_child[3328]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 484s [p11_child[3328]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 484s [p11_child[3328]] [do_card] (0x4000): Certificate verified and validated. 484s [p11_child[3328]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 484s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-28562-auth.output 484s + echo '-----BEGIN CERTIFICATE-----' 484s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-28562-auth.output 484s + echo '-----END CERTIFICATE-----' 484s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-28562-auth.pem 484s Certificate: 484s Data: 484s Version: 3 (0x2) 484s Serial Number: 4 (0x4) 484s Signature Algorithm: sha256WithRSAEncryption 484s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 484s Validity 484s Not Before: Mar 16 15:26:55 2024 GMT 484s Not After : Mar 16 15:26:55 2025 GMT 484s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 484s Subject Public Key Info: 484s Public Key Algorithm: rsaEncryption 484s Public-Key: (1024 bit) 484s Modulus: 484s 00:cb:df:c8:5a:77:11:2a:d5:f5:82:3e:ba:b4:29: 484s 2b:1e:bb:03:2e:b2:73:45:19:11:e9:54:e6:02:a9: 484s dd:c4:ef:94:45:fd:b0:f0:b7:29:d8:77:a0:b3:5d: 484s 77:93:e2:bc:8e:23:38:a6:1e:c9:5e:ea:a8:c7:7f: 484s 79:fe:6f:ae:5c:50:a9:ba:4c:7c:34:53:a2:da:c7: 484s 29:97:1b:06:7a:25:53:a6:e0:a7:65:1e:c8:f1:60: 484s f2:f1:8b:54:a4:b2:64:4d:6b:ef:27:66:d6:91:1d: 484s ff:9e:8f:01:d4:98:df:13:e2:19:5c:c7:e3:46:37: 484s 0b:a1:4b:99:69:f6:b1:3d:73 484s Exponent: 65537 (0x10001) 484s X509v3 extensions: 484s X509v3 Authority Key Identifier: 484s E4:C1:7F:14:15:48:D9:2C:35:FE:BA:A8:3B:C7:16:9D:AD:34:9A:65 484s X509v3 Basic Constraints: 484s CA:FALSE 484s Netscape Cert Type: 484s SSL Client, S/MIME 484s Netscape Comment: 484s Test Organization Intermediate CA trusted Certificate 484s X509v3 Subject Key Identifier: 484s 2A:8A:41:49:63:95:BA:8C:D7:7D:F4:7B:63:A4:43:9A:48:34:56:9A 484s X509v3 Key Usage: critical 484s Digital Signature, Non Repudiation, Key Encipherment 484s X509v3 Extended Key Usage: 484s TLS Web Client Authentication, E-mail Protection 484s X509v3 Subject Alternative Name: 484s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 484s Signature Algorithm: sha256WithRSAEncryption 484s Signature Value: 484s 96:64:29:f7:07:e9:fc:19:e6:20:1e:75:c2:f6:54:54:b5:e1: 484s fb:09:a4:3f:f4:a4:a9:35:34:13:fc:58:65:56:59:d7:10:86: 484s ad:2c:fd:a5:13:f1:29:fe:52:e6:47:2f:1e:72:85:ae:f1:c5: 484s 3f:35:02:87:57:7d:65:18:95:c2:a6:4c:43:a5:34:0d:d1:43: 484s 9b:33:ce:1d:e5:12:71:f6:4e:ab:2a:3b:b1:8b:28:36:05:d0: 484s 59:52:59:ca:49:29:c5:48:f6:cd:a0:2d:75:bf:93:7b:87:67: 484s da:77:c0:b0:b7:1e:7b:78:bf:6c:40:e9:86:2c:11:34:01:1c: 484s 8c:0a 484s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-28562-auth.pem 484s + found_md5=Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 484s + '[' Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 '!=' Modulus=CBDFC85A77112AD5F5823EBAB4292B1EBB032EB273451911E954E602A9DDC4EF9445FDB0F0B729D877A0B35D7793E2BC8E2338A61EC95EEAA8C77F79FE6FAE5C50A9BA4C7C3453A2DAC729971B067A2553A6E0A7651EC8F160F2F18B54A4B2644D6BEF2766D6911DFF9E8F01D498DF13E2195CC7E346370BA14B9969F6B13D73 ']' 484s + invalid_certificate /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 484s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 484s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 484s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6004 484s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 484s + local verify_option= 484s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 484s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 484s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6004 484s + local key_cn 484s + local key_name 484s + local tokens_dir 484s + local output_cert_file 484s + token_name= 484s ++ basename /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 484s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 484s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 484s ++ sed -n 's/ *commonName *= //p' 485s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 485s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 485s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 485s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 485s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 485s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 485s + token_name='Test Organization Sub Int Token' 485s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 485s + local key_file 485s + local decrypted_key 485s + mkdir -p /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 485s + key_file=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 485s + decrypted_key=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 485s + cat 485s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 053350 --so-pin 053350 --free 485s Slot 0 has a free/uninitialized token. 485s The token has been initialized and is reassigned to slot 1385520195 485s + softhsm2-util --show-slots 485s Available slots: 485s Slot 1385520195 485s Slot info: 485s Description: SoftHSM slot ID 0x52955c43 485s Manufacturer ID: SoftHSM project 485s Hardware version: 2.6 485s Firmware version: 2.6 485s Token present: yes 485s Token info: 485s Manufacturer ID: SoftHSM project 485s Model: SoftHSM v2 485s Hardware version: 2.6 485s Firmware version: 2.6 485s Serial number: fd5ad97b52955c43 485s Initialized: yes 485s User PIN init.: yes 485s Label: Test Organization Sub Int Token 485s Slot 1 485s Slot info: 485s Description: SoftHSM slot ID 0x1 485s Manufacturer ID: SoftHSM project 485s Hardware version: 2.6 485s Firmware version: 2.6 485s Token present: yes 485s Token info: 485s Manufacturer ID: SoftHSM project 485s Model: SoftHSM v2 485s Hardware version: 2.6 485s Firmware version: 2.6 485s Serial number: 485s Initialized: no 485s User PIN init.: no 485s Label: 485s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 485s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-6004 -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 485s writing RSA key 485s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 485s + rm /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 485s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 485s Object 0: 485s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fd5ad97b52955c43;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 485s Type: X.509 Certificate (RSA-1024) 485s Expires: Sun Mar 16 15:26:55 2025 485s Label: Test Organization Sub Intermediate Trusted Certificate 0001 485s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 485s 485s Test Organization Sub Int Token 485s + echo 'Test Organization Sub Int Token' 485s + '[' -n '' ']' 485s + local output_base_name=SSSD-child-15093 485s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-15093.output 485s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-15093.pem 485s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 485s [p11_child[3347]] [main] (0x0400): p11_child started. 485s [p11_child[3347]] [main] (0x2000): Running in [pre-auth] mode. 485s [p11_child[3347]] [main] (0x2000): Running with effective IDs: [0][0]. 485s [p11_child[3347]] [main] (0x2000): Running with real IDs [0][0]. 485s [p11_child[3347]] [do_card] (0x4000): Module List: 485s [p11_child[3347]] [do_card] (0x4000): common name: [softhsm2]. 485s [p11_child[3347]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3347]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52955c43] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 485s [p11_child[3347]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 485s [p11_child[3347]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x52955c43][1385520195] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3347]] [do_card] (0x4000): Login NOT required. 485s [p11_child[3347]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 485s [p11_child[3347]] [do_verification] (0x0040): X509_verify_cert failed [0]. 485s [p11_child[3347]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 485s [p11_child[3347]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 485s [p11_child[3347]] [do_card] (0x4000): No certificate found. 485s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-15093.output 485s + return 2 485s + invalid_certificate /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem partial_chain 485s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 /tmp/sssd-softhsm2-48L3mX/test-root-CA.pem partial_chain 485s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 485s + local verify_option=partial_chain 485s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local key_cn 485s + local key_name 485s + local tokens_dir 485s + local output_cert_file 485s + token_name= 485s ++ basename /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 485s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 485s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s ++ sed -n 's/ *commonName *= //p' 485s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 485s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 485s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 485s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 485s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 485s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 485s + token_name='Test Organization Sub Int Token' 485s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 485s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 485s Test Organization Sub Int Token 485s + echo 'Test Organization Sub Int Token' 485s + '[' -n partial_chain ']' 485s + local verify_arg=--verify=partial_chain 485s + local output_base_name=SSSD-child-5024 485s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-5024.output 485s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-5024.pem 485s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-48L3mX/test-root-CA.pem 485s [p11_child[3354]] [main] (0x0400): p11_child started. 485s [p11_child[3354]] [main] (0x2000): Running in [pre-auth] mode. 485s [p11_child[3354]] [main] (0x2000): Running with effective IDs: [0][0]. 485s [p11_child[3354]] [main] (0x2000): Running with real IDs [0][0]. 485s [p11_child[3354]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 485s [p11_child[3354]] [do_card] (0x4000): Module List: 485s [p11_child[3354]] [do_card] (0x4000): common name: [softhsm2]. 485s [p11_child[3354]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3354]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52955c43] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 485s [p11_child[3354]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 485s [p11_child[3354]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x52955c43][1385520195] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3354]] [do_card] (0x4000): Login NOT required. 485s [p11_child[3354]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 485s [p11_child[3354]] [do_verification] (0x0040): X509_verify_cert failed [0]. 485s [p11_child[3354]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 485s [p11_child[3354]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 485s [p11_child[3354]] [do_card] (0x4000): No certificate found. 485s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-5024.output 485s + return 2 485s + valid_certificate /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 485s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 485s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 485s + local verify_option= 485s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local key_cn 485s + local key_name 485s + local tokens_dir 485s + local output_cert_file 485s + token_name= 485s ++ basename /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 485s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 485s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s ++ sed -n 's/ *commonName *= //p' 485s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 485s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 485s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 485s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 485s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 485s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 485s + token_name='Test Organization Sub Int Token' 485s Test Organization Sub Int Token 485s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 485s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 485s + echo 'Test Organization Sub Int Token' 485s + '[' -n '' ']' 485s + local output_base_name=SSSD-child-18306 485s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-18306.output 485s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-18306.pem 485s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 485s [p11_child[3361]] [main] (0x0400): p11_child started. 485s [p11_child[3361]] [main] (0x2000): Running in [pre-auth] mode. 485s [p11_child[3361]] [main] (0x2000): Running with effective IDs: [0][0]. 485s [p11_child[3361]] [main] (0x2000): Running with real IDs [0][0]. 485s [p11_child[3361]] [do_card] (0x4000): Module List: 485s [p11_child[3361]] [do_card] (0x4000): common name: [softhsm2]. 485s [p11_child[3361]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3361]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52955c43] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 485s [p11_child[3361]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 485s [p11_child[3361]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x52955c43][1385520195] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3361]] [do_card] (0x4000): Login NOT required. 485s [p11_child[3361]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 485s [p11_child[3361]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 485s [p11_child[3361]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 485s [p11_child[3361]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x52955c43;slot-manufacturer=SoftHSM%20project;slot-id=1385520195;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fd5ad97b52955c43;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 485s [p11_child[3361]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 485s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-18306.output 485s + echo '-----BEGIN CERTIFICATE-----' 485s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-18306.output 485s + echo '-----END CERTIFICATE-----' 485s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-18306.pem 485s Certificate: 485s Data: 485s Version: 3 (0x2) 485s Serial Number: 5 (0x5) 485s Signature Algorithm: sha256WithRSAEncryption 485s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 485s Validity 485s Not Before: Mar 16 15:26:55 2024 GMT 485s Not After : Mar 16 15:26:55 2025 GMT 485s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 485s Subject Public Key Info: 485s Public Key Algorithm: rsaEncryption 485s Public-Key: (1024 bit) 485s Modulus: 485s 00:d0:73:2e:69:10:1f:f1:cf:28:ba:a5:69:45:5d: 485s d8:91:25:bb:43:27:8b:cf:ff:1a:a5:b9:18:d3:bd: 485s d0:6d:42:43:e6:f5:ed:64:7c:a0:7b:5d:88:66:43: 485s 54:f3:d8:46:02:a2:a9:a7:b9:78:93:0d:e0:91:ba: 485s 7c:71:78:a7:65:12:75:98:a4:ab:ba:e0:84:70:79: 485s 84:5f:95:94:5d:96:99:6a:17:38:25:02:59:39:2f: 485s 99:3d:0e:87:4e:7c:3b:7c:ec:18:2e:11:fe:b7:0f: 485s 42:b2:d7:db:de:b0:67:11:26:2d:58:81:73:dc:82: 485s a9:58:46:4e:04:47:4f:ac:0d 485s Exponent: 65537 (0x10001) 485s X509v3 extensions: 485s X509v3 Authority Key Identifier: 485s E2:A2:28:C0:BA:E3:E3:0F:45:F3:A7:78:B4:F9:81:99:0A:CD:7A:6C 485s X509v3 Basic Constraints: 485s CA:FALSE 485s Netscape Cert Type: 485s SSL Client, S/MIME 485s Netscape Comment: 485s Test Organization Sub Intermediate CA trusted Certificate 485s X509v3 Subject Key Identifier: 485s 7A:A5:70:10:95:0C:F2:EB:C1:9D:7B:2F:FB:CC:15:D0:A7:C8:90:AA 485s X509v3 Key Usage: critical 485s Digital Signature, Non Repudiation, Key Encipherment 485s X509v3 Extended Key Usage: 485s TLS Web Client Authentication, E-mail Protection 485s X509v3 Subject Alternative Name: 485s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 485s Signature Algorithm: sha256WithRSAEncryption 485s Signature Value: 485s ac:8e:31:80:f8:ec:05:92:c4:ff:b9:77:17:4c:8c:dc:91:80: 485s 6b:de:b1:d0:06:4a:82:f7:f8:81:67:92:66:43:c8:96:60:ed: 485s d1:ea:77:31:19:d4:ea:81:ac:22:8f:af:61:0d:a5:ee:98:46: 485s 9d:a4:04:3b:ed:40:68:c3:ed:92:e3:23:38:d0:e3:fa:02:59: 485s 5e:48:c4:25:97:c7:f9:12:e0:53:f0:5a:9b:f6:76:2a:67:97: 485s 1d:56:ce:1f:43:76:ae:55:1e:ea:88:76:23:45:30:b9:8d:4c: 485s 67:f8:22:54:f5:f4:51:05:3b:2a:44:b3:8c:58:e9:5b:b5:39: 485s 68:ad 485s + local found_md5 expected_md5 485s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s + expected_md5=Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D 485s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-18306.pem 485s + found_md5=Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D 485s + '[' Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D '!=' Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D ']' 485s + output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-18306-auth.output 485s ++ basename /tmp/sssd-softhsm2-48L3mX/SSSD-child-18306-auth.output .output 485s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-18306-auth.pem 485s + echo -n 053350 485s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 485s [p11_child[3369]] [main] (0x0400): p11_child started. 485s [p11_child[3369]] [main] (0x2000): Running in [auth] mode. 485s [p11_child[3369]] [main] (0x2000): Running with effective IDs: [0][0]. 485s [p11_child[3369]] [main] (0x2000): Running with real IDs [0][0]. 485s [p11_child[3369]] [do_card] (0x4000): Module List: 485s [p11_child[3369]] [do_card] (0x4000): common name: [softhsm2]. 485s [p11_child[3369]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3369]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52955c43] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 485s [p11_child[3369]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 485s [p11_child[3369]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x52955c43][1385520195] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3369]] [do_card] (0x4000): Login required. 485s [p11_child[3369]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 485s [p11_child[3369]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 485s [p11_child[3369]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 485s [p11_child[3369]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x52955c43;slot-manufacturer=SoftHSM%20project;slot-id=1385520195;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fd5ad97b52955c43;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 485s [p11_child[3369]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 485s [p11_child[3369]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 485s [p11_child[3369]] [do_card] (0x4000): Certificate verified and validated. 485s [p11_child[3369]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 485s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-18306-auth.output 485s + echo '-----BEGIN CERTIFICATE-----' 485s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-18306-auth.output 485s + echo '-----END CERTIFICATE-----' 485s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-18306-auth.pem 485s Certificate: 485s Data: 485s Version: 3 (0x2) 485s Serial Number: 5 (0x5) 485s Signature Algorithm: sha256WithRSAEncryption 485s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 485s Validity 485s Not Before: Mar 16 15:26:55 2024 GMT 485s Not After : Mar 16 15:26:55 2025 GMT 485s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 485s Subject Public Key Info: 485s Public Key Algorithm: rsaEncryption 485s Public-Key: (1024 bit) 485s Modulus: 485s 00:d0:73:2e:69:10:1f:f1:cf:28:ba:a5:69:45:5d: 485s d8:91:25:bb:43:27:8b:cf:ff:1a:a5:b9:18:d3:bd: 485s d0:6d:42:43:e6:f5:ed:64:7c:a0:7b:5d:88:66:43: 485s 54:f3:d8:46:02:a2:a9:a7:b9:78:93:0d:e0:91:ba: 485s 7c:71:78:a7:65:12:75:98:a4:ab:ba:e0:84:70:79: 485s 84:5f:95:94:5d:96:99:6a:17:38:25:02:59:39:2f: 485s 99:3d:0e:87:4e:7c:3b:7c:ec:18:2e:11:fe:b7:0f: 485s 42:b2:d7:db:de:b0:67:11:26:2d:58:81:73:dc:82: 485s a9:58:46:4e:04:47:4f:ac:0d 485s Exponent: 65537 (0x10001) 485s X509v3 extensions: 485s X509v3 Authority Key Identifier: 485s E2:A2:28:C0:BA:E3:E3:0F:45:F3:A7:78:B4:F9:81:99:0A:CD:7A:6C 485s X509v3 Basic Constraints: 485s CA:FALSE 485s Netscape Cert Type: 485s SSL Client, S/MIME 485s Netscape Comment: 485s Test Organization Sub Intermediate CA trusted Certificate 485s X509v3 Subject Key Identifier: 485s 7A:A5:70:10:95:0C:F2:EB:C1:9D:7B:2F:FB:CC:15:D0:A7:C8:90:AA 485s X509v3 Key Usage: critical 485s Digital Signature, Non Repudiation, Key Encipherment 485s X509v3 Extended Key Usage: 485s TLS Web Client Authentication, E-mail Protection 485s X509v3 Subject Alternative Name: 485s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 485s Signature Algorithm: sha256WithRSAEncryption 485s Signature Value: 485s ac:8e:31:80:f8:ec:05:92:c4:ff:b9:77:17:4c:8c:dc:91:80: 485s 6b:de:b1:d0:06:4a:82:f7:f8:81:67:92:66:43:c8:96:60:ed: 485s d1:ea:77:31:19:d4:ea:81:ac:22:8f:af:61:0d:a5:ee:98:46: 485s 9d:a4:04:3b:ed:40:68:c3:ed:92:e3:23:38:d0:e3:fa:02:59: 485s 5e:48:c4:25:97:c7:f9:12:e0:53:f0:5a:9b:f6:76:2a:67:97: 485s 1d:56:ce:1f:43:76:ae:55:1e:ea:88:76:23:45:30:b9:8d:4c: 485s 67:f8:22:54:f5:f4:51:05:3b:2a:44:b3:8c:58:e9:5b:b5:39: 485s 68:ad 485s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-18306-auth.pem 485s + found_md5=Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D 485s + '[' Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D '!=' Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D ']' 485s + valid_certificate /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem partial_chain 485s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 /tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem partial_chain 485s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 485s + local verify_option=partial_chain 485s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local key_cn 485s + local key_name 485s + local tokens_dir 485s + local output_cert_file 485s + token_name= 485s ++ basename /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 485s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 485s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s ++ sed -n 's/ *commonName *= //p' 485s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 485s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 485s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 485s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 485s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 485s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 485s + token_name='Test Organization Sub Int Token' 485s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 485s Test Organization Sub Int Token 485s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 485s + echo 'Test Organization Sub Int Token' 485s + '[' -n partial_chain ']' 485s + local verify_arg=--verify=partial_chain 485s + local output_base_name=SSSD-child-17612 485s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-17612.output 485s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-17612.pem 485s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem 485s [p11_child[3379]] [main] (0x0400): p11_child started. 485s [p11_child[3379]] [main] (0x2000): Running in [pre-auth] mode. 485s [p11_child[3379]] [main] (0x2000): Running with effective IDs: [0][0]. 485s [p11_child[3379]] [main] (0x2000): Running with real IDs [0][0]. 485s [p11_child[3379]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 485s [p11_child[3379]] [do_card] (0x4000): Module List: 485s [p11_child[3379]] [do_card] (0x4000): common name: [softhsm2]. 485s [p11_child[3379]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3379]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52955c43] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 485s [p11_child[3379]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 485s [p11_child[3379]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x52955c43][1385520195] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3379]] [do_card] (0x4000): Login NOT required. 485s [p11_child[3379]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 485s [p11_child[3379]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 485s [p11_child[3379]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 485s [p11_child[3379]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x52955c43;slot-manufacturer=SoftHSM%20project;slot-id=1385520195;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fd5ad97b52955c43;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 485s [p11_child[3379]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 485s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-17612.output 485s + echo '-----BEGIN CERTIFICATE-----' 485s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-17612.output 485s + echo '-----END CERTIFICATE-----' 485s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-17612.pem 485s Certificate: 485s Data: 485s Version: 3 (0x2) 485s Serial Number: 5 (0x5) 485s Signature Algorithm: sha256WithRSAEncryption 485s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 485s Validity 485s Not Before: Mar 16 15:26:55 2024 GMT 485s Not After : Mar 16 15:26:55 2025 GMT 485s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 485s Subject Public Key Info: 485s Public Key Algorithm: rsaEncryption 485s Public-Key: (1024 bit) 485s Modulus: 485s 00:d0:73:2e:69:10:1f:f1:cf:28:ba:a5:69:45:5d: 485s d8:91:25:bb:43:27:8b:cf:ff:1a:a5:b9:18:d3:bd: 485s d0:6d:42:43:e6:f5:ed:64:7c:a0:7b:5d:88:66:43: 485s 54:f3:d8:46:02:a2:a9:a7:b9:78:93:0d:e0:91:ba: 485s 7c:71:78:a7:65:12:75:98:a4:ab:ba:e0:84:70:79: 485s 84:5f:95:94:5d:96:99:6a:17:38:25:02:59:39:2f: 485s 99:3d:0e:87:4e:7c:3b:7c:ec:18:2e:11:fe:b7:0f: 485s 42:b2:d7:db:de:b0:67:11:26:2d:58:81:73:dc:82: 485s a9:58:46:4e:04:47:4f:ac:0d 485s Exponent: 65537 (0x10001) 485s X509v3 extensions: 485s X509v3 Authority Key Identifier: 485s E2:A2:28:C0:BA:E3:E3:0F:45:F3:A7:78:B4:F9:81:99:0A:CD:7A:6C 485s X509v3 Basic Constraints: 485s CA:FALSE 485s Netscape Cert Type: 485s SSL Client, S/MIME 485s Netscape Comment: 485s Test Organization Sub Intermediate CA trusted Certificate 485s X509v3 Subject Key Identifier: 485s 7A:A5:70:10:95:0C:F2:EB:C1:9D:7B:2F:FB:CC:15:D0:A7:C8:90:AA 485s X509v3 Key Usage: critical 485s Digital Signature, Non Repudiation, Key Encipherment 485s X509v3 Extended Key Usage: 485s TLS Web Client Authentication, E-mail Protection 485s X509v3 Subject Alternative Name: 485s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 485s Signature Algorithm: sha256WithRSAEncryption 485s Signature Value: 485s ac:8e:31:80:f8:ec:05:92:c4:ff:b9:77:17:4c:8c:dc:91:80: 485s 6b:de:b1:d0:06:4a:82:f7:f8:81:67:92:66:43:c8:96:60:ed: 485s d1:ea:77:31:19:d4:ea:81:ac:22:8f:af:61:0d:a5:ee:98:46: 485s 9d:a4:04:3b:ed:40:68:c3:ed:92:e3:23:38:d0:e3:fa:02:59: 485s 5e:48:c4:25:97:c7:f9:12:e0:53:f0:5a:9b:f6:76:2a:67:97: 485s 1d:56:ce:1f:43:76:ae:55:1e:ea:88:76:23:45:30:b9:8d:4c: 485s 67:f8:22:54:f5:f4:51:05:3b:2a:44:b3:8c:58:e9:5b:b5:39: 485s 68:ad 485s + local found_md5 expected_md5 485s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s + expected_md5=Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D 485s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-17612.pem 485s + found_md5=Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D 485s + '[' Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D '!=' Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D ']' 485s + output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-17612-auth.output 485s ++ basename /tmp/sssd-softhsm2-48L3mX/SSSD-child-17612-auth.output .output 485s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-17612-auth.pem 485s + echo -n 053350 485s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-48L3mX/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 485s [p11_child[3387]] [main] (0x0400): p11_child started. 485s [p11_child[3387]] [main] (0x2000): Running in [auth] mode. 485s [p11_child[3387]] [main] (0x2000): Running with effective IDs: [0][0]. 485s [p11_child[3387]] [main] (0x2000): Running with real IDs [0][0]. 485s [p11_child[3387]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 485s [p11_child[3387]] [do_card] (0x4000): Module List: 485s [p11_child[3387]] [do_card] (0x4000): common name: [softhsm2]. 485s [p11_child[3387]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3387]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52955c43] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 485s [p11_child[3387]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 485s [p11_child[3387]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x52955c43][1385520195] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3387]] [do_card] (0x4000): Login required. 485s [p11_child[3387]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 485s [p11_child[3387]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 485s [p11_child[3387]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 485s [p11_child[3387]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x52955c43;slot-manufacturer=SoftHSM%20project;slot-id=1385520195;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fd5ad97b52955c43;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 485s [p11_child[3387]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 485s [p11_child[3387]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 485s [p11_child[3387]] [do_card] (0x4000): Certificate verified and validated. 485s [p11_child[3387]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 485s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-17612-auth.output 485s + echo '-----BEGIN CERTIFICATE-----' 485s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-17612-auth.output 485s + echo '-----END CERTIFICATE-----' 485s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-17612-auth.pem 485s Certificate: 485s Data: 485s Version: 3 (0x2) 485s Serial Number: 5 (0x5) 485s Signature Algorithm: sha256WithRSAEncryption 485s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 485s Validity 485s Not Before: Mar 16 15:26:55 2024 GMT 485s Not After : Mar 16 15:26:55 2025 GMT 485s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 485s Subject Public Key Info: 485s Public Key Algorithm: rsaEncryption 485s Public-Key: (1024 bit) 485s Modulus: 485s 00:d0:73:2e:69:10:1f:f1:cf:28:ba:a5:69:45:5d: 485s d8:91:25:bb:43:27:8b:cf:ff:1a:a5:b9:18:d3:bd: 485s d0:6d:42:43:e6:f5:ed:64:7c:a0:7b:5d:88:66:43: 485s 54:f3:d8:46:02:a2:a9:a7:b9:78:93:0d:e0:91:ba: 485s 7c:71:78:a7:65:12:75:98:a4:ab:ba:e0:84:70:79: 485s 84:5f:95:94:5d:96:99:6a:17:38:25:02:59:39:2f: 485s 99:3d:0e:87:4e:7c:3b:7c:ec:18:2e:11:fe:b7:0f: 485s 42:b2:d7:db:de:b0:67:11:26:2d:58:81:73:dc:82: 485s a9:58:46:4e:04:47:4f:ac:0d 485s Exponent: 65537 (0x10001) 485s X509v3 extensions: 485s X509v3 Authority Key Identifier: 485s E2:A2:28:C0:BA:E3:E3:0F:45:F3:A7:78:B4:F9:81:99:0A:CD:7A:6C 485s X509v3 Basic Constraints: 485s CA:FALSE 485s Netscape Cert Type: 485s SSL Client, S/MIME 485s Netscape Comment: 485s Test Organization Sub Intermediate CA trusted Certificate 485s X509v3 Subject Key Identifier: 485s 7A:A5:70:10:95:0C:F2:EB:C1:9D:7B:2F:FB:CC:15:D0:A7:C8:90:AA 485s X509v3 Key Usage: critical 485s Digital Signature, Non Repudiation, Key Encipherment 485s X509v3 Extended Key Usage: 485s TLS Web Client Authentication, E-mail Protection 485s X509v3 Subject Alternative Name: 485s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 485s Signature Algorithm: sha256WithRSAEncryption 485s Signature Value: 485s ac:8e:31:80:f8:ec:05:92:c4:ff:b9:77:17:4c:8c:dc:91:80: 485s 6b:de:b1:d0:06:4a:82:f7:f8:81:67:92:66:43:c8:96:60:ed: 485s d1:ea:77:31:19:d4:ea:81:ac:22:8f:af:61:0d:a5:ee:98:46: 485s 9d:a4:04:3b:ed:40:68:c3:ed:92:e3:23:38:d0:e3:fa:02:59: 485s 5e:48:c4:25:97:c7:f9:12:e0:53:f0:5a:9b:f6:76:2a:67:97: 485s 1d:56:ce:1f:43:76:ae:55:1e:ea:88:76:23:45:30:b9:8d:4c: 485s 67:f8:22:54:f5:f4:51:05:3b:2a:44:b3:8c:58:e9:5b:b5:39: 485s 68:ad 485s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-17612-auth.pem 485s + found_md5=Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D 485s + '[' Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D '!=' Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D ']' 485s + invalid_certificate /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem 485s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem 485s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem 485s + local verify_option= 485s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local key_cn 485s + local key_name 485s + local tokens_dir 485s + local output_cert_file 485s + token_name= 485s ++ basename /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 485s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 485s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s ++ sed -n 's/ *commonName *= //p' 485s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 485s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 485s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 485s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 485s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 485s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 485s Test Organization Sub Int Token 485s + token_name='Test Organization Sub Int Token' 485s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 485s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 485s + echo 'Test Organization Sub Int Token' 485s + '[' -n '' ']' 485s + local output_base_name=SSSD-child-9503 485s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-9503.output 485s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-9503.pem 485s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem 485s [p11_child[3397]] [main] (0x0400): p11_child started. 485s [p11_child[3397]] [main] (0x2000): Running in [pre-auth] mode. 485s [p11_child[3397]] [main] (0x2000): Running with effective IDs: [0][0]. 485s [p11_child[3397]] [main] (0x2000): Running with real IDs [0][0]. 485s [p11_child[3397]] [do_card] (0x4000): Module List: 485s [p11_child[3397]] [do_card] (0x4000): common name: [softhsm2]. 485s [p11_child[3397]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3397]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52955c43] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 485s [p11_child[3397]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 485s [p11_child[3397]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x52955c43][1385520195] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3397]] [do_card] (0x4000): Login NOT required. 485s [p11_child[3397]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 485s [p11_child[3397]] [do_verification] (0x0040): X509_verify_cert failed [0]. 485s [p11_child[3397]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 485s [p11_child[3397]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 485s [p11_child[3397]] [do_card] (0x4000): No certificate found. 485s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-9503.output 485s + return 2 485s + invalid_certificate /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 /tmp/sssd-softhsm2-48L3mX/test-root-intermediate-chain-CA.pem partial_chain 485s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 /tmp/sssd-softhsm2-48L3mX/test-root-intermediate-chain-CA.pem partial_chain 485s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-root-intermediate-chain-CA.pem 485s + local verify_option=partial_chain 485s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local key_cn 485s + local key_name 485s + local tokens_dir 485s + local output_cert_file 485s + token_name= 485s ++ basename /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 485s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 485s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s ++ sed -n 's/ *commonName *= //p' 485s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 485s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 485s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 485s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 485s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 485s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 485s Test Organization Sub Int Token 485s + token_name='Test Organization Sub Int Token' 485s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 485s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 485s + echo 'Test Organization Sub Int Token' 485s + '[' -n partial_chain ']' 485s + local verify_arg=--verify=partial_chain 485s + local output_base_name=SSSD-child-19625 485s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-19625.output 485s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-19625.pem 485s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-48L3mX/test-root-intermediate-chain-CA.pem 485s [p11_child[3404]] [main] (0x0400): p11_child started. 485s [p11_child[3404]] [main] (0x2000): Running in [pre-auth] mode. 485s [p11_child[3404]] [main] (0x2000): Running with effective IDs: [0][0]. 485s [p11_child[3404]] [main] (0x2000): Running with real IDs [0][0]. 485s [p11_child[3404]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 485s [p11_child[3404]] [do_card] (0x4000): Module List: 485s [p11_child[3404]] [do_card] (0x4000): common name: [softhsm2]. 485s [p11_child[3404]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3404]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52955c43] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 485s [p11_child[3404]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 485s [p11_child[3404]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x52955c43][1385520195] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3404]] [do_card] (0x4000): Login NOT required. 485s [p11_child[3404]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 485s [p11_child[3404]] [do_verification] (0x0040): X509_verify_cert failed [0]. 485s [p11_child[3404]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 485s [p11_child[3404]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 485s [p11_child[3404]] [do_card] (0x4000): No certificate found. 485s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-19625.output 485s + return 2 485s + valid_certificate /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem partial_chain 485s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem partial_chain 485s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem 485s + local verify_option=partial_chain 485s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local key_cn 485s + local key_name 485s + local tokens_dir 485s + local output_cert_file 485s + token_name= 485s ++ basename /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 485s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 485s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s ++ sed -n 's/ *commonName *= //p' 485s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 485s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 485s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 485s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 485s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 485s Test Organization Sub Int Token 485s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 485s + token_name='Test Organization Sub Int Token' 485s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 485s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 485s + echo 'Test Organization Sub Int Token' 485s + '[' -n partial_chain ']' 485s + local verify_arg=--verify=partial_chain 485s + local output_base_name=SSSD-child-31342 485s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-31342.output 485s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-31342.pem 485s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem 485s [p11_child[3411]] [main] (0x0400): p11_child started. 485s [p11_child[3411]] [main] (0x2000): Running in [pre-auth] mode. 485s [p11_child[3411]] [main] (0x2000): Running with effective IDs: [0][0]. 485s [p11_child[3411]] [main] (0x2000): Running with real IDs [0][0]. 485s [p11_child[3411]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 485s [p11_child[3411]] [do_card] (0x4000): Module List: 485s [p11_child[3411]] [do_card] (0x4000): common name: [softhsm2]. 485s [p11_child[3411]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3411]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52955c43] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 485s [p11_child[3411]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 485s [p11_child[3411]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x52955c43][1385520195] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3411]] [do_card] (0x4000): Login NOT required. 485s [p11_child[3411]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 485s [p11_child[3411]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 485s [p11_child[3411]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 485s [p11_child[3411]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x52955c43;slot-manufacturer=SoftHSM%20project;slot-id=1385520195;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fd5ad97b52955c43;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 485s [p11_child[3411]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 485s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-31342.output 485s + echo '-----BEGIN CERTIFICATE-----' 485s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-31342.output 485s + echo '-----END CERTIFICATE-----' 485s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-31342.pem 485s Certificate: 485s Data: 485s Version: 3 (0x2) 485s Serial Number: 5 (0x5) 485s Signature Algorithm: sha256WithRSAEncryption 485s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 485s Validity 485s Not Before: Mar 16 15:26:55 2024 GMT 485s Not After : Mar 16 15:26:55 2025 GMT 485s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 485s Subject Public Key Info: 485s Public Key Algorithm: rsaEncryption 485s Public-Key: (1024 bit) 485s Modulus: 485s 00:d0:73:2e:69:10:1f:f1:cf:28:ba:a5:69:45:5d: 485s d8:91:25:bb:43:27:8b:cf:ff:1a:a5:b9:18:d3:bd: 485s d0:6d:42:43:e6:f5:ed:64:7c:a0:7b:5d:88:66:43: 485s 54:f3:d8:46:02:a2:a9:a7:b9:78:93:0d:e0:91:ba: 485s 7c:71:78:a7:65:12:75:98:a4:ab:ba:e0:84:70:79: 485s 84:5f:95:94:5d:96:99:6a:17:38:25:02:59:39:2f: 485s 99:3d:0e:87:4e:7c:3b:7c:ec:18:2e:11:fe:b7:0f: 485s 42:b2:d7:db:de:b0:67:11:26:2d:58:81:73:dc:82: 485s a9:58:46:4e:04:47:4f:ac:0d 485s Exponent: 65537 (0x10001) 485s X509v3 extensions: 485s X509v3 Authority Key Identifier: 485s E2:A2:28:C0:BA:E3:E3:0F:45:F3:A7:78:B4:F9:81:99:0A:CD:7A:6C 485s X509v3 Basic Constraints: 485s CA:FALSE 485s Netscape Cert Type: 485s SSL Client, S/MIME 485s Netscape Comment: 485s Test Organization Sub Intermediate CA trusted Certificate 485s X509v3 Subject Key Identifier: 485s 7A:A5:70:10:95:0C:F2:EB:C1:9D:7B:2F:FB:CC:15:D0:A7:C8:90:AA 485s X509v3 Key Usage: critical 485s Digital Signature, Non Repudiation, Key Encipherment 485s X509v3 Extended Key Usage: 485s TLS Web Client Authentication, E-mail Protection 485s X509v3 Subject Alternative Name: 485s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 485s Signature Algorithm: sha256WithRSAEncryption 485s Signature Value: 485s ac:8e:31:80:f8:ec:05:92:c4:ff:b9:77:17:4c:8c:dc:91:80: 485s 6b:de:b1:d0:06:4a:82:f7:f8:81:67:92:66:43:c8:96:60:ed: 485s d1:ea:77:31:19:d4:ea:81:ac:22:8f:af:61:0d:a5:ee:98:46: 485s 9d:a4:04:3b:ed:40:68:c3:ed:92:e3:23:38:d0:e3:fa:02:59: 485s 5e:48:c4:25:97:c7:f9:12:e0:53:f0:5a:9b:f6:76:2a:67:97: 485s 1d:56:ce:1f:43:76:ae:55:1e:ea:88:76:23:45:30:b9:8d:4c: 485s 67:f8:22:54:f5:f4:51:05:3b:2a:44:b3:8c:58:e9:5b:b5:39: 485s 68:ad 485s + local found_md5 expected_md5 485s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s + expected_md5=Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D 485s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-31342.pem 485s + found_md5=Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D 485s + '[' Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D '!=' Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D ']' 485s + output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-31342-auth.output 485s ++ basename /tmp/sssd-softhsm2-48L3mX/SSSD-child-31342-auth.output .output 485s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-31342-auth.pem 485s + echo -n 053350 485s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 485s [p11_child[3419]] [main] (0x0400): p11_child started. 485s [p11_child[3419]] [main] (0x2000): Running in [auth] mode. 485s [p11_child[3419]] [main] (0x2000): Running with effective IDs: [0][0]. 485s [p11_child[3419]] [main] (0x2000): Running with real IDs [0][0]. 485s [p11_child[3419]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 485s [p11_child[3419]] [do_card] (0x4000): Module List: 485s [p11_child[3419]] [do_card] (0x4000): common name: [softhsm2]. 485s [p11_child[3419]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3419]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52955c43] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 485s [p11_child[3419]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 485s [p11_child[3419]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x52955c43][1385520195] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3419]] [do_card] (0x4000): Login required. 485s [p11_child[3419]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 485s [p11_child[3419]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 485s [p11_child[3419]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 485s [p11_child[3419]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x52955c43;slot-manufacturer=SoftHSM%20project;slot-id=1385520195;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fd5ad97b52955c43;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 485s [p11_child[3419]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 485s [p11_child[3419]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 485s [p11_child[3419]] [do_card] (0x4000): Certificate verified and validated. 