0s autopkgtest [22:35:41]: starting date and time: 2024-04-08 22:35:41+0000 0s autopkgtest [22:35:41]: git checkout: 43bc6cdf gitlab-ci: do not include the salsa pipeline 0s autopkgtest [22:35:41]: host juju-7f2275-prod-proposed-migration-environment-3; command line: /home/ubuntu/autopkgtest/runner/autopkgtest --output-dir /tmp/autopkgtest-work.ph50c9_o/out --timeout-copy=6000 --setup-commands /home/ubuntu/autopkgtest-cloud/worker-config-production/setup-canonical.sh --apt-pocket=proposed=src:curl --apt-upgrade sssd --timeout-short=300 --timeout-copy=20000 --timeout-build=20000 --env=ADT_TEST_TRIGGERS=curl/8.5.0-2ubuntu10 -- ssh -s /home/ubuntu/autopkgtest/ssh-setup/nova -- --flavor autopkgtest --security-groups autopkgtest-juju-7f2275-prod-proposed-migration-environment-3@bos01-s390x-17.secgroup --name adt-noble-s390x-sssd-20240408-223541-juju-7f2275-prod-proposed-migration-environment-3-d3ba21b6-d556-4eb2-95fc-e57df7741616 --image adt/ubuntu-noble-s390x-server --keyname testbed-juju-7f2275-prod-proposed-migration-environment-3 --net-id=net_prod-proposed-migration -e TERM=linux -e ''"'"'http_proxy=http://squid.internal:3128'"'"'' -e ''"'"'https_proxy=http://squid.internal:3128'"'"'' -e ''"'"'no_proxy=127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com'"'"'' --mirror=http://us.ports.ubuntu.com/ubuntu-ports/ 116s autopkgtest [22:37:37]: testbed dpkg architecture: s390x 117s autopkgtest [22:37:38]: testbed apt version: 2.7.14build2 117s autopkgtest [22:37:38]: @@@@@@@@@@@@@@@@@@@@ test bed setup 117s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 117s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [6004 B] 117s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [831 kB] 118s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [10.6 kB] 118s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [360 kB] 118s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main s390x Packages [338 kB] 118s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main s390x c-n-f Metadata [3032 B] 118s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted s390x Packages [1192 B] 118s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted s390x c-n-f Metadata [116 B] 118s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x Packages [912 kB] 118s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x c-n-f Metadata [7292 B] 118s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse s390x Packages [5120 B] 118s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse s390x c-n-f Metadata [116 B] 119s Fetched 2591 kB in 1s (2097 kB/s) 119s Reading package lists... 122s Reading package lists... 123s Building dependency tree... 123s Reading state information... 123s Calculating upgrade... 123s The following packages will be upgraded: 123s bash curl libcurl3t64-gnutls libcurl4t64 libpython3.12-minimal 123s libpython3.12-stdlib libsasl2-2 libsasl2-modules libsasl2-modules-db 123s python3-gi python3.12 python3.12-minimal 123s 12 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 123s Need to get 8183 kB of archives. 123s After this operation, 280 kB disk space will be freed. 123s Get:1 http://ftpmaster.internal/ubuntu noble/main s390x bash s390x 5.2.21-2ubuntu4 [845 kB] 124s Get:2 http://ftpmaster.internal/ubuntu noble/main s390x python3.12 s390x 3.12.2-5ubuntu3 [644 kB] 124s Get:3 http://ftpmaster.internal/ubuntu noble/main s390x libpython3.12-stdlib s390x 3.12.2-5ubuntu3 [2066 kB] 124s Get:4 http://ftpmaster.internal/ubuntu noble/main s390x python3.12-minimal s390x 3.12.2-5ubuntu3 [2459 kB] 124s Get:5 http://ftpmaster.internal/ubuntu noble/main s390x libpython3.12-minimal s390x 3.12.2-5ubuntu3 [830 kB] 124s Get:6 http://ftpmaster.internal/ubuntu noble/main s390x python3-gi s390x 3.48.2-1 [236 kB] 124s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main s390x curl s390x 8.5.0-2ubuntu10 [227 kB] 124s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libcurl4t64 s390x 8.5.0-2ubuntu10 [363 kB] 125s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libcurl3t64-gnutls s390x 8.5.0-2ubuntu10 [356 kB] 125s Get:10 http://ftpmaster.internal/ubuntu noble/main s390x libsasl2-modules-db s390x 2.1.28+dfsg1-5ubuntu3 [21.3 kB] 125s Get:11 http://ftpmaster.internal/ubuntu noble/main s390x libsasl2-2 s390x 2.1.28+dfsg1-5ubuntu3 [57.8 kB] 125s Get:12 http://ftpmaster.internal/ubuntu noble/main s390x libsasl2-modules s390x 2.1.28+dfsg1-5ubuntu3 [76.7 kB] 125s Fetched 8183 kB in 2s (5165 kB/s) 125s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78332 files and directories currently installed.) 125s Preparing to unpack .../bash_5.2.21-2ubuntu4_s390x.deb ... 125s Unpacking bash (5.2.21-2ubuntu4) over (5.2.21-2ubuntu2) ... 125s Setting up bash (5.2.21-2ubuntu4) ... 125s update-alternatives: using /usr/share/man/man7/bash-builtins.7.gz to provide /usr/share/man/man7/builtins.7.gz (builtins.7.gz) in auto mode 125s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78332 files and directories currently installed.) 125s Preparing to unpack .../00-python3.12_3.12.2-5ubuntu3_s390x.deb ... 125s Unpacking python3.12 (3.12.2-5ubuntu3) over (3.12.2-4build4) ... 125s Preparing to unpack .../01-libpython3.12-stdlib_3.12.2-5ubuntu3_s390x.deb ... 125s Unpacking libpython3.12-stdlib:s390x (3.12.2-5ubuntu3) over (3.12.2-4build4) ... 126s Preparing to unpack .../02-python3.12-minimal_3.12.2-5ubuntu3_s390x.deb ... 126s Unpacking python3.12-minimal (3.12.2-5ubuntu3) over (3.12.2-4build4) ... 126s Preparing to unpack .../03-libpython3.12-minimal_3.12.2-5ubuntu3_s390x.deb ... 126s Unpacking libpython3.12-minimal:s390x (3.12.2-5ubuntu3) over (3.12.2-4build4) ... 126s Preparing to unpack .../04-python3-gi_3.48.2-1_s390x.deb ... 126s Unpacking python3-gi (3.48.2-1) over (3.48.1-1build1) ... 126s Preparing to unpack .../05-curl_8.5.0-2ubuntu10_s390x.deb ... 126s Unpacking curl (8.5.0-2ubuntu10) over (8.5.0-2ubuntu9) ... 126s Preparing to unpack .../06-libcurl4t64_8.5.0-2ubuntu10_s390x.deb ... 126s Unpacking libcurl4t64:s390x (8.5.0-2ubuntu10) over (8.5.0-2ubuntu9) ... 126s Preparing to unpack .../07-libcurl3t64-gnutls_8.5.0-2ubuntu10_s390x.deb ... 126s Unpacking libcurl3t64-gnutls:s390x (8.5.0-2ubuntu10) over (8.5.0-2ubuntu9) ... 126s Preparing to unpack .../08-libsasl2-modules-db_2.1.28+dfsg1-5ubuntu3_s390x.deb ... 126s Unpacking libsasl2-modules-db:s390x (2.1.28+dfsg1-5ubuntu3) over (2.1.28+dfsg1-5ubuntu2) ... 126s Preparing to unpack .../09-libsasl2-2_2.1.28+dfsg1-5ubuntu3_s390x.deb ... 126s Unpacking libsasl2-2:s390x (2.1.28+dfsg1-5ubuntu3) over (2.1.28+dfsg1-5ubuntu2) ... 126s Preparing to unpack .../10-libsasl2-modules_2.1.28+dfsg1-5ubuntu3_s390x.deb ... 126s Unpacking libsasl2-modules:s390x (2.1.28+dfsg1-5ubuntu3) over (2.1.28+dfsg1-5ubuntu2) ... 126s Setting up libcurl4t64:s390x (8.5.0-2ubuntu10) ... 126s Setting up libsasl2-modules:s390x (2.1.28+dfsg1-5ubuntu3) ... 126s Setting up libpython3.12-minimal:s390x (3.12.2-5ubuntu3) ... 126s Setting up libcurl3t64-gnutls:s390x (8.5.0-2ubuntu10) ... 126s Setting up libsasl2-modules-db:s390x (2.1.28+dfsg1-5ubuntu3) ... 126s Setting up python3-gi (3.48.2-1) ... 127s Setting up libsasl2-2:s390x (2.1.28+dfsg1-5ubuntu3) ... 127s Setting up curl (8.5.0-2ubuntu10) ... 127s Setting up python3.12-minimal (3.12.2-5ubuntu3) ... 128s Setting up libpython3.12-stdlib:s390x (3.12.2-5ubuntu3) ... 128s Setting up python3.12 (3.12.2-5ubuntu3) ... 129s Processing triggers for systemd (255.4-1ubuntu7) ... 130s Processing triggers for man-db (2.12.0-4build1) ... 130s Processing triggers for debianutils (5.17build1) ... 130s Processing triggers for install-info (7.1-3build2) ... 130s Processing triggers for libc-bin (2.39-0ubuntu8) ... 131s Reading package lists... 131s Building dependency tree... 131s Reading state information... 131s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 132s Hit:1 http://ftpmaster.internal/ubuntu noble InRelease 132s Hit:2 http://ftpmaster.internal/ubuntu noble-updates InRelease 132s Hit:3 http://ftpmaster.internal/ubuntu noble-security InRelease 132s Hit:4 http://ftpmaster.internal/ubuntu noble-proposed InRelease 134s Reading package lists... 134s Reading package lists... 134s Building dependency tree... 134s Reading state information... 135s Calculating upgrade... 135s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 135s Reading package lists... 135s Building dependency tree... 135s Reading state information... 135s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 138s autopkgtest [22:37:59]: testbed running kernel: Linux 6.8.0-22-generic #22-Ubuntu SMP Thu Apr 4 21:54:17 UTC 2024 139s autopkgtest [22:38:00]: @@@@@@@@@@@@@@@@@@@@ apt-source sssd 161s Get:1 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1.1ubuntu5 (dsc) [5056 B] 161s Get:2 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1.1ubuntu5 (tar) [7983 kB] 161s Get:3 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1.1ubuntu5 (diff) [49.1 kB] 161s gpgv: Signature made Fri Apr 5 14:55:59 2024 UTC 161s gpgv: using RSA key 8AFD08D3D1B817B2DF8982F501AC4B4083590A98 161s gpgv: Can't check signature: No public key 161s dpkg-source: warning: cannot verify inline signature for ./sssd_2.9.4-1.1ubuntu5.dsc: no acceptable signature found 162s autopkgtest [22:38:23]: testing package sssd version 2.9.4-1.1ubuntu5 163s autopkgtest [22:38:24]: build not needed 180s autopkgtest [22:38:41]: test ldap-user-group-ldap-auth: preparing testbed 183s Reading package lists... 183s Building dependency tree... 183s Reading state information... 184s Starting pkgProblemResolver with broken count: 0 184s Starting 2 pkgProblemResolver with broken count: 0 184s Done 184s The following additional packages will be installed: 184s expect ldap-utils libavahi-client3 libavahi-common-data libavahi-common3 184s libbasicobjects0t64 libc-ares2 libcollection4t64 libcrack2 libdhash1t64 184s libevent-2.1-7t64 libini-config5t64 libipa-hbac-dev libipa-hbac0t64 libjose0 184s libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo libodbc2 184s libpam-pwquality libpam-sss libpath-utils1t64 libpwquality-common 184s libpwquality1 libref-array1t64 libsmbclient0 libsss-certmap-dev 184s libsss-certmap0 libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev 184s libsss-nss-idmap0 libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0t64 184s libverto-libevent1t64 libverto1t64 libwbclient0 python3-libipa-hbac 184s python3-libsss-nss-idmap python3-sss samba-libs slapd sssd sssd-ad 184s sssd-ad-common sssd-common sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 184s sssd-krb5-common sssd-ldap sssd-passkey sssd-proxy sssd-tools tcl-expect 184s tcl8.6 184s Suggested packages: 184s tk8.6 libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal 184s odbc-postgresql tdsodbc adcli libsasl2-modules-ldap tcl-tclreadline 184s Recommended packages: 184s cracklib-runtime libsasl2-modules-gssapi-mit 184s | libsasl2-modules-gssapi-heimdal 184s The following NEW packages will be installed: 184s autopkgtest-satdep expect ldap-utils libavahi-client3 libavahi-common-data 184s libavahi-common3 libbasicobjects0t64 libc-ares2 libcollection4t64 libcrack2 184s libdhash1t64 libevent-2.1-7t64 libini-config5t64 libipa-hbac-dev 184s libipa-hbac0t64 libjose0 libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss 184s libnss-sudo libodbc2 libpam-pwquality libpam-sss libpath-utils1t64 184s libpwquality-common libpwquality1 libref-array1t64 libsmbclient0 184s libsss-certmap-dev libsss-certmap0 libsss-idmap-dev libsss-idmap0 184s libsss-nss-idmap-dev libsss-nss-idmap0 libsss-sudo libtalloc2 libtcl8.6 184s libtdb1 libtevent0t64 libverto-libevent1t64 libverto1t64 libwbclient0 184s python3-libipa-hbac python3-libsss-nss-idmap python3-sss samba-libs slapd 184s sssd sssd-ad sssd-ad-common sssd-common sssd-dbus sssd-idp sssd-ipa sssd-kcm 184s sssd-krb5 sssd-krb5-common sssd-ldap sssd-passkey sssd-proxy sssd-tools 184s tcl-expect tcl8.6 184s 0 upgraded, 65 newly installed, 0 to remove and 0 not upgraded. 184s Need to get 13.0 MB/13.0 MB of archives. 184s After this operation, 50.2 MB of additional disk space will be used. 184s Get:1 /tmp/autopkgtest.hxZKH5/1-autopkgtest-satdep.deb autopkgtest-satdep s390x 0 [872 B] 184s Get:2 http://ftpmaster.internal/ubuntu noble/main s390x libltdl7 s390x 2.4.7-7 [41.6 kB] 185s Get:3 http://ftpmaster.internal/ubuntu noble/main s390x libodbc2 s390x 2.3.12-1build2 [164 kB] 185s Get:4 http://ftpmaster.internal/ubuntu noble/main s390x slapd s390x 2.6.7+dfsg-1~exp1ubuntu8 [1617 kB] 185s Get:5 http://ftpmaster.internal/ubuntu noble/main s390x libtcl8.6 s390x 8.6.14+dfsg-1build1 [1038 kB] 185s Get:6 http://ftpmaster.internal/ubuntu noble/main s390x tcl8.6 s390x 8.6.14+dfsg-1build1 [14.7 kB] 185s Get:7 http://ftpmaster.internal/ubuntu noble/universe s390x tcl-expect s390x 5.45.4-2build1 [99.7 kB] 185s Get:8 http://ftpmaster.internal/ubuntu noble/universe s390x expect s390x 5.45.4-2build1 [137 kB] 185s Get:9 http://ftpmaster.internal/ubuntu noble/main s390x ldap-utils s390x 2.6.7+dfsg-1~exp1ubuntu8 [165 kB] 185s Get:10 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-common-data s390x 0.8-13ubuntu5 [29.6 kB] 185s Get:11 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-common3 s390x 0.8-13ubuntu5 [24.1 kB] 185s Get:12 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-client3 s390x 0.8-13ubuntu5 [27.2 kB] 185s Get:13 http://ftpmaster.internal/ubuntu noble/main s390x libbasicobjects0t64 s390x 0.6.2-2.1build1 [5838 B] 185s Get:14 http://ftpmaster.internal/ubuntu noble/main s390x libcollection4t64 s390x 0.6.2-2.1build1 [23.9 kB] 185s Get:15 http://ftpmaster.internal/ubuntu noble/main s390x libcrack2 s390x 2.9.6-5.1build2 [30.0 kB] 185s Get:16 http://ftpmaster.internal/ubuntu noble/main s390x libdhash1t64 s390x 0.6.2-2.1build1 [9126 B] 185s Get:17 http://ftpmaster.internal/ubuntu noble/main s390x libevent-2.1-7t64 s390x 2.1.12-stable-9ubuntu2 [147 kB] 185s Get:18 http://ftpmaster.internal/ubuntu noble/main s390x libpath-utils1t64 s390x 0.6.2-2.1build1 [9394 B] 185s Get:19 http://ftpmaster.internal/ubuntu noble/main s390x libref-array1t64 s390x 0.6.2-2.1build1 [7226 B] 185s Get:20 http://ftpmaster.internal/ubuntu noble/main s390x libini-config5t64 s390x 0.6.2-2.1build1 [46.6 kB] 185s Get:21 http://ftpmaster.internal/ubuntu noble/main s390x libipa-hbac0t64 s390x 2.9.4-1.1ubuntu5 [17.3 kB] 185s Get:22 http://ftpmaster.internal/ubuntu noble/universe s390x libjose0 s390x 11-3build2 [45.4 kB] 185s Get:23 http://ftpmaster.internal/ubuntu noble/main s390x libverto-libevent1t64 s390x 0.3.1-1.2ubuntu3 [6384 B] 185s Get:24 http://ftpmaster.internal/ubuntu noble/main s390x libverto1t64 s390x 0.3.1-1.2ubuntu3 [11.0 kB] 185s Get:25 http://ftpmaster.internal/ubuntu noble/main s390x libkrad0 s390x 1.20.1-6ubuntu2 [22.4 kB] 185s Get:26 http://ftpmaster.internal/ubuntu noble/main s390x libtalloc2 s390x 2.4.2-1build2 [28.4 kB] 185s Get:27 http://ftpmaster.internal/ubuntu noble/main s390x libtdb1 s390x 1.4.10-1 [49.9 kB] 185s Get:28 http://ftpmaster.internal/ubuntu noble/main s390x libtevent0t64 s390x 0.16.1-2build1 [43.4 kB] 185s Get:29 http://ftpmaster.internal/ubuntu noble/main s390x libldb2 s390x 2:2.8.0+samba4.19.5+dfsg-4ubuntu8 [192 kB] 185s Get:30 http://ftpmaster.internal/ubuntu noble/main s390x libnfsidmap1 s390x 1:2.6.4-3ubuntu4 [50.1 kB] 185s Get:31 http://ftpmaster.internal/ubuntu noble/universe s390x libnss-sudo all 1.9.15p5-3ubuntu4 [15.1 kB] 185s Get:32 http://ftpmaster.internal/ubuntu noble/main s390x libpwquality-common all 1.4.5-3 [7658 B] 186s Get:33 http://ftpmaster.internal/ubuntu noble/main s390x libpwquality1 s390x 1.4.5-3 [14.7 kB] 186s Get:34 http://ftpmaster.internal/ubuntu noble/main s390x libpam-pwquality s390x 1.4.5-3 [11.6 kB] 186s Get:35 http://ftpmaster.internal/ubuntu noble/main s390x libwbclient0 s390x 2:4.19.5+dfsg-4ubuntu8 [71.3 kB] 186s Get:36 http://ftpmaster.internal/ubuntu noble/main s390x samba-libs s390x 2:4.19.5+dfsg-4ubuntu8 [6231 kB] 186s Get:37 http://ftpmaster.internal/ubuntu noble/main s390x libsmbclient0 s390x 2:4.19.5+dfsg-4ubuntu8 [65.0 kB] 186s Get:38 http://ftpmaster.internal/ubuntu noble/main s390x libnss-sss s390x 2.9.4-1.1ubuntu5 [33.0 kB] 186s Get:39 http://ftpmaster.internal/ubuntu noble/main s390x libpam-sss s390x 2.9.4-1.1ubuntu5 [52.3 kB] 186s Get:40 http://ftpmaster.internal/ubuntu noble/main s390x python3-sss s390x 2.9.4-1.1ubuntu5 [46.9 kB] 186s Get:41 http://ftpmaster.internal/ubuntu noble/main s390x libc-ares2 s390x 1.27.0-1 [79.2 kB] 186s Get:42 http://ftpmaster.internal/ubuntu noble/main s390x libsss-certmap0 s390x 2.9.4-1.1ubuntu5 [47.2 kB] 186s Get:43 http://ftpmaster.internal/ubuntu noble/main s390x libsss-idmap0 s390x 2.9.4-1.1ubuntu5 [22.5 kB] 186s Get:44 http://ftpmaster.internal/ubuntu noble/main s390x libsss-nss-idmap0 s390x 2.9.4-1.1ubuntu5 [31.7 kB] 186s Get:45 http://ftpmaster.internal/ubuntu noble/main s390x sssd-common s390x 2.9.4-1.1ubuntu5 [1125 kB] 186s Get:46 http://ftpmaster.internal/ubuntu noble/universe s390x sssd-idp s390x 2.9.4-1.1ubuntu5 [27.3 kB] 186s Get:47 http://ftpmaster.internal/ubuntu noble/universe s390x sssd-passkey s390x 2.9.4-1.1ubuntu5 [32.4 kB] 186s Get:48 http://ftpmaster.internal/ubuntu noble/main s390x sssd-ad-common s390x 2.9.4-1.1ubuntu5 [74.8 kB] 186s Get:49 http://ftpmaster.internal/ubuntu noble/main s390x sssd-krb5-common s390x 2.9.4-1.1ubuntu5 [90.3 kB] 186s Get:50 http://ftpmaster.internal/ubuntu noble/main s390x sssd-ad s390x 2.9.4-1.1ubuntu5 [133 kB] 186s Get:51 http://ftpmaster.internal/ubuntu noble/main s390x sssd-ipa s390x 2.9.4-1.1ubuntu5 [215 kB] 186s Get:52 http://ftpmaster.internal/ubuntu noble/main s390x sssd-krb5 s390x 2.9.4-1.1ubuntu5 [14.4 kB] 186s Get:53 http://ftpmaster.internal/ubuntu noble/main s390x sssd-ldap s390x 2.9.4-1.1ubuntu5 [31.0 kB] 186s Get:54 http://ftpmaster.internal/ubuntu noble/main s390x sssd-proxy s390x 2.9.4-1.1ubuntu5 [43.9 kB] 186s Get:55 http://ftpmaster.internal/ubuntu noble/main s390x sssd s390x 2.9.4-1.1ubuntu5 [4108 B] 186s Get:56 http://ftpmaster.internal/ubuntu noble/main s390x sssd-dbus s390x 2.9.4-1.1ubuntu5 [101 kB] 186s Get:57 http://ftpmaster.internal/ubuntu noble/universe s390x sssd-kcm s390x 2.9.4-1.1ubuntu5 [137 kB] 186s Get:58 http://ftpmaster.internal/ubuntu noble/main s390x sssd-tools s390x 2.9.4-1.1ubuntu5 [97.7 kB] 186s Get:59 http://ftpmaster.internal/ubuntu noble/main s390x libipa-hbac-dev s390x 2.9.4-1.1ubuntu5 [6662 B] 186s Get:60 http://ftpmaster.internal/ubuntu noble/main s390x libsss-certmap-dev s390x 2.9.4-1.1ubuntu5 [5720 B] 186s Get:61 http://ftpmaster.internal/ubuntu noble/main s390x libsss-idmap-dev s390x 2.9.4-1.1ubuntu5 [8362 B] 186s Get:62 http://ftpmaster.internal/ubuntu noble/main s390x libsss-nss-idmap-dev s390x 2.9.4-1.1ubuntu5 [6696 B] 186s Get:63 http://ftpmaster.internal/ubuntu noble/universe s390x libsss-sudo s390x 2.9.4-1.1ubuntu5 [21.7 kB] 186s Get:64 http://ftpmaster.internal/ubuntu noble/universe s390x python3-libipa-hbac s390x 2.9.4-1.1ubuntu5 [16.9 kB] 187s Get:65 http://ftpmaster.internal/ubuntu noble/universe s390x python3-libsss-nss-idmap s390x 2.9.4-1.1ubuntu5 [9130 B] 187s Preconfiguring packages ... 187s Fetched 13.0 MB in 2s (5833 kB/s) 187s Selecting previously unselected package libltdl7:s390x. 187s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78333 files and directories currently installed.) 187s Preparing to unpack .../00-libltdl7_2.4.7-7_s390x.deb ... 187s Unpacking libltdl7:s390x (2.4.7-7) ... 187s Selecting previously unselected package libodbc2:s390x. 187s Preparing to unpack .../01-libodbc2_2.3.12-1build2_s390x.deb ... 187s Unpacking libodbc2:s390x (2.3.12-1build2) ... 187s Selecting previously unselected package slapd. 187s Preparing to unpack .../02-slapd_2.6.7+dfsg-1~exp1ubuntu8_s390x.deb ... 188s Unpacking slapd (2.6.7+dfsg-1~exp1ubuntu8) ... 188s Selecting previously unselected package libtcl8.6:s390x. 188s Preparing to unpack .../03-libtcl8.6_8.6.14+dfsg-1build1_s390x.deb ... 188s Unpacking libtcl8.6:s390x (8.6.14+dfsg-1build1) ... 188s Selecting previously unselected package tcl8.6. 188s Preparing to unpack .../04-tcl8.6_8.6.14+dfsg-1build1_s390x.deb ... 188s Unpacking tcl8.6 (8.6.14+dfsg-1build1) ... 188s Selecting previously unselected package tcl-expect:s390x. 188s Preparing to unpack .../05-tcl-expect_5.45.4-2build1_s390x.deb ... 188s Unpacking tcl-expect:s390x (5.45.4-2build1) ... 188s Selecting previously unselected package expect. 188s Preparing to unpack .../06-expect_5.45.4-2build1_s390x.deb ... 188s Unpacking expect (5.45.4-2build1) ... 188s Selecting previously unselected package ldap-utils. 188s Preparing to unpack .../07-ldap-utils_2.6.7+dfsg-1~exp1ubuntu8_s390x.deb ... 188s Unpacking ldap-utils (2.6.7+dfsg-1~exp1ubuntu8) ... 188s Selecting previously unselected package libavahi-common-data:s390x. 188s Preparing to unpack .../08-libavahi-common-data_0.8-13ubuntu5_s390x.deb ... 188s Unpacking libavahi-common-data:s390x (0.8-13ubuntu5) ... 188s Selecting previously unselected package libavahi-common3:s390x. 188s Preparing to unpack .../09-libavahi-common3_0.8-13ubuntu5_s390x.deb ... 188s Unpacking libavahi-common3:s390x (0.8-13ubuntu5) ... 188s Selecting previously unselected package libavahi-client3:s390x. 188s Preparing to unpack .../10-libavahi-client3_0.8-13ubuntu5_s390x.deb ... 188s Unpacking libavahi-client3:s390x (0.8-13ubuntu5) ... 188s Selecting previously unselected package libbasicobjects0t64:s390x. 188s Preparing to unpack .../11-libbasicobjects0t64_0.6.2-2.1build1_s390x.deb ... 188s Unpacking libbasicobjects0t64:s390x (0.6.2-2.1build1) ... 188s Selecting previously unselected package libcollection4t64:s390x. 188s Preparing to unpack .../12-libcollection4t64_0.6.2-2.1build1_s390x.deb ... 188s Unpacking libcollection4t64:s390x (0.6.2-2.1build1) ... 188s Selecting previously unselected package libcrack2:s390x. 188s Preparing to unpack .../13-libcrack2_2.9.6-5.1build2_s390x.deb ... 188s Unpacking libcrack2:s390x (2.9.6-5.1build2) ... 188s Selecting previously unselected package libdhash1t64:s390x. 188s Preparing to unpack .../14-libdhash1t64_0.6.2-2.1build1_s390x.deb ... 188s Unpacking libdhash1t64:s390x (0.6.2-2.1build1) ... 188s Selecting previously unselected package libevent-2.1-7t64:s390x. 188s Preparing to unpack .../15-libevent-2.1-7t64_2.1.12-stable-9ubuntu2_s390x.deb ... 188s Unpacking libevent-2.1-7t64:s390x (2.1.12-stable-9ubuntu2) ... 188s Selecting previously unselected package libpath-utils1t64:s390x. 188s Preparing to unpack .../16-libpath-utils1t64_0.6.2-2.1build1_s390x.deb ... 188s Unpacking libpath-utils1t64:s390x (0.6.2-2.1build1) ... 188s Selecting previously unselected package libref-array1t64:s390x. 188s Preparing to unpack .../17-libref-array1t64_0.6.2-2.1build1_s390x.deb ... 188s Unpacking libref-array1t64:s390x (0.6.2-2.1build1) ... 188s Selecting previously unselected package libini-config5t64:s390x. 188s Preparing to unpack .../18-libini-config5t64_0.6.2-2.1build1_s390x.deb ... 188s Unpacking libini-config5t64:s390x (0.6.2-2.1build1) ... 188s Selecting previously unselected package libipa-hbac0t64. 188s Preparing to unpack .../19-libipa-hbac0t64_2.9.4-1.1ubuntu5_s390x.deb ... 188s Unpacking libipa-hbac0t64 (2.9.4-1.1ubuntu5) ... 188s Selecting previously unselected package libjose0:s390x. 188s Preparing to unpack .../20-libjose0_11-3build2_s390x.deb ... 188s Unpacking libjose0:s390x (11-3build2) ... 188s Selecting previously unselected package libverto-libevent1t64:s390x. 188s Preparing to unpack .../21-libverto-libevent1t64_0.3.1-1.2ubuntu3_s390x.deb ... 188s Unpacking libverto-libevent1t64:s390x (0.3.1-1.2ubuntu3) ... 188s Selecting previously unselected package libverto1t64:s390x. 188s Preparing to unpack .../22-libverto1t64_0.3.1-1.2ubuntu3_s390x.deb ... 188s Unpacking libverto1t64:s390x (0.3.1-1.2ubuntu3) ... 188s Selecting previously unselected package libkrad0:s390x. 188s Preparing to unpack .../23-libkrad0_1.20.1-6ubuntu2_s390x.deb ... 188s Unpacking libkrad0:s390x (1.20.1-6ubuntu2) ... 188s Selecting previously unselected package libtalloc2:s390x. 188s Preparing to unpack .../24-libtalloc2_2.4.2-1build2_s390x.deb ... 188s Unpacking libtalloc2:s390x (2.4.2-1build2) ... 188s Selecting previously unselected package libtdb1:s390x. 188s Preparing to unpack .../25-libtdb1_1.4.10-1_s390x.deb ... 188s Unpacking libtdb1:s390x (1.4.10-1) ... 188s Selecting previously unselected package libtevent0t64:s390x. 188s Preparing to unpack .../26-libtevent0t64_0.16.1-2build1_s390x.deb ... 188s Unpacking libtevent0t64:s390x (0.16.1-2build1) ... 188s Selecting previously unselected package libldb2:s390x. 188s Preparing to unpack .../27-libldb2_2%3a2.8.0+samba4.19.5+dfsg-4ubuntu8_s390x.deb ... 188s Unpacking libldb2:s390x (2:2.8.0+samba4.19.5+dfsg-4ubuntu8) ... 188s Selecting previously unselected package libnfsidmap1:s390x. 188s Preparing to unpack .../28-libnfsidmap1_1%3a2.6.4-3ubuntu4_s390x.deb ... 188s Unpacking libnfsidmap1:s390x (1:2.6.4-3ubuntu4) ... 188s Selecting previously unselected package libnss-sudo. 188s Preparing to unpack .../29-libnss-sudo_1.9.15p5-3ubuntu4_all.deb ... 188s Unpacking libnss-sudo (1.9.15p5-3ubuntu4) ... 188s Selecting previously unselected package libpwquality-common. 188s Preparing to unpack .../30-libpwquality-common_1.4.5-3_all.deb ... 188s Unpacking libpwquality-common (1.4.5-3) ... 188s Selecting previously unselected package libpwquality1:s390x. 188s Preparing to unpack .../31-libpwquality1_1.4.5-3_s390x.deb ... 188s Unpacking libpwquality1:s390x (1.4.5-3) ... 188s Selecting previously unselected package libpam-pwquality:s390x. 188s Preparing to unpack .../32-libpam-pwquality_1.4.5-3_s390x.deb ... 188s Unpacking libpam-pwquality:s390x (1.4.5-3) ... 188s Selecting previously unselected package libwbclient0:s390x. 188s Preparing to unpack .../33-libwbclient0_2%3a4.19.5+dfsg-4ubuntu8_s390x.deb ... 188s Unpacking libwbclient0:s390x (2:4.19.5+dfsg-4ubuntu8) ... 189s Selecting previously unselected package samba-libs:s390x. 189s Preparing to unpack .../34-samba-libs_2%3a4.19.5+dfsg-4ubuntu8_s390x.deb ... 189s Unpacking samba-libs:s390x (2:4.19.5+dfsg-4ubuntu8) ... 189s Selecting previously unselected package libsmbclient0:s390x. 189s Preparing to unpack .../35-libsmbclient0_2%3a4.19.5+dfsg-4ubuntu8_s390x.deb ... 189s Unpacking libsmbclient0:s390x (2:4.19.5+dfsg-4ubuntu8) ... 189s Selecting previously unselected package libnss-sss:s390x. 189s Preparing to unpack .../36-libnss-sss_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking libnss-sss:s390x (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package libpam-sss:s390x. 189s Preparing to unpack .../37-libpam-sss_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking libpam-sss:s390x (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package python3-sss. 189s Preparing to unpack .../38-python3-sss_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking python3-sss (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package libc-ares2:s390x. 189s Preparing to unpack .../39-libc-ares2_1.27.0-1_s390x.deb ... 189s Unpacking libc-ares2:s390x (1.27.0-1) ... 189s Selecting previously unselected package libsss-certmap0. 189s Preparing to unpack .../40-libsss-certmap0_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking libsss-certmap0 (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package libsss-idmap0. 189s Preparing to unpack .../41-libsss-idmap0_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking libsss-idmap0 (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package libsss-nss-idmap0. 189s Preparing to unpack .../42-libsss-nss-idmap0_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking libsss-nss-idmap0 (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package sssd-common. 189s Preparing to unpack .../43-sssd-common_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking sssd-common (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package sssd-idp. 189s Preparing to unpack .../44-sssd-idp_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking sssd-idp (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package sssd-passkey. 189s Preparing to unpack .../45-sssd-passkey_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking sssd-passkey (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package sssd-ad-common. 189s Preparing to unpack .../46-sssd-ad-common_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking sssd-ad-common (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package sssd-krb5-common. 189s Preparing to unpack .../47-sssd-krb5-common_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking sssd-krb5-common (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package sssd-ad. 189s Preparing to unpack .../48-sssd-ad_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking sssd-ad (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package sssd-ipa. 189s Preparing to unpack .../49-sssd-ipa_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking sssd-ipa (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package sssd-krb5. 189s Preparing to unpack .../50-sssd-krb5_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking sssd-krb5 (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package sssd-ldap. 189s Preparing to unpack .../51-sssd-ldap_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking sssd-ldap (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package sssd-proxy. 189s Preparing to unpack .../52-sssd-proxy_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking sssd-proxy (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package sssd. 189s Preparing to unpack .../53-sssd_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking sssd (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package sssd-dbus. 189s Preparing to unpack .../54-sssd-dbus_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking sssd-dbus (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package sssd-kcm. 189s Preparing to unpack .../55-sssd-kcm_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking sssd-kcm (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package sssd-tools. 189s Preparing to unpack .../56-sssd-tools_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking sssd-tools (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package libipa-hbac-dev. 189s Preparing to unpack .../57-libipa-hbac-dev_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking libipa-hbac-dev (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package libsss-certmap-dev. 189s Preparing to unpack .../58-libsss-certmap-dev_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking libsss-certmap-dev (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package libsss-idmap-dev. 189s Preparing to unpack .../59-libsss-idmap-dev_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking libsss-idmap-dev (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package libsss-nss-idmap-dev. 189s Preparing to unpack .../60-libsss-nss-idmap-dev_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking libsss-nss-idmap-dev (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package libsss-sudo. 189s Preparing to unpack .../61-libsss-sudo_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking libsss-sudo (2.9.4-1.1ubuntu5) ... 189s Selecting previously unselected package python3-libipa-hbac. 189s Preparing to unpack .../62-python3-libipa-hbac_2.9.4-1.1ubuntu5_s390x.deb ... 189s Unpacking python3-libipa-hbac (2.9.4-1.1ubuntu5) ... 190s Selecting previously unselected package python3-libsss-nss-idmap. 190s Preparing to unpack .../63-python3-libsss-nss-idmap_2.9.4-1.1ubuntu5_s390x.deb ... 190s Unpacking python3-libsss-nss-idmap (2.9.4-1.1ubuntu5) ... 190s Selecting previously unselected package autopkgtest-satdep. 