485s [p11_child[3419]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 485s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-31342-auth.output 485s + echo '-----BEGIN CERTIFICATE-----' 485s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-31342-auth.output 485s + echo '-----END CERTIFICATE-----' 485s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-31342-auth.pem 485s Certificate: 485s Data: 485s Version: 3 (0x2) 485s Serial Number: 5 (0x5) 485s Signature Algorithm: sha256WithRSAEncryption 485s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 485s Validity 485s Not Before: Mar 16 15:26:55 2024 GMT 485s Not After : Mar 16 15:26:55 2025 GMT 485s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 485s Subject Public Key Info: 485s Public Key Algorithm: rsaEncryption 485s Public-Key: (1024 bit) 485s Modulus: 485s 00:d0:73:2e:69:10:1f:f1:cf:28:ba:a5:69:45:5d: 485s d8:91:25:bb:43:27:8b:cf:ff:1a:a5:b9:18:d3:bd: 485s d0:6d:42:43:e6:f5:ed:64:7c:a0:7b:5d:88:66:43: 485s 54:f3:d8:46:02:a2:a9:a7:b9:78:93:0d:e0:91:ba: 485s 7c:71:78:a7:65:12:75:98:a4:ab:ba:e0:84:70:79: 485s 84:5f:95:94:5d:96:99:6a:17:38:25:02:59:39:2f: 485s 99:3d:0e:87:4e:7c:3b:7c:ec:18:2e:11:fe:b7:0f: 485s 42:b2:d7:db:de:b0:67:11:26:2d:58:81:73:dc:82: 485s a9:58:46:4e:04:47:4f:ac:0d 485s Exponent: 65537 (0x10001) 485s X509v3 extensions: 485s X509v3 Authority Key Identifier: 485s E2:A2:28:C0:BA:E3:E3:0F:45:F3:A7:78:B4:F9:81:99:0A:CD:7A:6C 485s X509v3 Basic Constraints: 485s CA:FALSE 485s Netscape Cert Type: 485s SSL Client, S/MIME 485s Netscape Comment: 485s Test Organization Sub Intermediate CA trusted Certificate 485s X509v3 Subject Key Identifier: 485s 7A:A5:70:10:95:0C:F2:EB:C1:9D:7B:2F:FB:CC:15:D0:A7:C8:90:AA 485s X509v3 Key Usage: critical 485s Digital Signature, Non Repudiation, Key Encipherment 485s X509v3 Extended Key Usage: 485s TLS Web Client Authentication, E-mail Protection 485s X509v3 Subject Alternative Name: 485s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 485s Signature Algorithm: sha256WithRSAEncryption 485s Signature Value: 485s ac:8e:31:80:f8:ec:05:92:c4:ff:b9:77:17:4c:8c:dc:91:80: 485s 6b:de:b1:d0:06:4a:82:f7:f8:81:67:92:66:43:c8:96:60:ed: 485s d1:ea:77:31:19:d4:ea:81:ac:22:8f:af:61:0d:a5:ee:98:46: 485s 9d:a4:04:3b:ed:40:68:c3:ed:92:e3:23:38:d0:e3:fa:02:59: 485s 5e:48:c4:25:97:c7:f9:12:e0:53:f0:5a:9b:f6:76:2a:67:97: 485s 1d:56:ce:1f:43:76:ae:55:1e:ea:88:76:23:45:30:b9:8d:4c: 485s 67:f8:22:54:f5:f4:51:05:3b:2a:44:b3:8c:58:e9:5b:b5:39: 485s 68:ad 485s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-31342-auth.pem 485s + found_md5=Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D 485s + '[' Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D '!=' Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D ']' 485s + valid_certificate /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 /tmp/sssd-softhsm2-48L3mX/test-intermediate-sub-chain-CA.pem partial_chain 485s + check_certificate /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 /tmp/sssd-softhsm2-48L3mX/test-intermediate-sub-chain-CA.pem partial_chain 485s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local key_ring=/tmp/sssd-softhsm2-48L3mX/test-intermediate-sub-chain-CA.pem 485s + local verify_option=partial_chain 485s + prepare_softhsm2_card /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local certificate=/tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6004 485s + local key_cn 485s + local key_name 485s + local tokens_dir 485s + local output_cert_file 485s + token_name= 485s ++ basename /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 485s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 485s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 485s ++ sed -n 's/ *commonName *= //p' 485s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 485s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 485s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 485s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 485s ++ basename /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 485s + tokens_dir=/tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 485s + token_name='Test Organization Sub Int Token' 485s + '[' '!' -e /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 485s Test Organization Sub Int Token 485s + '[' '!' -d /tmp/sssd-softhsm2-48L3mX/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 485s + echo 'Test Organization Sub Int Token' 485s + '[' -n partial_chain ']' 485s + local verify_arg=--verify=partial_chain 485s + local output_base_name=SSSD-child-11105 485s + local output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-11105.output 485s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-11105.pem 485s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-48L3mX/test-intermediate-sub-chain-CA.pem 485s [p11_child[3429]] [main] (0x0400): p11_child started. 485s [p11_child[3429]] [main] (0x2000): Running in [pre-auth] mode. 485s [p11_child[3429]] [main] (0x2000): Running with effective IDs: [0][0]. 485s [p11_child[3429]] [main] (0x2000): Running with real IDs [0][0]. 485s [p11_child[3429]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 485s [p11_child[3429]] [do_card] (0x4000): Module List: 485s [p11_child[3429]] [do_card] (0x4000): common name: [softhsm2]. 485s [p11_child[3429]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3429]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52955c43] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 485s [p11_child[3429]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 485s [p11_child[3429]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x52955c43][1385520195] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 485s [p11_child[3429]] [do_card] (0x4000): Login NOT required. 485s [p11_child[3429]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 485s [p11_child[3429]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 485s [p11_child[3429]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 485s [p11_child[3429]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x52955c43;slot-manufacturer=SoftHSM%20project;slot-id=1385520195;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fd5ad97b52955c43;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 485s [p11_child[3429]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 485s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-11105.output 485s + echo '-----BEGIN CERTIFICATE-----' 485s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-11105.output 485s + echo '-----END CERTIFICATE-----' 485s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-11105.pem 486s Certificate: 486s Data: 486s Version: 3 (0x2) 486s Serial Number: 5 (0x5) 486s Signature Algorithm: sha256WithRSAEncryption 486s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 486s Validity 486s Not Before: Mar 16 15:26:55 2024 GMT 486s Not After : Mar 16 15:26:55 2025 GMT 486s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 486s Subject Public Key Info: 486s Public Key Algorithm: rsaEncryption 486s Public-Key: (1024 bit) 486s Modulus: 486s 00:d0:73:2e:69:10:1f:f1:cf:28:ba:a5:69:45:5d: 486s d8:91:25:bb:43:27:8b:cf:ff:1a:a5:b9:18:d3:bd: 486s d0:6d:42:43:e6:f5:ed:64:7c:a0:7b:5d:88:66:43: 486s 54:f3:d8:46:02:a2:a9:a7:b9:78:93:0d:e0:91:ba: 486s 7c:71:78:a7:65:12:75:98:a4:ab:ba:e0:84:70:79: 486s 84:5f:95:94:5d:96:99:6a:17:38:25:02:59:39:2f: 486s 99:3d:0e:87:4e:7c:3b:7c:ec:18:2e:11:fe:b7:0f: 486s 42:b2:d7:db:de:b0:67:11:26:2d:58:81:73:dc:82: 486s a9:58:46:4e:04:47:4f:ac:0d 486s Exponent: 65537 (0x10001) 486s X509v3 extensions: 486s X509v3 Authority Key Identifier: 486s E2:A2:28:C0:BA:E3:E3:0F:45:F3:A7:78:B4:F9:81:99:0A:CD:7A:6C 486s X509v3 Basic Constraints: 486s CA:FALSE 486s Netscape Cert Type: 486s SSL Client, S/MIME 486s Netscape Comment: 486s Test Organization Sub Intermediate CA trusted Certificate 486s X509v3 Subject Key Identifier: 486s 7A:A5:70:10:95:0C:F2:EB:C1:9D:7B:2F:FB:CC:15:D0:A7:C8:90:AA 486s X509v3 Key Usage: critical 486s Digital Signature, Non Repudiation, Key Encipherment 486s X509v3 Extended Key Usage: 486s TLS Web Client Authentication, E-mail Protection 486s X509v3 Subject Alternative Name: 486s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 486s Signature Algorithm: sha256WithRSAEncryption 486s Signature Value: 486s ac:8e:31:80:f8:ec:05:92:c4:ff:b9:77:17:4c:8c:dc:91:80: 486s 6b:de:b1:d0:06:4a:82:f7:f8:81:67:92:66:43:c8:96:60:ed: 486s d1:ea:77:31:19:d4:ea:81:ac:22:8f:af:61:0d:a5:ee:98:46: 486s 9d:a4:04:3b:ed:40:68:c3:ed:92:e3:23:38:d0:e3:fa:02:59: 486s 5e:48:c4:25:97:c7:f9:12:e0:53:f0:5a:9b:f6:76:2a:67:97: 486s 1d:56:ce:1f:43:76:ae:55:1e:ea:88:76:23:45:30:b9:8d:4c: 486s 67:f8:22:54:f5:f4:51:05:3b:2a:44:b3:8c:58:e9:5b:b5:39: 486s 68:ad 486s + local found_md5 expected_md5 486s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/test-sub-intermediate-CA-trusted-certificate-0001.pem 486s + expected_md5=Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D 486s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-11105.pem 486s + found_md5=Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D 486s + '[' Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D '!=' Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D ']' 486s + output_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-11105-auth.output 486s ++ basename /tmp/sssd-softhsm2-48L3mX/SSSD-child-11105-auth.output .output 486s + output_cert_file=/tmp/sssd-softhsm2-48L3mX/SSSD-child-11105-auth.pem 486s + echo -n 053350 486s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-48L3mX/test-intermediate-sub-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 486s [p11_child[3437]] [main] (0x0400): p11_child started. 486s [p11_child[3437]] [main] (0x2000): Running in [auth] mode. 486s [p11_child[3437]] [main] (0x2000): Running with effective IDs: [0][0]. 486s [p11_child[3437]] [main] (0x2000): Running with real IDs [0][0]. 486s [p11_child[3437]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 486s [p11_child[3437]] [do_card] (0x4000): Module List: 486s [p11_child[3437]] [do_card] (0x4000): common name: [softhsm2]. 486s [p11_child[3437]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 486s [p11_child[3437]] [do_card] (0x4000): Description [SoftHSM slot ID 0x52955c43] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 486s [p11_child[3437]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 486s [p11_child[3437]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x52955c43][1385520195] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 486s [p11_child[3437]] [do_card] (0x4000): Login required. 486s [p11_child[3437]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 486s [p11_child[3437]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 486s [p11_child[3437]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 486s [p11_child[3437]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x52955c43;slot-manufacturer=SoftHSM%20project;slot-id=1385520195;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fd5ad97b52955c43;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 486s [p11_child[3437]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 486s [p11_child[3437]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 486s [p11_child[3437]] [do_card] (0x4000): Certificate verified and validated. 486s [p11_child[3437]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 486s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-48L3mX/SSSD-child-11105-auth.output 486s + echo '-----BEGIN CERTIFICATE-----' 486s + tail -n1 /tmp/sssd-softhsm2-48L3mX/SSSD-child-11105-auth.output 486s + echo '-----END CERTIFICATE-----' 486s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-11105-auth.pem 486s Certificate: 486s Data: 486s Version: 3 (0x2) 486s Serial Number: 5 (0x5) 486s Signature Algorithm: sha256WithRSAEncryption 486s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 486s Validity 486s Not Before: Mar 16 15:26:55 2024 GMT 486s Not After : Mar 16 15:26:55 2025 GMT 486s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 486s Subject Public Key Info: 486s Public Key Algorithm: rsaEncryption 486s Public-Key: (1024 bit) 486s Modulus: 486s 00:d0:73:2e:69:10:1f:f1:cf:28:ba:a5:69:45:5d: 486s d8:91:25:bb:43:27:8b:cf:ff:1a:a5:b9:18:d3:bd: 486s d0:6d:42:43:e6:f5:ed:64:7c:a0:7b:5d:88:66:43: 486s 54:f3:d8:46:02:a2:a9:a7:b9:78:93:0d:e0:91:ba: 486s 7c:71:78:a7:65:12:75:98:a4:ab:ba:e0:84:70:79: 486s 84:5f:95:94:5d:96:99:6a:17:38:25:02:59:39:2f: 486s 99:3d:0e:87:4e:7c:3b:7c:ec:18:2e:11:fe:b7:0f: 486s 42:b2:d7:db:de:b0:67:11:26:2d:58:81:73:dc:82: 486s a9:58:46:4e:04:47:4f:ac:0d 486s Exponent: 65537 (0x10001) 486s X509v3 extensions: 486s X509v3 Authority Key Identifier: 486s E2:A2:28:C0:BA:E3:E3:0F:45:F3:A7:78:B4:F9:81:99:0A:CD:7A:6C 486s X509v3 Basic Constraints: 486s CA:FALSE 486s Netscape Cert Type: 486s SSL Client, S/MIME 486s Netscape Comment: 486s Test Organization Sub Intermediate CA trusted Certificate 486s X509v3 Subject Key Identifier: 486s 7A:A5:70:10:95:0C:F2:EB:C1:9D:7B:2F:FB:CC:15:D0:A7:C8:90:AA 486s X509v3 Key Usage: critical 486s Digital Signature, Non Repudiation, Key Encipherment 486s X509v3 Extended Key Usage: 486s TLS Web Client Authentication, E-mail Protection 486s X509v3 Subject Alternative Name: 486s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 486s Signature Algorithm: sha256WithRSAEncryption 486s Signature Value: 486s ac:8e:31:80:f8:ec:05:92:c4:ff:b9:77:17:4c:8c:dc:91:80: 486s 6b:de:b1:d0:06:4a:82:f7:f8:81:67:92:66:43:c8:96:60:ed: 486s d1:ea:77:31:19:d4:ea:81:ac:22:8f:af:61:0d:a5:ee:98:46: 486s 9d:a4:04:3b:ed:40:68:c3:ed:92:e3:23:38:d0:e3:fa:02:59: 486s 5e:48:c4:25:97:c7:f9:12:e0:53:f0:5a:9b:f6:76:2a:67:97: 486s 1d:56:ce:1f:43:76:ae:55:1e:ea:88:76:23:45:30:b9:8d:4c: 486s 67:f8:22:54:f5:f4:51:05:3b:2a:44:b3:8c:58:e9:5b:b5:39: 486s 68:ad 486s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-48L3mX/SSSD-child-11105-auth.pem 486s + found_md5=Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D 486s + '[' Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D '!=' Modulus=D0732E69101FF1CF28BAA569455DD89125BB43278BCFFF1AA5B918D3BDD06D4243E6F5ED647CA07B5D88664354F3D84602A2A9A7B978930DE091BA7C7178A765127598A4ABBAE0847079845F95945D96996A1738250259392F993D0E874E7C3B7CEC182E11FEB70F42B2D7DBDEB06711262D588173DC82A958464E04474FAC0D ']' 486s 486s Test completed, Root CA and intermediate issued certificates verified! 486s + set +x 486s autopkgtest [15:26:59]: test sssd-softhism2-certificates-tests.sh: -----------------------] 486s autopkgtest [15:26:59]: test sssd-softhism2-certificates-tests.sh: - - - - - - - - - - results - - - - - - - - - - 486s sssd-softhism2-certificates-tests.sh PASS 487s autopkgtest [15:27:00]: test sssd-smart-card-pam-auth-configs: preparing testbed 488s Reading package lists... 488s Building dependency tree... 488s Reading state information... 489s Starting pkgProblemResolver with broken count: 0 489s Starting 2 pkgProblemResolver with broken count: 0 489s Done 489s The following additional packages will be installed: 489s pamtester 489s The following NEW packages will be installed: 489s autopkgtest-satdep pamtester 489s 0 upgraded, 2 newly installed, 0 to remove and 1 not upgraded. 489s Need to get 12.2 kB/13.0 kB of archives. 489s After this operation, 36.9 kB of additional disk space will be used. 489s Get:1 /tmp/autopkgtest.mWFgi9/4-autopkgtest-satdep.deb autopkgtest-satdep s390x 0 [760 B] 489s Get:2 http://ftpmaster.internal/ubuntu noble/universe s390x pamtester s390x 0.1.2-4 [12.2 kB] 489s Fetched 12.2 kB in 0s (84.8 kB/s) 489s Selecting previously unselected package pamtester. 489s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 52796 files and directories currently installed.) 489s Preparing to unpack .../pamtester_0.1.2-4_s390x.deb ... 489s Unpacking pamtester (0.1.2-4) ... 489s Selecting previously unselected package autopkgtest-satdep. 489s Preparing to unpack .../4-autopkgtest-satdep.deb ... 489s Unpacking autopkgtest-satdep (0) ... 489s Setting up pamtester (0.1.2-4) ... 489s Setting up autopkgtest-satdep (0) ... 489s Processing triggers for man-db (2.12.0-3) ... 492s (Reading database ... 52802 files and directories currently installed.) 492s Removing autopkgtest-satdep (0) ... 493s autopkgtest [15:27:06]: test sssd-smart-card-pam-auth-configs: env OFFLINE_MODE=1 bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 493s autopkgtest [15:27:06]: test sssd-smart-card-pam-auth-configs: [----------------------- 493s + '[' -z ubuntu ']' 493s + export DEBIAN_FRONTEND=noninteractive 493s + DEBIAN_FRONTEND=noninteractive 493s + required_tools=(pamtester softhsm2-util sssd) 493s + [[ ! -v OFFLINE_MODE ]] 493s + for cmd in "${required_tools[@]}" 493s + command -v pamtester 493s + for cmd in "${required_tools[@]}" 493s + command -v softhsm2-util 493s + for cmd in "${required_tools[@]}" 493s + command -v sssd 493s + PIN=123456 493s ++ mktemp -d -t sssd-softhsm2-certs-XXXXXX 493s + tmpdir=/tmp/sssd-softhsm2-certs-hvcmKa 493s + backupsdir= 493s + alternative_pam_configs=(sss-smart-card-optional sss-smart-card-required) 493s + declare -a restore_paths 493s + declare -a delete_paths 493s + trap handle_exit EXIT 493s ++ dirname debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 493s + tester=debian/tests/sssd-softhism2-certificates-tests.sh 493s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 493s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 493s + export PIN TEST_TMPDIR=/tmp/sssd-softhsm2-certs-hvcmKa GENERATE_SMART_CARDS=1 KEEP_TEMPORARY_FILES=1 NO_SSSD_TESTS=1 493s + TEST_TMPDIR=/tmp/sssd-softhsm2-certs-hvcmKa 493s + GENERATE_SMART_CARDS=1 493s + KEEP_TEMPORARY_FILES=1 493s + NO_SSSD_TESTS=1 493s + bash debian/tests/sssd-softhism2-certificates-tests.sh 493s + '[' -z ubuntu ']' 493s + required_tools=(p11tool openssl softhsm2-util) 493s + for cmd in "${required_tools[@]}" 493s + command -v p11tool 493s + for cmd in "${required_tools[@]}" 493s + command -v openssl 493s + for cmd in "${required_tools[@]}" 493s + command -v softhsm2-util 493s + PIN=123456 493s +++ find /usr/lib/softhsm/libsofthsm2.so 493s +++ head -n 1 493s ++ realpath /usr/lib/softhsm/libsofthsm2.so 493s + SOFTHSM2_MODULE=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 493s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 493s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 493s + '[' '!' -v NO_SSSD_TESTS ']' 493s + '[' '!' -e /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so ']' 493s + tmpdir=/tmp/sssd-softhsm2-certs-hvcmKa 493s + keys_size=1024 493s + [[ ! -v KEEP_TEMPORARY_FILES ]] 493s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 493s + echo -n 01 493s + touch /tmp/sssd-softhsm2-certs-hvcmKa/index.txt 493s + mkdir -p /tmp/sssd-softhsm2-certs-hvcmKa/new_certs 493s + cat 493s + root_ca_key_pass=pass:random-root-CA-password-26475 493s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-key.pem -passout pass:random-root-CA-password-26475 1024 493s + openssl req -passin pass:random-root-CA-password-26475 -batch -config /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA.pem 493s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA.pem 493s + cat 493s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-31166 493s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-31166 1024 493s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-31166 -config /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-26475 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-certificate-request.pem 493s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-certificate-request.pem 493s Certificate Request: 493s Data: 493s Version: 1 (0x0) 493s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 493s Subject Public Key Info: 493s Public Key Algorithm: rsaEncryption 493s Public-Key: (1024 bit) 493s Modulus: 493s 00:d2:8b:42:b8:7f:b7:4b:f7:08:ef:42:e3:ba:b1: 493s 76:2b:a8:ad:64:8a:52:b7:19:a4:c6:1f:0e:1f:99: 493s 80:66:8b:3d:37:e1:0b:e0:66:00:8a:87:7c:4b:14: 493s 45:aa:f8:60:ad:5c:16:05:ba:eb:61:99:77:66:31: 493s 3c:fc:10:f0:04:95:ea:4a:d8:e5:96:c5:29:9b:c6: 493s 08:2f:f1:60:d5:c8:9b:3a:ec:32:78:eb:31:e0:f9: 493s 3a:42:64:d1:e6:55:30:a6:f2:d0:93:43:e4:5e:a9: 493s 7b:0c:e7:33:10:5d:44:95:5e:fc:15:8a:39:a8:bb: 493s f0:c9:da:90:25:dc:f6:c2:55 493s Exponent: 65537 (0x10001) 493s Attributes: 493s (none) 493s Requested Extensions: 493s Signature Algorithm: sha256WithRSAEncryption 493s Signature Value: 493s 63:61:d7:5d:5f:f2:e5:32:88:75:7c:98:23:aa:81:a2:c3:38: 493s 74:91:da:99:73:26:3f:2d:6b:0c:45:83:44:8c:e5:0d:97:5c: 493s 25:20:e1:7a:fc:b1:f0:65:5a:9c:62:b6:e1:54:22:e1:42:f7: 493s 14:fc:7f:63:aa:93:56:89:8f:c7:89:ca:69:c4:54:6d:88:de: 493s 71:05:fd:3f:e8:2d:a6:47:9a:b9:f7:57:1b:59:d5:83:6c:44: 493s 1d:09:1a:ed:ad:5c:1a:51:ac:cd:eb:1c:0a:c4:8b:ef:4d:84: 493s 17:b0:17:74:94:f9:a6:47:90:b1:5e:58:8d:f1:77:f3:24:d4: 493s 00:ba 493s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA.config -passin pass:random-root-CA-password-26475 -keyfile /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem 493s Using configuration from /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA.config 493s Check that the request matches the signature 493s Signature ok 493s Certificate Details: 493s Serial Number: 1 (0x1) 493s Validity 493s Not Before: Mar 16 15:27:06 2024 GMT 493s Not After : Mar 16 15:27:06 2025 GMT 493s Subject: 493s organizationName = Test Organization 493s organizationalUnitName = Test Organization Unit 493s commonName = Test Organization Intermediate CA 493s X509v3 extensions: 493s X509v3 Subject Key Identifier: 493s F7:89:50:45:98:CA:56:0C:4B:BF:EA:38:AC:4D:FB:E0:81:55:FB:A6 493s X509v3 Authority Key Identifier: 493s keyid:A5:31:4A:DC:A6:27:A1:2E:95:DC:BB:3B:CE:F3:22:7E:1A:03:59:A2 493s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 493s serial:00 493s X509v3 Basic Constraints: 493s CA:TRUE 493s X509v3 Key Usage: critical 493s Digital Signature, Certificate Sign, CRL Sign 493s Certificate is to be certified until Mar 16 15:27:06 2025 GMT (365 days) 493s 493s Write out database with 1 new entries 493s Database updated 493s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem 493s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem 493s /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem: OK 493s + cat 493s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-26835 493s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-26835 1024 493s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-26835 -config /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-31166 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-certificate-request.pem 493s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-certificate-request.pem 493s Certificate Request: 493s Data: 493s Version: 1 (0x0) 493s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 493s Subject Public Key Info: 493s Public Key Algorithm: rsaEncryption 493s Public-Key: (1024 bit) 493s Modulus: 493s 00:c6:4a:bb:60:60:97:b2:93:bf:eb:88:19:9e:1d: 493s 0b:98:fd:f1:5f:20:7c:a2:94:9d:65:e7:c4:5d:0a: 493s 1f:bc:07:d9:4a:60:49:d4:b8:01:47:9c:be:74:91: 493s 29:bf:47:a7:6f:82:0e:19:66:82:08:63:14:73:ab: 493s aa:eb:31:95:ff:ca:71:f9:7a:aa:fa:c0:1d:b5:78: 493s 24:0b:f4:bb:b0:4a:0c:04:ac:bd:ed:a4:2d:88:9f: 493s 20:7b:da:67:37:5b:de:d0:b0:c8:6d:f0:89:2b:00: 493s da:40:ee:d8:76:1f:85:23:88:41:5d:d1:d4:42:64: 493s eb:57:ed:fe:e1:45:48:fd:69 493s Exponent: 65537 (0x10001) 493s Attributes: 493s (none) 493s Requested Extensions: 493s Signature Algorithm: sha256WithRSAEncryption 493s Signature Value: 493s 8c:97:63:47:df:5d:a7:04:53:68:86:77:64:01:5a:8f:45:17: 493s db:3e:2d:5c:86:30:fd:b0:5c:dc:08:08:92:9f:fb:b5:e2:74: 493s 58:bb:c1:c6:56:06:e2:a4:f9:0e:a7:b4:47:4b:a9:71:70:10: 493s e6:52:ce:94:ba:0c:be:5a:8d:13:e0:9c:70:54:8e:90:3b:d4: 493s fc:f5:1e:f7:ad:cc:44:df:e9:2a:15:78:20:41:94:c7:00:f6: 493s cb:a2:78:c0:8a:64:1f:31:fe:70:e4:1f:1a:55:9d:a5:4c:37: 493s 0f:68:bf:20:a4:0d:61:5a:83:6a:79:9d:81:5e:d5:53:f5:49: 493s 68:5e 493s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-31166 -keyfile /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.pem 493s Using configuration from /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.config 493s Check that the request matches the signature 493s Signature ok 493s Certificate Details: 493s Serial Number: 2 (0x2) 493s Validity 493s Not Before: Mar 16 15:27:06 2024 GMT 493s Not After : Mar 16 15:27:06 2025 GMT 493s Subject: 493s organizationName = Test Organization 493s organizationalUnitName = Test Organization Unit 493s commonName = Test Organization Sub Intermediate CA 493s X509v3 extensions: 493s X509v3 Subject Key Identifier: 493s DD:14:62:F2:BB:67:95:50:92:D5:D1:27:C8:F1:C7:EA:2E:39:AA:71 493s X509v3 Authority Key Identifier: 493s keyid:F7:89:50:45:98:CA:56:0C:4B:BF:EA:38:AC:4D:FB:E0:81:55:FB:A6 493s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 493s serial:01 493s X509v3 Basic Constraints: 493s CA:TRUE 493s X509v3 Key Usage: critical 493s Digital Signature, Certificate Sign, CRL Sign 493s Certificate is to be certified until Mar 16 15:27:06 2025 GMT (365 days) 493s 493s Write out database with 1 new entries 493s Database updated 493s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.pem 493s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.pem 493s /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.pem: OK 493s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.pem 493s + local cmd=openssl 493s + shift 493s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.pem 493s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 493s error 20 at 0 depth lookup: unable to get local issuer certificate 493s error /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.pem: verification failed 493s + cat 493s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-6860 493s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-6860 1024 493s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-6860 -key /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001-request.pem 493s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001-request.pem 493s Certificate Request: 493s Data: 493s Version: 1 (0x0) 493s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 493s Subject Public Key Info: 493s Public Key Algorithm: rsaEncryption 493s Public-Key: (1024 bit) 493s Modulus: 493s 00:b1:4a:2f:91:85:1b:5f:df:85:6e:d2:e5:28:d8: 493s 46:28:2e:46:7c:3d:40:01:1e:15:65:c6:e5:58:f9: 493s c3:e8:63:66:eb:4d:64:84:88:43:29:6c:00:f0:9b: 493s 38:95:01:34:11:33:bb:af:08:28:5d:cd:99:cb:fc: 493s f7:f3:36:3f:51:02:11:9e:c9:5e:2a:ff:cc:b3:28: 493s 92:a8:7e:00:10:af:79:3b:5b:d1:c2:e5:1f:77:35: 493s 05:b7:6a:1d:30:14:c7:79:8c:f0:c6:a4:c7:bc:ec: 493s ab:a1:0d:17:c8:e7:f9:92:ad:ba:10:d3:56:03:78: 493s dd:34:c6:8b:a0:1c:d3:d7:e7 493s Exponent: 65537 (0x10001) 493s Attributes: 493s Requested Extensions: 493s X509v3 Basic Constraints: 493s CA:FALSE 493s Netscape Cert Type: 493s SSL Client, S/MIME 493s Netscape Comment: 493s Test Organization Root CA trusted Certificate 493s X509v3 Subject Key Identifier: 493s 50:FE:85:E8:6D:BB:92:A4:E5:3B:9A:2A:52:3F:80:85:6E:08:A3:52 493s X509v3 Key Usage: critical 493s Digital Signature, Non Repudiation, Key Encipherment 493s X509v3 Extended Key Usage: 493s TLS Web Client Authentication, E-mail Protection 493s X509v3 Subject Alternative Name: 493s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 493s Signature Algorithm: sha256WithRSAEncryption 493s Signature Value: 493s 3d:7b:f7:fc:34:cc:cb:e7:39:c0:35:6d:d2:04:73:54:6c:db: 493s 6e:3e:93:51:df:d8:e0:5e:3d:e1:f2:75:73:07:0c:d0:fa:29: 493s 2f:20:c7:ed:21:c3:60:88:01:8b:46:8b:3d:fd:35:dd:a2:81: 493s 7b:9d:59:e9:4c:7e:14:2f:48:45:0b:dc:32:53:2b:2a:a4:23: 493s 21:b7:22:28:89:11:69:05:70:73:9c:4f:a1:31:8f:54:9a:20: 493s 2b:e6:e7:f4:18:4e:fe:86:79:be:f7:48:44:8f:9e:24:cf:80: 493s c2:f6:f7:83:a7:2c:f9:35:56:33:80:d3:a1:b1:9f:98:64:f9: 493s 06:c1 493s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA.config -passin pass:random-root-CA-password-26475 -keyfile /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001.pem 493s Using configuration from /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA.config 493s Check that the request matches the signature 493s Signature ok 493s Certificate Details: 493s Serial Number: 3 (0x3) 493s Validity 493s Not Before: Mar 16 15:27:06 2024 GMT 493s Not After : Mar 16 15:27:06 2025 GMT 493s Subject: 493s organizationName = Test Organization 493s organizationalUnitName = Test Organization Unit 493s commonName = Test Organization Root Trusted Certificate 0001 493s X509v3 extensions: 493s X509v3 Authority Key Identifier: 493s A5:31:4A:DC:A6:27:A1:2E:95:DC:BB:3B:CE:F3:22:7E:1A:03:59:A2 493s X509v3 Basic Constraints: 493s CA:FALSE 493s Netscape Cert Type: 493s SSL Client, S/MIME 493s Netscape Comment: 493s Test Organization Root CA trusted Certificate 493s X509v3 Subject Key Identifier: 493s 50:FE:85:E8:6D:BB:92:A4:E5:3B:9A:2A:52:3F:80:85:6E:08:A3:52 493s X509v3 Key Usage: critical 493s Digital Signature, Non Repudiation, Key Encipherment 493s X509v3 Extended Key Usage: 493s TLS Web Client Authentication, E-mail Protection 493s X509v3 Subject Alternative Name: 493s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 493s Certificate is to be certified until Mar 16 15:27:06 2025 GMT (365 days) 493s 493s Write out database with 1 new entries 493s Database updated 493s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001.pem 493s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001.pem 493s /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001.pem: OK 493s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001.pem 493s + local cmd=openssl 493s + shift 493s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001.pem 493s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 493s error 20 at 0 depth lookup: unable to get local issuer certificate 493s error /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001.pem: verification failed 493s + cat 493s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-29691 493s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-29691 1024 493s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-29691 -key /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001-request.pem 493s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001-request.pem 493s Certificate Request: 493s Data: 493s Version: 1 (0x0) 493s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 493s Subject Public Key Info: 493s Public Key Algorithm: rsaEncryption 493s Public-Key: (1024 bit) 493s Modulus: 493s 00:c2:c5:1b:b4:10:8e:d2:c2:c0:f7:56:34:f7:15: 493s 14:a7:1d:fd:5e:03:de:e3:e0:8e:7c:43:8c:b8:af: 493s 2c:e9:b2:2e:97:f4:59:3b:63:cd:40:66:ed:d7:b1: 493s b1:d8:a8:5b:98:bd:e4:28:84:27:5d:76:72:4e:1e: 493s 07:f9:1d:98:50:f9:fe:2e:60:db:a6:6d:e5:f6:00: 493s 12:d6:34:91:ca:21:37:ed:c3:40:7a:f2:de:ba:c0: 493s 65:24:e5:8d:ce:d0:a2:71:34:c8:17:ee:6f:8b:b3: 493s e3:7b:28:0e:f5:55:4f:25:8d:08:40:8b:09:e7:a1: 493s 4c:b3:c6:bf:07:2a:0e:a9:8d 493s Exponent: 65537 (0x10001) 493s Attributes: 493s Requested Extensions: 493s X509v3 Basic Constraints: 493s CA:FALSE 493s Netscape Cert Type: 493s SSL Client, S/MIME 493s Netscape Comment: 493s Test Organization Intermediate CA trusted Certificate 493s X509v3 Subject Key Identifier: 493s 4A:7D:17:9C:69:DD:6E:EE:3E:B1:F1:C5:F4:E0:03:3E:46:1F:FD:6E 493s X509v3 Key Usage: critical 493s Digital Signature, Non Repudiation, Key Encipherment 493s X509v3 Extended Key Usage: 493s TLS Web Client