190s Preparing to unpack .../64-1-autopkgtest-satdep.deb ... 190s Unpacking autopkgtest-satdep (0) ... 190s Setting up libpwquality-common (1.4.5-3) ... 190s Setting up libnfsidmap1:s390x (1:2.6.4-3ubuntu4) ... 190s Setting up libsss-idmap0 (2.9.4-1.1ubuntu5) ... 190s Setting up libbasicobjects0t64:s390x (0.6.2-2.1build1) ... 190s Setting up libipa-hbac0t64 (2.9.4-1.1ubuntu5) ... 190s Setting up libsss-idmap-dev (2.9.4-1.1ubuntu5) ... 190s Setting up libref-array1t64:s390x (0.6.2-2.1build1) ... 190s Setting up libipa-hbac-dev (2.9.4-1.1ubuntu5) ... 190s Setting up libtdb1:s390x (1.4.10-1) ... 190s Setting up libcollection4t64:s390x (0.6.2-2.1build1) ... 190s Setting up libevent-2.1-7t64:s390x (2.1.12-stable-9ubuntu2) ... 190s Setting up libc-ares2:s390x (1.27.0-1) ... 190s Setting up ldap-utils (2.6.7+dfsg-1~exp1ubuntu8) ... 190s Setting up libjose0:s390x (11-3build2) ... 190s Setting up libwbclient0:s390x (2:4.19.5+dfsg-4ubuntu8) ... 190s Setting up libtalloc2:s390x (2.4.2-1build2) ... 190s Setting up libpath-utils1t64:s390x (0.6.2-2.1build1) ... 190s Setting up libavahi-common-data:s390x (0.8-13ubuntu5) ... 190s Setting up libdhash1t64:s390x (0.6.2-2.1build1) ... 190s Setting up libtcl8.6:s390x (8.6.14+dfsg-1build1) ... 190s Setting up libltdl7:s390x (2.4.7-7) ... 190s Setting up libcrack2:s390x (2.9.6-5.1build2) ... 190s Setting up libodbc2:s390x (2.3.12-1build2) ... 190s Setting up python3-libipa-hbac (2.9.4-1.1ubuntu5) ... 190s Setting up libnss-sudo (1.9.15p5-3ubuntu4) ... 190s Setting up libsss-nss-idmap0 (2.9.4-1.1ubuntu5) ... 190s Setting up libini-config5t64:s390x (0.6.2-2.1build1) ... 190s Setting up libtevent0t64:s390x (0.16.1-2build1) ... 190s Setting up libnss-sss:s390x (2.9.4-1.1ubuntu5) ... 190s Setting up slapd (2.6.7+dfsg-1~exp1ubuntu8) ... 190s Creating new user openldap... done. 190s Creating initial configuration... done. 190s Creating LDAP directory... done. 191s Setting up tcl8.6 (8.6.14+dfsg-1build1) ... 191s Setting up libsss-sudo (2.9.4-1.1ubuntu5) ... 191s Setting up libsss-nss-idmap-dev (2.9.4-1.1ubuntu5) ... 191s Setting up libavahi-common3:s390x (0.8-13ubuntu5) ... 191s Setting up tcl-expect:s390x (5.45.4-2build1) ... 191s Setting up libsss-certmap0 (2.9.4-1.1ubuntu5) ... 191s Setting up libpwquality1:s390x (1.4.5-3) ... 191s Setting up python3-libsss-nss-idmap (2.9.4-1.1ubuntu5) ... 191s Setting up libldb2:s390x (2:2.8.0+samba4.19.5+dfsg-4ubuntu8) ... 191s Setting up libavahi-client3:s390x (0.8-13ubuntu5) ... 191s Setting up expect (5.45.4-2build1) ... 191s Setting up libpam-pwquality:s390x (1.4.5-3) ... 191s Setting up samba-libs:s390x (2:4.19.5+dfsg-4ubuntu8) ... 191s Setting up libsss-certmap-dev (2.9.4-1.1ubuntu5) ... 191s Setting up python3-sss (2.9.4-1.1ubuntu5) ... 191s Setting up libsmbclient0:s390x (2:4.19.5+dfsg-4ubuntu8) ... 191s Setting up libpam-sss:s390x (2.9.4-1.1ubuntu5) ... 191s Setting up sssd-common (2.9.4-1.1ubuntu5) ... 191s Creating SSSD system user & group... 191s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 191s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 191s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 191s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 192s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 192s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 193s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 193s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 193s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 193s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 194s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 194s sssd-autofs.service is a disabled or a static unit, not starting it. 194s sssd-nss.service is a disabled or a static unit, not starting it. 194s sssd-pam.service is a disabled or a static unit, not starting it. 194s sssd-ssh.service is a disabled or a static unit, not starting it. 194s sssd-sudo.service is a disabled or a static unit, not starting it. 194s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 194s Setting up sssd-proxy (2.9.4-1.1ubuntu5) ... 194s Setting up sssd-kcm (2.9.4-1.1ubuntu5) ... 194s Created symlink /etc/systemd/system/sockets.target.wants/sssd-kcm.socket → /usr/lib/systemd/system/sssd-kcm.socket. 195s sssd-kcm.service is a disabled or a static unit, not starting it. 195s Setting up sssd-dbus (2.9.4-1.1ubuntu5) ... 195s sssd-ifp.service is a disabled or a static unit, not starting it. 195s Setting up sssd-ad-common (2.9.4-1.1ubuntu5) ... 195s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 196s sssd-pac.service is a disabled or a static unit, not starting it. 196s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 196s Setting up sssd-krb5-common (2.9.4-1.1ubuntu5) ... 196s Setting up sssd-krb5 (2.9.4-1.1ubuntu5) ... 196s Setting up sssd-ldap (2.9.4-1.1ubuntu5) ... 196s Setting up sssd-ad (2.9.4-1.1ubuntu5) ... 196s Setting up sssd-tools (2.9.4-1.1ubuntu5) ... 196s Setting up sssd-ipa (2.9.4-1.1ubuntu5) ... 196s Setting up sssd (2.9.4-1.1ubuntu5) ... 196s Setting up libverto-libevent1t64:s390x (0.3.1-1.2ubuntu3) ... 196s Setting up libverto1t64:s390x (0.3.1-1.2ubuntu3) ... 196s Setting up libkrad0:s390x (1.20.1-6ubuntu2) ... 196s Setting up sssd-passkey (2.9.4-1.1ubuntu5) ... 196s Setting up sssd-idp (2.9.4-1.1ubuntu5) ... 196s Setting up autopkgtest-satdep (0) ... 196s Processing triggers for libc-bin (2.39-0ubuntu8) ... 196s Processing triggers for ufw (0.36.2-5) ... 196s Processing triggers for man-db (2.12.0-4build1) ... 197s Processing triggers for dbus (1.14.10-4ubuntu3) ... 208s (Reading database ... 79627 files and directories currently installed.) 208s Removing autopkgtest-satdep (0) ... 208s autopkgtest [22:39:09]: test ldap-user-group-ldap-auth: [----------------------- 209s + . debian/tests/util 209s + . debian/tests/common-tests 209s + mydomain=example.com 209s + myhostname=ldap.example.com 209s + mysuffix=dc=example,dc=com 209s + admin_dn=cn=admin,dc=example,dc=com 209s + admin_pw=secret 209s + ldap_user=testuser1 209s + ldap_user_pw=testuser1secret 209s + ldap_group=ldapusers 209s + adjust_hostname ldap.example.com 209s + local myhostname=ldap.example.com 209s + echo ldap.example.com 209s + hostname ldap.example.com 209s + grep -qE ldap.example.com /etc/hosts 209s + echo 127.0.1.10 ldap.example.com 209s + reconfigure_slapd 209s + debconf-set-selections 209s + rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb 209s + dpkg-reconfigure -fnoninteractive -pcritical slapd 209s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8... done. 209s Moving old database directory to /var/backups: 209s - directory unknown... done. 209s Creating initial configuration... done. 209s Creating LDAP directory... done. 210s + generate_certs ldap.example.com 210s + local cn=ldap.example.com 210s + local cert=/etc/ldap/server.pem 210s + local key=/etc/ldap/server.key 210s + local cnf=/etc/ldap/openssl.cnf 210s + cat 210s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 210s ...++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 210s ...........................................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 210s ----- 210s + chmod 0640 /etc/ldap/server.key 210s + chgrp openldap /etc/ldap/server.key 210s + [ ! -f /etc/ldap/server.pem ] 210s + [ ! -f /etc/ldap/server.key ] 210s + enable_ldap_ssl 210s + cat 210s + + cat 210s ldapmodify -H ldapi:/// -Y EXTERNAL -Q 210s + populate_ldap_rfc2307 210s + cat+ modifying entry "cn=config" 210s 210s 210s ldapadd -x -D cn=admin,dc=example,dc=com -w secret 210s + configure_sssd_ldap_rfc2307 210s + cat 210s + chmod 0600 /etc/sssd/sssd.conf 210s + systemctl restart sssd 210s adding new entry "ou=People,dc=example,dc=com" 210s 210s adding new entry "ou=Group,dc=example,dc=com" 210s 210s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 210s 210s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 210s 210s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 210s 210s + enable_pam_mkhomedir 210s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 210s + echo session optional pam_mkhomedir.so 210s + run_common_tests 210s + echo Assert local user databases do not have our LDAP test data 210s + check_local_user testuser1 210s + local local_user=testuser1 210s Assert local user databases do not have our LDAP test data 210s + grep -q ^testuser1 /etc/passwd 210s + check_local_group testuser1 210s + local local_group=testuser1 210s + grep -q ^testuser1 /etc/group 210s + check_local_group ldapusers 210s + local local_group=ldapusers 210s + grep -q ^ldapusers /etc/group 210s + echo The LDAP user is known to the system via getent 210s + check_getent_user testuser1 210s + local getent_user=testuser1 210s + local output 210s + getent passwd testuser1 210s The LDAP user is known to the system via getent 210s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 210s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ]The LDAP user's private group is known to the system via getent 210s 210s + echo The LDAP user's private group is known to the system via getent 210s + check_getent_group testuser1 210s + local getent_group=testuser1 210s + local output 210s + getent group testuser1 210s + output=testuser1:*:10001:testuser1 210s + [ -z testuser1:*:10001:testuser1 ] 210s + echo The LDAP group ldapusers is known to the system via getent 210s + check_getent_group ldapusers 210s + local getent_group=ldapusers 210s + local output 210s + getent group ldapusers 210s The LDAP group ldapusers is known to the system via getent 210s + output=ldapusers:*:10100:testuser1 210s + [ -z ldapusers:*:10100:testuser1 ] 210s + echo The id(1) command can resolve the group membership of the LDAP user 210s + id -Gn testuser1 210s The id(1) command can resolve the group membership of the LDAP user 210s + output=testuser1 ldapusers 210s + [The LDAP user can login on a terminal 210s testuser1 ldapusers != testuser1 ldapusers ] 210s + echo The LDAP user can login on a terminal 210s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1secret 210s spawn login 210s ldap.example.com login: testuser1 210s Password: 210s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-22-generic s390x) 210s 210s * Documentation: https://help.ubuntu.com 210s * Management: https://landscape.canonical.com 210s * Support: https://ubuntu.com/pro 210s 210s * Strictly confined Kubernetes makes edge and IoT secure. Learn how MicroK8s 210s just raised the bar for easy, resilient and secure K8s cluster deployment. 210s 210s https://ubuntu.com/engage/secure-kubernetes-at-the-edge 210s 210s The programs included with the Ubuntu system are free software; 210s the exact distribution terms for each program are described in the 210s individual files in /usr/share/doc/*/copyright. 210s 210s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 210s applicable law. 210s 210s 210s The programs included with the Ubuntu system are free software; 210s the exact distribution terms for each program are described in the 210s individual files in /usr/share/doc/*/copyright. 210s 210s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 210s applicable law. 210s 210s Creating directory '/home/testuser1'. 210s [?2004htestuser1@ldap:~$ id -un 210s [?2004l testuser1 211s [?2004htestuser1@ldap:~$ autopkgtest [22:39:12]: test ldap-user-group-ldap-auth: -----------------------] 211s autopkgtest [22:39:12]: test ldap-user-group-ldap-auth: - - - - - - - - - - results - - - - - - - - - - 211s ldap-user-group-ldap-auth PASS 212s autopkgtest [22:39:13]: test ldap-user-group-krb5-auth: preparing testbed 217s Reading package lists... 217s Building dependency tree... 217s Reading state information... 217s Starting pkgProblemResolver with broken count: 0 217s Starting 2 pkgProblemResolver with broken count: 0 217s Done 217s The following additional packages will be installed: 217s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4t64 217s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10t64 217s Suggested packages: 217s krb5-kdc-ldap krb5-kpropd krb5-k5tls krb5-doc 217s The following NEW packages will be installed: 217s autopkgtest-satdep krb5-admin-server krb5-config krb5-kdc krb5-user 217s libgssrpc4t64 libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10t64 217s 0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded. 217s Need to get 620 kB/621 kB of archives. 217s After this operation, 2106 kB of additional disk space will be used. 217s Get:1 /tmp/autopkgtest.hxZKH5/2-autopkgtest-satdep.deb autopkgtest-satdep s390x 0 [888 B] 218s Get:2 http://ftpmaster.internal/ubuntu noble/main s390x krb5-config all 2.7 [22.0 kB] 218s Get:3 http://ftpmaster.internal/ubuntu noble/main s390x libgssrpc4t64 s390x 1.20.1-6ubuntu2 [60.5 kB] 218s Get:4 http://ftpmaster.internal/ubuntu noble/main s390x libkadm5clnt-mit12 s390x 1.20.1-6ubuntu2 [40.9 kB] 218s Get:5 http://ftpmaster.internal/ubuntu noble/main s390x libkdb5-10t64 s390x 1.20.1-6ubuntu2 [42.4 kB] 218s Get:6 http://ftpmaster.internal/ubuntu noble/main s390x libkadm5srv-mit12 s390x 1.20.1-6ubuntu2 [55.9 kB] 218s Get:7 http://ftpmaster.internal/ubuntu noble/universe s390x krb5-user s390x 1.20.1-6ubuntu2 [110 kB] 218s Get:8 http://ftpmaster.internal/ubuntu noble/universe s390x krb5-kdc s390x 1.20.1-6ubuntu2 [191 kB] 218s Get:9 http://ftpmaster.internal/ubuntu noble/universe s390x krb5-admin-server s390x 1.20.1-6ubuntu2 [96.9 kB] 219s Preconfiguring packages ... 219s Fetched 620 kB in 1s (774 kB/s) 219s Selecting previously unselected package krb5-config. 219s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 79627 files and directories currently installed.) 219s Preparing to unpack .../0-krb5-config_2.7_all.deb ... 219s Unpacking krb5-config (2.7) ... 219s Selecting previously unselected package libgssrpc4t64:s390x. 219s Preparing to unpack .../1-libgssrpc4t64_1.20.1-6ubuntu2_s390x.deb ... 219s Unpacking libgssrpc4t64:s390x (1.20.1-6ubuntu2) ... 219s Selecting previously unselected package libkadm5clnt-mit12:s390x. 219s Preparing to unpack .../2-libkadm5clnt-mit12_1.20.1-6ubuntu2_s390x.deb ... 219s Unpacking libkadm5clnt-mit12:s390x (1.20.1-6ubuntu2) ... 219s Selecting previously unselected package libkdb5-10t64:s390x. 219s Preparing to unpack .../3-libkdb5-10t64_1.20.1-6ubuntu2_s390x.deb ... 219s Unpacking libkdb5-10t64:s390x (1.20.1-6ubuntu2) ... 219s Selecting previously unselected package libkadm5srv-mit12:s390x. 219s Preparing to unpack .../4-libkadm5srv-mit12_1.20.1-6ubuntu2_s390x.deb ... 219s Unpacking libkadm5srv-mit12:s390x (1.20.1-6ubuntu2) ... 219s Selecting previously unselected package krb5-user. 219s Preparing to unpack .../5-krb5-user_1.20.1-6ubuntu2_s390x.deb ... 219s Unpacking krb5-user (1.20.1-6ubuntu2) ... 219s Selecting previously unselected package krb5-kdc. 219s Preparing to unpack .../6-krb5-kdc_1.20.1-6ubuntu2_s390x.deb ... 219s Unpacking krb5-kdc (1.20.1-6ubuntu2) ... 219s Selecting previously unselected package krb5-admin-server. 219s Preparing to unpack .../7-krb5-admin-server_1.20.1-6ubuntu2_s390x.deb ... 219s Unpacking krb5-admin-server (1.20.1-6ubuntu2) ... 219s Selecting previously unselected package autopkgtest-satdep. 219s Preparing to unpack .../8-2-autopkgtest-satdep.deb ... 219s Unpacking autopkgtest-satdep (0) ... 219s Setting up libgssrpc4t64:s390x (1.20.1-6ubuntu2) ... 219s Setting up krb5-config (2.7) ... 220s Setting up libkadm5clnt-mit12:s390x (1.20.1-6ubuntu2) ... 220s Setting up libkdb5-10t64:s390x (1.20.1-6ubuntu2) ... 220s Setting up libkadm5srv-mit12:s390x (1.20.1-6ubuntu2) ... 220s Setting up krb5-user (1.20.1-6ubuntu2) ... 220s update-alternatives: using /usr/bin/kinit.mit to provide /usr/bin/kinit (kinit) in auto mode 220s update-alternatives: using /usr/bin/klist.mit to provide /usr/bin/klist (klist) in auto mode 220s update-alternatives: using /usr/bin/kswitch.mit to provide /usr/bin/kswitch (kswitch) in auto mode 220s update-alternatives: using /usr/bin/ksu.mit to provide /usr/bin/ksu (ksu) in auto mode 220s update-alternatives: using /usr/bin/kpasswd.mit to provide /usr/bin/kpasswd (kpasswd) in auto mode 220s update-alternatives: using /usr/bin/kdestroy.mit to provide /usr/bin/kdestroy (kdestroy) in auto mode 220s update-alternatives: using /usr/bin/kadmin.mit to provide /usr/bin/kadmin (kadmin) in auto mode 220s update-alternatives: using /usr/bin/ktutil.mit to provide /usr/bin/ktutil (ktutil) in auto mode 220s Setting up krb5-kdc (1.20.1-6ubuntu2) ... 220s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-kdc.service → /usr/lib/systemd/system/krb5-kdc.service. 221s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 221s Setting up krb5-admin-server (1.20.1-6ubuntu2) ... 221s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-admin-server.service → /usr/lib/systemd/system/krb5-admin-server.service. 222s Setting up autopkgtest-satdep (0) ... 222s Processing triggers for man-db (2.12.0-4build1) ... 222s Processing triggers for libc-bin (2.39-0ubuntu8) ... 231s (Reading database ... 79722 files and directories currently installed.) 231s Removing autopkgtest-satdep (0) ... 232s autopkgtest [22:39:33]: test ldap-user-group-krb5-auth: [----------------------- 232s + . debian/tests/util 232s + . debian/tests/common-tests 232s + mydomain=example.com 232s + myhostname=ldap.example.com 232s + mysuffix=dc=example,dc=com 232s + myrealm=EXAMPLE.COM 232s + admin_dn=cn=admin,dc=example,dc=com 232s + admin_pw=secret 232s + ldap_user=testuser1 232s + ldap_user_pw=testuser1secret 232s + kerberos_principal_pw=testuser1kerberos 232s + ldap_group=ldapusers 232s + adjust_hostname ldap.example.com 232s + local myhostname=ldap.example.com 232s + echo ldap.example.com 232s + hostname ldap.example.com 232s + grep -qE ldap.example.com /etc/hosts 232s + reconfigure_slapd 232s + debconf-set-selections 232s + rm -rf /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8 /var/backups/unknown-2.6.7+dfsg-1~exp1ubuntu8-20240408-223910.ldapdb 232s + dpkg-reconfigure -fnoninteractive -pcritical slapd 232s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8... done. 232s Moving old database directory to /var/backups: 232s - directory unknown... done. 232s Creating initial configuration... done. 232s Creating LDAP directory... done. 233s + generate_certs ldap.example.com 233s + local cn=ldap.example.com 233s + local cert=/etc/ldap/server.pem 233s + local key=/etc/ldap/server.key 233s + local cnf=/etc/ldap/openssl.cnf 233s + cat 233s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 233s ...++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 233s ......++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 233s ----- 233s + chmod 0640 /etc/ldap/server.key 233s + chgrp openldap /etc/ldap/server.key 233s + [ ! -f /etc/ldap/server.pem ] 233s + [ ! -f /etc/ldap/server.key ] 233s + enable_ldap_ssl 233s + cat 233s + + cat 233s ldapmodify -H ldapi:/// -Y EXTERNAL -Q 233s + populate_ldap_rfc2307 233s + cat 233s modifying entry "cn=config" 233s 233s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 233s adding new entry "ou=People,dc=example,dc=com" 233s 233s adding new entry "ou=Group,dc=example,dc=com" 233s 233s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 233s 233s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 233s 233s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 233s 233s + create_realm EXAMPLE.COM ldap.example.com 233s + local realm_name=EXAMPLE.COM 233s + local kerberos_server=ldap.example.com 233s + rm -rf /var/lib/krb5kdc/* 233s + rm -rf /etc/krb5kdc/kdc.conf 233s + rm -f /etc/krb5.keytab 233s + cat 233s + cat 233s + echo # */admin * 233s + kdb5_util create -s -P secretpassword 233s + systemctl restart krb5-kdc.service krb5-admin-server.service 233s Initializing database '/var/lib/krb5kdc/principal' for realm 'EXAMPLE.COM', 233s master key name 'K/M@EXAMPLE.COM' 233s + create_krb_principal testuser1 testuser1kerberos 233s + local principal=testuser1 233s + local password=testuser1kerberos 233s + kadmin.local -q addprinc -pw testuser1kerberos testuser1 233s No policy specified for testuser1@EXAMPLE.COM; defaulting to no policy 233s Authenticating as principal root/admin@EXAMPLE.COM with password. 233s Principal "testuser1@EXAMPLE.COM" created. 233s + configure_sssd_ldap_rfc2307_krb5_auth 233s + cat 233s + chmod 0600 /etc/sssd/sssd.conf 233s + systemctl restart sssd 234s + enable_pam_mkhomedir 234s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 234s + run_common_tests 234s + echo Assert local user databases do not have our LDAP test data 234s + check_local_user testuser1 234s + local local_user=testuser1 234s + grep -q ^testuser1 /etc/passwd 234s Assert local user databases do not have our LDAP test data 234s + check_local_group testuser1 234s + local local_group=testuser1 234s + grep -q ^testuser1 /etc/group 234s + check_local_group ldapusers 234s + local local_group=ldapusers 234s + grep -q ^ldapusers /etc/group 234s + The LDAP user is known to the system via getent 234s The LDAP user's private group is known to the system via getent 234s echo The LDAP user is known to the system via getent 234s + check_getent_user testuser1 234s + local getent_user=testuser1 234s + local output 234s + getent passwd testuser1 234s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 234s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 234s + echo The LDAP user's private group is known to the system via getent 234s + check_getent_group testuser1 234s + local getent_group=testuser1 234s + local output 234s + getent group testuser1 234s The LDAP group ldapusers is known to the system via getent 234s + output=testuser1:*:10001:testuser1 234s + [ -z testuser1:*:10001:testuser1 ] 234s + echo The LDAP group ldapusers is known to the system via getent 234s + check_getent_group ldapusers 234s + local getent_group=ldapusers 234s + local output 234s + getent group ldapusers 234s + output=ldapusers:*:10100:testuser1 234s + [ -z ldapusers:*:10100:testuser1 ] 234s + echo The id(1) command can resolve the group membership of the LDAP user 234s The id(1) command can resolve the group membership of the LDAP user 234s + id -Gn testuser1 234s + output=testuser1 ldapusers 234s + [ testuser1 ldapusers != testuser1 ldapusers ] 234s + echo The Kerberos principal can login on a terminal 234s + kdestroyThe Kerberos principal can login on a terminal 234s 234s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1kerberos testuser1@EXAMPLE.COM 234s spawn login 234s ldap.example.com login: testuser1 234s Password: 234s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-22-generic s390x) 234s 234s * Documentation: https://help.ubuntu.com 234s * Management: https://landscape.canonical.com 234s * Support: https://ubuntu.com/pro 234s 234s * Strictly confined Kubernetes makes edge and IoT secure. Learn how MicroK8s 234s just raised the bar for easy, resilient and secure K8s cluster deployment. 234s 234s https://ubuntu.com/engage/secure-kubernetes-at-the-edge 234s 234s The programs included with the Ubuntu system are free software; 234s the exact distribution terms for each program are described in the 234s individual files in /usr/share/doc/*/copyright. 234s 234s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 234s applicable law. 234s 234s [?2004htestuser1@ldap:~$ id -un 234s [?2004l testuser1 234s [?2004htestuser1@ldap:~$ klist 234s [?2004l Ticket cache: FILE:/tmp/krb5cc_10001_gDloQV 234s Default principal: testuser1@EXAMPLE.COMautopkgtest [22:39:35]: test ldap-user-group-krb5-auth: -----------------------] 235s ldap-user-group-krb5-auth PASS 235s autopkgtest [22:39:36]: test ldap-user-group-krb5-auth: - - - - - - - - - - results - - - - - - - - - - 235s autopkgtest [22:39:36]: test sssd-softhism2-certificates-tests.sh: preparing testbed 361s autopkgtest [22:41:42]: testbed dpkg architecture: s390x 361s autopkgtest [22:41:42]: testbed apt version: 2.7.14build2 361s autopkgtest [22:41:42]: @@@@@@@@@@@@@@@@@@@@ test bed setup 361s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 362s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [10.6 kB] 362s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [360 kB] 362s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [6004 B] 362s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [831 kB] 362s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main s390x Packages [338 kB] 362s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main s390x c-n-f Metadata [3032 B] 362s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted s390x Packages [1192 B] 362s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted s390x c-n-f Metadata [116 B] 362s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x Packages [912 kB] 362s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x c-n-f Metadata [7292 B] 362s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse s390x Packages [5120 B] 362s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse s390x c-n-f Metadata [116 B] 363s Fetched 2591 kB in 1s (1905 kB/s) 364s Reading package lists... 366s Reading package lists... 367s Building dependency tree... 367s Reading state information... 367s Calculating upgrade... 367s The following packages will be upgraded: 367s bash curl libcurl3t64-gnutls libcurl4t64 libpython3.12-minimal 367s libpython3.12-stdlib libsasl2-2 libsasl2-modules libsasl2-modules-db 367s python3-gi python3.12 python3.12-minimal 367s 12 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 367s Need to get 8183 kB of archives. 367s After this operation, 280 kB disk space will be freed. 367s Get:1 http://ftpmaster.internal/ubuntu noble/main s390x bash s390x 5.2.21-2ubuntu4 [845 kB] 368s Get:2 http://ftpmaster.internal/ubuntu noble/main s390x python3.12 s390x 3.12.2-5ubuntu3 [644 kB] 368s Get:3 http://ftpmaster.internal/ubuntu noble/main s390x libpython3.12-stdlib s390x 3.12.2-5ubuntu3 [2066 kB] 369s Get:4 http://ftpmaster.internal/ubuntu noble/main s390x python3.12-minimal s390x 3.12.2-5ubuntu3 [2459 kB] 369s Get:5 http://ftpmaster.internal/ubuntu noble/main s390x libpython3.12-minimal s390x 3.12.2-5ubuntu3 [830 kB] 370s Get:6 http://ftpmaster.internal/ubuntu noble/main s390x python3-gi s390x 3.48.2-1 [236 kB] 370s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main s390x curl s390x 8.5.0-2ubuntu10 [227 kB] 370s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libcurl4t64 s390x 8.5.0-2ubuntu10 [363 kB] 370s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libcurl3t64-gnutls s390x 8.5.0-2ubuntu10 [356 kB] 370s Get:10 http://ftpmaster.internal/ubuntu noble/main s390x libsasl2-modules-db s390x 2.1.28+dfsg1-5ubuntu3 [21.3 kB] 370s Get:11 http://ftpmaster.internal/ubuntu noble/main s390x libsasl2-2 s390x 2.1.28+dfsg1-5ubuntu3 [57.8 kB] 370s Get:12 http://ftpmaster.internal/ubuntu noble/main s390x libsasl2-modules s390x 2.1.28+dfsg1-5ubuntu3 [76.7 kB] 370s Fetched 8183 kB in 3s (2880 kB/s) 370s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78332 files and directories currently installed.) 371s Preparing to unpack .../bash_5.2.21-2ubuntu4_s390x.deb ... 371s Unpacking bash (5.2.21-2ubuntu4) over (5.2.21-2ubuntu2) ... 371s Setting up bash (5.2.21-2ubuntu4) ... 371s update-alternatives: using /usr/share/man/man7/bash-builtins.7.gz to provide /usr/share/man/man7/builtins.7.gz (builtins.7.gz) in auto mode 371s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78332 files and directories currently installed.) 371s Preparing to unpack .../00-python3.12_3.12.2-5ubuntu3_s390x.deb ... 371s Unpacking python3.12 (3.12.2-5ubuntu3) over (3.12.2-4build4) ... 371s Preparing to unpack .../01-libpython3.12-stdlib_3.12.2-5ubuntu3_s390x.deb ... 371s Unpacking libpython3.12-stdlib:s390x (3.12.2-5ubuntu3) over (3.12.2-4build4) ... 371s Preparing to unpack .../02-python3.12-minimal_3.12.2-5ubuntu3_s390x.deb ... 371s Unpacking python3.12-minimal (3.12.2-5ubuntu3) over (3.12.2-4build4) ... 371s Preparing to unpack .../03-libpython3.12-minimal_3.12.2-5ubuntu3_s390x.deb ... 371s Unpacking libpython3.12-minimal:s390x (3.12.2-5ubuntu3) over (3.12.2-4build4) ... 371s Preparing to unpack .../04-python3-gi_3.48.2-1_s390x.deb ... 372s Unpacking python3-gi (3.48.2-1) over (3.48.1-1build1) ... 372s Preparing to unpack .../05-curl_8.5.0-2ubuntu10_s390x.deb ... 372s Unpacking curl (8.5.0-2ubuntu10) over (8.5.0-2ubuntu9) ... 372s Preparing to unpack .../06-libcurl4t64_8.5.0-2ubuntu10_s390x.deb ... 372s Unpacking libcurl4t64:s390x (8.5.0-2ubuntu10) over (8.5.0-2ubuntu9) ... 372s Preparing to unpack .../07-libcurl3t64-gnutls_8.5.0-2ubuntu10_s390x.deb ... 372s Unpacking libcurl3t64-gnutls:s390x (8.5.0-2ubuntu10) over (8.5.0-2ubuntu9) ... 372s Preparing to unpack .../08-libsasl2-modules-db_2.1.28+dfsg1-5ubuntu3_s390x.deb ... 372s Unpacking libsasl2-modules-db:s390x (2.1.28+dfsg1-5ubuntu3) over (2.1.28+dfsg1-5ubuntu2) ... 372s Preparing to unpack .../09-libsasl2-2_2.1.28+dfsg1-5ubuntu3_s390x.deb ... 372s Unpacking libsasl2-2:s390x (2.1.28+dfsg1-5ubuntu3) over (2.1.28+dfsg1-5ubuntu2) ... 372s Preparing to unpack .../10-libsasl2-modules_2.1.28+dfsg1-5ubuntu3_s390x.deb ... 372s Unpacking libsasl2-modules:s390x (2.1.28+dfsg1-5ubuntu3) over (2.1.28+dfsg1-5ubuntu2) ... 372s Setting up libcurl4t64:s390x (8.5.0-2ubuntu10) ... 372s Setting up libsasl2-modules:s390x (2.1.28+dfsg1-5ubuntu3) ... 372s Setting up libpython3.12-minimal:s390x (3.12.2-5ubuntu3) ... 372s Setting up libcurl3t64-gnutls:s390x (8.5.0-2ubuntu10) ... 372s Setting up libsasl2-modules-db:s390x (2.1.28+dfsg1-5ubuntu3) ... 372s Setting up python3-gi (3.48.2-1) ... 372s Setting up libsasl2-2:s390x (2.1.28+dfsg1-5ubuntu3) ... 372s Setting up curl (8.5.0-2ubuntu10) ... 372s Setting up python3.12-minimal (3.12.2-5ubuntu3) ... 373s Setting up libpython3.12-stdlib:s390x (3.12.2-5ubuntu3) ... 373s Setting up python3.12 (3.12.2-5ubuntu3) ... 375s Processing triggers for systemd (255.4-1ubuntu7) ... 375s Processing triggers for man-db (2.12.0-4build1) ... 376s Processing triggers for debianutils (5.17build1) ... 376s Processing triggers for install-info (7.1-3build2) ... 376s Processing triggers for libc-bin (2.39-0ubuntu8) ... 377s Reading package lists... 377s Building dependency tree... 377s Reading state information... 377s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 378s Hit:1 http://ftpmaster.internal/ubuntu noble InRelease 378s Hit:2 http://ftpmaster.internal/ubuntu noble-updates InRelease 378s Hit:3 http://ftpmaster.internal/ubuntu noble-security InRelease 378s Hit:4 http://ftpmaster.internal/ubuntu noble-proposed InRelease 379s Reading package lists... 379s Reading package lists... 380s Building dependency tree... 380s Reading state information... 380s Calculating upgrade... 380s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 380s Reading package lists... 381s Building dependency tree... 381s Reading state information... 381s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 387s Reading package lists... 387s Building dependency tree... 387s Reading state information... 