Authentication, E-mail Protection 493s X509v3 Subject Alternative Name: 493s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 493s Signature Algorithm: sha256WithRSAEncryption 493s Signature Value: 493s b0:ff:45:44:9b:18:29:93:2a:cd:e1:ef:4d:74:46:13:98:bf: 493s 11:85:3d:3f:19:bb:cf:53:5e:4b:75:31:c1:0e:00:51:45:a8: 493s 69:49:ff:b7:17:14:49:bd:54:ea:7f:e9:57:2a:c1:be:4d:34: 493s 4e:37:8c:e2:99:5c:65:32:c1:8d:b9:05:f7:e1:af:5d:c1:fb: 493s 87:19:6b:54:48:9f:17:c3:3e:7a:ab:d0:87:e2:7a:7d:10:1c: 493s ac:07:03:3b:37:8b:99:ab:7b:4f:6b:35:27:9d:5d:38:73:cb: 493s 03:82:96:46:03:5e:88:9d:58:a0:d8:35:f7:f3:1b:59:03:36: 493s 62:8d 493s + openssl ca -passin pass:random-intermediate-CA-password-31166 -config /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001.pem 493s Using configuration from /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.config 493s Check that the request matches the signature 493s Signature ok 493s Certificate Details: 493s Serial Number: 4 (0x4) 493s Validity 493s Not Before: Mar 16 15:27:06 2024 GMT 493s Not After : Mar 16 15:27:06 2025 GMT 493s Subject: 493s organizationName = Test Organization 493s organizationalUnitName = Test Organization Unit 493s commonName = Test Organization Intermediate Trusted Certificate 0001 493s X509v3 extensions: 493s X509v3 Authority Key Identifier: 493s F7:89:50:45:98:CA:56:0C:4B:BF:EA:38:AC:4D:FB:E0:81:55:FB:A6 493s X509v3 Basic Constraints: 493s CA:FALSE 493s Netscape Cert Type: 493s SSL Client, S/MIME 493s Netscape Comment: 493s Test Organization Intermediate CA trusted Certificate 493s X509v3 Subject Key Identifier: 493s 4A:7D:17:9C:69:DD:6E:EE:3E:B1:F1:C5:F4:E0:03:3E:46:1F:FD:6E 493s X509v3 Key Usage: critical 493s Digital Signature, Non Repudiation, Key Encipherment 493s X509v3 Extended Key Usage: 493s TLS Web Client Authentication, E-mail Protection 493s X509v3 Subject Alternative Name: 493s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 493s Certificate is to be certified until Mar 16 15:27:06 2025 GMT (365 days) 493s 493s Write out database with 1 new entries 493s Database updated 493s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001.pem 493s This certificate should not be trusted fully 493s + echo 'This certificate should not be trusted fully' 493s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001.pem 493s + local cmd=openssl 493s + shift 493s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001.pem 493s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 493s error 2 at 1 depth lookup: unable to get issuer certificate 493s error /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 493s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001.pem 493s /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001.pem: OK 493s + cat 493s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16207 493s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-16207 1024 493s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-16207 -key /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 493s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 493s Certificate Request: 493s Data: 493s Version: 1 (0x0) 493s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 493s Subject Public Key Info: 493s Public Key Algorithm: rsaEncryption 493s Public-Key: (1024 bit) 493s Modulus: 493s 00:b2:38:19:78:56:8f:2e:f3:10:6d:e6:60:db:7a: 493s d9:f6:3b:3a:a2:19:57:5d:50:cb:be:b6:55:d3:5b: 493s 00:57:24:5f:8d:39:20:9b:07:0f:cd:a7:07:24:fe: 493s e0:23:bd:e1:41:92:b2:fb:d6:fe:28:40:65:97:7d: 493s 06:3c:85:de:47:13:72:5c:b0:24:a8:70:d5:4c:2a: 493s fc:dc:fe:ac:71:c7:8a:25:c9:a9:71:fa:dc:c4:36: 493s 7e:71:3c:9e:82:82:a7:bb:44:28:59:70:fc:44:86: 493s ef:3b:bc:22:3e:b3:ba:9f:32:ab:54:b3:85:6b:26: 493s a8:cd:e3:08:b0:be:ae:22:df 493s Exponent: 65537 (0x10001) 493s Attributes: 493s Requested Extensions: 493s X509v3 Basic Constraints: 493s CA:FALSE 493s Netscape Cert Type: 493s SSL Client, S/MIME 493s Netscape Comment: 493s Test Organization Sub Intermediate CA trusted Certificate 493s X509v3 Subject Key Identifier: 493s 96:D2:48:CB:F3:C6:3E:CC:3A:C2:C4:72:04:30:55:4A:0A:E8:CB:81 493s X509v3 Key Usage: critical 493s Digital Signature, Non Repudiation, Key Encipherment 493s X509v3 Extended Key Usage: 493s TLS Web Client Authentication, E-mail Protection 493s X509v3 Subject Alternative Name: 493s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 493s Signature Algorithm: sha256WithRSAEncryption 493s Signature Value: 493s b0:4b:a3:dd:2e:f6:41:6c:1e:3e:79:cc:f6:44:42:7d:fa:a8: 493s e7:f1:5f:8e:4b:c7:50:cf:4d:c6:f3:72:f7:aa:85:a5:01:ac: 493s 51:1a:27:fb:9b:01:17:4d:e0:4b:57:34:a8:62:69:23:97:2b: 493s 23:13:94:48:f4:9a:a4:aa:61:c2:f6:af:12:f9:03:dd:1d:e2: 493s 37:ea:15:90:95:d8:5f:25:78:ac:ba:28:d2:9f:39:43:ad:9a: 493s c1:d5:53:84:98:14:d5:5d:13:be:5e:4e:ba:02:bc:3c:5e:8b: 493s 85:7e:10:f3:14:a5:d7:84:bd:da:c0:08:6e:8c:77:d3:b1:4a: 493s 3a:0a 493s + openssl ca -passin pass:random-sub-intermediate-CA-password-26835 -config /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem 493s Using configuration from /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.config 493s Check that the request matches the signature 493s Signature ok 493s Certificate Details: 493s Serial Number: 5 (0x5) 493s Validity 493s Not Before: Mar 16 15:27:06 2024 GMT 493s Not After : Mar 16 15:27:06 2025 GMT 493s Subject: 493s organizationName = Test Organization 493s organizationalUnitName = Test Organization Unit 493s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 493s X509v3 extensions: 493s X509v3 Authority Key Identifier: 493s DD:14:62:F2:BB:67:95:50:92:D5:D1:27:C8:F1:C7:EA:2E:39:AA:71 493s X509v3 Basic Constraints: 493s CA:FALSE 493s Netscape Cert Type: 493s SSL Client, S/MIME 493s Netscape Comment: 493s Test Organization Sub Intermediate CA trusted Certificate 493s X509v3 Subject Key Identifier: 493s 96:D2:48:CB:F3:C6:3E:CC:3A:C2:C4:72:04:30:55:4A:0A:E8:CB:81 493s X509v3 Key Usage: critical 493s Digital Signature, Non Repudiation, Key Encipherment 493s X509v3 Extended Key Usage: 493s TLS Web Client Authentication, E-mail Protection 493s X509v3 Subject Alternative Name: 493s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 493s Certificate is to be certified until Mar 16 15:27:06 2025 GMT (365 days) 493s 493s Write out database with 1 new entries 493s Database updated 493s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem 494s This certificate should not be trusted fully 494s + echo 'This certificate should not be trusted fully' 494s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem 494s + local cmd=openssl 494s + shift 494s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem 494s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 494s error 2 at 1 depth lookup: unable to get issuer certificate 494s error /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 494s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem 494s + local cmd=openssl 494s + shift 494s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem 494s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 494s error 20 at 0 depth lookup: unable to get local issuer certificate 494s error /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 494s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem 494s /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 494s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem 494s + local cmd=openssl 494s + shift 494s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem 494s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 494s error 20 at 0 depth lookup: unable to get local issuer certificate 494s error /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 494s Building a the full-chain CA file... 494s + echo 'Building a the full-chain CA file...' 494s + cat /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.pem 494s + cat /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem 494s + cat /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.pem 494s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 494s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 494s 494s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 494s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 494s 494s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 494s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 494s 494s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-certs-hvcmKa/test-full-chain-CA.pem 494s + openssl pkcs7 -print_certs -noout 494s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem 494s /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA.pem: OK 494s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001.pem 494s /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001.pem: OK 494s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001.pem 494s /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001.pem: OK 494s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-root-intermediate-chain-CA.pem 494s /tmp/sssd-softhsm2-certs-hvcmKa/test-root-intermediate-chain-CA.pem: OK 494s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-hvcmKa/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem 494s /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 494s + echo 'Certificates generation completed!' 494s Certificates generation completed! 494s + [[ -v NO_SSSD_TESTS ]] 494s + [[ -v GENERATE_SMART_CARDS ]] 494s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6860 494s + local certificate=/tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001.pem 494s + local key_pass=pass:random-root-ca-trusted-cert-0001-6860 494s + local key_cn 494s + local key_name 494s + local tokens_dir 494s + local output_cert_file 494s + token_name= 494s ++ basename /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001.pem .pem 494s + key_name=test-root-CA-trusted-certificate-0001 494s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001.pem 494s ++ sed -n 's/ *commonName *= //p' 494s + key_cn='Test Organization Root Trusted Certificate 0001' 494s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 494s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-root-CA-trusted-certificate-0001.conf 494s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-root-CA-trusted-certificate-0001.conf 494s ++ basename /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 494s + tokens_dir=/tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-root-CA-trusted-certificate-0001 494s + token_name='Test Organization Root Tr Token' 494s + '[' '!' -e /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 494s + local key_file 494s + local decrypted_key 494s + mkdir -p /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-root-CA-trusted-certificate-0001 494s + key_file=/tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001-key.pem 494s + decrypted_key=/tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001-key-decrypted.pem 494s + cat 494s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 123456 --so-pin 123456 --free 494s Slot 0 has a free/uninitialized token. 494s The token has been initialized and is reassigned to slot 319757658 494s + softhsm2-util --show-slots 494s Available slots: 494s Slot 319757658 494s Slot info: 494s Description: SoftHSM slot ID 0x130f1d5a 494s Manufacturer ID: SoftHSM project 494s Hardware version: 2.6 494s Firmware version: 2.6 494s Token present: yes 494s Token info: 494s Manufacturer ID: SoftHSM project 494s Model: SoftHSM v2 494s Hardware version: 2.6 494s Firmware version: 2.6 494s Serial number: 87a8b26f930f1d5a 494s Initialized: yes 494s User PIN init.: yes 494s Label: Test Organization Root Tr Token 494s Slot 1 494s Slot info: 494s Description: SoftHSM slot ID 0x1 494s Manufacturer ID: SoftHSM project 494s Hardware version: 2.6 494s Firmware version: 2.6 494s Token present: yes 494s Token info: 494s Manufacturer ID: SoftHSM project 494s Model: SoftHSM v2 494s Hardware version: 2.6 494s Firmware version: 2.6 494s Serial number: 494s Initialized: no 494s User PIN init.: no 494s Label: 494s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 494s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-6860 -in /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001-key-decrypted.pem 494s writing RSA key 494s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 494s + rm /tmp/sssd-softhsm2-certs-hvcmKa/test-root-CA-trusted-certificate-0001-key-decrypted.pem 494s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 494s Object 0: 494s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=87a8b26f930f1d5a;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 494s Type: X.509 Certificate (RSA-1024) 494s Expires: Sun Mar 16 15:27:06 2025 494s Label: Test Organization Root Trusted Certificate 0001 494s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 494s 494s + echo 'Test Organization Root Tr Token' 494s Test Organization Root Tr Token 494s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-29691 494s + local certificate=/tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001.pem 494s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-29691 494s + local key_cn 494s + local key_name 494s + local tokens_dir 494s + local output_cert_file 494s + token_name= 494s ++ basename /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001.pem .pem 494s + key_name=test-intermediate-CA-trusted-certificate-0001 494s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001.pem 494s ++ sed -n 's/ *commonName *= //p' 494s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 494s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 494s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 494s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 494s ++ basename /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 494s + tokens_dir=/tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-intermediate-CA-trusted-certificate-0001 494s + token_name='Test Organization Interme Token' 494s + '[' '!' -e /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 494s + local key_file 494s + local decrypted_key 494s + mkdir -p /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-intermediate-CA-trusted-certificate-0001 494s + key_file=/tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001-key.pem 494s + decrypted_key=/tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 494s + cat 494s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 123456 --so-pin 123456 --free 494s Slot 0 has a free/uninitialized token. 