387s Starting pkgProblemResolver with broken count: 0 388s Starting 2 pkgProblemResolver with broken count: 0 388s Done 388s The following additional packages will be installed: 388s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 388s libbasicobjects0t64 libc-ares2 libcollection4t64 libcrack2 libdhash1t64 388s libevent-2.1-7t64 libgnutls-dane0t64 libini-config5t64 libipa-hbac0t64 388s libldb2 libnfsidmap1 libnss-sss libpam-pwquality libpam-sss 388s libpath-utils1t64 libpwquality-common libpwquality1 libref-array1t64 388s libsmbclient0 libsofthsm2 libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 388s libtalloc2 libtdb1 libtevent0t64 libunbound8 libwbclient0 python3-sss 388s samba-libs softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common 388s sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy 388s Suggested packages: 388s dns-root-data adcli libsss-sudo sssd-tools libsasl2-modules-ldap 388s Recommended packages: 388s cracklib-runtime libsasl2-modules-gssapi-mit 388s | libsasl2-modules-gssapi-heimdal ldap-utils 388s The following NEW packages will be installed: 388s autopkgtest-satdep gnutls-bin libavahi-client3 libavahi-common-data 388s libavahi-common3 libbasicobjects0t64 libc-ares2 libcollection4t64 libcrack2 388s libdhash1t64 libevent-2.1-7t64 libgnutls-dane0t64 libini-config5t64 388s libipa-hbac0t64 libldb2 libnfsidmap1 libnss-sss libpam-pwquality libpam-sss 388s libpath-utils1t64 libpwquality-common libpwquality1 libref-array1t64 388s libsmbclient0 libsofthsm2 libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 388s libtalloc2 libtdb1 libtevent0t64 libunbound8 libwbclient0 python3-sss 388s samba-libs softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common 388s sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy 388s 0 upgraded, 46 newly installed, 0 to remove and 0 not upgraded. 388s Need to get 10.4 MB/10.4 MB of archives. 388s After this operation, 40.6 MB of additional disk space will be used. 388s Get:1 /tmp/autopkgtest.hxZKH5/3-autopkgtest-satdep.deb autopkgtest-satdep s390x 0 [748 B] 388s Get:2 http://ftpmaster.internal/ubuntu noble/main s390x libevent-2.1-7t64 s390x 2.1.12-stable-9ubuntu2 [147 kB] 389s Get:3 http://ftpmaster.internal/ubuntu noble/main s390x libunbound8 s390x 1.19.2-1ubuntu3 [454 kB] 389s Get:4 http://ftpmaster.internal/ubuntu noble/main s390x libgnutls-dane0t64 s390x 3.8.3-1.1ubuntu3 [23.8 kB] 389s Get:5 http://ftpmaster.internal/ubuntu noble/universe s390x gnutls-bin s390x 3.8.3-1.1ubuntu3 [284 kB] 389s Get:6 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-common-data s390x 0.8-13ubuntu5 [29.6 kB] 389s Get:7 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-common3 s390x 0.8-13ubuntu5 [24.1 kB] 389s Get:8 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-client3 s390x 0.8-13ubuntu5 [27.2 kB] 389s Get:9 http://ftpmaster.internal/ubuntu noble/main s390x libbasicobjects0t64 s390x 0.6.2-2.1build1 [5838 B] 389s Get:10 http://ftpmaster.internal/ubuntu noble/main s390x libcollection4t64 s390x 0.6.2-2.1build1 [23.9 kB] 389s Get:11 http://ftpmaster.internal/ubuntu noble/main s390x libcrack2 s390x 2.9.6-5.1build2 [30.0 kB] 389s Get:12 http://ftpmaster.internal/ubuntu noble/main s390x libdhash1t64 s390x 0.6.2-2.1build1 [9126 B] 389s Get:13 http://ftpmaster.internal/ubuntu noble/main s390x libpath-utils1t64 s390x 0.6.2-2.1build1 [9394 B] 389s Get:14 http://ftpmaster.internal/ubuntu noble/main s390x libref-array1t64 s390x 0.6.2-2.1build1 [7226 B] 389s Get:15 http://ftpmaster.internal/ubuntu noble/main s390x libini-config5t64 s390x 0.6.2-2.1build1 [46.6 kB] 389s Get:16 http://ftpmaster.internal/ubuntu noble/main s390x libipa-hbac0t64 s390x 2.9.4-1.1ubuntu5 [17.3 kB] 389s Get:17 http://ftpmaster.internal/ubuntu noble/main s390x libtalloc2 s390x 2.4.2-1build2 [28.4 kB] 389s Get:18 http://ftpmaster.internal/ubuntu noble/main s390x libtdb1 s390x 1.4.10-1 [49.9 kB] 389s Get:19 http://ftpmaster.internal/ubuntu noble/main s390x libtevent0t64 s390x 0.16.1-2build1 [43.4 kB] 389s Get:20 http://ftpmaster.internal/ubuntu noble/main s390x libldb2 s390x 2:2.8.0+samba4.19.5+dfsg-4ubuntu8 [192 kB] 389s Get:21 http://ftpmaster.internal/ubuntu noble/main s390x libnfsidmap1 s390x 1:2.6.4-3ubuntu4 [50.1 kB] 389s Get:22 http://ftpmaster.internal/ubuntu noble/main s390x libpwquality-common all 1.4.5-3 [7658 B] 389s Get:23 http://ftpmaster.internal/ubuntu noble/main s390x libpwquality1 s390x 1.4.5-3 [14.7 kB] 389s Get:24 http://ftpmaster.internal/ubuntu noble/main s390x libpam-pwquality s390x 1.4.5-3 [11.6 kB] 389s Get:25 http://ftpmaster.internal/ubuntu noble/main s390x libwbclient0 s390x 2:4.19.5+dfsg-4ubuntu8 [71.3 kB] 389s Get:26 http://ftpmaster.internal/ubuntu noble/main s390x samba-libs s390x 2:4.19.5+dfsg-4ubuntu8 [6231 kB] 391s Get:27 http://ftpmaster.internal/ubuntu noble/main s390x libsmbclient0 s390x 2:4.19.5+dfsg-4ubuntu8 [65.0 kB] 391s Get:28 http://ftpmaster.internal/ubuntu noble/universe s390x softhsm2-common s390x 2.6.1-2.2ubuntu3 [6196 B] 391s Get:29 http://ftpmaster.internal/ubuntu noble/universe s390x libsofthsm2 s390x 2.6.1-2.2ubuntu3 [267 kB] 392s Get:30 http://ftpmaster.internal/ubuntu noble/universe s390x softhsm2 s390x 2.6.1-2.2ubuntu3 [176 kB] 392s Get:31 http://ftpmaster.internal/ubuntu noble/main s390x python3-sss s390x 2.9.4-1.1ubuntu5 [46.9 kB] 392s Get:32 http://ftpmaster.internal/ubuntu noble/main s390x libsss-idmap0 s390x 2.9.4-1.1ubuntu5 [22.5 kB] 392s Get:33 http://ftpmaster.internal/ubuntu noble/main s390x libnss-sss s390x 2.9.4-1.1ubuntu5 [33.0 kB] 392s Get:34 http://ftpmaster.internal/ubuntu noble/main s390x libpam-sss s390x 2.9.4-1.1ubuntu5 [52.3 kB] 392s Get:35 http://ftpmaster.internal/ubuntu noble/main s390x libc-ares2 s390x 1.27.0-1 [79.2 kB] 392s Get:36 http://ftpmaster.internal/ubuntu noble/main s390x libsss-certmap0 s390x 2.9.4-1.1ubuntu5 [47.2 kB] 392s Get:37 http://ftpmaster.internal/ubuntu noble/main s390x libsss-nss-idmap0 s390x 2.9.4-1.1ubuntu5 [31.7 kB] 392s Get:38 http://ftpmaster.internal/ubuntu noble/main s390x sssd-common s390x 2.9.4-1.1ubuntu5 [1125 kB] 392s Get:39 http://ftpmaster.internal/ubuntu noble/main s390x sssd-ad-common s390x 2.9.4-1.1ubuntu5 [74.8 kB] 392s Get:40 http://ftpmaster.internal/ubuntu noble/main s390x sssd-krb5-common s390x 2.9.4-1.1ubuntu5 [90.3 kB] 392s Get:41 http://ftpmaster.internal/ubuntu noble/main s390x sssd-ad s390x 2.9.4-1.1ubuntu5 [133 kB] 392s Get:42 http://ftpmaster.internal/ubuntu noble/main s390x sssd-ipa s390x 2.9.4-1.1ubuntu5 [215 kB] 392s Get:43 http://ftpmaster.internal/ubuntu noble/main s390x sssd-krb5 s390x 2.9.4-1.1ubuntu5 [14.4 kB] 392s Get:44 http://ftpmaster.internal/ubuntu noble/main s390x sssd-ldap s390x 2.9.4-1.1ubuntu5 [31.0 kB] 392s Get:45 http://ftpmaster.internal/ubuntu noble/main s390x sssd-proxy s390x 2.9.4-1.1ubuntu5 [43.9 kB] 392s Get:46 http://ftpmaster.internal/ubuntu noble/main s390x sssd s390x 2.9.4-1.1ubuntu5 [4108 B] 393s Fetched 10.4 MB in 4s (2464 kB/s) 393s Selecting previously unselected package libevent-2.1-7t64:s390x. 393s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78333 files and directories currently installed.) 393s Preparing to unpack .../00-libevent-2.1-7t64_2.1.12-stable-9ubuntu2_s390x.deb ... 393s Unpacking libevent-2.1-7t64:s390x (2.1.12-stable-9ubuntu2) ... 393s Selecting previously unselected package libunbound8:s390x. 393s Preparing to unpack .../01-libunbound8_1.19.2-1ubuntu3_s390x.deb ... 393s Unpacking libunbound8:s390x (1.19.2-1ubuntu3) ... 393s Selecting previously unselected package libgnutls-dane0t64:s390x. 393s Preparing to unpack .../02-libgnutls-dane0t64_3.8.3-1.1ubuntu3_s390x.deb ... 393s Unpacking libgnutls-dane0t64:s390x (3.8.3-1.1ubuntu3) ... 393s Selecting previously unselected package gnutls-bin. 393s Preparing to unpack .../03-gnutls-bin_3.8.3-1.1ubuntu3_s390x.deb ... 393s Unpacking gnutls-bin (3.8.3-1.1ubuntu3) ... 393s Selecting previously unselected package libavahi-common-data:s390x. 393s Preparing to unpack .../04-libavahi-common-data_0.8-13ubuntu5_s390x.deb ... 393s Unpacking libavahi-common-data:s390x (0.8-13ubuntu5) ... 393s Selecting previously unselected package libavahi-common3:s390x. 393s Preparing to unpack .../05-libavahi-common3_0.8-13ubuntu5_s390x.deb ... 393s Unpacking libavahi-common3:s390x (0.8-13ubuntu5) ... 393s Selecting previously unselected package libavahi-client3:s390x. 393s Preparing to unpack .../06-libavahi-client3_0.8-13ubuntu5_s390x.deb ... 393s Unpacking libavahi-client3:s390x (0.8-13ubuntu5) ... 393s Selecting previously unselected package libbasicobjects0t64:s390x. 393s Preparing to unpack .../07-libbasicobjects0t64_0.6.2-2.1build1_s390x.deb ... 393s Unpacking libbasicobjects0t64:s390x (0.6.2-2.1build1) ... 393s Selecting previously unselected package libcollection4t64:s390x. 393s Preparing to unpack .../08-libcollection4t64_0.6.2-2.1build1_s390x.deb ... 393s Unpacking libcollection4t64:s390x (0.6.2-2.1build1) ... 393s Selecting previously unselected package libcrack2:s390x. 393s Preparing to unpack .../09-libcrack2_2.9.6-5.1build2_s390x.deb ... 393s Unpacking libcrack2:s390x (2.9.6-5.1build2) ... 393s Selecting previously unselected package libdhash1t64:s390x. 393s Preparing to unpack .../10-libdhash1t64_0.6.2-2.1build1_s390x.deb ... 393s Unpacking libdhash1t64:s390x (0.6.2-2.1build1) ... 393s Selecting previously unselected package libpath-utils1t64:s390x. 393s Preparing to unpack .../11-libpath-utils1t64_0.6.2-2.1build1_s390x.deb ... 393s Unpacking libpath-utils1t64:s390x (0.6.2-2.1build1) ... 393s Selecting previously unselected package libref-array1t64:s390x. 393s Preparing to unpack .../12-libref-array1t64_0.6.2-2.1build1_s390x.deb ... 393s Unpacking libref-array1t64:s390x (0.6.2-2.1build1) ... 393s Selecting previously unselected package libini-config5t64:s390x. 393s Preparing to unpack .../13-libini-config5t64_0.6.2-2.1build1_s390x.deb ... 393s Unpacking libini-config5t64:s390x (0.6.2-2.1build1) ... 393s Selecting previously unselected package libipa-hbac0t64. 393s Preparing to unpack .../14-libipa-hbac0t64_2.9.4-1.1ubuntu5_s390x.deb ... 393s Unpacking libipa-hbac0t64 (2.9.4-1.1ubuntu5) ... 393s Selecting previously unselected package libtalloc2:s390x. 393s Preparing to unpack .../15-libtalloc2_2.4.2-1build2_s390x.deb ... 393s Unpacking libtalloc2:s390x (2.4.2-1build2) ... 393s Selecting previously unselected package libtdb1:s390x. 393s Preparing to unpack .../16-libtdb1_1.4.10-1_s390x.deb ... 393s Unpacking libtdb1:s390x (1.4.10-1) ... 393s Selecting previously unselected package libtevent0t64:s390x. 393s Preparing to unpack .../17-libtevent0t64_0.16.1-2build1_s390x.deb ... 393s Unpacking libtevent0t64:s390x (0.16.1-2build1) ... 393s Selecting previously unselected package libldb2:s390x. 393s Preparing to unpack .../18-libldb2_2%3a2.8.0+samba4.19.5+dfsg-4ubuntu8_s390x.deb ... 393s Unpacking libldb2:s390x (2:2.8.0+samba4.19.5+dfsg-4ubuntu8) ... 393s Selecting previously unselected package libnfsidmap1:s390x. 393s Preparing to unpack .../19-libnfsidmap1_1%3a2.6.4-3ubuntu4_s390x.deb ... 393s Unpacking libnfsidmap1:s390x (1:2.6.4-3ubuntu4) ... 393s Selecting previously unselected package libpwquality-common. 393s Preparing to unpack .../20-libpwquality-common_1.4.5-3_all.deb ... 393s Unpacking libpwquality-common (1.4.5-3) ... 393s Selecting previously unselected package libpwquality1:s390x. 393s Preparing to unpack .../21-libpwquality1_1.4.5-3_s390x.deb ... 393s Unpacking libpwquality1:s390x (1.4.5-3) ... 394s Selecting previously unselected package libpam-pwquality:s390x. 394s Preparing to unpack .../22-libpam-pwquality_1.4.5-3_s390x.deb ... 394s Unpacking libpam-pwquality:s390x (1.4.5-3) ... 394s Selecting previously unselected package libwbclient0:s390x. 394s Preparing to unpack .../23-libwbclient0_2%3a4.19.5+dfsg-4ubuntu8_s390x.deb ... 394s Unpacking libwbclient0:s390x (2:4.19.5+dfsg-4ubuntu8) ... 394s Selecting previously unselected package samba-libs:s390x. 394s Preparing to unpack .../24-samba-libs_2%3a4.19.5+dfsg-4ubuntu8_s390x.deb ... 394s Unpacking samba-libs:s390x (2:4.19.5+dfsg-4ubuntu8) ... 394s Selecting previously unselected package libsmbclient0:s390x. 394s Preparing to unpack .../25-libsmbclient0_2%3a4.19.5+dfsg-4ubuntu8_s390x.deb ... 394s Unpacking libsmbclient0:s390x (2:4.19.5+dfsg-4ubuntu8) ... 394s Selecting previously unselected package softhsm2-common. 394s Preparing to unpack .../26-softhsm2-common_2.6.1-2.2ubuntu3_s390x.deb ... 394s Unpacking softhsm2-common (2.6.1-2.2ubuntu3) ... 394s Selecting previously unselected package libsofthsm2. 394s Preparing to unpack .../27-libsofthsm2_2.6.1-2.2ubuntu3_s390x.deb ... 394s Unpacking libsofthsm2 (2.6.1-2.2ubuntu3) ... 394s Selecting previously unselected package softhsm2. 394s Preparing to unpack .../28-softhsm2_2.6.1-2.2ubuntu3_s390x.deb ... 394s Unpacking softhsm2 (2.6.1-2.2ubuntu3) ... 394s Selecting previously unselected package python3-sss. 394s Preparing to unpack .../29-python3-sss_2.9.4-1.1ubuntu5_s390x.deb ... 394s Unpacking python3-sss (2.9.4-1.1ubuntu5) ... 394s Selecting previously unselected package libsss-idmap0. 394s Preparing to unpack .../30-libsss-idmap0_2.9.4-1.1ubuntu5_s390x.deb ... 394s Unpacking libsss-idmap0 (2.9.4-1.1ubuntu5) ... 394s Selecting previously unselected package libnss-sss:s390x. 394s Preparing to unpack .../31-libnss-sss_2.9.4-1.1ubuntu5_s390x.deb ... 394s Unpacking libnss-sss:s390x (2.9.4-1.1ubuntu5) ... 394s Selecting previously unselected package libpam-sss:s390x. 394s Preparing to unpack .../32-libpam-sss_2.9.4-1.1ubuntu5_s390x.deb ... 394s Unpacking libpam-sss:s390x (2.9.4-1.1ubuntu5) ... 394s Selecting previously unselected package libc-ares2:s390x. 394s Preparing to unpack .../33-libc-ares2_1.27.0-1_s390x.deb ... 394s Unpacking libc-ares2:s390x (1.27.0-1) ... 394s Selecting previously unselected package libsss-certmap0. 394s Preparing to unpack .../34-libsss-certmap0_2.9.4-1.1ubuntu5_s390x.deb ... 394s Unpacking libsss-certmap0 (2.9.4-1.1ubuntu5) ... 394s Selecting previously unselected package libsss-nss-idmap0. 394s Preparing to unpack .../35-libsss-nss-idmap0_2.9.4-1.1ubuntu5_s390x.deb ... 394s Unpacking libsss-nss-idmap0 (2.9.4-1.1ubuntu5) ... 394s Selecting previously unselected package sssd-common. 394s Preparing to unpack .../36-sssd-common_2.9.4-1.1ubuntu5_s390x.deb ... 394s Unpacking sssd-common (2.9.4-1.1ubuntu5) ... 394s Selecting previously unselected package sssd-ad-common. 394s Preparing to unpack .../37-sssd-ad-common_2.9.4-1.1ubuntu5_s390x.deb ... 394s Unpacking sssd-ad-common (2.9.4-1.1ubuntu5) ... 394s Selecting previously unselected package sssd-krb5-common. 394s Preparing to unpack .../38-sssd-krb5-common_2.9.4-1.1ubuntu5_s390x.deb ... 394s Unpacking sssd-krb5-common (2.9.4-1.1ubuntu5) ... 394s Selecting previously unselected package sssd-ad. 394s Preparing to unpack .../39-sssd-ad_2.9.4-1.1ubuntu5_s390x.deb ... 394s Unpacking sssd-ad (2.9.4-1.1ubuntu5) ... 394s Selecting previously unselected package sssd-ipa. 394s Preparing to unpack .../40-sssd-ipa_2.9.4-1.1ubuntu5_s390x.deb ... 394s Unpacking sssd-ipa (2.9.4-1.1ubuntu5) ... 394s Selecting previously unselected package sssd-krb5. 394s Preparing to unpack .../41-sssd-krb5_2.9.4-1.1ubuntu5_s390x.deb ... 394s Unpacking sssd-krb5 (2.9.4-1.1ubuntu5) ... 394s Selecting previously unselected package sssd-ldap. 394s Preparing to unpack .../42-sssd-ldap_2.9.4-1.1ubuntu5_s390x.deb ... 394s Unpacking sssd-ldap (2.9.4-1.1ubuntu5) ... 394s Selecting previously unselected package sssd-proxy. 394s Preparing to unpack .../43-sssd-proxy_2.9.4-1.1ubuntu5_s390x.deb ... 394s Unpacking sssd-proxy (2.9.4-1.1ubuntu5) ... 394s Selecting previously unselected package sssd. 394s Preparing to unpack .../44-sssd_2.9.4-1.1ubuntu5_s390x.deb ... 394s Unpacking sssd (2.9.4-1.1ubuntu5) ... 394s Selecting previously unselected package autopkgtest-satdep. 394s Preparing to unpack .../45-3-autopkgtest-satdep.deb ... 394s Unpacking autopkgtest-satdep (0) ... 394s Setting up libpwquality-common (1.4.5-3) ... 394s Setting up softhsm2-common (2.6.1-2.2ubuntu3) ... 394s 394s Creating config file /etc/softhsm/softhsm2.conf with new version 395s Setting up libnfsidmap1:s390x (1:2.6.4-3ubuntu4) ... 395s Setting up libsss-idmap0 (2.9.4-1.1ubuntu5) ... 395s Setting up libbasicobjects0t64:s390x (0.6.2-2.1build1) ... 395s Setting up libipa-hbac0t64 (2.9.4-1.1ubuntu5) ... 395s Setting up libref-array1t64:s390x (0.6.2-2.1build1) ... 395s Setting up libtdb1:s390x (1.4.10-1) ... 395s Setting up libcollection4t64:s390x (0.6.2-2.1build1) ... 395s Setting up libevent-2.1-7t64:s390x (2.1.12-stable-9ubuntu2) ... 395s Setting up libc-ares2:s390x (1.27.0-1) ... 395s Setting up libwbclient0:s390x (2:4.19.5+dfsg-4ubuntu8) ... 395s Setting up libtalloc2:s390x (2.4.2-1build2) ... 395s Setting up libpath-utils1t64:s390x (0.6.2-2.1build1) ... 395s Setting up libunbound8:s390x (1.19.2-1ubuntu3) ... 395s Setting up libgnutls-dane0t64:s390x (3.8.3-1.1ubuntu3) ... 395s Setting up libavahi-common-data:s390x (0.8-13ubuntu5) ... 395s Setting up libdhash1t64:s390x (0.6.2-2.1build1) ... 395s Setting up libcrack2:s390x (2.9.6-5.1build2) ... 395s Setting up libsss-nss-idmap0 (2.9.4-1.1ubuntu5) ... 395s Setting up libini-config5t64:s390x (0.6.2-2.1build1) ... 395s Setting up libtevent0t64:s390x (0.16.1-2build1) ... 395s Setting up libnss-sss:s390x (2.9.4-1.1ubuntu5) ... 395s Setting up gnutls-bin (3.8.3-1.1ubuntu3) ... 395s Setting up libsofthsm2 (2.6.1-2.2ubuntu3) ... 395s Setting up softhsm2 (2.6.1-2.2ubuntu3) ... 395s Setting up libavahi-common3:s390x (0.8-13ubuntu5) ... 395s Setting up libsss-certmap0 (2.9.4-1.1ubuntu5) ... 395s Setting up libpwquality1:s390x (1.4.5-3) ... 395s Setting up libldb2:s390x (2:2.8.0+samba4.19.5+dfsg-4ubuntu8) ... 395s Setting up libavahi-client3:s390x (0.8-13ubuntu5) ... 395s Setting up libpam-pwquality:s390x (1.4.5-3) ... 395s Setting up samba-libs:s390x (2:4.19.5+dfsg-4ubuntu8) ... 395s Setting up python3-sss (2.9.4-1.1ubuntu5) ... 395s Setting up libsmbclient0:s390x (2:4.19.5+dfsg-4ubuntu8) ... 395s Setting up libpam-sss:s390x (2.9.4-1.1ubuntu5) ... 395s Setting up sssd-common (2.9.4-1.1ubuntu5) ... 395s Creating SSSD system user & group... 395s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 395s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 395s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 395s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 396s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 396s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 396s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 396s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 397s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 397s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 397s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 397s sssd-autofs.service is a disabled or a static unit, not starting it. 397s sssd-nss.service is a disabled or a static unit, not starting it. 397s sssd-pam.service is a disabled or a static unit, not starting it. 397s sssd-ssh.service is a disabled or a static unit, not starting it. 397s sssd-sudo.service is a disabled or a static unit, not starting it. 397s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 397s Setting up sssd-proxy (2.9.4-1.1ubuntu5) ... 397s Setting up sssd-ad-common (2.9.4-1.1ubuntu5) ... 398s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 398s sssd-pac.service is a disabled or a static unit, not starting it. 398s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 398s Setting up sssd-krb5-common (2.9.4-1.1ubuntu5) ... 399s Setting up sssd-krb5 (2.9.4-1.1ubuntu5) ... 399s Setting up sssd-ldap (2.9.4-1.1ubuntu5) ... 399s Setting up sssd-ad (2.9.4-1.1ubuntu5) ... 399s Setting up sssd-ipa (2.9.4-1.1ubuntu5) ... 399s Setting up sssd (2.9.4-1.1ubuntu5) ... 399s Setting up autopkgtest-satdep (0) ... 399s Processing triggers for man-db (2.12.0-4build1) ... 399s Processing triggers for libc-bin (2.39-0ubuntu8) ... 403s (Reading database ... 78930 files and directories currently installed.) 403s Removing autopkgtest-satdep (0) ... 411s autopkgtest [22:42:32]: test sssd-softhism2-certificates-tests.sh: [----------------------- 412s + '[' -z ubuntu ']' 412s + required_tools=(p11tool openssl softhsm2-util) 412s + for cmd in "${required_tools[@]}" 412s + command -v p11tool 412s + for cmd in "${required_tools[@]}" 412s + command -v openssl 412s + for cmd in "${required_tools[@]}" 412s + command -v softhsm2-util 412s + PIN=053350 412s +++ find /usr/lib/softhsm/libsofthsm2.so 412s +++ head -n 1 412s ++ realpath /usr/lib/softhsm/libsofthsm2.so 412s + SOFTHSM2_MODULE=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 412s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 412s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 412s + '[' '!' -v NO_SSSD_TESTS ']' 412s + '[' '!' -x /usr/libexec/sssd/p11_child ']' 412s + ca_db_arg=ca_db 412s ++ /usr/libexec/sssd/p11_child --help 412s + p11_child_help='Usage: p11_child [OPTION...] 412s -d, --debug-level=INT Debug level 412s --debug-timestamps=INT Add debug timestamps 412s --debug-microseconds=INT Show timestamps with microseconds 412s --dumpable=INT Allow core dumps 412s --debug-fd=INT An open file descriptor for the debug 412s logs 412s --logger=stderr|files|journald Set logger 412s --auth Run in auth mode 412s --pre Run in pre-auth mode 412s --wait_for_card Wait until card is available 412s --verification Run in verification mode 412s --pin Expect PIN on stdin 412s --keypad Expect PIN on keypad 412s --verify=STRING Tune validation 412s --ca_db=STRING CA DB to use 412s --module_name=STRING Module name for authentication 412s --token_name=STRING Token name for authentication 412s --key_id=STRING Key ID for authentication 412s --label=STRING Label for authentication 412s --certificate=STRING certificate to verify, base64 encoded 412s --uri=STRING PKCS#11 URI to restrict selection 412s --chain-id=LONG Tevent chain ID used for logging 412s purposes 412s 412s Help options: 412s -?, --help Show this help message 412s --usage Display brief usage message' 412s + echo 'Usage: p11_child [OPTION...] 412s -d, --debug-level=INT Debug level 412s + grep nssdb -qs 412s --debug-timestamps=INT Add debug timestamps 412s --debug-microseconds=INT Show timestamps with microseconds 412s --dumpable=INT Allow core dumps 412s --debug-fd=INT An open file descriptor for the debug 412s logs 412s --logger=stderr|files|journald Set logger 412s --auth Run in auth mode 412s --pre Run in pre-auth mode 412s --wait_for_card Wait until card is available 412s --verification Run in verification mode 412s --pin Expect PIN on stdin 412s --keypad Expect PIN on keypad 412s --verify=STRING Tune validation 412s --ca_db=STRING CA DB to use 412s --module_name=STRING Module name for authentication 412s --token_name=STRING Token name for authentication 412s --key_id=STRING Key ID for authentication 412s --label=STRING Label for authentication 412s --certificate=STRING certificate to verify, base64 encoded 412s --uri=STRING PKCS#11 URI to restrict selection 412s --chain-id=LONG Tevent chain ID used for logging 412s purposes 412s 412s Help options: 412s -?, --help Show this help message 412s --usage Display brief usage message' 412s + echo 'Usage: p11_child [OPTION...] 412s -d, --debug-level=INT Debug level 412s + grep -qs -- --ca_db 412s --debug-timestamps=INT Add debug timestamps 412s --debug-microseconds=INT Show timestamps with microseconds 412s --dumpable=INT Allow core dumps 412s --debug-fd=INT An open file descriptor for the debug 412s logs 412s --logger=stderr|files|journald Set logger 412s --auth Run in auth mode 412s --pre Run in pre-auth mode 412s --wait_for_card Wait until card is available 412s --verification Run in verification mode 412s --pin Expect PIN on stdin 412s --keypad Expect PIN on keypad 412s --verify=STRING Tune validation 412s --ca_db=STRING CA DB to use 412s --module_name=STRING Module name for authentication 412s --token_name=STRING Token name for authentication 412s --key_id=STRING Key ID for authentication 412s --label=STRING Label for authentication 412s --certificate=STRING certificate to verify, base64 encoded 412s --uri=STRING PKCS#11 URI to restrict selection 412s --chain-id=LONG Tevent chain ID used for logging 412s purposes 412s 412s Help options: 412s -?, --help Show this help message 412s --usage Display brief usage message' 412s + '[' '!' -e /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so ']' 412s ++ mktemp -d -t sssd-softhsm2-XXXXXX 412s + tmpdir=/tmp/sssd-softhsm2-5yzQpU 412s + keys_size=1024 412s + [[ ! -v KEEP_TEMPORARY_FILES ]] 412s + trap 'rm -rf "$tmpdir"' EXIT 412s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 412s + echo -n 01 412s + touch /tmp/sssd-softhsm2-5yzQpU/index.txt 412s + mkdir -p /tmp/sssd-softhsm2-5yzQpU/new_certs 412s + cat 412s + root_ca_key_pass=pass:random-root-CA-password-10949 412s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-5yzQpU/test-root-CA-key.pem -passout pass:random-root-CA-password-10949 1024 412s + openssl req -passin pass:random-root-CA-password-10949 -batch -config /tmp/sssd-softhsm2-5yzQpU/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-5yzQpU/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 412s + openssl x509 -noout -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 412s + cat 412s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-27783 412s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-27783 1024 412s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-27783 -config /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.config -key /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-10949 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-certificate-request.pem 412s + openssl req -text -noout -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-certificate-request.pem 412s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-5yzQpU/test-root-CA.config -passin pass:random-root-CA-password-10949 -keyfile /tmp/sssd-softhsm2-5yzQpU/test-root-CA-key.pem -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem 412s Certificate Request: 412s Data: 412s Version: 1 (0x0) 412s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 412s Subject Public Key Info: 412s Public Key Algorithm: rsaEncryption 412s Public-Key: (1024 bit) 412s Modulus: 412s 00:da:9b:c3:5f:cd:b3:e4:ff:04:9a:97:65:69:ed: 412s 03:47:2e:e5:40:a8:5f:ab:b0:46:39:3a:e6:7f:25: 412s 2b:c8:a2:2e:90:a0:42:e9:d1:3c:e7:92:1e:c3:44: 412s e7:e1:73:bd:df:14:26:6a:1d:ea:fe:c8:78:ef:01: 412s 9d:28:e1:d6:1b:31:bc:f2:91:7d:dd:23:d1:b1:3b: 412s a1:74:ce:2d:82:72:db:4a:c9:eb:a4:7d:c5:38:41: 412s fd:4e:7c:96:35:8a:24:4f:06:4c:08:ce:1c:0e:81: 412s 81:d5:3a:27:de:bf:0c:be:a6:82:04:41:e7:71:4c: 412s ed:ee:fb:66:e5:6e:d6:1a:e1 412s Exponent: 65537 (0x10001) 412s Attributes: 412s (none) 412s Requested Extensions: 412s Signature Algorithm: sha256WithRSAEncryption 412s Signature Value: 412s 9b:2e:86:51:1c:e7:fa:b4:b5:3d:eb:1f:c0:29:77:df:39:cd: 412s e4:ff:7d:35:6e:ce:ec:cc:49:3d:5d:2d:a4:af:5c:c5:f8:87: 412s 70:e3:25:1f:c5:55:e2:0b:09:81:a0:fa:89:dd:0f:01:a0:04: 412s b1:e8:60:e0:df:af:83:90:ce:f5:8a:6f:ca:4d:da:b1:c1:65: 412s 15:83:f3:fb:e8:49:2c:d8:d9:90:6e:73:4d:9c:87:08:42:43: 412s 7e:e1:b0:6c:70:98:7f:41:ef:24:e9:7f:d3:f6:d6:c5:f0:69: 412s 1c:d9:91:d7:6e:b6:c0:1b:86:6c:a0:ae:ec:f0:07:9f:4a:f1: 412s 94:92 412s Using configuration from /tmp/sssd-softhsm2-5yzQpU/test-root-CA.config 412s Check that the request matches the signature 412s Signature ok 412s Certificate Details: 412s Serial Number: 1 (0x1) 412s Validity 412s Not Before: Apr 8 22:42:33 2024 GMT 412s Not After : Apr 8 22:42:33 2025 GMT 412s Subject: 412s organizationName = Test Organization 412s organizationalUnitName = Test Organization Unit 412s commonName = Test Organization Intermediate CA 412s X509v3 extensions: 412s X509v3 Subject Key Identifier: 412s 36:5A:B3:67:EF:31:A3:B3:5D:ED:7F:23:7C:FB:F9:20:84:2E:8D:6D 412s X509v3 Authority Key Identifier: 412s keyid:0A:6F:F8:5A:2D:E3:F9:9D:D3:B0:A8:66:57:78:6E:C2:61:FE:24:52 412s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 412s serial:00 412s X509v3 Basic Constraints: 412s CA:TRUE 412s X509v3 Key Usage: critical 412s Digital Signature, Certificate Sign, CRL Sign 412s Certificate is to be certified until Apr 8 22:42:33 2025 GMT (365 days) 412s 412s Write out database with 1 new entries 412s Database updated 412s + openssl x509 -noout -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem 412s + openssl verify -CAfile /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem 412s + cat 412s /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem: OK 412s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-1254 412s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-1254 1024 412s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-1254 -config /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-27783 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-certificate-request.pem 412s + openssl req -text -noout -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-certificate-request.pem 412s Certificate Request: 412s Data: 412s Version: 1 (0x0) 412s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 412s Subject Public Key Info: 412s Public Key Algorithm: rsaEncryption 412s Public-Key: (1024 bit) 412s Modulus: 412s 00:ef:d6:61:68:0a:e0:ed:1d:37:22:d5:9b:e5:bd: 412s 65:3a:b6:ac:17:8d:8c:ef:fe:1a:8a:3b:ce:84:1f: 412s 43:30:dc:bb:a4:4e:bf:92:4b:32:04:c8:c7:03:f8: 412s 3e:af:3f:75:4c:5d:47:ad:54:21:bd:d1:12:ad:64: 412s a7:40:23:2e:90:e9:fa:0d:0f:a6:02:59:4c:37:d8: 412s f3:c6:67:8c:82:f0:86:73:df:b1:89:a2:8a:76:2c: 412s 6e:e3:f8:6b:95:17:47:91:e1:ad:fe:0a:0e:80:fd: 412s a9:dd:cd:bd:d6:9d:5a:c3:93:11:bb:24:82:b4:d6: 412s 7b:14:4d:f1:f5:31:95:19:5f 412s Exponent: 65537 (0x10001) 412s Attributes: 412s (none) 412s Requested Extensions: 412s Signature Algorithm: sha256WithRSAEncryption 412s Signature Value: 412s 33:38:b5:a2:7c:d5:6d:6d:28:21:be:68:35:19:c6:32:e6:69: 412s ac:2a:6b:dd:69:2a:a6:33:18:cc:f3:0f:c2:97:a6:13:84:82: 412s ed:61:7e:ad:c5:71:eb:63:f0:cb:09:68:b7:ed:8d:f9:fe:1f: 412s 84:e4:f8:f6:3a:ef:3e:36:36:e9:86:78:cc:bf:c8:26:1e:da: 412s 8d:b3:8f:91:ff:dc:34:b6:94:aa:e6:2a:51:63:09:65:72:7c: 412s 4f:93:82:4e:38:26:31:e4:9a:cd:5a:25:6c:1a:96:b9:ee:f7: 412s 7e:20:30:de:33:0d:9c:26:e5:53:25:76:1a:0b:2d:b5:e2:41: 412s e5:6f 412s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-27783 -keyfile /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem 412s Using configuration from /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.config 412s Check that the request matches the signature 412s Signature ok 412s Certificate Details: 412s Serial Number: 2 (0x2) 412s Validity 412s Not Before: Apr 8 22:42:33 2024 GMT 412s Not After : Apr 8 22:42:33 2025 GMT 412s Subject: 412s organizationName = Test Organization 412s organizationalUnitName = Test Organization Unit 412s commonName = Test Organization Sub Intermediate CA 412s X509v3 extensions: 412s X509v3 Subject Key Identifier: 412s B1:DD:B2:F2:0F:E9:26:4D:1B:9B:B8:37:FA:CE:D8:9B:AF:F9:3A:26 412s X509v3 Authority Key Identifier: 412s keyid:36:5A:B3:67:EF:31:A3:B3:5D:ED:7F:23:7C:FB:F9:20:84:2E:8D:6D 412s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 412s serial:01 412s X509v3 Basic Constraints: 412s CA:TRUE 412s X509v3 Key Usage: critical 412s Digital Signature, Certificate Sign, CRL Sign 412s Certificate is to be certified until Apr 8 22:42:33 2025 GMT (365 days) 412s 412s Write out database with 1 new entries 412s Database updated 412s + openssl x509 -noout -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem 412s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem 412s /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem: OK 412s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem 412s + local cmd=openssl 412s + shift 412s + openssl verify -CAfile /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem 412s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 412s error 20 at 0 depth lookup: unable to get local issuer certificate 412s error /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem: verification failed 412s + cat 412s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-13702 412s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-13702 1024 412s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-13702 -key /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001-request.pem 412s + openssl req -text -noout -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001-request.pem 412s Certificate Request: 412s Data: 412s Version: 1 (0x0) 412s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 412s Subject Public Key Info: 412s Public Key Algorithm: rsaEncryption 412s Public-Key: (1024 bit) 412s Modulus: 412s 00:b9:f1:e4:c0:84:9c:3b:5b:85:48:76:f5:f4:be: 412s e0:85:60:35:47:e1:3b:0b:63:89:90:fa:a1:4c:86: 412s 24:c4:0e:f6:31:1d:a7:4d:49:2b:bd:c2:eb:d8:4d: 412s de:39:1e:cf:e4:a0:ec:fb:b0:f4:fa:31:ea:d2:6a: 412s e6:c1:f1:03:7a:c0:af:4f:ba:aa:5b:9b:2f:91:f7: 412s 92:19:55:dc:90:e8:68:7c:de:2a:1d:d7:32:cd:66: 412s 7b:ce:24:c7:b3:eb:97:ca:69:77:ff:fb:9f:c7:8e: 412s a4:ae:7b:92:e0:c7:76:0f:b4:c7:d9:34:df:92:39: 412s a7:9c:2e:d0:5b:c7:bd:bf:35 412s Exponent: 65537 (0x10001) 412s Attributes: 412s Requested Extensions: 412s X509v3 Basic Constraints: 412s CA:FALSE 412s Netscape Cert Type: 412s SSL Client, S/MIME 412s Netscape Comment: 412s Test Organization Root CA trusted Certificate 412s X509v3 Subject Key Identifier: 412s 64:BE:16:46:F4:2E:08:A6:6B:D0:F7:2A:82:65:13:0E:1E:FE:7B:F2 412s X509v3 Key Usage: critical 412s Digital Signature, Non Repudiation, Key Encipherment 412s X509v3 Extended Key Usage: 412s TLS Web Client Authentication, E-mail Protection 412s X509v3 Subject Alternative Name: 412s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 412s Signature Algorithm: sha256WithRSAEncryption 412s Signature Value: 412s 12:0b:bf:83:f3:68:84:7d:ec:c8:a8:0e:2f:c2:30:e2:fc:01: 412s 3f:69:49:b2:04:52:0a:59:b6:db:f1:d6:f9:ea:9c:c6:2c:01: 412s c2:ce:56:7c:e0:19:3c:ca:cd:67:f3:f4:1a:b9:a3:54:7d:ab: 412s 40:59:a0:23:ad:1d:e6:80:90:10:e6:12:a3:19:68:af:5d:7c: 412s 61:df:73:9c:c9:a1:33:e2:e8:f8:af:2b:16:ec:68:4e:06:0c: 412s 90:43:35:c8:96:0e:3e:05:9a:24:7b:9a:1e:db:72:9a:48:6c: 412s 7d:e0:aa:34:69:7d:86:47:e8:88:18:e3:55:27:a3:92:52:82: 412s ce:b4 412s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-5yzQpU/test-root-CA.config -passin pass:random-root-CA-password-10949 -keyfile /tmp/sssd-softhsm2-5yzQpU/test-root-CA-key.pem -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 412s Using configuration from /tmp/sssd-softhsm2-5yzQpU/test-root-CA.config 412s Check that the request matches the signature 412s Signature ok 412s Certificate Details: 412s Serial Number: 3 (0x3) 412s Validity 412s Not Before: Apr 8 22:42:33 2024 GMT 412s Not After : Apr 8 22:42:33 2025 GMT 412s Subject: 412s organizationName = Test Organization 412s organizationalUnitName = Test Organization Unit 412s commonName = Test Organization Root Trusted Certificate 0001 412s X509v3 extensions: 412s X509v3 Authority Key Identifier: 412s 0A:6F:F8:5A:2D:E3:F9:9D:D3:B0:A8:66:57:78:6E:C2:61:FE:24:52 412s X509v3 Basic Constraints: 412s CA:FALSE 412s Netscape Cert Type: 412s SSL Client, S/MIME 412s Netscape Comment: 412s Test Organization Root CA trusted Certificate 412s X509v3 Subject Key Identifier: 412s 64:BE:16:46:F4:2E:08:A6:6B:D0:F7:2A:82:65:13:0E:1E:FE:7B:F2 412s X509v3 Key Usage: critical 412s Digital Signature, Non Repudiation, Key Encipherment 412s X509v3 Extended Key Usage: 412s TLS Web Client Authentication, E-mail Protection 412s X509v3 Subject Alternative Name: 412s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 412s Certificate is to be certified until Apr 8 22:42:33 2025 GMT (365 days) 412s 412s Write out database with 1 new entries 412s Database updated 412s + openssl x509 -noout -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 412s /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem: OK 412s + openssl verify -CAfile /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 412s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 412s + local cmd=openssl 412s + shift 412s + openssl verify -CAfile /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 412s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 412s error 20 at 0 depth lookup: unable to get local issuer certificate 412s error /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem: verification failed 412s + cat 412s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-9029 412s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-9029 1024 412s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-9029 -key /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001-request.pem 412s + openssl req -text -noout -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001-request.pem 412s Certificate Request: 412s Data: 412s Version: 1 (0x0) 412s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 412s Subject Public Key Info: 412s Public Key Algorithm: rsaEncryption 412s Public-Key: (1024 bit) 412s Modulus: 412s 00:bd:01:1c:32:38:37:05:d7:30:da:b4:76:e7:cb: 412s 51:f0:01:ed:e6:0e:9f:45:9c:8f:f0:e5:1e:ef:fe: 412s 1b:98:00:80:2d:23:0c:45:bc:5d:5a:e9:77:72:1a: 412s b9:f4:d9:5e:08:b4:58:29:52:5b:92:3f:28:f8:6a: 412s ce:1c:65:ad:1e:dd:da:f6:5a:5c:f9:8b:33:74:f7: 412s bb:33:ce:20:67:0a:14:de:f2:7e:b0:90:1c:76:61: 412s eb:0c:45:85:86:dd:58:0f:3f:c9:84:c2:96:d1:49: 412s 16:82:d8:00:f0:f2:a1:a3:b1:b6:c7:42:6e:4e:7f: 412s 04:57:9a:f0:2b:3b:ae:23:81 412s Exponent: 65537 (0x10001) 412s Attributes: 412s Requested Extensions: 412s X509v3 Basic Constraints: 412s CA:FALSE 412s Netscape Cert Type: 412s SSL Client, S/MIME 412s Netscape Comment: 412s Test Organization Intermediate CA trusted Certificate 412s X509v3 Subject Key Identifier: 412s A9:99:3B:BA:F8:52:EB:E4:12:45:1A:3D:45:7D:ED:8D:99:DB:72:9C 412s X509v3 Key Usage: critical 412s Digital Signature, Non Repudiation, Key Encipherment 412s X509v3 Extended Key Usage: 412s TLS Web Client Authentication, E-mail Protection 412s X509v3 Subject Alternative Name: 412s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 412s Signature Algorithm: sha256WithRSAEncryption 412s Signature Value: 412s 49:f3:d4:d1:c2:6f:db:5e:48:9b:3f:aa:d9:64:24:e7:a6:af: 412s b8:21:f2:1b:0f:42:4a:3a:65:6b:bf:73:74:84:80:b7:7a:09: 412s 32:90:e9:5b:7a:26:76:ae:ec:62:3a:1e:9a:c5:e8:c5:d0:0c: 412s 88:cf:30:56:6d:ed:6a:07:54:5a:6b:62:c2:17:5c:37:43:51: 412s b9:b3:d0:82:7e:b0:c8:1d:74:4a:d3:25:60:8d:70:5c:0d:e0: 412s e3:cb:50:71:ea:e8:83:47:59:f7:0c:7a:d1:ed:e3:f1:84:32: 412s 83:13:47:ed:02:99:96:1f:d3:89:a8:2c:52:91:55:93:ee:3a: 412s ad:de 412s + openssl ca -passin pass:random-intermediate-CA-password-27783 -config /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 412s Using configuration from /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.config 412s Check that the request matches the signature 412s Signature ok 412s Certificate Details: 412s Serial Number: 4 (0x4) 412s Validity 412s Not Before: Apr 8 22:42:33 2024 GMT 412s Not After : Apr 8 22:42:33 2025 GMT 412s Subject: 412s organizationName = Test Organization 412s organizationalUnitName = Test Organization Unit 412s commonName = Test Organization Intermediate Trusted Certificate 0001 412s X509v3 extensions: 412s X509v3 Authority Key Identifier: 412s 36:5A:B3:67:EF:31:A3:B3:5D:ED:7F:23:7C:FB:F9:20:84:2E:8D:6D 412s X509v3 Basic Constraints: 412s CA:FALSE 412s Netscape Cert Type: 412s SSL Client, S/MIME 412s Netscape Comment: 412s Test Organization Intermediate CA trusted Certificate 412s X509v3 Subject Key Identifier: 412s A9:99:3B:BA:F8:52:EB:E4:12:45:1A:3D:45:7D:ED:8D:99:DB:72:9C 412s X509v3 Key Usage: critical 412s Digital Signature, Non Repudiation, Key Encipherment 412s X509v3 Extended Key Usage: 412s TLS Web Client Authentication, E-mail Protection 412s X509v3 Subject Alternative Name: 412s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 412s Certificate is to be certified until Apr 8 22:42:33 2025 GMT (365 days) 412s 412s Write out database with 1 new entries 412s Database updated 412s + openssl x509 -noout -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 412s This certificate should not be trusted fully 412s + echo 'This certificate should not be trusted fully' 412s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 412s + local cmd=openssl 412s + shift 412s + openssl verify -CAfile /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 412s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Inter/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem: OK 412s mediate CA 412s error 2 at 1 depth lookup: unable to get issuer certificate 412s error /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 412s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 412s + cat 412s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-12011 412s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-12011 1024 412s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-12011 -key /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 412s + openssl req -text -noout -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 412s Certificate Request: 412s Data: 412s Version: 1 (0x0) 412s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 412s Subject Public Key Info: 412s Public Key Algorithm: rsaEncryption 412s Public-Key: (1024 bit) 412s Modulus: 412s 00:bd:43:9d:9b:48:36:79:ce:f7:1f:99:1a:a8:0e: 412s 7b:c6:9c:af:1d:9d:f1:7b:36:88:e1:c3:1a:9d:82: 412s 43:45:9a:6a:f5:5e:70:4a:e5:9c:ad:a5:9f:30:c1: 412s 8f:11:d3:80:1a:a4:76:b3:af:80:3c:33:6d:07:c2: 412s 92:8d:63:0d:af:6b:6e:26:16:ba:3f:d4:14:4a:39: 412s 60:81:6c:1d:9d:6b:e2:58:d4:2c:db:86:4d:30:c6: 412s 28:b7:95:e9:d6:c4:12:44:1e:00:f4:5d:33:fa:cb: 412s b8:14:50:ad:a3:ce:4a:c7:30:2b:b4:c6:6c:40:2e: 412s bb:15:3b:3f:be:47:42:9b:ad 412s Exponent: 65537 (0x10001) 412s Attributes: 412s Requested Extensions: 412s X509v3 Basic Constraints: 412s CA:FALSE 412s Netscape Cert Type: 412s SSL Client, S/MIME 412s Netscape Comment: 412s Test Organization Sub Intermediate CA trusted Certificate 412s X509v3 Subject Key Identifier: 412s CB:45:86:88:C7:86:95:94:9A:10:9C:E9:E7:5D:4E:CE:B0:96:69:84 412s X509v3 Key Usage: critical 412s Digital Signature, Non Repudiation, Key Encipherment 412s X509v3 Extended Key Usage: 412s TLS Web Client Authentication, E-mail Protection 412s X509v3 Subject Alternative Name: 412s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 412s Signature Algorithm: sha256WithRSAEncryption 412s Signature Value: 412s 91:46:93:d2:aa:ba:ff:59:7c:8d:eb:bb:f7:58:58:4c:e4:3f: 412s 8a:ba:78:22:f8:30:5a:50:a0:71:b4:f1:79:92:7c:75:ae:04: 412s 4d:39:ed:2c:ec:48:52:88:88:0a:97:e8:34:e9:ca:b2:c6:ce: 412s 41:be:79:c6:23:6d:8f:31:2d:09:26:85:0b:0e:c7:6b:90:63: 412s c2:d5:65:9d:66:ee:87:0e:a6:72:73:20:db:a9:52:0b:ff:75: 412s ce:3f:b2:dc:64:f6:de:2e:a6:46:61:02:a5:7b:45:4e:2d:dd: 412s b4:32:f8:d8:5e:c9:78:64:42:e1:55:30:e6:3e:41:ba:93:b2: 412s bc:21 412s + openssl ca -passin pass:random-sub-intermediate-CA-password-1254 -config /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s Using configuration from /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.config 412s Check that the request matches the signature 412s Signature ok 412s Certificate Details: 412s Serial Number: 5 (0x5) 412s Validity 412s Not Before: Apr 8 22:42:33 2024 GMT 412s Not After : Apr 8 22:42:33 2025 GMT 412s Subject: 412s organizationName = Test Organization 412s organizationalUnitName = Test Organization Unit 412s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 412s X509v3 extensions: 412s X509v3 Authority Key Identifier: 412s B1:DD:B2:F2:0F:E9:26:4D:1B:9B:B8:37:FA:CE:D8:9B:AF:F9:3A:26 412s X509v3 Basic Constraints: 412s CA:FALSE 412s Netscape Cert Type: 412s SSL Client, S/MIME 412s Netscape Comment: 412s Test Organization Sub Intermediate CA trusted Certificate 412s X509v3 Subject Key Identifier: 412s CB:45:86:88:C7:86:95:94:9A:10:9C:E9:E7:5D:4E:CE:B0:96:69:84 412s X509v3 Key Usage: critical 412s Digital Signature, Non Repudiation, Key Encipherment 412s X509v3 Extended Key Usage: 412s TLS Web Client Authentication, E-mail Protection 412s X509v3 Subject Alternative Name: 412s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 412s Certificate is to be certified until Apr 8 22:42:33 2025 GMT (365 days) 412s 412s Write out database with 1 new entries 412s Database updated 412s + openssl x509 -noout -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s This certificate should not be trusted fully 412s + echo 'This certificate should not be trusted fully' 412s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s + local cmd=openssl 412s + shift 412s + openssl verify -CAfile /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 412s error 2 at 1 depth lookup: unable to get issuer certificate 412s error /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 412s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s + local cmd=openssl 412s + shift 412s + openssl verify -CAfile /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s O = Test Organization, OU = Te/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 412s st Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 412s error 20 at 0 depth lookup: unable to get local issuer certificate 412s error /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 412s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s + local cmd=openssl 412s + shift 412s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 412s error 20 at 0 depth lookup: unable to get local issuer certificate 412s error /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 412s + echo 'Building a the full-chain CA file...' 412s + cat /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem 412s + cat /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem 412s + cat /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem 412s Building a the full-chain CA file... 412s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 412s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 412s 412s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 412s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 412s 412s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 412s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 412s 412s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 412s + openssl pkcs7 -print_certs -noout 412s + openssl verify -CAfile /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem 412s /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem: OK 412s + openssl verify -CAfile /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 412s /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem: OK 412s + openssl verify -CAfile /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 412s /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem: OK 412s + openssl verify -CAfile /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-root-intermediate-chain-CA.pem 412s /tmp/sssd-softhsm2-5yzQpU/test-root-intermediate-chain-CA.pem: OK 412s + openssl verify -CAfile /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 412s + echo 'Certificates generation completed!' 412s + [[ -v NO_SSSD_TESTS ]] 412s /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 412s Certificates generation completed! 412s + invalid_certificate /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 /dev/null 412s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 /dev/null 412s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 412s + local key_pass=pass:random-root-ca-trusted-cert-0001-13702 412s + local key_ring=/dev/null 412s + local verify_option= 412s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 412s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 412s + local key_pass=pass:random-root-ca-trusted-cert-0001-13702 412s + local key_cn 412s + local key_name 412s + local tokens_dir 412s + local output_cert_file 412s + token_name= 412s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem .pem 412s + key_name=test-root-CA-trusted-certificate-0001 412s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 412s ++ sed -n 's/ *commonName *= //p' 412s + key_cn='Test Organization Root Trusted Certificate 0001' 412s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 412s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf 412s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf 412s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 412s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001 412s + token_name='Test Organization Root Tr Token' 412s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 412s + local key_file 412s + local decrypted_key 412s + mkdir -p /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001 412s + key_file=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001-key.pem 412s + decrypted_key=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001-key-decrypted.pem 412s + cat 412s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 053350 --so-pin 053350 --free 413s Slot 0 has a free/uninitialized token. 413s The token has been initialized and is reassigned to slot 1495149491 413s + softhsm2-util --show-slots 413s Available slots: 413s Slot 1495149491 413s Slot info: 413s Description: SoftHSM slot ID 0x591e2bb3 413s Manufacturer ID: SoftHSM project 413s Hardware version: 2.6 413s Firmware version: 2.6 413s Token present: yes 413s Token info: 413s Manufacturer ID: SoftHSM project 413s Model: SoftHSM v2 413s Hardware version: 2.6 413s Firmware version: 2.6 413s Serial number: 3e3a1130591e2bb3 413s Initialized: yes 413s User PIN init.: yes 413s Label: Test Organization Root Tr Token 413s Slot 1 413s Slot info: 413s Description: SoftHSM slot ID 0x1 413s Manufacturer ID: SoftHSM project 413s Hardware version: 2.6 413s Firmware version: 2.6 413s Token present: yes 413s Token info: 413s Manufacturer ID: SoftHSM project 413s Model: SoftHSM v2 413s Hardware version: 2.6 413s Firmware version: 2.6 413s Serial number: 413s Initialized: no 413s User PIN init.: no 413s Label: 413s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 413s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-13702 -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001-key-decrypted.pem 413s writing RSA key 413s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 413s + rm /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001-key-decrypted.pem 413s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 413s Object 0: 413s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e3a1130591e2bb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 413s Type: X.509 Certificate (RSA-1024) 413s Expires: Tue Apr 8 22:42:33 2025 413s Label: Test Organization Root Trusted Certificate 0001 413s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 413s 413s + echo 'Test Organization Root Tr Token' 413s + '[' -n '' ']' 413s + local output_base_name=SSSD-child-3863 413s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-3863.output 413s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-3863.pem 413s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 413s [p11_child[3292]] [main] (0x0400): p11_child started. 413s [p11_child[3292]] [main] (0x2000): Running in [pre-auth] mode. 413s [p11_child[3292]] [main] (0x2000): Running with effective IDs: [0][0]. 413s [p11_child[3292]] [main] (0x2000): Running with real IDs [0][0]. 413s Test Organization Root Tr Token 413s [p11_child[3292]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 413s [p11_child[3292]] [do_work] (0x0040): init_verification failed. 413s [p11_child[3292]] [main] (0x0020): p11_child failed (5) 413s + return 2 413s + valid_certificate /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 /dev/null no_verification 413s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 /dev/null no_verification 413s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 413s + local key_pass=pass:random-root-ca-trusted-cert-0001-13702 413s + local key_ring=/dev/null 413s + local verify_option=no_verification 413s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 413s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 413s + local key_pass=pass:random-root-ca-trusted-cert-0001-13702 413s + local key_cn 413s + local key_name 413s + local tokens_dir 413s + local output_cert_file 413s + token_name= 413s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem .pem 413s + key_name=test-root-CA-trusted-certificate-0001 413s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 413s ++ sed -n 's/ *commonName *= //p' 413s + key_cn='Test Organization Root Trusted Certificate 0001' 413s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 413s Test Organization Root Tr Token 413s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf 413s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf 413s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 413s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001 413s + token_name='Test Organization Root Tr Token' 413s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 413s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001 ']' 413s + echo 'Test Organization Root Tr Token' 413s + '[' -n no_verification ']' 413s + local verify_arg=--verify=no_verification 413s + local output_base_name=SSSD-child-27328 413s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-27328.output 413s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-27328.pem 413s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 413s [p11_child[3298]] [main] (0x0400): p11_child started. 413s [p11_child[3298]] [main] (0x2000): Running in [pre-auth] mode. 413s [p11_child[3298]] [main] (0x2000): Running with effective IDs: [0][0]. 413s [p11_child[3298]] [main] (0x2000): Running with real IDs [0][0]. 413s [p11_child[3298]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 413s [p11_child[3298]] [do_card] (0x4000): Module List: 413s [p11_child[3298]] [do_card] (0x4000): common name: [softhsm2]. 413s [p11_child[3298]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3298]] [do_card] (0x4000): Description [SoftHSM slot ID 0x591e2bb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 413s [p11_child[3298]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 413s [p11_child[3298]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x591e2bb3][1495149491] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3298]] [do_card] (0x4000): Login NOT required. 413s [p11_child[3298]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 413s [p11_child[3298]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 413s [p11_child[3298]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x591e2bb3;slot-manufacturer=SoftHSM%20project;slot-id=1495149491;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e3a1130591e2bb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 413s [p11_child[3298]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 413s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-27328.output 413s + echo '-----BEGIN CERTIFICATE-----' 413s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-27328.output 413s + echo '-----END CERTIFICATE-----' 413s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-27328.pem 413s Certificate: 413s Data: 413s Version: 3 (0x2) 413s Serial Number: 3 (0x3) 413s Signature Algorithm: sha256WithRSAEncryption 413s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 413s Validity 413s Not Before: Apr 8 22:42:33 2024 GMT 413s Not After : Apr 8 22:42:33 2025 GMT 413s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 413s Subject Public Key Info: 413s Public Key Algorithm: rsaEncryption 413s Public-Key: (1024 bit) 413s Modulus: 413s 00:b9:f1:e4:c0:84:9c:3b:5b:85:48:76:f5:f4:be: 413s e0:85:60:35:47:e1:3b:0b:63:89:90:fa:a1:4c:86: 413s 24:c4:0e:f6:31:1d:a7:4d:49:2b:bd:c2:eb:d8:4d: 413s de:39:1e:cf:e4:a0:ec:fb:b0:f4:fa:31:ea:d2:6a: 413s e6:c1:f1:03:7a:c0:af:4f:ba:aa:5b:9b:2f:91:f7: 413s 92:19:55:dc:90:e8:68:7c:de:2a:1d:d7:32:cd:66: 413s 7b:ce:24:c7:b3:eb:97:ca:69:77:ff:fb:9f:c7:8e: 413s a4:ae:7b:92:e0:c7:76:0f:b4:c7:d9:34:df:92:39: 413s a7:9c:2e:d0:5b:c7:bd:bf:35 413s Exponent: 65537 (0x10001) 413s X509v3 extensions: 413s X509v3 Authority Key Identifier: 413s 0A:6F:F8:5A:2D:E3:F9:9D:D3:B0:A8:66:57:78:6E:C2:61:FE:24:52 413s X509v3 Basic Constraints: 413s CA:FALSE 413s Netscape Cert Type: 413s SSL Client, S/MIME 413s Netscape Comment: 413s Test Organization Root CA trusted Certificate 413s X509v3 Subject Key Identifier: 413s 64:BE:16:46:F4:2E:08:A6:6B:D0:F7:2A:82:65:13:0E:1E:FE:7B:F2 413s X509v3 Key Usage: critical 413s Digital Signature, Non Repudiation, Key Encipherment 413s X509v3 Extended Key Usage: 413s TLS Web Client Authentication, E-mail Protection 413s X509v3 Subject Alternative Name: 413s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 413s Signature Algorithm: sha256WithRSAEncryption 413s Signature Value: 413s 7c:e7:6f:bc:c6:4c:1b:1a:52:09:f3:a7:68:ae:75:5c:b9:eb: 413s 48:90:eb:cc:17:94:4d:c5:4b:46:dc:de:97:23:39:87:ff:18: 413s b5:b2:88:9b:77:72:ce:de:a0:5b:40:e0:cd:3e:30:0a:8b:b9: 413s c4:5f:41:0c:97:c5:ae:f8:cb:43:e6:4a:2d:ca:d5:7e:dc:dc: 413s 58:4e:98:92:a1:cf:97:24:b3:99:92:4c:51:4a:9f:6b:81:55: 413s 68:fe:cc:fa:64:b8:8b:74:4d:b1:bf:f1:91:c6:b9:f2:47:09: 413s ad:ab:e4:f2:bf:5e:3b:25:cf:dc:6e:29:6f:9f:5d:61:9e:ac: 413s 04:00 413s + local found_md5 expected_md5 413s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 413s + expected_md5=Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 413s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-27328.pem 413s + found_md5=Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 413s + '[' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 '!=' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 ']' 413s + output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-27328-auth.output 413s ++ basename /tmp/sssd-softhsm2-5yzQpU/SSSD-child-27328-auth.output .output 413s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-27328-auth.pem 413s + echo -n 053350 413s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 413s [p11_child[3306]] [main] (0x0400): p11_child started. 413s [p11_child[3306]] [main] (0x2000): Running in [auth] mode. 413s [p11_child[3306]] [main] (0x2000): Running with effective IDs: [0][0]. 413s [p11_child[3306]] [main] (0x2000): Running with real IDs [0][0]. 413s [p11_child[3306]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 413s [p11_child[3306]] [do_card] (0x4000): Module List: 413s [p11_child[3306]] [do_card] (0x4000): common name: [softhsm2]. 413s [p11_child[3306]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3306]] [do_card] (0x4000): Description [SoftHSM slot ID 0x591e2bb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 413s [p11_child[3306]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 413s [p11_child[3306]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x591e2bb3][1495149491] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3306]] [do_card] (0x4000): Login required. 413s [p11_child[3306]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 413s [p11_child[3306]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 413s [p11_child[3306]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x591e2bb3;slot-manufacturer=SoftHSM%20project;slot-id=1495149491;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e3a1130591e2bb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 413s [p11_child[3306]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 413s [p11_child[3306]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 413s [p11_child[3306]] [do_card] (0x4000): Certificate verified and validated. 413s [p11_child[3306]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 413s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-27328-auth.output 413s + echo '-----BEGIN CERTIFICATE-----' 413s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-27328-auth.output 413s + echo '-----END CERTIFICATE-----' 413s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-27328-auth.pem 413s Certificate: 413s Data: 413s Version: 3 (0x2) 413s Serial Number: 3 (0x3) 413s Signature Algorithm: sha256WithRSAEncryption 413s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 413s Validity 413s Not Before: Apr 8 22:42:33 2024 GMT 413s Not After : Apr 8 22:42:33 2025 GMT 413s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 413s Subject Public Key Info: 413s Public Key Algorithm: rsaEncryption 413s Public-Key: (1024 bit) 413s Modulus: 413s 00:b9:f1:e4:c0:84:9c:3b:5b:85:48:76:f5:f4:be: 413s e0:85:60:35:47:e1:3b:0b:63:89:90:fa:a1:4c:86: 413s 24:c4:0e:f6:31:1d:a7:4d:49:2b:bd:c2:eb:d8:4d: 413s de:39:1e:cf:e4:a0:ec:fb:b0:f4:fa:31:ea:d2:6a: 413s e6:c1:f1:03:7a:c0:af:4f:ba:aa:5b:9b:2f:91:f7: 413s 92:19:55:dc:90:e8:68:7c:de:2a:1d:d7:32:cd:66: 413s 7b:ce:24:c7:b3:eb:97:ca:69:77:ff:fb:9f:c7:8e: 413s a4:ae:7b:92:e0:c7:76:0f:b4:c7:d9:34:df:92:39: 413s a7:9c:2e:d0:5b:c7:bd:bf:35 413s Exponent: 65537 (0x10001) 413s X509v3 extensions: 413s X509v3 Authority Key Identifier: 413s 0A:6F:F8:5A:2D:E3:F9:9D:D3:B0:A8:66:57:78:6E:C2:61:FE:24:52 413s X509v3 Basic Constraints: 413s CA:FALSE 413s Netscape Cert Type: 413s SSL Client, S/MIME 413s Netscape Comment: 413s Test Organization Root CA trusted Certificate 413s X509v3 Subject Key Identifier: 413s 64:BE:16:46:F4:2E:08:A6:6B:D0:F7:2A:82:65:13:0E:1E:FE:7B:F2 413s X509v3 Key Usage: critical 413s Digital Signature, Non Repudiation, Key Encipherment 413s X509v3 Extended Key Usage: 413s TLS Web Client Authentication, E-mail Protection 413s X509v3 Subject Alternative Name: 413s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 413s Signature Algorithm: sha256WithRSAEncryption 413s Signature Value: 413s 7c:e7:6f:bc:c6:4c:1b:1a:52:09:f3:a7:68:ae:75:5c:b9:eb: 413s 48:90:eb:cc:17:94:4d:c5:4b:46:dc:de:97:23:39:87:ff:18: 413s b5:b2:88:9b:77:72:ce:de:a0:5b:40:e0:cd:3e:30:0a:8b:b9: 413s c4:5f:41:0c:97:c5:ae:f8:cb:43:e6:4a:2d:ca:d5:7e:dc:dc: 413s 58:4e:98:92:a1:cf:97:24:b3:99:92:4c:51:4a:9f:6b:81:55: 413s 68:fe:cc:fa:64:b8:8b:74:4d:b1:bf:f1:91:c6:b9:f2:47:09: 413s ad:ab:e4:f2:bf:5e:3b:25:cf:dc:6e:29:6f:9f:5d:61:9e:ac: 413s 04:00 413s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-27328-auth.pem 413s + found_md5=Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 413s + '[' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 '!=' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 ']' 413s + valid_certificate /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 413s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 413s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 413s + local key_pass=pass:random-root-ca-trusted-cert-0001-13702 413s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 413s + local verify_option= 413s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 413s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 413s + local key_pass=pass:random-root-ca-trusted-cert-0001-13702 413s + local key_cn 413s + local key_name 413s + local tokens_dir 413s + local output_cert_file 413s + token_name= 413s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem .pem 413s + key_name=test-root-CA-trusted-certificate-0001 413s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 413s ++ sed -n 's/ *commonName *= //p' 413s + key_cn='Test Organization Root Trusted Certificate 0001' 413s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 413s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf 413s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf 413s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 413s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001 413s + token_name='Test Organization Root Tr Token' 413s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 413s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001 ']' 413s + echo 'Test Organization Root Tr Token' 413s + '[' -n '' ']' 413s + local output_base_name=SSSD-child-22624 413s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-22624.output 413s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-22624.pem 413s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 413s Test Organization Root Tr Token 413s [p11_child[3316]] [main] (0x0400): p11_child started. 413s [p11_child[3316]] [main] (0x2000): Running in [pre-auth] mode. 413s [p11_child[3316]] [main] (0x2000): Running with effective IDs: [0][0]. 413s [p11_child[3316]] [main] (0x2000): Running with real IDs [0][0]. 