494s The token has been initialized and is reassigned to slot 1430702945 494s + softhsm2-util --show-slots 494s Available slots: 494s Slot 1430702945 494s Slot info: 494s Description: SoftHSM slot ID 0x5546cb61 494s Manufacturer ID: SoftHSM project 494s Hardware version: 2.6 494s Firmware version: 2.6 494s Token present: yes 494s Token info: 494s Manufacturer ID: SoftHSM project 494s Model: SoftHSM v2 494s Hardware version: 2.6 494s Firmware version: 2.6 494s Serial number: 0c9c9f25d546cb61 494s Initialized: yes 494s User PIN init.: yes 494s Label: Test Organization Interme Token 494s Slot 1 494s Slot info: 494s Description: SoftHSM slot ID 0x1 494s Manufacturer ID: SoftHSM project 494s Hardware version: 2.6 494s Firmware version: 2.6 494s Token present: yes 494s Token info: 494s Manufacturer ID: SoftHSM project 494s Model: SoftHSM v2 494s Hardware version: 2.6 494s Firmware version: 2.6 494s Serial number: 494s Initialized: no 494s User PIN init.: no 494s Label: 494s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 494s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-29691 -in /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 494s writing RSA key 494s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 494s + rm /tmp/sssd-softhsm2-certs-hvcmKa/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 494s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 494s Object 0: 494s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=0c9c9f25d546cb61;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 494s Type: X.509 Certificate (RSA-1024) 494s Expires: Sun Mar 16 15:27:06 2025 494s Label: Test Organization Intermediate Trusted Certificate 0001 494s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 494s 494s Test Organization Interme Token 494s + echo 'Test Organization Interme Token' 494s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-16207 494s + local certificate=/tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem 494s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-16207 494s + local key_cn 494s + local key_name 494s + local tokens_dir 494s + local output_cert_file 494s + token_name= 494s ++ basename /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 494s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 494s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem 494s ++ sed -n 's/ *commonName *= //p' 494s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 494s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 494s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 494s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 494s ++ basename /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 494s + tokens_dir=/tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 494s + token_name='Test Organization Sub Int Token' 494s + '[' '!' -e /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 494s + local key_file 494s + local decrypted_key 494s + mkdir -p /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 494s + key_file=/tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 494s + decrypted_key=/tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 494s + cat 494s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 123456 --so-pin 123456 --free 494s Slot 0 has a free/uninitialized token. 494s The token has been initialized and is reassigned to slot 672053351 494s + softhsm2-util --show-slots 494s Available slots: 494s Slot 672053351 494s Slot info: 494s Description: SoftHSM slot ID 0x280eb867 494s Manufacturer ID: SoftHSM project 494s Hardware version: 2.6 494s Firmware version: 2.6 494s Token present: yes 494s Token info: 494s Manufacturer ID: SoftHSM project 494s Model: SoftHSM v2 494s Hardware version: 2.6 494s Firmware version: 2.6 494s Serial number: 14e3b094280eb867 494s Initialized: yes 494s User PIN init.: yes 494s Label: Test Organization Sub Int Token 494s Slot 1 494s Slot info: 494s Description: SoftHSM slot ID 0x1 494s Manufacturer ID: SoftHSM project 494s Hardware version: 2.6 494s Firmware version: 2.6 494s Token present: yes 494s Token info: 494s Manufacturer ID: SoftHSM project 494s Model: SoftHSM v2 494s Hardware version: 2.6 494s Firmware version: 2.6 494s Serial number: 494s Initialized: no 494s User PIN init.: no 494s Label: 494s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 494s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-16207 -in /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 494s writing RSA key 494s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 494s + rm /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 494s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 494s Object 0: 494s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=14e3b094280eb867;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 494s Type: X.509 Certificate (RSA-1024) 494s Expires: Sun Mar 16 15:27:06 2025 494s Label: Test Organization Sub Intermediate Trusted Certificate 0001 494s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 494s 494s Test Organization Sub Int Token 494s + echo 'Test Organization Sub Int Token' 494s + echo 'Certificates generation completed!' 494s Certificates generation completed! 494s + exit 0 494s + find /tmp/sssd-softhsm2-certs-hvcmKa -type d -exec chmod 777 '{}' ';' 494s + find /tmp/sssd-softhsm2-certs-hvcmKa -type f -exec chmod 666 '{}' ';' 494s + backup_file /etc/sssd/sssd.conf 494s + '[' -z '' ']' 494s ++ mktemp -d -t sssd-softhsm2-backups-XXXXXX 494s + backupsdir=/tmp/sssd-softhsm2-backups-08Kz7E 494s + '[' -e /etc/sssd/sssd.conf ']' 494s + delete_paths+=("$1") 494s + rm -f /etc/sssd/sssd.conf 494s ++ runuser -u ubuntu -- sh -c 'echo ~' 494s + user_home=/home/ubuntu 494s + mkdir -p /home/ubuntu 494s + chown ubuntu:ubuntu /home/ubuntu 494s ++ runuser -u ubuntu -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}' 494s + user_config=/home/ubuntu/.config 494s + system_config=/etc 494s + softhsm2_conf_paths=("${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf" "root:$system_config/softhsm/softhsm2.conf") 494s + for path_pair in "${softhsm2_conf_paths[@]}" 494s + IFS=: 494s + read -r -a path 494s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 494s + backup_file /home/ubuntu/.config/softhsm2/softhsm2.conf 494s + '[' -z /tmp/sssd-softhsm2-backups-08Kz7E ']' 494s + '[' -e /home/ubuntu/.config/softhsm2/softhsm2.conf ']' 494s + delete_paths+=("$1") 494s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 494s + for path_pair in "${softhsm2_conf_paths[@]}" 494s + IFS=: 494s + read -r -a path 494s + path=/etc/softhsm/softhsm2.conf 494s + backup_file /etc/softhsm/softhsm2.conf 494s + '[' -z /tmp/sssd-softhsm2-backups-08Kz7E ']' 494s + '[' -e /etc/softhsm/softhsm2.conf ']' 494s ++ dirname /etc/softhsm/softhsm2.conf 494s + local back_dir=/tmp/sssd-softhsm2-backups-08Kz7E//etc/softhsm 494s ++ basename /etc/softhsm/softhsm2.conf 494s + local back_path=/tmp/sssd-softhsm2-backups-08Kz7E//etc/softhsm/softhsm2.conf 494s + '[' '!' -e /tmp/sssd-softhsm2-backups-08Kz7E//etc/softhsm/softhsm2.conf ']' 494s + mkdir -p /tmp/sssd-softhsm2-backups-08Kz7E//etc/softhsm 494s + cp -a /etc/softhsm/softhsm2.conf /tmp/sssd-softhsm2-backups-08Kz7E//etc/softhsm/softhsm2.conf 494s + restore_paths+=("$back_path") 494s + rm -f /etc/softhsm/softhsm2.conf 494s + test_authentication login /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-root-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-hvcmKa/test-full-chain-CA.pem 494s + pam_service=login 494s + certificate_config=/tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-root-CA-trusted-certificate-0001.conf 494s + ca_db=/tmp/sssd-softhsm2-certs-hvcmKa/test-full-chain-CA.pem 494s + verification_options= 494s + mkdir -p -m 700 /etc/sssd 494s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-hvcmKa/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 494s Using CA DB '/tmp/sssd-softhsm2-certs-hvcmKa/test-full-chain-CA.pem' with verification options: '' 494s + cat 494s + chmod 600 /etc/sssd/sssd.conf 494s + for path_pair in "${softhsm2_conf_paths[@]}" 494s + IFS=: 494s + read -r -a path 494s + user=ubuntu 494s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 494s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 494s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 494s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-root-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 494s + runuser -u ubuntu -- softhsm2-util --show-slots 494s + grep 'Test Organization' 494s Label: Test Organization Root Tr Token 494s + for path_pair in "${softhsm2_conf_paths[@]}" 494s + IFS=: 494s + read -r -a path 494s + user=root 494s + path=/etc/softhsm/softhsm2.conf 494s ++ dirname /etc/softhsm/softhsm2.conf 494s + runuser -u root -- mkdir -p /etc/softhsm 494s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-root-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 494s + runuser -u root -- softhsm2-util --show-slots 494s + grep 'Test Organization' 494s Label: Test Organization Root Tr Token 494s + systemctl restart sssd 494s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 494s + for alternative in "${alternative_pam_configs[@]}" 494s + pam-auth-update --enable sss-smart-card-optional 494s + cat /etc/pam.d/common-auth 494s # 494s # /etc/pam.d/common-auth - authentication settings common to all services 494s # 494s # This file is included from other service-specific PAM config files, 494s # and should contain a list of the authentication modules that define 494s # the central authentication scheme for use on the system 494s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 494s # traditional Unix authentication mechanisms. 494s # 494s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 494s # To take advantage of this, it is recommended that you configure any 494s # local modules either before or after the default block, and use 494s # pam-auth-update to manage selection of other modules. See 494s # pam-auth-update(8) for details. 494s 494s # here are the per-package modules (the "Primary" block) 494s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 494s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 494s auth [success=1 default=ignore] pam_sss.so use_first_pass 494s # here's the fallback if no module succeeds 494s auth requisite pam_deny.so 494s # prime the stack with a positive return value if there isn't one already; 494s # this avoids us returning an error just because nothing sets a success code 494s # since the modules above will each just jump around 494s auth required pam_permit.so 494s # and here are more per-package modules (the "Additional" block) 494s auth optional pam_cap.so 494s # end of pam-auth-update config 494s + echo -n -e 123456 494s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 494s pamtester: invoking pam_start(login, ubuntu, ...) 494s pamtester: performing operation - authenticate 495s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 495s + echo -n -e 123456 495s + runuser -u ubuntu -- pamtester -v login '' authenticate 495s pamtester: invoking pam_start(login, , ...) 495s pamtester: performing operation - authenticate 495s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 495s + echo -n -e wrong123456 495s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 495s pamtester: invoking pam_start(login, ubuntu, ...) 495s pamtester: performing operation - authenticate 498s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 498s + echo -n -e wrong123456 498s + runuser -u ubuntu -- pamtester -v login '' authenticate 498s pamtester: invoking pam_start(login, , ...) 498s pamtester: performing operation - authenticate 501s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 501s + echo -n -e 123456 501s + pamtester -v login root authenticate 501s pamtester: invoking pam_start(login, root, ...) 501s pamtester: performing operation - authenticate 504s Password: pamtester: Authentication failure 504s + for alternative in "${alternative_pam_configs[@]}" 504s + pam-auth-update --enable sss-smart-card-required 504s PAM configuration 504s ----------------- 504s 504s Incompatible PAM profiles selected. 504s 504s The following PAM profiles cannot be used together: 504s 504s SSS required smart card authentication, SSS optional smart card 504s authentication 504s 504s Please select a different set of modules to enable. 504s 504s + cat /etc/pam.d/common-auth 504s # 504s # /etc/pam.d/common-auth - authentication settings common to all services 504s # 504s # This file is included from other service-specific PAM config files, 504s # and should contain a list of the authentication modules that define 504s # the central authentication scheme for use on the system 504s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 504s # traditional Unix authentication mechanisms. 504s # 504s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 504s # To take advantage of this, it is recommended that you configure any 504s # local modules either before or after the default block, and use 504s # pam-auth-update to manage selection of other modules. See 504s # pam-auth-update(8) for details. 504s 504s # here are the per-package modules (the "Primary" block) 504s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 504s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 504s auth [success=1 default=ignore] pam_sss.so use_first_pass 504s # here's the fallback if no module succeeds 504s auth requisite pam_deny.so 504s # prime the stack with a positive return value if there isn't one already; 504s # this avoids us returning an error just because nothing sets a success code 504s # since the modules above will each just jump around 504s auth required pam_permit.so 504s # and here are more per-package modules (the "Additional" block) 504s auth optional pam_cap.so 504s # end of pam-auth-update config 504s + echo -n -e 123456 504s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 504s pamtester: invoking pam_start(login, ubuntu, ...) 504s pamtester: performing operation - authenticate 504s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 504s + echo -n -e 123456 504s + runuser -u ubuntu -- pamtester -v login '' authenticate 504s pamtester: invoking pam_start(login, , ...) 504s pamtester: performing operation - authenticate 504s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 504s + echo -n -e wrong123456 504s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 504s pamtester: invoking pam_start(login, ubuntu, ...) 504s pamtester: performing operation - authenticate 508s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 508s + echo -n -e wrong123456 508s + runuser -u ubuntu -- pamtester -v login '' authenticate 508s pamtester: invoking pam_start(login, , ...) 508s pamtester: performing operation - authenticate 512s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 512s + echo -n -e 123456 512s + pamtester -v login root authenticate 512s pamtester: invoking pam_start(login, root, ...) 512s pamtester: performing operation - authenticate 515s pamtester: Authentication service cannot retrieve authentication info 515s + test_authentication login /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-hvcmKa/test-full-chain-CA.pem 515s + pam_service=login 515s + certificate_config=/tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 515s + ca_db=/tmp/sssd-softhsm2-certs-hvcmKa/test-full-chain-CA.pem 515s + verification_options= 515s + mkdir -p -m 700 /etc/sssd 515s Using CA DB '/tmp/sssd-softhsm2-certs-hvcmKa/test-full-chain-CA.pem' with verification options: '' 515s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-hvcmKa/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 515s + cat 515s + chmod 600 /etc/sssd/sssd.conf 515s + for path_pair in "${softhsm2_conf_paths[@]}" 515s + IFS=: 515s + read -r -a path 515s + user=ubuntu 515s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 515s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 515s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 515s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 515s + runuser -u ubuntu -- softhsm2-util --show-slots 515s + grep 'Test Organization' 515s + for path_pair in "${softhsm2_conf_paths[@]}" 515s + IFS=: 515s + read -r -a path 515s + user=root 515s + path=/etc/softhsm/softhsm2.conf 515s ++ dirname /etc/softhsm/softhsm2.conf 515s + runuser -u root -- mkdir -p /etc/softhsm 515s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 515s + runuser -u root -- softhsm2-util --show-slots 515s + grep 'Test Organization' 515s + systemctl restart sssd 515s Label: Test Organization Sub Int Token 515s Label: Test Organization Sub Int Token 515s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 515s + for alternative in "${alternative_pam_configs[@]}" 515s + pam-auth-update --enable sss-smart-card-optional 516s + cat /etc/pam.d/common-auth 516s # 516s # /etc/pam.d/common-auth - authentication settings common to all services 516s # 516s # This file is included from other service-specific PAM config files, 516s # and should contain a list of the authentication modules that define 516s # the central authentication scheme for use on the system 516s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 516s # traditional Unix authentication mechanisms. 