413s [p11_child[3316]] [do_card] (0x4000): Module List: 413s [p11_child[3316]] [do_card] (0x4000): common name: [softhsm2]. 413s [p11_child[3316]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3316]] [do_card] (0x4000): Description [SoftHSM slot ID 0x591e2bb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 413s [p11_child[3316]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 413s [p11_child[3316]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x591e2bb3][1495149491] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3316]] [do_card] (0x4000): Login NOT required. 413s [p11_child[3316]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 413s [p11_child[3316]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 413s [p11_child[3316]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 413s [p11_child[3316]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x591e2bb3;slot-manufacturer=SoftHSM%20project;slot-id=1495149491;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e3a1130591e2bb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 413s [p11_child[3316]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 413s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-22624.output 413s + echo '-----BEGIN CERTIFICATE-----' 413s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-22624.output 413s + echo '-----END CERTIFICATE-----' 413s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-22624.pem 413s + local found_md5 expected_md5 413s Certificate: 413s Data: 413s Version: 3 (0x2) 413s Serial Number: 3 (0x3) 413s Signature Algorithm: sha256WithRSAEncryption 413s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 413s Validity 413s Not Before: Apr 8 22:42:33 2024 GMT 413s Not After : Apr 8 22:42:33 2025 GMT 413s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 413s Subject Public Key Info: 413s Public Key Algorithm: rsaEncryption 413s Public-Key: (1024 bit) 413s Modulus: 413s 00:b9:f1:e4:c0:84:9c:3b:5b:85:48:76:f5:f4:be: 413s e0:85:60:35:47:e1:3b:0b:63:89:90:fa:a1:4c:86: 413s 24:c4:0e:f6:31:1d:a7:4d:49:2b:bd:c2:eb:d8:4d: 413s de:39:1e:cf:e4:a0:ec:fb:b0:f4:fa:31:ea:d2:6a: 413s e6:c1:f1:03:7a:c0:af:4f:ba:aa:5b:9b:2f:91:f7: 413s 92:19:55:dc:90:e8:68:7c:de:2a:1d:d7:32:cd:66: 413s 7b:ce:24:c7:b3:eb:97:ca:69:77:ff:fb:9f:c7:8e: 413s a4:ae:7b:92:e0:c7:76:0f:b4:c7:d9:34:df:92:39: 413s a7:9c:2e:d0:5b:c7:bd:bf:35 413s Exponent: 65537 (0x10001) 413s X509v3 extensions: 413s X509v3 Authority Key Identifier: 413s 0A:6F:F8:5A:2D:E3:F9:9D:D3:B0:A8:66:57:78:6E:C2:61:FE:24:52 413s X509v3 Basic Constraints: 413s CA:FALSE 413s Netscape Cert Type: 413s SSL Client, S/MIME 413s Netscape Comment: 413s Test Organization Root CA trusted Certificate 413s X509v3 Subject Key Identifier: 413s 64:BE:16:46:F4:2E:08:A6:6B:D0:F7:2A:82:65:13:0E:1E:FE:7B:F2 413s X509v3 Key Usage: critical 413s Digital Signature, Non Repudiation, Key Encipherment 413s X509v3 Extended Key Usage: 413s TLS Web Client Authentication, E-mail Protection 413s X509v3 Subject Alternative Name: 413s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 413s Signature Algorithm: sha256WithRSAEncryption 413s Signature Value: 413s 7c:e7:6f:bc:c6:4c:1b:1a:52:09:f3:a7:68:ae:75:5c:b9:eb: 413s 48:90:eb:cc:17:94:4d:c5:4b:46:dc:de:97:23:39:87:ff:18: 413s b5:b2:88:9b:77:72:ce:de:a0:5b:40:e0:cd:3e:30:0a:8b:b9: 413s c4:5f:41:0c:97:c5:ae:f8:cb:43:e6:4a:2d:ca:d5:7e:dc:dc: 413s 58:4e:98:92:a1:cf:97:24:b3:99:92:4c:51:4a:9f:6b:81:55: 413s 68:fe:cc:fa:64:b8:8b:74:4d:b1:bf:f1:91:c6:b9:f2:47:09: 413s ad:ab:e4:f2:bf:5e:3b:25:cf:dc:6e:29:6f:9f:5d:61:9e:ac: 413s 04:00 413s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 413s + expected_md5=Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 413s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-22624.pem 413s + found_md5=Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 413s + '[' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 '!=' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 ']' 413s + output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-22624-auth.output 413s ++ basename /tmp/sssd-softhsm2-5yzQpU/SSSD-child-22624-auth.output .output 413s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-22624-auth.pem 413s + echo -n 053350 413s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 413s [p11_child[3324]] [main] (0x0400): p11_child started. 413s [p11_child[3324]] [main] (0x2000): Running in [auth] mode. 413s [p11_child[3324]] [main] (0x2000): Running with effective IDs: [0][0]. 413s [p11_child[3324]] [main] (0x2000): Running with real IDs [0][0]. 413s [p11_child[3324]] [do_card] (0x4000): Module List: 413s [p11_child[3324]] [do_card] (0x4000): common name: [softhsm2]. 413s [p11_child[3324]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3324]] [do_card] (0x4000): Description [SoftHSM slot ID 0x591e2bb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 413s [p11_child[3324]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 413s [p11_child[3324]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x591e2bb3][1495149491] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3324]] [do_card] (0x4000): Login required. 413s [p11_child[3324]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 413s [p11_child[3324]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 413s [p11_child[3324]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 413s [p11_child[3324]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x591e2bb3;slot-manufacturer=SoftHSM%20project;slot-id=1495149491;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e3a1130591e2bb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 413s [p11_child[3324]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 413s [p11_child[3324]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 413s [p11_child[3324]] [do_card] (0x4000): Certificate verified and validated. 413s [p11_child[3324]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 413s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-22624-auth.output 413s + echo '-----BEGIN CERTIFICATE-----' 413s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-22624-auth.output 413s + echo '-----END CERTIFICATE-----' 413s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-22624-auth.pem 413s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-22624-auth.pem 413s Certificate: 413s Data: 413s Version: 3 (0x2) 413s Serial Number: 3 (0x3) 413s Signature Algorithm: sha256WithRSAEncryption 413s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 413s Validity 413s Not Before: Apr 8 22:42:33 2024 GMT 413s Not After : Apr 8 22:42:33 2025 GMT 413s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 413s Subject Public Key Info: 413s Public Key Algorithm: rsaEncryption 413s Public-Key: (1024 bit) 413s Modulus: 413s 00:b9:f1:e4:c0:84:9c:3b:5b:85:48:76:f5:f4:be: 413s e0:85:60:35:47:e1:3b:0b:63:89:90:fa:a1:4c:86: 413s 24:c4:0e:f6:31:1d:a7:4d:49:2b:bd:c2:eb:d8:4d: 413s de:39:1e:cf:e4:a0:ec:fb:b0:f4:fa:31:ea:d2:6a: 413s e6:c1:f1:03:7a:c0:af:4f:ba:aa:5b:9b:2f:91:f7: 413s 92:19:55:dc:90:e8:68:7c:de:2a:1d:d7:32:cd:66: 413s 7b:ce:24:c7:b3:eb:97:ca:69:77:ff:fb:9f:c7:8e: 413s a4:ae:7b:92:e0:c7:76:0f:b4:c7:d9:34:df:92:39: 413s a7:9c:2e:d0:5b:c7:bd:bf:35 413s Exponent: 65537 (0x10001) 413s X509v3 extensions: 413s X509v3 Authority Key Identifier: 413s 0A:6F:F8:5A:2D:E3:F9:9D:D3:B0:A8:66:57:78:6E:C2:61:FE:24:52 413s X509v3 Basic Constraints: 413s CA:FALSE 413s Netscape Cert Type: 413s SSL Client, S/MIME 413s Netscape Comment: 413s Test Organization Root CA trusted Certificate 413s X509v3 Subject Key Identifier: 413s 64:BE:16:46:F4:2E:08:A6:6B:D0:F7:2A:82:65:13:0E:1E:FE:7B:F2 413s X509v3 Key Usage: critical 413s Digital Signature, Non Repudiation, Key Encipherment 413s X509v3 Extended Key Usage: 413s TLS Web Client Authentication, E-mail Protection 413s X509v3 Subject Alternative Name: 413s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 413s Signature Algorithm: sha256WithRSAEncryption 413s Signature Value: 413s 7c:e7:6f:bc:c6:4c:1b:1a:52:09:f3:a7:68:ae:75:5c:b9:eb: 413s 48:90:eb:cc:17:94:4d:c5:4b:46:dc:de:97:23:39:87:ff:18: 413s b5:b2:88:9b:77:72:ce:de:a0:5b:40:e0:cd:3e:30:0a:8b:b9: 413s c4:5f:41:0c:97:c5:ae:f8:cb:43:e6:4a:2d:ca:d5:7e:dc:dc: 413s 58:4e:98:92:a1:cf:97:24:b3:99:92:4c:51:4a:9f:6b:81:55: 413s 68:fe:cc:fa:64:b8:8b:74:4d:b1:bf:f1:91:c6:b9:f2:47:09: 413s ad:ab:e4:f2:bf:5e:3b:25:cf:dc:6e:29:6f:9f:5d:61:9e:ac: 413s 04:00 413s + found_md5=Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 413s + '[' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 '!=' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 ']' 413s + valid_certificate /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem partial_chain 413s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem partial_chain 413s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 413s + local key_pass=pass:random-root-ca-trusted-cert-0001-13702 413s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 413s + local verify_option=partial_chain 413s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 413s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 413s + local key_pass=pass:random-root-ca-trusted-cert-0001-13702 413s + local key_cn 413s + local key_name 413s + local tokens_dir 413s + local output_cert_file 413s + token_name= 413s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem .pem 413s + key_name=test-root-CA-trusted-certificate-0001 413s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 413s ++ sed -n 's/ *commonName *= //p' 413s + key_cn='Test Organization Root Trusted Certificate 0001' 413s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 413s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf 413s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf 413s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 413s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001 413s + token_name='Test Organization Root Tr Token' 413s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 413s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001 ']' 413s + echo 'Test Organization Root Tr Token' 413s + '[' -n partial_chain ']' 413s + local verify_arg=--verify=partial_chain 413s + local output_base_name=SSSD-child-24412 413s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-24412.output 413s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-24412.pem 413s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 413s [p11_child[3334]] [main] (0x0400): p11_child started. 413s [p11_child[3334]] [main] (0x2000): Running in [pre-auth] mode. 413s Test Organization Root Tr Token 413s [p11_child[3334]] [main] (0x2000): Running with effective IDs: [0][0]. 413s [p11_child[3334]] [main] (0x2000): Running with real IDs [0][0]. 413s [p11_child[3334]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 413s [p11_child[3334]] [do_card] (0x4000): Module List: 413s [p11_child[3334]] [do_card] (0x4000): common name: [softhsm2]. 413s [p11_child[3334]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3334]] [do_card] (0x4000): Description [SoftHSM slot ID 0x591e2bb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 413s [p11_child[3334]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 413s [p11_child[3334]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x591e2bb3][1495149491] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3334]] [do_card] (0x4000): Login NOT required. 413s [p11_child[3334]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 413s [p11_child[3334]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 413s [p11_child[3334]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 413s [p11_child[3334]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x591e2bb3;slot-manufacturer=SoftHSM%20project;slot-id=1495149491;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e3a1130591e2bb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 413s [p11_child[3334]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 413s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-24412.output 413s + echo '-----BEGIN CERTIFICATE-----' 413s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-24412.output 413s + echo '-----END CERTIFICATE-----' 413s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-24412.pem 413s + local found_md5 expected_md5 413s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 413s Certificate: 413s Data: 413s Version: 3 (0x2) 413s Serial Number: 3 (0x3) 413s Signature Algorithm: sha256WithRSAEncryption 413s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 413s Validity 413s Not Before: Apr 8 22:42:33 2024 GMT 413s Not After : Apr 8 22:42:33 2025 GMT 413s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 413s Subject Public Key Info: 413s Public Key Algorithm: rsaEncryption 413s Public-Key: (1024 bit) 413s Modulus: 413s 00:b9:f1:e4:c0:84:9c:3b:5b:85:48:76:f5:f4:be: 413s e0:85:60:35:47:e1:3b:0b:63:89:90:fa:a1:4c:86: 413s 24:c4:0e:f6:31:1d:a7:4d:49:2b:bd:c2:eb:d8:4d: 413s de:39:1e:cf:e4:a0:ec:fb:b0:f4:fa:31:ea:d2:6a: 413s e6:c1:f1:03:7a:c0:af:4f:ba:aa:5b:9b:2f:91:f7: 413s 92:19:55:dc:90:e8:68:7c:de:2a:1d:d7:32:cd:66: 413s 7b:ce:24:c7:b3:eb:97:ca:69:77:ff:fb:9f:c7:8e: 413s a4:ae:7b:92:e0:c7:76:0f:b4:c7:d9:34:df:92:39: 413s a7:9c:2e:d0:5b:c7:bd:bf:35 413s Exponent: 65537 (0x10001) 413s X509v3 extensions: 413s X509v3 Authority Key Identifier: 413s 0A:6F:F8:5A:2D:E3:F9:9D:D3:B0:A8:66:57:78:6E:C2:61:FE:24:52 413s X509v3 Basic Constraints: 413s CA:FALSE 413s Netscape Cert Type: 413s SSL Client, S/MIME 413s Netscape Comment: 413s Test Organization Root CA trusted Certificate 413s X509v3 Subject Key Identifier: 413s 64:BE:16:46:F4:2E:08:A6:6B:D0:F7:2A:82:65:13:0E:1E:FE:7B:F2 413s X509v3 Key Usage: critical 413s Digital Signature, Non Repudiation, Key Encipherment 413s X509v3 Extended Key Usage: 413s TLS Web Client Authentication, E-mail Protection 413s X509v3 Subject Alternative Name: 413s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 413s Signature Algorithm: sha256WithRSAEncryption 413s Signature Value: 413s 7c:e7:6f:bc:c6:4c:1b:1a:52:09:f3:a7:68:ae:75:5c:b9:eb: 413s 48:90:eb:cc:17:94:4d:c5:4b:46:dc:de:97:23:39:87:ff:18: 413s b5:b2:88:9b:77:72:ce:de:a0:5b:40:e0:cd:3e:30:0a:8b:b9: 413s c4:5f:41:0c:97:c5:ae:f8:cb:43:e6:4a:2d:ca:d5:7e:dc:dc: 413s 58:4e:98:92:a1:cf:97:24:b3:99:92:4c:51:4a:9f:6b:81:55: 413s 68:fe:cc:fa:64:b8:8b:74:4d:b1:bf:f1:91:c6:b9:f2:47:09: 413s ad:ab:e4:f2:bf:5e:3b:25:cf:dc:6e:29:6f:9f:5d:61:9e:ac: 413s 04:00 413s + expected_md5=Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 413s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-24412.pem 413s + found_md5=Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 413s + '[' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 '!=' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 ']' 413s + output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-24412-auth.output 413s ++ basename /tmp/sssd-softhsm2-5yzQpU/SSSD-child-24412-auth.output .output 413s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-24412-auth.pem 413s + echo -n 053350 413s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 413s [p11_child[3342]] [main] (0x0400): p11_child started. 413s [p11_child[3342]] [main] (0x2000): Running in [auth] mode. 413s [p11_child[3342]] [main] (0x2000): Running with effective IDs: [0][0]. 413s [p11_child[3342]] [main] (0x2000): Running with real IDs [0][0]. 413s [p11_child[3342]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 413s [p11_child[3342]] [do_card] (0x4000): Module List: 413s [p11_child[3342]] [do_card] (0x4000): common name: [softhsm2]. 413s [p11_child[3342]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3342]] [do_card] (0x4000): Description [SoftHSM slot ID 0x591e2bb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 413s [p11_child[3342]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 413s [p11_child[3342]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x591e2bb3][1495149491] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3342]] [do_card] (0x4000): Login required. 413s [p11_child[3342]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 413s [p11_child[3342]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 413s [p11_child[3342]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 413s [p11_child[3342]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x591e2bb3;slot-manufacturer=SoftHSM%20project;slot-id=1495149491;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e3a1130591e2bb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 413s [p11_child[3342]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 413s [p11_child[3342]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 413s [p11_child[3342]] [do_card] (0x4000): Certificate verified and validated. 413s [p11_child[3342]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 413s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-24412-auth.output 413s + echo '-----BEGIN CERTIFICATE-----' 413s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-24412-auth.output 413s + echo '-----END CERTIFICATE-----' 413s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-24412-auth.pem 413s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-24412-auth.pem 413s Certificate: 413s Data: 413s Version: 3 (0x2) 413s Serial Number: 3 (0x3) 413s Signature Algorithm: sha256WithRSAEncryption 413s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 413s Validity 413s Not Before: Apr 8 22:42:33 2024 GMT 413s Not After : Apr 8 22:42:33 2025 GMT 413s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 413s Subject Public Key Info: 413s Public Key Algorithm: rsaEncryption 413s Public-Key: (1024 bit) 413s Modulus: 413s 00:b9:f1:e4:c0:84:9c:3b:5b:85:48:76:f5:f4:be: 413s e0:85:60:35:47:e1:3b:0b:63:89:90:fa:a1:4c:86: 413s 24:c4:0e:f6:31:1d:a7:4d:49:2b:bd:c2:eb:d8:4d: 413s de:39:1e:cf:e4:a0:ec:fb:b0:f4:fa:31:ea:d2:6a: 413s e6:c1:f1:03:7a:c0:af:4f:ba:aa:5b:9b:2f:91:f7: 413s 92:19:55:dc:90:e8:68:7c:de:2a:1d:d7:32:cd:66: 413s 7b:ce:24:c7:b3:eb:97:ca:69:77:ff:fb:9f:c7:8e: 413s a4:ae:7b:92:e0:c7:76:0f:b4:c7:d9:34:df:92:39: 413s a7:9c:2e:d0:5b:c7:bd:bf:35 413s Exponent: 65537 (0x10001) 413s X509v3 extensions: 413s X509v3 Authority Key Identifier: 413s 0A:6F:F8:5A:2D:E3:F9:9D:D3:B0:A8:66:57:78:6E:C2:61:FE:24:52 413s X509v3 Basic Constraints: 413s CA:FALSE 413s Netscape Cert Type: 413s SSL Client, S/MIME 413s Netscape Comment: 413s Test Organization Root CA trusted Certificate 413s X509v3 Subject Key Identifier: 413s 64:BE:16:46:F4:2E:08:A6:6B:D0:F7:2A:82:65:13:0E:1E:FE:7B:F2 413s X509v3 Key Usage: critical 413s Digital Signature, Non Repudiation, Key Encipherment 413s X509v3 Extended Key Usage: 413s TLS Web Client Authentication, E-mail Protection 413s X509v3 Subject Alternative Name: 413s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 413s Signature Algorithm: sha256WithRSAEncryption 413s Signature Value: 413s 7c:e7:6f:bc:c6:4c:1b:1a:52:09:f3:a7:68:ae:75:5c:b9:eb: 413s 48:90:eb:cc:17:94:4d:c5:4b:46:dc:de:97:23:39:87:ff:18: 413s b5:b2:88:9b:77:72:ce:de:a0:5b:40:e0:cd:3e:30:0a:8b:b9: 413s c4:5f:41:0c:97:c5:ae:f8:cb:43:e6:4a:2d:ca:d5:7e:dc:dc: 413s 58:4e:98:92:a1:cf:97:24:b3:99:92:4c:51:4a:9f:6b:81:55: 413s 68:fe:cc:fa:64:b8:8b:74:4d:b1:bf:f1:91:c6:b9:f2:47:09: 413s ad:ab:e4:f2:bf:5e:3b:25:cf:dc:6e:29:6f:9f:5d:61:9e:ac: 413s 04:00 413s + found_md5=Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 413s + '[' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 '!=' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 ']' 413s + valid_certificate /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 413s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 413s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 413s + local key_pass=pass:random-root-ca-trusted-cert-0001-13702 413s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 413s + local verify_option= 413s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 413s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 413s + local key_pass=pass:random-root-ca-trusted-cert-0001-13702 413s + local key_cn 413s + local key_name 413s + local tokens_dir 413s + local output_cert_file 413s + token_name= 413s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem .pem 413s + key_name=test-root-CA-trusted-certificate-0001 413s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 413s ++ sed -n 's/ *commonName *= //p' 413s + key_cn='Test Organization Root Trusted Certificate 0001' 413s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 413s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf 413s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf 413s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 413s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001 413s + token_name='Test Organization Root Tr Token' 413s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 413s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001 ']' 413s + echo 'Test Organization Root Tr Token' 413s + '[' -n '' ']' 413s + local output_base_name=SSSD-child-4419 413s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-4419.output 413s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-4419.pem 413s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 413s Test Organization Root Tr Token 413s [p11_child[3352]] [main] (0x0400): p11_child started. 413s [p11_child[3352]] [main] (0x2000): Running in [pre-auth] mode. 413s [p11_child[3352]] [main] (0x2000): Running with effective IDs: [0][0]. 413s [p11_child[3352]] [main] (0x2000): Running with real IDs [0][0]. 413s [p11_child[3352]] [do_card] (0x4000): Module List: 413s [p11_child[3352]] [do_card] (0x4000): common name: [softhsm2]. 413s [p11_child[3352]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3352]] [do_card] (0x4000): Description [SoftHSM slot ID 0x591e2bb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 413s [p11_child[3352]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 413s [p11_child[3352]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x591e2bb3][1495149491] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 413s [p11_child[3352]] [do_card] (0x4000): Login NOT required. 413s [p11_child[3352]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 413s [p11_child[3352]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 413s [p11_child[3352]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 413s [p11_child[3352]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x591e2bb3;slot-manufacturer=SoftHSM%20project;slot-id=1495149491;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e3a1130591e2bb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 413s [p11_child[3352]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 413s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-4419.output 413s + echo '-----BEGIN CERTIFICATE-----' 413s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-4419.output 413s + echo '-----END CERTIFICATE-----' 413s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-4419.pem 414s Certificate: 414s Data: 414s Version: 3 (0x2) 414s Serial Number: 3 (0x3) 414s Signature Algorithm: sha256WithRSAEncryption 414s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 414s Validity 414s Not Before: Apr 8 22:42:33 2024 GMT 414s Not After : Apr 8 22:42:33 2025 GMT 414s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 414s Subject Public Key Info: 414s Public Key Algorithm: rsaEncryption 414s Public-Key: (1024 bit) 414s Modulus: 414s 00:b9:f1:e4:c0:84:9c:3b:5b:85:48:76:f5:f4:be: 414s e0:85:60:35:47:e1:3b:0b:63:89:90:fa:a1:4c:86: 414s 24:c4:0e:f6:31:1d:a7:4d:49:2b:bd:c2:eb:d8:4d: 414s de:39:1e:cf:e4:a0:ec:fb:b0:f4:fa:31:ea:d2:6a: 414s e6:c1:f1:03:7a:c0:af:4f:ba:aa:5b:9b:2f:91:f7: 414s 92:19:55:dc:90:e8:68:7c:de:2a:1d:d7:32:cd:66: 414s 7b:ce:24:c7:b3:eb:97:ca:69:77:ff:fb:9f:c7:8e: 414s a4:ae:7b:92:e0:c7:76:0f:b4:c7:d9:34:df:92:39: 414s a7:9c:2e:d0:5b:c7:bd:bf:35 414s Exponent: 65537 (0x10001) 414s X509v3 extensions: 414s X509v3 Authority Key Identifier: 414s 0A:6F:F8:5A:2D:E3:F9:9D:D3:B0:A8:66:57:78:6E:C2:61:FE:24:52 414s X509v3 Basic Constraints: 414s CA:FALSE 414s Netscape Cert Type: 414s SSL Client, S/MIME 414s Netscape Comment: 414s Test Organization Root CA trusted Certificate 414s X509v3 Subject Key Identifier: 414s 64:BE:16:46:F4:2E:08:A6:6B:D0:F7:2A:82:65:13:0E:1E:FE:7B:F2 414s X509v3 Key Usage: critical 414s Digital Signature, Non Repudiation, Key Encipherment 414s X509v3 Extended Key Usage: 414s TLS Web Client Authentication, E-mail Protection 414s X509v3 Subject Alternative Name: 414s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 414s Signature Algorithm: sha256WithRSAEncryption 414s Signature Value: 414s 7c:e7:6f:bc:c6:4c:1b:1a:52:09:f3:a7:68:ae:75:5c:b9:eb: 414s 48:90:eb:cc:17:94:4d:c5:4b:46:dc:de:97:23:39:87:ff:18: 414s b5:b2:88:9b:77:72:ce:de:a0:5b:40:e0:cd:3e:30:0a:8b:b9: 414s c4:5f:41:0c:97:c5:ae:f8:cb:43:e6:4a:2d:ca:d5:7e:dc:dc: 414s 58:4e:98:92:a1:cf:97:24:b3:99:92:4c:51:4a:9f:6b:81:55: 414s 68:fe:cc:fa:64:b8:8b:74:4d:b1:bf:f1:91:c6:b9:f2:47:09: 414s ad:ab:e4:f2:bf:5e:3b:25:cf:dc:6e:29:6f:9f:5d:61:9e:ac: 414s 04:00 414s + local found_md5 expected_md5 414s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 414s + expected_md5=Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 414s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-4419.pem 414s + found_md5=Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 414s + '[' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 '!=' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 ']' 414s + output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-4419-auth.output 414s ++ basename /tmp/sssd-softhsm2-5yzQpU/SSSD-child-4419-auth.output .output 414s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-4419-auth.pem 414s + echo -n 053350 414s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 414s [p11_child[3360]] [main] (0x0400): p11_child started. 414s [p11_child[3360]] [main] (0x2000): Running in [auth] mode. 414s [p11_child[3360]] [main] (0x2000): Running with effective IDs: [0][0]. 414s [p11_child[3360]] [main] (0x2000): Running with real IDs [0][0]. 414s [p11_child[3360]] [do_card] (0x4000): Module List: 414s [p11_child[3360]] [do_card] (0x4000): common name: [softhsm2]. 414s [p11_child[3360]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3360]] [do_card] (0x4000): Description [SoftHSM slot ID 0x591e2bb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 414s [p11_child[3360]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 414s [p11_child[3360]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x591e2bb3][1495149491] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3360]] [do_card] (0x4000): Login required. 414s [p11_child[3360]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 414s [p11_child[3360]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 414s [p11_child[3360]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 414s [p11_child[3360]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x591e2bb3;slot-manufacturer=SoftHSM%20project;slot-id=1495149491;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e3a1130591e2bb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 414s [p11_child[3360]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 414s [p11_child[3360]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 414s [p11_child[3360]] [do_card] (0x4000): Certificate verified and validated. 414s [p11_child[3360]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 414s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-4419-auth.output 414s + echo '-----BEGIN CERTIFICATE-----' 414s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-4419-auth.output 414s + echo '-----END CERTIFICATE-----' 414s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-4419-auth.pem 414s Certificate: 414s Data: 414s Version: 3 (0x2) 414s Serial Number: 3 (0x3) 414s Signature Algorithm: sha256WithRSAEncryption 414s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 414s Validity 414s Not Before: Apr 8 22:42:33 2024 GMT 414s Not After : Apr 8 22:42:33 2025 GMT 414s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 414s Subject Public Key Info: 414s Public Key Algorithm: rsaEncryption 414s Public-Key: (1024 bit) 414s Modulus: 414s 00:b9:f1:e4:c0:84:9c:3b:5b:85:48:76:f5:f4:be: 414s e0:85:60:35:47:e1:3b:0b:63:89:90:fa:a1:4c:86: 414s 24:c4:0e:f6:31:1d:a7:4d:49:2b:bd:c2:eb:d8:4d: 414s de:39:1e:cf:e4:a0:ec:fb:b0:f4:fa:31:ea:d2:6a: 414s e6:c1:f1:03:7a:c0:af:4f:ba:aa:5b:9b:2f:91:f7: 414s 92:19:55:dc:90:e8:68:7c:de:2a:1d:d7:32:cd:66: 414s 7b:ce:24:c7:b3:eb:97:ca:69:77:ff:fb:9f:c7:8e: 414s a4:ae:7b:92:e0:c7:76:0f:b4:c7:d9:34:df:92:39: 414s a7:9c:2e:d0:5b:c7:bd:bf:35 414s Exponent: 65537 (0x10001) 414s X509v3 extensions: 414s X509v3 Authority Key Identifier: 414s 0A:6F:F8:5A:2D:E3:F9:9D:D3:B0:A8:66:57:78:6E:C2:61:FE:24:52 414s X509v3 Basic Constraints: 414s CA:FALSE 414s Netscape Cert Type: 414s SSL Client, S/MIME 414s Netscape Comment: 414s Test Organization Root CA trusted Certificate 414s X509v3 Subject Key Identifier: 414s 64:BE:16:46:F4:2E:08:A6:6B:D0:F7:2A:82:65:13:0E:1E:FE:7B:F2 414s X509v3 Key Usage: critical 414s Digital Signature, Non Repudiation, Key Encipherment 414s X509v3 Extended Key Usage: 414s TLS Web Client Authentication, E-mail Protection 414s X509v3 Subject Alternative Name: 414s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 414s Signature Algorithm: sha256WithRSAEncryption 414s Signature Value: 414s 7c:e7:6f:bc:c6:4c:1b:1a:52:09:f3:a7:68:ae:75:5c:b9:eb: 414s 48:90:eb:cc:17:94:4d:c5:4b:46:dc:de:97:23:39:87:ff:18: 414s b5:b2:88:9b:77:72:ce:de:a0:5b:40:e0:cd:3e:30:0a:8b:b9: 414s c4:5f:41:0c:97:c5:ae:f8:cb:43:e6:4a:2d:ca:d5:7e:dc:dc: 414s 58:4e:98:92:a1:cf:97:24:b3:99:92:4c:51:4a:9f:6b:81:55: 414s 68:fe:cc:fa:64:b8:8b:74:4d:b1:bf:f1:91:c6:b9:f2:47:09: 414s ad:ab:e4:f2:bf:5e:3b:25:cf:dc:6e:29:6f:9f:5d:61:9e:ac: 414s 04:00 414s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-4419-auth.pem 414s + found_md5=Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 414s + '[' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 '!=' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 ']' 414s + valid_certificate /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem partial_chain 414s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem partial_chain 414s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-root-ca-trusted-cert-0001-13702 414s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 414s + local verify_option=partial_chain 414s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 414s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-root-ca-trusted-cert-0001-13702 414s + local key_cn 414s + local key_name 414s + local tokens_dir 414s + local output_cert_file 414s + token_name= 414s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem .pem 414s + key_name=test-root-CA-trusted-certificate-0001 414s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 414s ++ sed -n 's/ *commonName *= //p' 414s + key_cn='Test Organization Root Trusted Certificate 0001' 414s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 414s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf 414s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf 414s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 414s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001 414s + token_name='Test Organization Root Tr Token' 414s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 414s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001 ']' 414s + echo 'Test Organization Root Tr Token' 414s Test Organization Root Tr Token 414s + '[' -n partial_chain ']' 414s + local verify_arg=--verify=partial_chain 414s + local output_base_name=SSSD-child-11981 414s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-11981.output 414s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-11981.pem 414s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 414s [p11_child[3370]] [main] (0x0400): p11_child started. 414s [p11_child[3370]] [main] (0x2000): Running in [pre-auth] mode. 414s [p11_child[3370]] [main] (0x2000): Running with effective IDs: [0][0]. 414s [p11_child[3370]] [main] (0x2000): Running with real IDs [0][0]. 414s [p11_child[3370]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 414s [p11_child[3370]] [do_card] (0x4000): Module List: 414s [p11_child[3370]] [do_card] (0x4000): common name: [softhsm2]. 414s [p11_child[3370]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3370]] [do_card] (0x4000): Description [SoftHSM slot ID 0x591e2bb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 414s [p11_child[3370]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 414s [p11_child[3370]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x591e2bb3][1495149491] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3370]] [do_card] (0x4000): Login NOT required. 414s [p11_child[3370]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 414s [p11_child[3370]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 414s [p11_child[3370]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 414s [p11_child[3370]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x591e2bb3;slot-manufacturer=SoftHSM%20project;slot-id=1495149491;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e3a1130591e2bb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 414s [p11_child[3370]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 414s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-11981.output 414s + echo '-----BEGIN CERTIFICATE-----' 414s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-11981.output 414s + echo '-----END CERTIFICATE-----' 414s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-11981.pem 414s Certificate: 414s Data: 414s Version: 3 (0x2) 414s Serial Number: 3 (0x3) 414s Signature Algorithm: sha256WithRSAEncryption 414s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 414s Validity 414s Not Before: Apr 8 22:42:33 2024 GMT 414s Not After : Apr 8 22:42:33 2025 GMT 414s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 414s Subject Public Key Info: 414s Public Key Algorithm: rsaEncryption 414s Public-Key: (1024 bit) 414s Modulus: 414s 00:b9:f1:e4:c0:84:9c:3b:5b:85:48:76:f5:f4:be: 414s e0:85:60:35:47:e1:3b:0b:63:89:90:fa:a1:4c:86: 414s 24:c4:0e:f6:31:1d:a7:4d:49:2b:bd:c2:eb:d8:4d: 414s de:39:1e:cf:e4:a0:ec:fb:b0:f4:fa:31:ea:d2:6a: 414s e6:c1:f1:03:7a:c0:af:4f:ba:aa:5b:9b:2f:91:f7: 414s 92:19:55:dc:90:e8:68:7c:de:2a:1d:d7:32:cd:66: 414s 7b:ce:24:c7:b3:eb:97:ca:69:77:ff:fb:9f:c7:8e: 414s a4:ae:7b:92:e0:c7:76:0f:b4:c7:d9:34:df:92:39: 414s a7:9c:2e:d0:5b:c7:bd:bf:35 414s Exponent: 65537 (0x10001) 414s X509v3 extensions: 414s X509v3 Authority Key Identifier: 414s 0A:6F:F8:5A:2D:E3:F9:9D:D3:B0:A8:66:57:78:6E:C2:61:FE:24:52 414s X509v3 Basic Constraints: 414s CA:FALSE 414s Netscape Cert Type: 414s SSL Client, S/MIME 414s Netscape Comment: 414s Test Organization Root CA trusted Certificate 414s X509v3 Subject Key Identifier: 414s 64:BE:16:46:F4:2E:08:A6:6B:D0:F7:2A:82:65:13:0E:1E:FE:7B:F2 414s X509v3 Key Usage: critical 414s Digital Signature, Non Repudiation, Key Encipherment 414s X509v3 Extended Key Usage: 414s TLS Web Client Authentication, E-mail Protection 414s X509v3 Subject Alternative Name: 414s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 414s Signature Algorithm: sha256WithRSAEncryption 414s Signature Value: 414s 7c:e7:6f:bc:c6:4c:1b:1a:52:09:f3:a7:68:ae:75:5c:b9:eb: 414s 48:90:eb:cc:17:94:4d:c5:4b:46:dc:de:97:23:39:87:ff:18: 414s b5:b2:88:9b:77:72:ce:de:a0:5b:40:e0:cd:3e:30:0a:8b:b9: 414s c4:5f:41:0c:97:c5:ae:f8:cb:43:e6:4a:2d:ca:d5:7e:dc:dc: 414s 58:4e:98:92:a1:cf:97:24:b3:99:92:4c:51:4a:9f:6b:81:55: 414s 68:fe:cc:fa:64:b8:8b:74:4d:b1:bf:f1:91:c6:b9:f2:47:09: 414s ad:ab:e4:f2:bf:5e:3b:25:cf:dc:6e:29:6f:9f:5d:61:9e:ac: 414s 04:00 414s + local found_md5 expected_md5 414s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 414s + expected_md5=Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 414s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-11981.pem 414s + found_md5=Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 414s + '[' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 '!=' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 ']' 414s + output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-11981-auth.output 414s ++ basename /tmp/sssd-softhsm2-5yzQpU/SSSD-child-11981-auth.output .output 414s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-11981-auth.pem 414s + echo -n 053350 414s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 414s [p11_child[3378]] [main] (0x0400): p11_child started. 414s [p11_child[3378]] [main] (0x2000): Running in [auth] mode. 414s [p11_child[3378]] [main] (0x2000): Running with effective IDs: [0][0]. 414s [p11_child[3378]] [main] (0x2000): Running with real IDs [0][0]. 414s [p11_child[3378]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 414s [p11_child[3378]] [do_card] (0x4000): Module List: 414s [p11_child[3378]] [do_card] (0x4000): common name: [softhsm2]. 414s [p11_child[3378]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3378]] [do_card] (0x4000): Description [SoftHSM slot ID 0x591e2bb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 414s [p11_child[3378]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 414s [p11_child[3378]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x591e2bb3][1495149491] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3378]] [do_card] (0x4000): Login required. 414s [p11_child[3378]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 414s [p11_child[3378]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 414s [p11_child[3378]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 414s [p11_child[3378]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x591e2bb3;slot-manufacturer=SoftHSM%20project;slot-id=1495149491;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e3a1130591e2bb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 414s [p11_child[3378]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 414s [p11_child[3378]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 414s [p11_child[3378]] [do_card] (0x4000): Certificate verified and validated. 414s [p11_child[3378]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 414s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-11981-auth.output 414s + echo '-----BEGIN CERTIFICATE-----' 414s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-11981-auth.output 414s + echo '-----END CERTIFICATE-----' 414s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-11981-auth.pem 414s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-11981-auth.pem 414s Certificate: 414s Data: 414s Version: 3 (0x2) 414s Serial Number: 3 (0x3) 414s Signature Algorithm: sha256WithRSAEncryption 414s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 414s Validity 414s Not Before: Apr 8 22:42:33 2024 GMT 414s Not After : Apr 8 22:42:33 2025 GMT 414s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 414s Subject Public Key Info: 414s Public Key Algorithm: rsaEncryption 414s Public-Key: (1024 bit) 414s Modulus: 414s 00:b9:f1:e4:c0:84:9c:3b:5b:85:48:76:f5:f4:be: 414s e0:85:60:35:47:e1:3b:0b:63:89:90:fa:a1:4c:86: 414s 24:c4:0e:f6:31:1d:a7:4d:49:2b:bd:c2:eb:d8:4d: 414s de:39:1e:cf:e4:a0:ec:fb:b0:f4:fa:31:ea:d2:6a: 414s e6:c1:f1:03:7a:c0:af:4f:ba:aa:5b:9b:2f:91:f7: 414s 92:19:55:dc:90:e8:68:7c:de:2a:1d:d7:32:cd:66: 414s 7b:ce:24:c7:b3:eb:97:ca:69:77:ff:fb:9f:c7:8e: 414s a4:ae:7b:92:e0:c7:76:0f:b4:c7:d9:34:df:92:39: 414s a7:9c:2e:d0:5b:c7:bd:bf:35 414s Exponent: 65537 (0x10001) 414s X509v3 extensions: 414s X509v3 Authority Key Identifier: 414s 0A:6F:F8:5A:2D:E3:F9:9D:D3:B0:A8:66:57:78:6E:C2:61:FE:24:52 414s X509v3 Basic Constraints: 414s CA:FALSE 414s Netscape Cert Type: 414s SSL Client, S/MIME 414s Netscape Comment: 414s Test Organization Root CA trusted Certificate 414s X509v3 Subject Key Identifier: 414s 64:BE:16:46:F4:2E:08:A6:6B:D0:F7:2A:82:65:13:0E:1E:FE:7B:F2 414s X509v3 Key Usage: critical 414s Digital Signature, Non Repudiation, Key Encipherment 414s X509v3 Extended Key Usage: 414s TLS Web Client Authentication, E-mail Protection 414s X509v3 Subject Alternative Name: 414s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 414s Signature Algorithm: sha256WithRSAEncryption 414s Signature Value: 414s 7c:e7:6f:bc:c6:4c:1b:1a:52:09:f3:a7:68:ae:75:5c:b9:eb: 414s 48:90:eb:cc:17:94:4d:c5:4b:46:dc:de:97:23:39:87:ff:18: 414s b5:b2:88:9b:77:72:ce:de:a0:5b:40:e0:cd:3e:30:0a:8b:b9: 414s c4:5f:41:0c:97:c5:ae:f8:cb:43:e6:4a:2d:ca:d5:7e:dc:dc: 414s 58:4e:98:92:a1:cf:97:24:b3:99:92:4c:51:4a:9f:6b:81:55: 414s 68:fe:cc:fa:64:b8:8b:74:4d:b1:bf:f1:91:c6:b9:f2:47:09: 414s ad:ab:e4:f2:bf:5e:3b:25:cf:dc:6e:29:6f:9f:5d:61:9e:ac: 414s 04:00 414s + found_md5=Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 414s + '[' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 '!=' Modulus=B9F1E4C0849C3B5B854876F5F4BEE085603547E13B0B638990FAA14C8624C40EF6311DA74D492BBDC2EBD84DDE391ECFE4A0ECFBB0F4FA31EAD26AE6C1F1037AC0AF4FBAAA5B9B2F91F7921955DC90E8687CDE2A1DD732CD667BCE24C7B3EB97CA6977FFFB9FC78EA4AE7B92E0C7760FB4C7D934DF9239A79C2ED05BC7BDBF35 ']' 414s + invalid_certificate /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem 414s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem 414s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-root-ca-trusted-cert-0001-13702 414s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem 414s + local verify_option= 414s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 414s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-root-ca-trusted-cert-0001-13702 414s + local key_cn 414s + local key_name 414s + local tokens_dir 414s + local output_cert_file 414s + token_name= 414s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem .pem 414s + key_name=test-root-CA-trusted-certificate-0001 414s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 414s ++ sed -n 's/ *commonName *= //p' 414s + key_cn='Test Organization Root Trusted Certificate 0001' 414s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 414s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf 414s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf 414s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 414s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001 414s + token_name='Test Organization Root Tr Token' 414s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 414s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001 ']' 414s + echo 'Test Organization Root Tr Token' 414s + '[' -n '' ']' 414s + local output_base_name=SSSD-child-26623 414s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-26623.output 414s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-26623.pem 414s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem 414s Test Organization Root Tr Token 414s [p11_child[3388]] [main] (0x0400): p11_child started. 414s [p11_child[3388]] [main] (0x2000): Running in [pre-auth] mode. 414s [p11_child[3388]] [main] (0x2000): Running with effective IDs: [0][0]. 414s [p11_child[3388]] [main] (0x2000): Running with real IDs [0][0]. 414s [p11_child[3388]] [do_card] (0x4000): Module List: 414s [p11_child[3388]] [do_card] (0x4000): common name: [softhsm2]. 414s [p11_child[3388]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3388]] [do_card] (0x4000): Description [SoftHSM slot ID 0x591e2bb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 414s [p11_child[3388]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 414s [p11_child[3388]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x591e2bb3][1495149491] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3388]] [do_card] (0x4000): Login NOT required. 414s [p11_child[3388]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 414s [p11_child[3388]] [do_verification] (0x0040): X509_verify_cert failed [0]. 414s [p11_child[3388]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 414s [p11_child[3388]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 414s [p11_child[3388]] [do_card] (0x4000): No certificate found. 414s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-26623.output 414s + return 2 414s + invalid_certificate /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem partial_chain 414s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem partial_chain 414s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-root-ca-trusted-cert-0001-13702 414s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem 414s + local verify_option=partial_chain 414s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-13702 414s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-root-ca-trusted-cert-0001-13702 414s + local key_cn 414s + local key_name 414s + local tokens_dir 414s + local output_cert_file 414s + token_name= 414s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem .pem 414s + key_name=test-root-CA-trusted-certificate-0001 414s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-root-CA-trusted-certificate-0001.pem 414s ++ sed -n 's/ *commonName *= //p' 414s + key_cn='Test Organization Root Trusted Certificate 0001' 414s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 414s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf 414s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf 414s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 414s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001 414s + token_name='Test Organization Root Tr Token' 414s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 414s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-root-CA-trusted-certificate-0001 ']' 414s + echo 'Test Organization Root Tr Token' 414s + '[' -n partial_chain ']' 414s + local verify_arg=--verify=partial_chain 414s + local output_base_name=SSSD-child-10751 414s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-10751.output 414s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-10751.pem 414s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem 414s Test Organization Root Tr Token 414s [p11_child[3395]] [main] (0x0400): p11_child started. 414s [p11_child[3395]] [main] (0x2000): Running in [pre-auth] mode. 414s [p11_child[3395]] [main] (0x2000): Running with effective IDs: [0][0]. 414s [p11_child[3395]] [main] (0x2000): Running with real IDs [0][0]. 414s [p11_child[3395]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 414s [p11_child[3395]] [do_card] (0x4000): Module List: 414s [p11_child[3395]] [do_card] (0x4000): common name: [softhsm2]. 414s [p11_child[3395]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3395]] [do_card] (0x4000): Description [SoftHSM slot ID 0x591e2bb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 414s [p11_child[3395]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 414s [p11_child[3395]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x591e2bb3][1495149491] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 414s [p11_child[3395]] [do_card] (0x4000): Login NOT required. 414s [p11_child[3395]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 414s [p11_child[3395]] [do_verification] (0x0040): X509_verify_cert failed [0]. 414s [p11_child[3395]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 414s [p11_child[3395]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 414s [p11_child[3395]] [do_card] (0x4000): No certificate found. 414s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-10751.output 414s + return 2 414s + invalid_certificate /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 /dev/null 414s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 /dev/null 414s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9029 414s + local key_ring=/dev/null 414s + local verify_option= 414s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 414s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 414s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9029 414s + local key_cn 414s + local key_name 414s + local tokens_dir 414s + local output_cert_file 414s + token_name= 414s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem .pem 414s + key_name=test-intermediate-CA-trusted-certificate-0001 414s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 414s ++ sed -n 's/ *commonName *= //p' 414s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 414s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 414s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 414s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 414s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 414s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001 414s + token_name='Test Organization Interme Token' 414s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 414s + local key_file 414s + local decrypted_key 414s + mkdir -p /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001 414s + key_file=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001-key.pem 414s + decrypted_key=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 414s + cat 414s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 053350 --so-pin 053350 --free 414s Slot 0 has a free/uninitialized token. 414s The token has been initialized and is reassigned to slot 899409957 414s + softhsm2-util --show-slots 414s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 414s Available slots: 414s Slot 899409957 414s Slot info: 414s Description: SoftHSM slot ID 0x359be825 414s Manufacturer ID: SoftHSM project 414s Hardware version: 2.6 414s Firmware version: 2.6 414s Token present: yes 414s Token info: 414s Manufacturer ID: SoftHSM project 414s Model: SoftHSM v2 414s Hardware version: 2.6 414s Firmware version: 2.6 414s Serial number: d66e1d54b59be825 414s Initialized: yes 414s User PIN init.: yes 414s Label: Test Organization Interme Token 414s Slot 1 414s Slot info: 414s Description: SoftHSM slot ID 0x1 414s Manufacturer ID: SoftHSM project 414s Hardware version: 2.6 414s Firmware version: 2.6 414s Token present: yes 414s Token info: 414s Manufacturer ID: SoftHSM project 414s Model: SoftHSM v2 414s Hardware version: 2.6 414s Firmware version: 2.6 414s Serial number: 414s Initialized: no 414s User PIN init.: no 414s Label: 414s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-9029 -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 415s writing RSA key 415s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 415s + rm /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 415s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 415s Object 0: 415s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d66e1d54b59be825;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 415s Type: X.509 Certificate (RSA-1024) 415s Expires: Tue Apr 8 22:42:33 2025 415s Label: Test Organization Intermediate Trusted Certificate 0001 415s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 415s 415s Test Organization Interme Token 415s + echo 'Test Organization Interme Token' 415s + '[' -n '' ']' 415s + local output_base_name=SSSD-child-10940 415s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-10940.output 415s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-10940.pem 415s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 415s [p11_child[3411]] [main] (0x0400): p11_child started. 415s [p11_child[3411]] [main] (0x2000): Running in [pre-auth] mode. 415s [p11_child[3411]] [main] (0x2000): Running with effective IDs: [0][0]. 415s [p11_child[3411]] [main] (0x2000): Running with real IDs [0][0]. 415s [p11_child[3411]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 415s [p11_child[3411]] [do_work] (0x0040): init_verification failed. 415s [p11_child[3411]] [main] (0x0020): p11_child failed (5) 415s + return 2 415s + valid_certificate /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 /dev/null no_verification 415s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 /dev/null no_verification 415s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9029 415s + local key_ring=/dev/null 415s + local verify_option=no_verification 415s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 415s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9029 415s + local key_cn 415s + local key_name 415s + local tokens_dir 415s + local output_cert_file 415s + token_name= 415s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem .pem 415s + key_name=test-intermediate-CA-trusted-certificate-0001 415s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 415s ++ sed -n 's/ *commonName *= //p' 415s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 415s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 415s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 415s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001 415s + token_name='Test Organization Interme Token' 415s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 415s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 415s + echo 'Test Organization Interme Token' 415s + '[' -n no_verification ']' 415s Test Organization Interme Token 415s + local verify_arg=--verify=no_verification 415s + local output_base_name=SSSD-child-28156 415s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-28156.output 415s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-28156.pem 415s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 415s [p11_child[3417]] [main] (0x0400): p11_child started. 415s [p11_child[3417]] [main] (0x2000): Running in [pre-auth] mode. 415s [p11_child[3417]] [main] (0x2000): Running with effective IDs: [0][0]. 415s [p11_child[3417]] [main] (0x2000): Running with real IDs [0][0]. 415s [p11_child[3417]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 415s [p11_child[3417]] [do_card] (0x4000): Module List: 415s [p11_child[3417]] [do_card] (0x4000): common name: [softhsm2]. 415s [p11_child[3417]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3417]] [do_card] (0x4000): Description [SoftHSM slot ID 0x359be825] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 415s [p11_child[3417]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 415s [p11_child[3417]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x359be825][899409957] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3417]] [do_card] (0x4000): Login NOT required. 415s [p11_child[3417]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 415s [p11_child[3417]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 415s [p11_child[3417]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x359be825;slot-manufacturer=SoftHSM%20project;slot-id=899409957;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d66e1d54b59be825;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 415s [p11_child[3417]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 415s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-28156.output 415s + echo '-----BEGIN CERTIFICATE-----' 415s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-28156.output 415s + echo '-----END CERTIFICATE-----' 415s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-28156.pem 415s Certificate: 415s Data: 415s Version: 3 (0x2) 415s Serial Number: 4 (0x4) 415s Signature Algorithm: sha256WithRSAEncryption 415s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 415s Validity 415s Not Before: Apr 8 22:42:33 2024 GMT 415s Not After : Apr 8 22:42:33 2025 GMT 415s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 415s Subject Public Key Info: 415s Public Key Algorithm: rsaEncryption 415s Public-Key: (1024 bit) 415s Modulus: 415s 00:bd:01:1c:32:38:37:05:d7:30:da:b4:76:e7:cb: 415s 51:f0:01:ed:e6:0e:9f:45:9c:8f:f0:e5:1e:ef:fe: 415s 1b:98:00:80:2d:23:0c:45:bc:5d:5a:e9:77:72:1a: 415s b9:f4:d9:5e:08:b4:58:29:52:5b:92:3f:28:f8:6a: 415s ce:1c:65:ad:1e:dd:da:f6:5a:5c:f9:8b:33:74:f7: 415s bb:33:ce:20:67:0a:14:de:f2:7e:b0:90:1c:76:61: 415s eb:0c:45:85:86:dd:58:0f:3f:c9:84:c2:96:d1:49: 415s 16:82:d8:00:f0:f2:a1:a3:b1:b6:c7:42:6e:4e:7f: 415s 04:57:9a:f0:2b:3b:ae:23:81 415s Exponent: 65537 (0x10001) 415s X509v3 extensions: 415s X509v3 Authority Key Identifier: 415s 36:5A:B3:67:EF:31:A3:B3:5D:ED:7F:23:7C:FB:F9:20:84:2E:8D:6D 415s X509v3 Basic Constraints: 415s CA:FALSE 415s Netscape Cert Type: 415s SSL Client, S/MIME 415s Netscape Comment: 415s Test Organization Intermediate CA trusted Certificate 415s X509v3 Subject Key Identifier: 415s A9:99:3B:BA:F8:52:EB:E4:12:45:1A:3D:45:7D:ED:8D:99:DB:72:9C 415s X509v3 Key Usage: critical 415s Digital Signature, Non Repudiation, Key Encipherment 415s X509v3 Extended Key Usage: 415s TLS Web Client Authentication, E-mail Protection 415s X509v3 Subject Alternative Name: 415s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 415s Signature Algorithm: sha256WithRSAEncryption 415s Signature Value: 415s 29:31:2d:d3:70:f6:1f:6d:ca:66:e4:94:69:f2:6a:5e:85:28: 415s 7b:34:75:96:0f:df:e7:8c:d4:aa:1b:40:30:8c:85:e1:32:73: 415s f2:ad:a4:58:15:13:df:38:33:91:81:85:37:f5:0d:ba:c5:8c: 415s 96:f1:4b:f6:55:c3:82:2b:f8:b9:d2:96:e6:b5:8b:68:67:84: 415s 07:94:ad:7b:a3:c9:28:46:9d:f3:ab:05:84:fc:c2:a4:c9:2f: 415s b0:b5:78:db:24:8a:a8:b5:2a:20:67:6c:10:fa:82:f8:eb:9e: 415s 79:20:cc:dc:9e:cd:e5:6b:4c:f5:7d:92:5d:e7:2d:1e:24:4d: 415s a6:01 415s + local found_md5 expected_md5 415s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 415s + expected_md5=Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 415s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-28156.pem 415s + found_md5=Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 415s + '[' Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 '!=' Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 ']' 415s + output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-28156-auth.output 415s ++ basename /tmp/sssd-softhsm2-5yzQpU/SSSD-child-28156-auth.output .output 415s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-28156-auth.pem 415s + echo -n 053350 415s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Interme Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 415s [p11_child[3425]] [main] (0x0400): p11_child started. 415s [p11_child[3425]] [main] (0x2000): Running in [auth] mode. 415s [p11_child[3425]] [main] (0x2000): Running with effective IDs: [0][0]. 415s [p11_child[3425]] [main] (0x2000): Running with real IDs [0][0]. 415s [p11_child[3425]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 415s [p11_child[3425]] [do_card] (0x4000): Module List: 415s [p11_child[3425]] [do_card] (0x4000): common name: [softhsm2]. 415s [p11_child[3425]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3425]] [do_card] (0x4000): Description [SoftHSM slot ID 0x359be825] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 415s [p11_child[3425]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 415s [p11_child[3425]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x359be825][899409957] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3425]] [do_card] (0x4000): Login required. 415s [p11_child[3425]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 415s [p11_child[3425]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 415s [p11_child[3425]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x359be825;slot-manufacturer=SoftHSM%20project;slot-id=899409957;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d66e1d54b59be825;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 415s [p11_child[3425]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 415s [p11_child[3425]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 415s [p11_child[3425]] [do_card] (0x4000): Certificate verified and validated. 415s [p11_child[3425]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 415s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-28156-auth.output 415s + echo '-----BEGIN CERTIFICATE-----' 415s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-28156-auth.output 415s + echo '-----END CERTIFICATE-----' 415s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-28156-auth.pem 415s Certificate: 415s Data: 415s Version: 3 (0x2) 415s Serial Number: 4 (0x4) 415s Signature Algorithm: sha256WithRSAEncryption 415s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 415s Validity 415s Not Before: Apr 8 22:42:33 2024 GMT 415s Not After : Apr 8 22:42:33 2025 GMT 415s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 415s Subject Public Key Info: 415s Public Key Algorithm: rsaEncryption 415s Public-Key: (1024 bit) 415s Modulus: 415s 00:bd:01:1c:32:38:37:05:d7:30:da:b4:76:e7:cb: 415s 51:f0:01:ed:e6:0e:9f:45:9c:8f:f0:e5:1e:ef:fe: 415s 1b:98:00:80:2d:23:0c:45:bc:5d:5a:e9:77:72:1a: 415s b9:f4:d9:5e:08:b4:58:29:52:5b:92:3f:28:f8:6a: 415s ce:1c:65:ad:1e:dd:da:f6:5a:5c:f9:8b:33:74:f7: 415s bb:33:ce:20:67:0a:14:de:f2:7e:b0:90:1c:76:61: 415s eb:0c:45:85:86:dd:58:0f:3f:c9:84:c2:96:d1:49: 415s 16:82:d8:00:f0:f2:a1:a3:b1:b6:c7:42:6e:4e:7f: 415s 04:57:9a:f0:2b:3b:ae:23:81 415s Exponent: 65537 (0x10001) 415s X509v3 extensions: 415s X509v3 Authority Key Identifier: 415s 36:5A:B3:67:EF:31:A3:B3:5D:ED:7F:23:7C:FB:F9:20:84:2E:8D:6D 415s X509v3 Basic Constraints: 415s CA:FALSE 415s Netscape Cert Type: 415s SSL Client, S/MIME 415s Netscape Comment: 415s Test Organization Intermediate CA trusted Certificate 415s X509v3 Subject Key Identifier: 415s A9:99:3B:BA:F8:52:EB:E4:12:45:1A:3D:45:7D:ED:8D:99:DB:72:9C 415s X509v3 Key Usage: critical 415s Digital Signature, Non Repudiation, Key Encipherment 415s X509v3 Extended Key Usage: 415s TLS Web Client Authentication, E-mail Protection 415s X509v3 Subject Alternative Name: 415s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 415s Signature Algorithm: sha256WithRSAEncryption 415s Signature Value: 415s 29:31:2d:d3:70:f6:1f:6d:ca:66:e4:94:69:f2:6a:5e:85:28: 415s 7b:34:75:96:0f:df:e7:8c:d4:aa:1b:40:30:8c:85:e1:32:73: 415s f2:ad:a4:58:15:13:df:38:33:91:81:85:37:f5:0d:ba:c5:8c: 415s 96:f1:4b:f6:55:c3:82:2b:f8:b9:d2:96:e6:b5:8b:68:67:84: 415s 07:94:ad:7b:a3:c9:28:46:9d:f3:ab:05:84:fc:c2:a4:c9:2f: 415s b0:b5:78:db:24:8a:a8:b5:2a:20:67:6c:10:fa:82:f8:eb:9e: 415s 79:20:cc:dc:9e:cd:e5:6b:4c:f5:7d:92:5d:e7:2d:1e:24:4d: 415s a6:01 415s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-28156-auth.pem 415s + found_md5=Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 415s + '[' Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 '!=' Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 ']' 415s + invalid_certificate /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 415s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 415s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9029 415s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 415s + local verify_option= 415s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 415s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9029 415s + local key_cn 415s + local key_name 415s + local tokens_dir 415s + local output_cert_file 415s + token_name= 415s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem .pem 415s + key_name=test-intermediate-CA-trusted-certificate-0001 415s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 415s ++ sed -n 's/ *commonName *= //p' 415s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 415s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 415s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 415s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001 415s + token_name='Test Organization Interme Token' 415s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 415s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 415s + echo 'Test Organization Interme Token' 415s + '[' -n '' ']' 415s Test Organization Interme Token 415s + local output_base_name=SSSD-child-29467 415s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-29467.output 415s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-29467.pem 415s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 415s [p11_child[3435]] [main] (0x0400): p11_child started. 