516s # 516s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 516s # To take advantage of this, it is recommended that you configure any 516s # local modules either before or after the default block, and use 516s # pam-auth-update to manage selection of other modules. See 516s # pam-auth-update(8) for details. 516s 516s # here are the per-package modules (the "Primary" block) 516s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 516s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 516s auth [success=1 default=ignore] pam_sss.so use_first_pass 516s # here's the fallback if no module succeeds 516s auth requisite pam_deny.so 516s # prime the stack with a positive return value if there isn't one already; 516s # this avoids us returning an error just because nothing sets a success code 516s # since the modules above will each just jump around 516s auth required pam_permit.so 516s # and here are more per-package modules (the "Additional" block) 516s auth optional pam_cap.so 516s # end of pam-auth-update config 516s + echo -n -e 123456 516s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 516s pamtester: invoking pam_start(login, ubuntu, ...) 516s pamtester: performing operation - authenticate 516s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 516s + echo -n -e 123456 516s + runuser -u ubuntu -- pamtester -v login '' authenticate 516s pamtester: invoking pam_start(login, , ...) 516s pamtester: performing operation - authenticate 516s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 516s + echo -n -e wrong123456 516s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 516s pamtester: invoking pam_start(login, ubuntu, ...) 516s pamtester: performing operation - authenticate 519s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 519s + echo -n -e wrong123456 519s + runuser -u ubuntu -- pamtester -v login '' authenticate 519s pamtester: invoking pam_start(login, , ...) 519s pamtester: performing operation - authenticate 523s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 523s + echo -n -e 123456 523s + pamtester -v login root authenticate 523s pamtester: invoking pam_start(login, root, ...) 523s pamtester: performing operation - authenticate 526s Password: pamtester: Authentication failure 526s + for alternative in "${alternative_pam_configs[@]}" 526s + pam-auth-update --enable sss-smart-card-required 526s PAM configuration 526s ----------------- 526s 526s Incompatible PAM profiles selected. 526s 526s The following PAM profiles cannot be used together: 526s 526s SSS required smart card authentication, SSS optional smart card 526s authentication 526s 526s Please select a different set of modules to enable. 526s 526s + cat /etc/pam.d/common-auth 526s # 526s # /etc/pam.d/common-auth - authentication settings common to all services 526s # 526s # This file is included from other service-specific PAM config files, 526s # and should contain a list of the authentication modules that define 526s # the central authentication scheme for use on the system 526s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 526s # traditional Unix authentication mechanisms. 526s # 526s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 526s # To take advantage of this, it is recommended that you configure any 526s # local modules either before or after the default block, and use 526s # pam-auth-update to manage selection of other modules. See 526s # pam-auth-update(8) for details. 526s 526s # here are the per-package modules (the "Primary" block) 526s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 526s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 526s auth [success=1 default=ignore] pam_sss.so use_first_pass 526s # here's the fallback if no module succeeds 526s auth requisite pam_deny.so 526s # prime the stack with a positive return value if there isn't one already; 526s # this avoids us returning an error just because nothing sets a success code 526s # since the modules above will each just jump around 526s auth required pam_permit.so 526s # and here are more per-package modules (the "Additional" block) 526s auth optional pam_cap.so 526s # end of pam-auth-update config 526s + echo -n -e 123456 526s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 526s pamtester: invoking pam_start(login, ubuntu, ...) 526s pamtester: performing operation - authenticate 526s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 526s + echo -n -e 123456 526s + runuser -u ubuntu -- pamtester -v login '' authenticate 526s pamtester: invoking pam_start(login, , ...) 526s pamtester: performing operation - authenticate 526s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 526s + echo -n -e wrong123456 526s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 526s pamtester: invoking pam_start(login, ubuntu, ...) 526s pamtester: performing operation - authenticate 529s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 529s + echo -n -e wrong123456 529s + runuser -u ubuntu -- pamtester -v login '' authenticate 529s pamtester: invoking pam_start(login, , ...) 529s pamtester: performing operation - authenticate 532s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 532s + echo -n -e 123456 532s + pamtester -v login root authenticate 532s pamtester: invoking pam_start(login, root, ...) 532s pamtester: performing operation - authenticate 536s pamtester: Authentication service cannot retrieve authentication info 536s + test_authentication login /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.pem partial_chain 536s + pam_service=login 536s + certificate_config=/tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 536s + ca_db=/tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.pem 536s + verification_options=partial_chain 536s + mkdir -p -m 700 /etc/sssd 536s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.pem'\'' with verification options: '\''partial_chain'\''' 536s Using CA DB '/tmp/sssd-softhsm2-certs-hvcmKa/test-sub-intermediate-CA.pem' with verification options: 'partial_chain' 536s + cat 536s Label: Test Organization Sub Int Token 536s Label: Test Organization Sub Int Token 536s + chmod 600 /etc/sssd/sssd.conf 536s + for path_pair in "${softhsm2_conf_paths[@]}" 536s + IFS=: 536s + read -r -a path 536s + user=ubuntu 536s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 536s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 536s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 536s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 536s + runuser -u ubuntu -- softhsm2-util --show-slots 536s + grep 'Test Organization' 536s + for path_pair in "${softhsm2_conf_paths[@]}" 536s + IFS=: 536s + read -r -a path 536s + user=root 536s + path=/etc/softhsm/softhsm2.conf 536s ++ dirname /etc/softhsm/softhsm2.conf 536s + runuser -u root -- mkdir -p /etc/softhsm 536s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-hvcmKa/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 536s + runuser -u root -- softhsm2-util --show-slots 536s + grep 'Test Organization' 536s + systemctl restart sssd 536s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 536s + for alternative in "${alternative_pam_configs[@]}" 536s + pam-auth-update --enable sss-smart-card-optional 536s + cat /etc/pam.d/common-auth 536s # 536s # /etc/pam.d/common-auth - authentication settings common to all services 536s # 536s # This file is included from other service-specific PAM config files, 536s # and should contain a list of the authentication modules that define 536s # the central authentication scheme for use on the system 536s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 536s # traditional Unix authentication mechanisms. 536s # 536s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 536s # To take advantage of this, it is recommended that you configure any 536s # local modules either before or after the default block, and use 536s # pam-auth-update to manage selection of other modules. See 536s # pam-auth-update(8) for details. 536s 536s # here are the per-package modules (the "Primary" block) 536s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 536s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 536s auth [success=1 default=ignore] pam_sss.so use_first_pass 536s # here's the fallback if no module succeeds 536s auth requisite pam_deny.so 536s # prime the stack with a positive return value if there isn't one already; 536s # this avoids us returning an error just because nothing sets a success code 536s # since the modules above will each just jump around 536s auth required pam_permit.so 536s # and here are more per-package modules (the "Additional" block) 536s auth optional pam_cap.so 536s # end of pam-auth-update config 536s + echo -n -e 123456 536s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 536s pamtester: invoking pam_start(login, ubuntu, ...) 536s pamtester: performing operation - authenticate 536s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 536s + echo -n -e 123456 536s + runuser -u ubuntu -- pamtester -v login '' authenticate 536s pamtester: invoking pam_start(login, , ...) 536s pamtester: performing operation - authenticate 536s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 536s + echo -n -e wrong123456 536s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 536s pamtester: invoking pam_start(login, ubuntu, ...) 536s pamtester: performing operation - authenticate 539s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 539s + echo -n -e wrong123456 539s + runuser -u ubuntu -- pamtester -v login '' authenticate 539s pamtester: invoking pam_start(login, , ...) 539s pamtester: performing operation - authenticate 543s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 543s + echo -n -e 123456 543s + pamtester -v login root authenticate 543s pamtester: invoking pam_start(login, root, ...) 543s pamtester: performing operation - authenticate 547s Password: pamtester: Authentication failure 547s + for alternative in "${alternative_pam_configs[@]}" 547s + pam-auth-update --enable sss-smart-card-required 547s PAM configuration 547s ----------------- 547s 547s Incompatible PAM profiles selected. 547s 547s The following PAM profiles cannot be used together: 547s 547s SSS required smart card authentication, SSS optional smart card 547s authentication 547s 547s Please select a different set of modules to enable. 547s 547s + cat /etc/pam.d/common-auth 547s # 547s # /etc/pam.d/common-auth - authentication settings common to all services 547s # 547s # This file is included from other service-specific PAM config files, 547s # and should contain a list of the authentication modules that define 547s # the central authentication scheme for use on the system 547s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 547s # traditional Unix authentication mechanisms. 547s # 547s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 547s # To take advantage of this, it is recommended that you configure any 547s # local modules either before or after the default block, and use 547s # pam-auth-update to manage selection of other modules. See 547s # pam-auth-update(8) for details. 547s 547s # here are the per-package modules (the "Primary" block) 547s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 547s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 547s auth [success=1 default=ignore] pam_sss.so use_first_pass 547s # here's the fallback if no module succeeds 547s auth requisite pam_deny.so 547s # prime the stack with a positive return value if there isn't one already; 547s # this avoids us returning an error just because nothing sets a success code 547s # since the modules above will each just jump around 547s auth required pam_permit.so 547s # and here are more per-package modules (the "Additional" block) 547s auth optional pam_cap.so 547s # end of pam-auth-update config 547s + echo -n -e 123456 547s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 547s pamtester: invoking pam_start(login, ubuntu, ...) 547s pamtester: performing operation - authenticate 547s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 547s + echo -n -e 123456 547s + runuser -u ubuntu -- pamtester -v login '' authenticate 547s pamtester: invoking pam_start(login, , ...) 547s pamtester: performing operation - authenticate 547s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 547s + echo -n -e wrong123456 547s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 547s pamtester: invoking pam_start(login, ubuntu, ...) 547s pamtester: performing operation - authenticate 549s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 549s + echo -n -e wrong123456 549s + runuser -u ubuntu -- pamtester -v login '' authenticate 549s pamtester: invoking pam_start(login, , ...) 549s pamtester: performing operation - authenticate 552s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 552s + echo -n -e 123456 552s + pamtester -v login root authenticate 552s pamtester: invoking pam_start(login, root, ...) 552s pamtester: performing operation - authenticate 555s pamtester: Authentication service cannot retrieve authentication info 555s + handle_exit 555s + exit_code=0 555s + restore_changes 555s + for path in "${restore_paths[@]}" 555s + local original_path 555s ++ realpath --strip --relative-base=/tmp/sssd-softhsm2-backups-08Kz7E /tmp/sssd-softhsm2-backups-08Kz7E//etc/softhsm/softhsm2.conf 555s + original_path=/etc/softhsm/softhsm2.conf 555s + rm /etc/softhsm/softhsm2.conf 555s + mv /tmp/sssd-softhsm2-backups-08Kz7E//etc/softhsm/softhsm2.conf /etc/softhsm/softhsm2.conf 555s + for path in "${delete_paths[@]}" 555s + rm -f /etc/sssd/sssd.conf 555s + for path in "${delete_paths[@]}" 555s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 555s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 555s + '[' -e /etc/sssd/sssd.conf ']' 555s + systemctl stop sssd 555s + '[' -e /etc/softhsm/softhsm2.conf ']' 555s + chmod 600 /etc/softhsm/softhsm2.conf 555s + rm -rf /tmp/sssd-softhsm2-certs-hvcmKa 555s + '[' 0 = 0 ']' 555s + rm -rf /tmp/sssd-softhsm2-backups-08Kz7E 555s Script completed successfully! 555s + set +x 556s autopkgtest [15:28:09]: test sssd-smart-card-pam-auth-configs: -----------------------] 556s autopkgtest [15:28:09]: test sssd-smart-card-pam-auth-configs: - - - - - - - - - - results - - - - - - - - - - 556s sssd-smart-card-pam-auth-configs PASS 557s autopkgtest [15:28:10]: @@@@@@@@@@@@@@@@@@@@ summary 557s ldap-user-group-ldap-auth PASS 557s ldap-user-group-krb5-auth PASS 557s sssd-softhism2-certificates-tests.sh PASS 557s sssd-smart-card-pam-auth-configs PASS 575s Creating nova instance adt-noble-s390x-sssd-20240316-151853-juju-7f2275-prod-proposed-migration-environment-2 from image adt/ubuntu-noble-s390x-server-20240315.img (UUID 72478735-497c-4832-870c-30bdd7312d7f)... 575s Creating nova instance adt-noble-s390x-sssd-20240316-151853-juju-7f2275-prod-proposed-migration-environment-2 from image adt/ubuntu-noble-s390x-server-20240315.img (UUID 72478735-497c-4832-870c-30bdd7312d7f)...