415s [p11_child[3435]] [main] (0x2000): Running in [pre-auth] mode. 415s [p11_child[3435]] [main] (0x2000): Running with effective IDs: [0][0]. 415s [p11_child[3435]] [main] (0x2000): Running with real IDs [0][0]. 415s [p11_child[3435]] [do_card] (0x4000): Module List: 415s [p11_child[3435]] [do_card] (0x4000): common name: [softhsm2]. 415s [p11_child[3435]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3435]] [do_card] (0x4000): Description [SoftHSM slot ID 0x359be825] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 415s [p11_child[3435]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 415s [p11_child[3435]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x359be825][899409957] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3435]] [do_card] (0x4000): Login NOT required. 415s [p11_child[3435]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 415s [p11_child[3435]] [do_verification] (0x0040): X509_verify_cert failed [0]. 415s [p11_child[3435]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 415s [p11_child[3435]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 415s [p11_child[3435]] [do_card] (0x4000): No certificate found. 415s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-29467.output 415s + return 2 415s + invalid_certificate /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem partial_chain 415s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem partial_chain 415s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9029 415s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 415s + local verify_option=partial_chain 415s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 415s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9029 415s + local key_cn 415s + local key_name 415s + local tokens_dir 415s + local output_cert_file 415s + token_name= 415s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem .pem 415s + key_name=test-intermediate-CA-trusted-certificate-0001 415s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 415s ++ sed -n 's/ *commonName *= //p' 415s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 415s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 415s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 415s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001 415s + token_name='Test Organization Interme Token' 415s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 415s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 415s + echo 'Test Organization Interme Token' 415s + '[' -n partial_chain ']' 415s + local verify_arg=--verify=partial_chain 415s Test Organization Interme Token 415s + local output_base_name=SSSD-child-15643 415s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-15643.output 415s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-15643.pem 415s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 415s [p11_child[3442]] [main] (0x0400): p11_child started. 415s [p11_child[3442]] [main] (0x2000): Running in [pre-auth] mode. 415s [p11_child[3442]] [main] (0x2000): Running with effective IDs: [0][0]. 415s [p11_child[3442]] [main] (0x2000): Running with real IDs [0][0]. 415s [p11_child[3442]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 415s [p11_child[3442]] [do_card] (0x4000): Module List: 415s [p11_child[3442]] [do_card] (0x4000): common name: [softhsm2]. 415s [p11_child[3442]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3442]] [do_card] (0x4000): Description [SoftHSM slot ID 0x359be825] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 415s [p11_child[3442]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 415s [p11_child[3442]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x359be825][899409957] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3442]] [do_card] (0x4000): Login NOT required. 415s [p11_child[3442]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 415s [p11_child[3442]] [do_verification] (0x0040): X509_verify_cert failed [0]. 415s [p11_child[3442]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 415s [p11_child[3442]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 415s [p11_child[3442]] [do_card] (0x4000): No certificate found. 415s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-15643.output 415s + return 2 415s + valid_certificate /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 415s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 415s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9029 415s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 415s + local verify_option= 415s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 415s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9029 415s + local key_cn 415s + local key_name 415s + local tokens_dir 415s + local output_cert_file 415s + token_name= 415s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem .pem 415s + key_name=test-intermediate-CA-trusted-certificate-0001 415s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 415s ++ sed -n 's/ *commonName *= //p' 415s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 415s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 415s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 415s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 415s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001 415s + token_name='Test Organization Interme Token' 415s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 415s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 415s + echo 'Test Organization Interme Token' 415s + '[' -n '' ']' 415s + local output_base_name=SSSD-child-21914 415s Test Organization Interme Token 415s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-21914.output 415s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-21914.pem 415s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 415s [p11_child[3449]] [main] (0x0400): p11_child started. 415s [p11_child[3449]] [main] (0x2000): Running in [pre-auth] mode. 415s [p11_child[3449]] [main] (0x2000): Running with effective IDs: [0][0]. 415s [p11_child[3449]] [main] (0x2000): Running with real IDs [0][0]. 415s [p11_child[3449]] [do_card] (0x4000): Module List: 415s [p11_child[3449]] [do_card] (0x4000): common name: [softhsm2]. 415s [p11_child[3449]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3449]] [do_card] (0x4000): Description [SoftHSM slot ID 0x359be825] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 415s [p11_child[3449]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 415s [p11_child[3449]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x359be825][899409957] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3449]] [do_card] (0x4000): Login NOT required. 415s [p11_child[3449]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 415s [p11_child[3449]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 415s [p11_child[3449]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 415s [p11_child[3449]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x359be825;slot-manufacturer=SoftHSM%20project;slot-id=899409957;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d66e1d54b59be825;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 415s [p11_child[3449]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 415s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-21914.output 415s + echo '-----BEGIN CERTIFICATE-----' 415s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-21914.output 415s + echo '-----END CERTIFICATE-----' 415s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-21914.pem 415s Certificate: 415s Data: 415s Version: 3 (0x2) 415s Serial Number: 4 (0x4) 415s Signature Algorithm: sha256WithRSAEncryption 415s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 415s Validity 415s Not Before: Apr 8 22:42:33 2024 GMT 415s Not After : Apr 8 22:42:33 2025 GMT 415s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 415s Subject Public Key Info: 415s Public Key Algorithm: rsaEncryption 415s Public-Key: (1024 bit) 415s Modulus: 415s 00:bd:01:1c:32:38:37:05:d7:30:da:b4:76:e7:cb: 415s 51:f0:01:ed:e6:0e:9f:45:9c:8f:f0:e5:1e:ef:fe: 415s 1b:98:00:80:2d:23:0c:45:bc:5d:5a:e9:77:72:1a: 415s b9:f4:d9:5e:08:b4:58:29:52:5b:92:3f:28:f8:6a: 415s ce:1c:65:ad:1e:dd:da:f6:5a:5c:f9:8b:33:74:f7: 415s bb:33:ce:20:67:0a:14:de:f2:7e:b0:90:1c:76:61: 415s eb:0c:45:85:86:dd:58:0f:3f:c9:84:c2:96:d1:49: 415s 16:82:d8:00:f0:f2:a1:a3:b1:b6:c7:42:6e:4e:7f: 415s 04:57:9a:f0:2b:3b:ae:23:81 415s Exponent: 65537 (0x10001) 415s X509v3 extensions: 415s X509v3 Authority Key Identifier: 415s 36:5A:B3:67:EF:31:A3:B3:5D:ED:7F:23:7C:FB:F9:20:84:2E:8D:6D 415s X509v3 Basic Constraints: 415s CA:FALSE 415s Netscape Cert Type: 415s SSL Client, S/MIME 415s Netscape Comment: 415s Test Organization Intermediate CA trusted Certificate 415s X509v3 Subject Key Identifier: 415s A9:99:3B:BA:F8:52:EB:E4:12:45:1A:3D:45:7D:ED:8D:99:DB:72:9C 415s X509v3 Key Usage: critical 415s Digital Signature, Non Repudiation, Key Encipherment 415s X509v3 Extended Key Usage: 415s TLS Web Client Authentication, E-mail Protection 415s X509v3 Subject Alternative Name: 415s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 415s Signature Algorithm: sha256WithRSAEncryption 415s Signature Value: 415s 29:31:2d:d3:70:f6:1f:6d:ca:66:e4:94:69:f2:6a:5e:85:28: 415s 7b:34:75:96:0f:df:e7:8c:d4:aa:1b:40:30:8c:85:e1:32:73: 415s f2:ad:a4:58:15:13:df:38:33:91:81:85:37:f5:0d:ba:c5:8c: 415s 96:f1:4b:f6:55:c3:82:2b:f8:b9:d2:96:e6:b5:8b:68:67:84: 415s 07:94:ad:7b:a3:c9:28:46:9d:f3:ab:05:84:fc:c2:a4:c9:2f: 415s b0:b5:78:db:24:8a:a8:b5:2a:20:67:6c:10:fa:82:f8:eb:9e: 415s 79:20:cc:dc:9e:cd:e5:6b:4c:f5:7d:92:5d:e7:2d:1e:24:4d: 415s a6:01 415s + local found_md5 expected_md5 415s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 415s + expected_md5=Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 415s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-21914.pem 415s + found_md5=Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 415s + '[' Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 '!=' Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 ']' 415s + output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-21914-auth.output 415s ++ basename /tmp/sssd-softhsm2-5yzQpU/SSSD-child-21914-auth.output .output 415s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-21914-auth.pem 415s + echo -n 053350 415s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Interme Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 415s [p11_child[3457]] [main] (0x0400): p11_child started. 415s [p11_child[3457]] [main] (0x2000): Running in [auth] mode. 415s [p11_child[3457]] [main] (0x2000): Running with effective IDs: [0][0]. 415s [p11_child[3457]] [main] (0x2000): Running with real IDs [0][0]. 415s [p11_child[3457]] [do_card] (0x4000): Module List: 415s [p11_child[3457]] [do_card] (0x4000): common name: [softhsm2]. 415s [p11_child[3457]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3457]] [do_card] (0x4000): Description [SoftHSM slot ID 0x359be825] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 415s [p11_child[3457]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 415s [p11_child[3457]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x359be825][899409957] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 415s [p11_child[3457]] [do_card] (0x4000): Login required. 415s [p11_child[3457]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 415s [p11_child[3457]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 415s [p11_child[3457]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 415s [p11_child[3457]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x359be825;slot-manufacturer=SoftHSM%20project;slot-id=899409957;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d66e1d54b59be825;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 415s [p11_child[3457]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 415s [p11_child[3457]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 415s [p11_child[3457]] [do_card] (0x4000): Certificate verified and validated. 415s [p11_child[3457]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 415s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-21914-auth.output 415s + echo '-----BEGIN CERTIFICATE-----' 415s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-21914-auth.output 415s + echo '-----END CERTIFICATE-----' 415s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-21914-auth.pem 415s Certificate: 415s Data: 415s Version: 3 (0x2) 415s Serial Number: 4 (0x4) 415s Signature Algorithm: sha256WithRSAEncryption 415s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 415s Validity 415s Not Before: Apr 8 22:42:33 2024 GMT 415s Not After : Apr 8 22:42:33 2025 GMT 415s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 415s Subject Public Key Info: 415s Public Key Algorithm: rsaEncryption 415s Public-Key: (1024 bit) 415s Modulus: 415s 00:bd:01:1c:32:38:37:05:d7:30:da:b4:76:e7:cb: 415s 51:f0:01:ed:e6:0e:9f:45:9c:8f:f0:e5:1e:ef:fe: 415s 1b:98:00:80:2d:23:0c:45:bc:5d:5a:e9:77:72:1a: 415s b9:f4:d9:5e:08:b4:58:29:52:5b:92:3f:28:f8:6a: 415s ce:1c:65:ad:1e:dd:da:f6:5a:5c:f9:8b:33:74:f7: 415s bb:33:ce:20:67:0a:14:de:f2:7e:b0:90:1c:76:61: 415s eb:0c:45:85:86:dd:58:0f:3f:c9:84:c2:96:d1:49: 415s 16:82:d8:00:f0:f2:a1:a3:b1:b6:c7:42:6e:4e:7f: 415s 04:57:9a:f0:2b:3b:ae:23:81 415s Exponent: 65537 (0x10001) 415s X509v3 extensions: 415s X509v3 Authority Key Identifier: 415s 36:5A:B3:67:EF:31:A3:B3:5D:ED:7F:23:7C:FB:F9:20:84:2E:8D:6D 415s X509v3 Basic Constraints: 415s CA:FALSE 415s Netscape Cert Type: 415s SSL Client, S/MIME 415s Netscape Comment: 415s Test Organization Intermediate CA trusted Certificate 415s X509v3 Subject Key Identifier: 415s A9:99:3B:BA:F8:52:EB:E4:12:45:1A:3D:45:7D:ED:8D:99:DB:72:9C 415s X509v3 Key Usage: critical 415s Digital Signature, Non Repudiation, Key Encipherment 415s X509v3 Extended Key Usage: 415s TLS Web Client Authentication, E-mail Protection 415s X509v3 Subject Alternative Name: 415s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 415s Signature Algorithm: sha256WithRSAEncryption 415s Signature Value: 415s 29:31:2d:d3:70:f6:1f:6d:ca:66:e4:94:69:f2:6a:5e:85:28: 415s 7b:34:75:96:0f:df:e7:8c:d4:aa:1b:40:30:8c:85:e1:32:73: 415s f2:ad:a4:58:15:13:df:38:33:91:81:85:37:f5:0d:ba:c5:8c: 415s 96:f1:4b:f6:55:c3:82:2b:f8:b9:d2:96:e6:b5:8b:68:67:84: 415s 07:94:ad:7b:a3:c9:28:46:9d:f3:ab:05:84:fc:c2:a4:c9:2f: 415s b0:b5:78:db:24:8a:a8:b5:2a:20:67:6c:10:fa:82:f8:eb:9e: 415s 79:20:cc:dc:9e:cd:e5:6b:4c:f5:7d:92:5d:e7:2d:1e:24:4d: 415s a6:01 415s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-21914-auth.pem 415s + found_md5=Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 415s + '[' Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 '!=' Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 ']' 415s + valid_certificate /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem partial_chain 415s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem partial_chain 415s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9029 415s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 415s + local verify_option=partial_chain 415s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 415s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 415s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9029 415s + local key_cn 415s + local key_name 415s + local tokens_dir 415s + local output_cert_file 415s + token_name= 415s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem .pem 415s + key_name=test-intermediate-CA-trusted-certificate-0001 415s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 415s ++ sed -n 's/ *commonName *= //p' 416s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 416s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 416s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 416s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 416s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 416s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001 416s + token_name='Test Organization Interme Token' 416s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 416s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 416s + echo 'Test Organization Interme Token' 416s + '[' -n partial_chain ']' 416s + local verify_arg=--verify=partial_chain 416s Test Organization Interme Token 416s + local output_base_name=SSSD-child-7240 416s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-7240.output 416s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-7240.pem 416s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 416s [p11_child[3467]] [main] (0x0400): p11_child started. 416s [p11_child[3467]] [main] (0x2000): Running in [pre-auth] mode. 416s [p11_child[3467]] [main] (0x2000): Running with effective IDs: [0][0]. 416s [p11_child[3467]] [main] (0x2000): Running with real IDs [0][0]. 416s [p11_child[3467]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 416s [p11_child[3467]] [do_card] (0x4000): Module List: 416s [p11_child[3467]] [do_card] (0x4000): common name: [softhsm2]. 416s [p11_child[3467]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3467]] [do_card] (0x4000): Description [SoftHSM slot ID 0x359be825] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 416s [p11_child[3467]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 416s [p11_child[3467]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x359be825][899409957] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3467]] [do_card] (0x4000): Login NOT required. 416s [p11_child[3467]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 416s [p11_child[3467]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 416s [p11_child[3467]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 416s [p11_child[3467]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x359be825;slot-manufacturer=SoftHSM%20project;slot-id=899409957;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d66e1d54b59be825;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 416s [p11_child[3467]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 416s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-7240.output 416s + echo '-----BEGIN CERTIFICATE-----' 416s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-7240.output 416s + echo '-----END CERTIFICATE-----' 416s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-7240.pem 416s Certificate: 416s Data: 416s Version: 3 (0x2) 416s Serial Number: 4 (0x4) 416s Signature Algorithm: sha256WithRSAEncryption 416s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 416s Validity 416s Not Before: Apr 8 22:42:33 2024 GMT 416s Not After : Apr 8 22:42:33 2025 GMT 416s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 416s Subject Public Key Info: 416s Public Key Algorithm: rsaEncryption 416s Public-Key: (1024 bit) 416s Modulus: 416s 00:bd:01:1c:32:38:37:05:d7:30:da:b4:76:e7:cb: 416s 51:f0:01:ed:e6:0e:9f:45:9c:8f:f0:e5:1e:ef:fe: 416s 1b:98:00:80:2d:23:0c:45:bc:5d:5a:e9:77:72:1a: 416s b9:f4:d9:5e:08:b4:58:29:52:5b:92:3f:28:f8:6a: 416s ce:1c:65:ad:1e:dd:da:f6:5a:5c:f9:8b:33:74:f7: 416s bb:33:ce:20:67:0a:14:de:f2:7e:b0:90:1c:76:61: 416s eb:0c:45:85:86:dd:58:0f:3f:c9:84:c2:96:d1:49: 416s 16:82:d8:00:f0:f2:a1:a3:b1:b6:c7:42:6e:4e:7f: 416s 04:57:9a:f0:2b:3b:ae:23:81 416s Exponent: 65537 (0x10001) 416s X509v3 extensions: 416s X509v3 Authority Key Identifier: 416s 36:5A:B3:67:EF:31:A3:B3:5D:ED:7F:23:7C:FB:F9:20:84:2E:8D:6D 416s X509v3 Basic Constraints: 416s CA:FALSE 416s Netscape Cert Type: 416s SSL Client, S/MIME 416s Netscape Comment: 416s Test Organization Intermediate CA trusted Certificate 416s X509v3 Subject Key Identifier: 416s A9:99:3B:BA:F8:52:EB:E4:12:45:1A:3D:45:7D:ED:8D:99:DB:72:9C 416s X509v3 Key Usage: critical 416s Digital Signature, Non Repudiation, Key Encipherment 416s X509v3 Extended Key Usage: 416s TLS Web Client Authentication, E-mail Protection 416s X509v3 Subject Alternative Name: 416s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 416s Signature Algorithm: sha256WithRSAEncryption 416s Signature Value: 416s 29:31:2d:d3:70:f6:1f:6d:ca:66:e4:94:69:f2:6a:5e:85:28: 416s 7b:34:75:96:0f:df:e7:8c:d4:aa:1b:40:30:8c:85:e1:32:73: 416s f2:ad:a4:58:15:13:df:38:33:91:81:85:37:f5:0d:ba:c5:8c: 416s 96:f1:4b:f6:55:c3:82:2b:f8:b9:d2:96:e6:b5:8b:68:67:84: 416s 07:94:ad:7b:a3:c9:28:46:9d:f3:ab:05:84:fc:c2:a4:c9:2f: 416s b0:b5:78:db:24:8a:a8:b5:2a:20:67:6c:10:fa:82:f8:eb:9e: 416s 79:20:cc:dc:9e:cd:e5:6b:4c:f5:7d:92:5d:e7:2d:1e:24:4d: 416s a6:01 416s + local found_md5 expected_md5 416s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 416s + expected_md5=Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 416s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-7240.pem 416s + found_md5=Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 416s + '[' Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 '!=' Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 ']' 416s + output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-7240-auth.output 416s ++ basename /tmp/sssd-softhsm2-5yzQpU/SSSD-child-7240-auth.output .output 416s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-7240-auth.pem 416s + echo -n 053350 416s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 416s [p11_child[3475]] [main] (0x0400): p11_child started. 416s [p11_child[3475]] [main] (0x2000): Running in [auth] mode. 416s [p11_child[3475]] [main] (0x2000): Running with effective IDs: [0][0]. 416s [p11_child[3475]] [main] (0x2000): Running with real IDs [0][0]. 416s [p11_child[3475]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 416s [p11_child[3475]] [do_card] (0x4000): Module List: 416s [p11_child[3475]] [do_card] (0x4000): common name: [softhsm2]. 416s [p11_child[3475]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3475]] [do_card] (0x4000): Description [SoftHSM slot ID 0x359be825] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 416s [p11_child[3475]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 416s [p11_child[3475]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x359be825][899409957] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3475]] [do_card] (0x4000): Login required. 416s [p11_child[3475]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 416s [p11_child[3475]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 416s [p11_child[3475]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 416s [p11_child[3475]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x359be825;slot-manufacturer=SoftHSM%20project;slot-id=899409957;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d66e1d54b59be825;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 416s [p11_child[3475]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 416s [p11_child[3475]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 416s [p11_child[3475]] [do_card] (0x4000): Certificate verified and validated. 416s [p11_child[3475]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 416s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-7240-auth.output 416s + echo '-----BEGIN CERTIFICATE-----' 416s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-7240-auth.output 416s + echo '-----END CERTIFICATE-----' 416s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-7240-auth.pem 416s Certificate: 416s Data: 416s Version: 3 (0x2) 416s Serial Number: 4 (0x4) 416s Signature Algorithm: sha256WithRSAEncryption 416s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 416s Validity 416s Not Before: Apr 8 22:42:33 2024 GMT 416s Not After : Apr 8 22:42:33 2025 GMT 416s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 416s Subject Public Key Info: 416s Public Key Algorithm: rsaEncryption 416s Public-Key: (1024 bit) 416s Modulus: 416s 00:bd:01:1c:32:38:37:05:d7:30:da:b4:76:e7:cb: 416s 51:f0:01:ed:e6:0e:9f:45:9c:8f:f0:e5:1e:ef:fe: 416s 1b:98:00:80:2d:23:0c:45:bc:5d:5a:e9:77:72:1a: 416s b9:f4:d9:5e:08:b4:58:29:52:5b:92:3f:28:f8:6a: 416s ce:1c:65:ad:1e:dd:da:f6:5a:5c:f9:8b:33:74:f7: 416s bb:33:ce:20:67:0a:14:de:f2:7e:b0:90:1c:76:61: 416s eb:0c:45:85:86:dd:58:0f:3f:c9:84:c2:96:d1:49: 416s 16:82:d8:00:f0:f2:a1:a3:b1:b6:c7:42:6e:4e:7f: 416s 04:57:9a:f0:2b:3b:ae:23:81 416s Exponent: 65537 (0x10001) 416s X509v3 extensions: 416s X509v3 Authority Key Identifier: 416s 36:5A:B3:67:EF:31:A3:B3:5D:ED:7F:23:7C:FB:F9:20:84:2E:8D:6D 416s X509v3 Basic Constraints: 416s CA:FALSE 416s Netscape Cert Type: 416s SSL Client, S/MIME 416s Netscape Comment: 416s Test Organization Intermediate CA trusted Certificate 416s X509v3 Subject Key Identifier: 416s A9:99:3B:BA:F8:52:EB:E4:12:45:1A:3D:45:7D:ED:8D:99:DB:72:9C 416s X509v3 Key Usage: critical 416s Digital Signature, Non Repudiation, Key Encipherment 416s X509v3 Extended Key Usage: 416s TLS Web Client Authentication, E-mail Protection 416s X509v3 Subject Alternative Name: 416s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 416s Signature Algorithm: sha256WithRSAEncryption 416s Signature Value: 416s 29:31:2d:d3:70:f6:1f:6d:ca:66:e4:94:69:f2:6a:5e:85:28: 416s 7b:34:75:96:0f:df:e7:8c:d4:aa:1b:40:30:8c:85:e1:32:73: 416s f2:ad:a4:58:15:13:df:38:33:91:81:85:37:f5:0d:ba:c5:8c: 416s 96:f1:4b:f6:55:c3:82:2b:f8:b9:d2:96:e6:b5:8b:68:67:84: 416s 07:94:ad:7b:a3:c9:28:46:9d:f3:ab:05:84:fc:c2:a4:c9:2f: 416s b0:b5:78:db:24:8a:a8:b5:2a:20:67:6c:10:fa:82:f8:eb:9e: 416s 79:20:cc:dc:9e:cd:e5:6b:4c:f5:7d:92:5d:e7:2d:1e:24:4d: 416s a6:01 416s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-7240-auth.pem 416s + found_md5=Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 416s + '[' Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 '!=' Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 ']' 416s + invalid_certificate /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem 416s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem 416s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9029 416s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem 416s + local verify_option= 416s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 416s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9029 416s + local key_cn 416s + local key_name 416s + local tokens_dir 416s + local output_cert_file 416s + token_name= 416s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem .pem 416s + key_name=test-intermediate-CA-trusted-certificate-0001 416s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 416s ++ sed -n 's/ *commonName *= //p' 416s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 416s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 416s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 416s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 416s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 416s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001 416s + token_name='Test Organization Interme Token' 416s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 416s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 416s + echo 'Test Organization Interme Token' 416s + '[' -n '' ']' 416s Test Organization Interme Token 416s + local output_base_name=SSSD-child-14844 416s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-14844.output 416s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-14844.pem 416s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem 416s [p11_child[3485]] [main] (0x0400): p11_child started. 416s [p11_child[3485]] [main] (0x2000): Running in [pre-auth] mode. 416s [p11_child[3485]] [main] (0x2000): Running with effective IDs: [0][0]. 416s [p11_child[3485]] [main] (0x2000): Running with real IDs [0][0]. 416s [p11_child[3485]] [do_card] (0x4000): Module List: 416s [p11_child[3485]] [do_card] (0x4000): common name: [softhsm2]. 416s [p11_child[3485]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3485]] [do_card] (0x4000): Description [SoftHSM slot ID 0x359be825] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 416s [p11_child[3485]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 416s [p11_child[3485]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x359be825][899409957] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3485]] [do_card] (0x4000): Login NOT required. 416s [p11_child[3485]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 416s [p11_child[3485]] [do_verification] (0x0040): X509_verify_cert failed [0]. 416s [p11_child[3485]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 416s [p11_child[3485]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 416s [p11_child[3485]] [do_card] (0x4000): No certificate found. 416s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-14844.output 416s + return 2 416s + valid_certificate /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem partial_chain 416s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem partial_chain 416s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9029 416s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem 416s + local verify_option=partial_chain 416s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-9029 416s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-9029 416s + local key_cn 416s + local key_name 416s + local tokens_dir 416s + local output_cert_file 416s + token_name= 416s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem .pem 416s + key_name=test-intermediate-CA-trusted-certificate-0001 416s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 416s ++ sed -n 's/ *commonName *= //p' 416s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 416s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 416s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 416s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 416s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 416s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001 416s + token_name='Test Organization Interme Token' 416s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 416s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 416s + echo 'Test Organization Interme Token' 416s + '[' -n partial_chain ']' 416s + local verify_arg=--verify=partial_chain 416s + local output_base_name=SSSD-child-14775 416s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-14775.output 416s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-14775.pem 416s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem 416s Test Organization Interme Token 416s [p11_child[3492]] [main] (0x0400): p11_child started. 416s [p11_child[3492]] [main] (0x2000): Running in [pre-auth] mode. 416s [p11_child[3492]] [main] (0x2000): Running with effective IDs: [0][0]. 416s [p11_child[3492]] [main] (0x2000): Running with real IDs [0][0]. 416s [p11_child[3492]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 416s [p11_child[3492]] [do_card] (0x4000): Module List: 416s [p11_child[3492]] [do_card] (0x4000): common name: [softhsm2]. 416s [p11_child[3492]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3492]] [do_card] (0x4000): Description [SoftHSM slot ID 0x359be825] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 416s [p11_child[3492]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 416s [p11_child[3492]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x359be825][899409957] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3492]] [do_card] (0x4000): Login NOT required. 416s [p11_child[3492]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 416s [p11_child[3492]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 416s [p11_child[3492]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 416s [p11_child[3492]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x359be825;slot-manufacturer=SoftHSM%20project;slot-id=899409957;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d66e1d54b59be825;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 416s [p11_child[3492]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 416s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-14775.output 416s + echo '-----BEGIN CERTIFICATE-----' 416s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-14775.output 416s + echo '-----END CERTIFICATE-----' 416s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-14775.pem 416s Certificate: 416s Data: 416s Version: 3 (0x2) 416s Serial Number: 4 (0x4) 416s Signature Algorithm: sha256WithRSAEncryption 416s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 416s Validity 416s Not Before: Apr 8 22:42:33 2024 GMT 416s Not After : Apr 8 22:42:33 2025 GMT 416s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 416s Subject Public Key Info: 416s Public Key Algorithm: rsaEncryption 416s Public-Key: (1024 bit) 416s Modulus: 416s 00:bd:01:1c:32:38:37:05:d7:30:da:b4:76:e7:cb: 416s 51:f0:01:ed:e6:0e:9f:45:9c:8f:f0:e5:1e:ef:fe: 416s 1b:98:00:80:2d:23:0c:45:bc:5d:5a:e9:77:72:1a: 416s b9:f4:d9:5e:08:b4:58:29:52:5b:92:3f:28:f8:6a: 416s ce:1c:65:ad:1e:dd:da:f6:5a:5c:f9:8b:33:74:f7: 416s bb:33:ce:20:67:0a:14:de:f2:7e:b0:90:1c:76:61: 416s eb:0c:45:85:86:dd:58:0f:3f:c9:84:c2:96:d1:49: 416s 16:82:d8:00:f0:f2:a1:a3:b1:b6:c7:42:6e:4e:7f: 416s 04:57:9a:f0:2b:3b:ae:23:81 416s Exponent: 65537 (0x10001) 416s X509v3 extensions: 416s X509v3 Authority Key Identifier: 416s 36:5A:B3:67:EF:31:A3:B3:5D:ED:7F:23:7C:FB:F9:20:84:2E:8D:6D 416s X509v3 Basic Constraints: 416s CA:FALSE 416s Netscape Cert Type: 416s SSL Client, S/MIME 416s Netscape Comment: 416s Test Organization Intermediate CA trusted Certificate 416s X509v3 Subject Key Identifier: 416s A9:99:3B:BA:F8:52:EB:E4:12:45:1A:3D:45:7D:ED:8D:99:DB:72:9C 416s X509v3 Key Usage: critical 416s Digital Signature, Non Repudiation, Key Encipherment 416s X509v3 Extended Key Usage: 416s TLS Web Client Authentication, E-mail Protection 416s X509v3 Subject Alternative Name: 416s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 416s Signature Algorithm: sha256WithRSAEncryption 416s Signature Value: 416s 29:31:2d:d3:70:f6:1f:6d:ca:66:e4:94:69:f2:6a:5e:85:28: 416s 7b:34:75:96:0f:df:e7:8c:d4:aa:1b:40:30:8c:85:e1:32:73: 416s f2:ad:a4:58:15:13:df:38:33:91:81:85:37:f5:0d:ba:c5:8c: 416s 96:f1:4b:f6:55:c3:82:2b:f8:b9:d2:96:e6:b5:8b:68:67:84: 416s 07:94:ad:7b:a3:c9:28:46:9d:f3:ab:05:84:fc:c2:a4:c9:2f: 416s b0:b5:78:db:24:8a:a8:b5:2a:20:67:6c:10:fa:82:f8:eb:9e: 416s 79:20:cc:dc:9e:cd:e5:6b:4c:f5:7d:92:5d:e7:2d:1e:24:4d: 416s a6:01 416s + local found_md5 expected_md5 416s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA-trusted-certificate-0001.pem 416s + expected_md5=Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 416s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-14775.pem 416s + found_md5=Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 416s + '[' Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 '!=' Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 ']' 416s + output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-14775-auth.output 416s ++ basename /tmp/sssd-softhsm2-5yzQpU/SSSD-child-14775-auth.output .output 416s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-14775-auth.pem 416s + echo -n 053350 416s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 416s [p11_child[3500]] [main] (0x0400): p11_child started. 416s [p11_child[3500]] [main] (0x2000): Running in [auth] mode. 416s [p11_child[3500]] [main] (0x2000): Running with effective IDs: [0][0]. 416s [p11_child[3500]] [main] (0x2000): Running with real IDs [0][0]. 416s [p11_child[3500]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 416s [p11_child[3500]] [do_card] (0x4000): Module List: 416s [p11_child[3500]] [do_card] (0x4000): common name: [softhsm2]. 416s [p11_child[3500]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3500]] [do_card] (0x4000): Description [SoftHSM slot ID 0x359be825] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 416s [p11_child[3500]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 416s [p11_child[3500]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x359be825][899409957] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3500]] [do_card] (0x4000): Login required. 416s [p11_child[3500]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 416s [p11_child[3500]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 416s [p11_child[3500]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 416s [p11_child[3500]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x359be825;slot-manufacturer=SoftHSM%20project;slot-id=899409957;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d66e1d54b59be825;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 416s [p11_child[3500]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 416s [p11_child[3500]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 416s [p11_child[3500]] [do_card] (0x4000): Certificate verified and validated. 416s [p11_child[3500]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 416s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-14775-auth.output 416s + echo '-----BEGIN CERTIFICATE-----' 416s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-14775-auth.output 416s + echo '-----END CERTIFICATE-----' 416s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-14775-auth.pem 416s Certificate: 416s Data: 416s Version: 3 (0x2) 416s Serial Number: 4 (0x4) 416s Signature Algorithm: sha256WithRSAEncryption 416s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 416s Validity 416s Not Before: Apr 8 22:42:33 2024 GMT 416s Not After : Apr 8 22:42:33 2025 GMT 416s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 416s Subject Public Key Info: 416s Public Key Algorithm: rsaEncryption 416s Public-Key: (1024 bit) 416s Modulus: 416s 00:bd:01:1c:32:38:37:05:d7:30:da:b4:76:e7:cb: 416s 51:f0:01:ed:e6:0e:9f:45:9c:8f:f0:e5:1e:ef:fe: 416s 1b:98:00:80:2d:23:0c:45:bc:5d:5a:e9:77:72:1a: 416s b9:f4:d9:5e:08:b4:58:29:52:5b:92:3f:28:f8:6a: 416s ce:1c:65:ad:1e:dd:da:f6:5a:5c:f9:8b:33:74:f7: 416s bb:33:ce:20:67:0a:14:de:f2:7e:b0:90:1c:76:61: 416s eb:0c:45:85:86:dd:58:0f:3f:c9:84:c2:96:d1:49: 416s 16:82:d8:00:f0:f2:a1:a3:b1:b6:c7:42:6e:4e:7f: 416s 04:57:9a:f0:2b:3b:ae:23:81 416s Exponent: 65537 (0x10001) 416s X509v3 extensions: 416s X509v3 Authority Key Identifier: 416s 36:5A:B3:67:EF:31:A3:B3:5D:ED:7F:23:7C:FB:F9:20:84:2E:8D:6D 416s X509v3 Basic Constraints: 416s CA:FALSE 416s Netscape Cert Type: 416s SSL Client, S/MIME 416s Netscape Comment: 416s Test Organization Intermediate CA trusted Certificate 416s X509v3 Subject Key Identifier: 416s A9:99:3B:BA:F8:52:EB:E4:12:45:1A:3D:45:7D:ED:8D:99:DB:72:9C 416s X509v3 Key Usage: critical 416s Digital Signature, Non Repudiation, Key Encipherment 416s X509v3 Extended Key Usage: 416s TLS Web Client Authentication, E-mail Protection 416s X509v3 Subject Alternative Name: 416s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 416s Signature Algorithm: sha256WithRSAEncryption 416s Signature Value: 416s 29:31:2d:d3:70:f6:1f:6d:ca:66:e4:94:69:f2:6a:5e:85:28: 416s 7b:34:75:96:0f:df:e7:8c:d4:aa:1b:40:30:8c:85:e1:32:73: 416s f2:ad:a4:58:15:13:df:38:33:91:81:85:37:f5:0d:ba:c5:8c: 416s 96:f1:4b:f6:55:c3:82:2b:f8:b9:d2:96:e6:b5:8b:68:67:84: 416s 07:94:ad:7b:a3:c9:28:46:9d:f3:ab:05:84:fc:c2:a4:c9:2f: 416s b0:b5:78:db:24:8a:a8:b5:2a:20:67:6c:10:fa:82:f8:eb:9e: 416s 79:20:cc:dc:9e:cd:e5:6b:4c:f5:7d:92:5d:e7:2d:1e:24:4d: 416s a6:01 416s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-14775-auth.pem 416s + found_md5=Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 416s + '[' Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 '!=' Modulus=BD011C32383705D730DAB476E7CB51F001EDE60E9F459C8FF0E51EEFFE1B9800802D230C45BC5D5AE977721AB9F4D95E08B45829525B923F28F86ACE1C65AD1EDDDAF65A5CF98B3374F7BB33CE20670A14DEF27EB0901C7661EB0C458586DD580F3FC984C296D1491682D800F0F2A1A3B1B6C7426E4E7F04579AF02B3BAE2381 ']' 416s + invalid_certificate /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 416s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 416s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-12011 416s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 416s + local verify_option= 416s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 416s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-12011 416s + local key_cn 416s + local key_name 416s + local tokens_dir 416s + local output_cert_file 416s + token_name= 416s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 416s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 416s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s ++ sed -n 's/ *commonName *= //p' 416s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 416s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 416s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 416s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 416s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 416s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 416s + token_name='Test Organization Sub Int Token' 416s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 416s + local key_file 416s + local decrypted_key 416s + mkdir -p /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 416s + key_file=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 416s + decrypted_key=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 416s + cat 416s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 053350 --so-pin 053350 --free 416s Slot 0 has a free/uninitialized token. 416s The token has been initialized and is reassigned to slot 222863916 416s + softhsm2-util --show-slots 416s Available slots: 416s Slot 222863916 416s Slot info: 416s Description: SoftHSM slot ID 0xd48a22c 416s Manufacturer ID: SoftHSM project 416s Hardware version: 2.6 416s Firmware version: 2.6 416s Token present: yes 416s Token info: 416s Manufacturer ID: SoftHSM project 416s Model: SoftHSM v2 416s Hardware version: 2.6 416s Firmware version: 2.6 416s Serial number: ddcb39798d48a22c 416s Initialized: yes 416s User PIN init.: yes 416s Label: Test Organization Sub Int Token 416s Slot 1 416s Slot info: 416s Description: SoftHSM slot ID 0x1 416s Manufacturer ID: SoftHSM project 416s Hardware version: 2.6 416s Firmware version: 2.6 416s Token present: yes 416s Token info: 416s Manufacturer ID: SoftHSM project 416s Model: SoftHSM v2 416s Hardware version: 2.6 416s Firmware version: 2.6 416s Serial number: 416s Initialized: no 416s User PIN init.: no 416s Label: 416s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 416s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-12011 -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 416s writing RSA key 416s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 416s + rm /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 416s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 416s Object 0: 416s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ddcb39798d48a22c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 416s Type: X.509 Certificate (RSA-1024) 416s Expires: Tue Apr 8 22:42:33 2025 416s Label: Test Organization Sub Intermediate Trusted Certificate 0001 416s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 416s 416s Test Organization Sub Int Token 416s + echo 'Test Organization Sub Int Token' 416s + '[' -n '' ']' 416s + local output_base_name=SSSD-child-30861 416s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-30861.output 416s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-30861.pem 416s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 416s [p11_child[3519]] [main] (0x0400): p11_child started. 416s [p11_child[3519]] [main] (0x2000): Running in [pre-auth] mode. 416s [p11_child[3519]] [main] (0x2000): Running with effective IDs: [0][0]. 416s [p11_child[3519]] [main] (0x2000): Running with real IDs [0][0]. 416s [p11_child[3519]] [do_card] (0x4000): Module List: 416s [p11_child[3519]] [do_card] (0x4000): common name: [softhsm2]. 416s [p11_child[3519]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3519]] [do_card] (0x4000): Description [SoftHSM slot ID 0xd48a22c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 416s [p11_child[3519]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 416s [p11_child[3519]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0xd48a22c][222863916] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3519]] [do_card] (0x4000): Login NOT required. 416s [p11_child[3519]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 416s [p11_child[3519]] [do_verification] (0x0040): X509_verify_cert failed [0]. 416s [p11_child[3519]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 416s [p11_child[3519]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 416s [p11_child[3519]] [do_card] (0x4000): No certificate found. 416s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-30861.output 416s + return 2 416s + invalid_certificate /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem partial_chain 416s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 /tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem partial_chain 416s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-12011 416s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 416s + local verify_option=partial_chain 416s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 416s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-12011 416s + local key_cn 416s + local key_name 416s + local tokens_dir 416s + local output_cert_file 416s + token_name= 416s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 416s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 416s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s ++ sed -n 's/ *commonName *= //p' 416s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 416s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 416s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 416s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 416s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 416s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 416s + token_name='Test Organization Sub Int Token' 416s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 416s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 416s + echo 'Test Organization Sub Int Token' 416s + '[' -n partial_chain ']' 416s + local verify_arg=--verify=partial_chain 416s + local output_base_name=SSSD-child-24122 416s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-24122.output 416s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-24122.pem 416s Test Organization Sub Int Token 416s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-root-CA.pem 416s [p11_child[3526]] [main] (0x0400): p11_child started. 416s [p11_child[3526]] [main] (0x2000): Running in [pre-auth] mode. 416s [p11_child[3526]] [main] (0x2000): Running with effective IDs: [0][0]. 416s [p11_child[3526]] [main] (0x2000): Running with real IDs [0][0]. 416s [p11_child[3526]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 416s [p11_child[3526]] [do_card] (0x4000): Module List: 416s [p11_child[3526]] [do_card] (0x4000): common name: [softhsm2]. 416s [p11_child[3526]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3526]] [do_card] (0x4000): Description [SoftHSM slot ID 0xd48a22c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 416s [p11_child[3526]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 416s [p11_child[3526]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0xd48a22c][222863916] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3526]] [do_card] (0x4000): Login NOT required. 416s [p11_child[3526]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 416s [p11_child[3526]] [do_verification] (0x0040): X509_verify_cert failed [0]. 416s [p11_child[3526]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 416s [p11_child[3526]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 416s [p11_child[3526]] [do_card] (0x4000): No certificate found. 416s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-24122.output 416s + return 2 416s + valid_certificate /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 416s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 416s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-12011 416s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 416s + local verify_option= 416s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 416s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-12011 416s + local key_cn 416s + local key_name 416s + local tokens_dir 416s + local output_cert_file 416s + token_name= 416s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 416s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 416s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 416s ++ sed -n 's/ *commonName *= //p' 416s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 416s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 416s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 416s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 416s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 416s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 416s + token_name='Test Organization Sub Int Token' 416s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 416s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 416s Test Organization Sub Int Token 416s + echo 'Test Organization Sub Int Token' 416s + '[' -n '' ']' 416s + local output_base_name=SSSD-child-31604 416s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-31604.output 416s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-31604.pem 416s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 416s [p11_child[3533]] [main] (0x0400): p11_child started. 416s [p11_child[3533]] [main] (0x2000): Running in [pre-auth] mode. 416s [p11_child[3533]] [main] (0x2000): Running with effective IDs: [0][0]. 416s [p11_child[3533]] [main] (0x2000): Running with real IDs [0][0]. 416s [p11_child[3533]] [do_card] (0x4000): Module List: 416s [p11_child[3533]] [do_card] (0x4000): common name: [softhsm2]. 416s [p11_child[3533]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3533]] [do_card] (0x4000): Description [SoftHSM slot ID 0xd48a22c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 416s [p11_child[3533]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 416s [p11_child[3533]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0xd48a22c][222863916] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 416s [p11_child[3533]] [do_card] (0x4000): Login NOT required. 416s [p11_child[3533]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 416s [p11_child[3533]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 416s [p11_child[3533]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 416s [p11_child[3533]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xd48a22c;slot-manufacturer=SoftHSM%20project;slot-id=222863916;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ddcb39798d48a22c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 416s [p11_child[3533]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 416s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-31604.output 416s + echo '-----BEGIN CERTIFICATE-----' 416s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-31604.output 416s + echo '-----END CERTIFICATE-----' 416s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-31604.pem 416s Certificate: 416s Data: 416s Version: 3 (0x2) 416s Serial Number: 5 (0x5) 416s Signature Algorithm: sha256WithRSAEncryption 416s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 416s Validity 416s Not Before: Apr 8 22:42:33 2024 GMT 416s Not After : Apr 8 22:42:33 2025 GMT 416s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 416s Subject Public Key Info: 416s Public Key Algorithm: rsaEncryption 416s Public-Key: (1024 bit) 416s Modulus: 416s 00:bd:43:9d:9b:48:36:79:ce:f7:1f:99:1a:a8:0e: 416s 7b:c6:9c:af:1d:9d:f1:7b:36:88:e1:c3:1a:9d:82: 416s 43:45:9a:6a:f5:5e:70:4a:e5:9c:ad:a5:9f:30:c1: 416s 8f:11:d3:80:1a:a4:76:b3:af:80:3c:33:6d:07:c2: 416s 92:8d:63:0d:af:6b:6e:26:16:ba:3f:d4:14:4a:39: 416s 60:81:6c:1d:9d:6b:e2:58:d4:2c:db:86:4d:30:c6: 416s 28:b7:95:e9:d6:c4:12:44:1e:00:f4:5d:33:fa:cb: 416s b8:14:50:ad:a3:ce:4a:c7:30:2b:b4:c6:6c:40:2e: 416s bb:15:3b:3f:be:47:42:9b:ad 416s Exponent: 65537 (0x10001) 416s X509v3 extensions: 416s X509v3 Authority Key Identifier: 416s B1:DD:B2:F2:0F:E9:26:4D:1B:9B:B8:37:FA:CE:D8:9B:AF:F9:3A:26 416s X509v3 Basic Constraints: 416s CA:FALSE 416s Netscape Cert Type: 416s SSL Client, S/MIME 416s Netscape Comment: 416s Test Organization Sub Intermediate CA trusted Certificate 416s X509v3 Subject Key Identifier: 416s CB:45:86:88:C7:86:95:94:9A:10:9C:E9:E7:5D:4E:CE:B0:96:69:84 416s X509v3 Key Usage: critical 416s Digital Signature, Non Repudiation, Key Encipherment 416s X509v3 Extended Key Usage: 416s TLS Web Client Authentication, E-mail Protection 416s X509v3 Subject Alternative Name: 416s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 416s Signature Algorithm: sha256WithRSAEncryption 416s Signature Value: 416s 9a:30:95:25:54:fb:80:d5:99:48:a4:b5:c3:9c:81:a5:9d:0a: 416s 6b:a8:69:17:12:92:fb:c7:c0:27:62:c1:95:b1:0c:cc:3a:98: 416s 20:97:9d:c9:90:a2:7c:00:b3:ee:1b:46:c4:6c:55:8c:55:e6: 416s 9b:34:df:9f:27:a1:a3:fa:8f:40:49:e5:e9:e0:30:d5:82:e4: 416s 8f:e2:5a:91:83:21:ac:6a:cc:41:50:2c:f8:0b:6c:26:c6:b4: 416s 4b:08:f1:76:af:23:3c:86:45:7f:8c:0d:12:8c:38:5a:e4:f0: 416s 36:dc:0d:d8:01:57:d3:c6:f2:8e:f8:2a:2a:88:0d:cb:65:12: 416s f7:e1 416s + local found_md5 expected_md5 416s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + expected_md5=Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD 417s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-31604.pem 417s + found_md5=Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD 417s + '[' Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD '!=' Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD ']' 417s + output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-31604-auth.output 417s ++ basename /tmp/sssd-softhsm2-5yzQpU/SSSD-child-31604-auth.output .output 417s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-31604-auth.pem 417s + echo -n 053350 417s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 417s [p11_child[3541]] [main] (0x0400): p11_child started. 417s [p11_child[3541]] [main] (0x2000): Running in [auth] mode. 417s [p11_child[3541]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[3541]] [main] (0x2000): Running with real IDs [0][0]. 417s [p11_child[3541]] [do_card] (0x4000): Module List: 417s [p11_child[3541]] [do_card] (0x4000): common name: [softhsm2]. 417s [p11_child[3541]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3541]] [do_card] (0x4000): Description [SoftHSM slot ID 0xd48a22c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 417s [p11_child[3541]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 417s [p11_child[3541]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0xd48a22c][222863916] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3541]] [do_card] (0x4000): Login required. 417s [p11_child[3541]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 417s [p11_child[3541]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 417s [p11_child[3541]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 417s [p11_child[3541]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xd48a22c;slot-manufacturer=SoftHSM%20project;slot-id=222863916;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ddcb39798d48a22c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 417s [p11_child[3541]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 417s [p11_child[3541]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 417s [p11_child[3541]] [do_card] (0x4000): Certificate verified and validated. 417s [p11_child[3541]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 417s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-31604-auth.output 417s + echo '-----BEGIN CERTIFICATE-----' 417s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-31604-auth.output 417s + echo '-----END CERTIFICATE-----' 417s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-31604-auth.pem 417s Certificate: 417s Data: 417s Version: 3 (0x2) 417s Serial Number: 5 (0x5) 417s Signature Algorithm: sha256WithRSAEncryption 417s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 417s Validity 417s Not Before: Apr 8 22:42:33 2024 GMT 417s Not After : Apr 8 22:42:33 2025 GMT 417s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 417s Subject Public Key Info: 417s Public Key Algorithm: rsaEncryption 417s Public-Key: (1024 bit) 417s Modulus: 417s 00:bd:43:9d:9b:48:36:79:ce:f7:1f:99:1a:a8:0e: 417s 7b:c6:9c:af:1d:9d:f1:7b:36:88:e1:c3:1a:9d:82: 417s 43:45:9a:6a:f5:5e:70:4a:e5:9c:ad:a5:9f:30:c1: 417s 8f:11:d3:80:1a:a4:76:b3:af:80:3c:33:6d:07:c2: 417s 92:8d:63:0d:af:6b:6e:26:16:ba:3f:d4:14:4a:39: 417s 60:81:6c:1d:9d:6b:e2:58:d4:2c:db:86:4d:30:c6: 417s 28:b7:95:e9:d6:c4:12:44:1e:00:f4:5d:33:fa:cb: 417s b8:14:50:ad:a3:ce:4a:c7:30:2b:b4:c6:6c:40:2e: 417s bb:15:3b:3f:be:47:42:9b:ad 417s Exponent: 65537 (0x10001) 417s X509v3 extensions: 417s X509v3 Authority Key Identifier: 417s B1:DD:B2:F2:0F:E9:26:4D:1B:9B:B8:37:FA:CE:D8:9B:AF:F9:3A:26 417s X509v3 Basic Constraints: 417s CA:FALSE 417s Netscape Cert Type: 417s SSL Client, S/MIME 417s Netscape Comment: 417s Test Organization Sub Intermediate CA trusted Certificate 417s X509v3 Subject Key Identifier: 417s CB:45:86:88:C7:86:95:94:9A:10:9C:E9:E7:5D:4E:CE:B0:96:69:84 417s X509v3 Key Usage: critical 417s Digital Signature, Non Repudiation, Key Encipherment 417s X509v3 Extended Key Usage: 417s TLS Web Client Authentication, E-mail Protection 417s X509v3 Subject Alternative Name: 417s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 417s Signature Algorithm: sha256WithRSAEncryption 417s Signature Value: 417s 9a:30:95:25:54:fb:80:d5:99:48:a4:b5:c3:9c:81:a5:9d:0a: 417s 6b:a8:69:17:12:92:fb:c7:c0:27:62:c1:95:b1:0c:cc:3a:98: 417s 20:97:9d:c9:90:a2:7c:00:b3:ee:1b:46:c4:6c:55:8c:55:e6: 417s 9b:34:df:9f:27:a1:a3:fa:8f:40:49:e5:e9:e0:30:d5:82:e4: 417s 8f:e2:5a:91:83:21:ac:6a:cc:41:50:2c:f8:0b:6c:26:c6:b4: 417s 4b:08:f1:76:af:23:3c:86:45:7f:8c:0d:12:8c:38:5a:e4:f0: 417s 36:dc:0d:d8:01:57:d3:c6:f2:8e:f8:2a:2a:88:0d:cb:65:12: 417s f7:e1 417s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-31604-auth.pem 417s + found_md5=Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD 417s + '[' Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD '!=' Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD ']' 417s + valid_certificate /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem partial_chain 417s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 /tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem partial_chain 417s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-12011 417s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 417s + local verify_option=partial_chain 417s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 417s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-12011 417s + local key_cn 417s + local key_name 417s + local tokens_dir 417s + local output_cert_file 417s + token_name= 417s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 417s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 417s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s ++ sed -n 's/ *commonName *= //p' 417s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 417s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 417s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 417s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 417s + token_name='Test Organization Sub Int Token' 417s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 417s Test Organization Sub Int Token 417s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 417s + echo 'Test Organization Sub Int Token' 417s + '[' -n partial_chain ']' 417s + local verify_arg=--verify=partial_chain 417s + local output_base_name=SSSD-child-10504 417s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-10504.output 417s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-10504.pem 417s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem 417s [p11_child[3551]] [main] (0x0400): p11_child started. 417s [p11_child[3551]] [main] (0x2000): Running in [pre-auth] mode. 417s [p11_child[3551]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[3551]] [main] (0x2000): Running with real IDs [0][0]. 417s [p11_child[3551]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 417s [p11_child[3551]] [do_card] (0x4000): Module List: 417s [p11_child[3551]] [do_card] (0x4000): common name: [softhsm2]. 417s [p11_child[3551]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3551]] [do_card] (0x4000): Description [SoftHSM slot ID 0xd48a22c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 417s [p11_child[3551]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 417s [p11_child[3551]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0xd48a22c][222863916] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3551]] [do_card] (0x4000): Login NOT required. 417s [p11_child[3551]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 417s [p11_child[3551]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 417s [p11_child[3551]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 417s [p11_child[3551]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xd48a22c;slot-manufacturer=SoftHSM%20project;slot-id=222863916;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ddcb39798d48a22c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 417s [p11_child[3551]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 417s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-10504.output 417s + echo '-----BEGIN CERTIFICATE-----' 417s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-10504.output 417s + echo '-----END CERTIFICATE-----' 417s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-10504.pem 417s Certificate: 417s Data: 417s Version: 3 (0x2) 417s Serial Number: 5 (0x5) 417s Signature Algorithm: sha256WithRSAEncryption 417s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 417s Validity 417s Not Before: Apr 8 22:42:33 2024 GMT 417s Not After : Apr 8 22:42:33 2025 GMT 417s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 417s Subject Public Key Info: 417s Public Key Algorithm: rsaEncryption 417s Public-Key: (1024 bit) 417s Modulus: 417s 00:bd:43:9d:9b:48:36:79:ce:f7:1f:99:1a:a8:0e: 417s 7b:c6:9c:af:1d:9d:f1:7b:36:88:e1:c3:1a:9d:82: 417s 43:45:9a:6a:f5:5e:70:4a:e5:9c:ad:a5:9f:30:c1: 417s 8f:11:d3:80:1a:a4:76:b3:af:80:3c:33:6d:07:c2: 417s 92:8d:63:0d:af:6b:6e:26:16:ba:3f:d4:14:4a:39: 417s 60:81:6c:1d:9d:6b:e2:58:d4:2c:db:86:4d:30:c6: 417s 28:b7:95:e9:d6:c4:12:44:1e:00:f4:5d:33:fa:cb: 417s b8:14:50:ad:a3:ce:4a:c7:30:2b:b4:c6:6c:40:2e: 417s bb:15:3b:3f:be:47:42:9b:ad 417s Exponent: 65537 (0x10001) 417s X509v3 extensions: 417s X509v3 Authority Key Identifier: 417s B1:DD:B2:F2:0F:E9:26:4D:1B:9B:B8:37:FA:CE:D8:9B:AF:F9:3A:26 417s X509v3 Basic Constraints: 417s CA:FALSE 417s Netscape Cert Type: 417s SSL Client, S/MIME 417s Netscape Comment: 417s Test Organization Sub Intermediate CA trusted Certificate 417s X509v3 Subject Key Identifier: 417s CB:45:86:88:C7:86:95:94:9A:10:9C:E9:E7:5D:4E:CE:B0:96:69:84 417s X509v3 Key Usage: critical 417s Digital Signature, Non Repudiation, Key Encipherment 417s X509v3 Extended Key Usage: 417s TLS Web Client Authentication, E-mail Protection 417s X509v3 Subject Alternative Name: 417s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 417s Signature Algorithm: sha256WithRSAEncryption 417s Signature Value: 417s 9a:30:95:25:54:fb:80:d5:99:48:a4:b5:c3:9c:81:a5:9d:0a: 417s 6b:a8:69:17:12:92:fb:c7:c0:27:62:c1:95:b1:0c:cc:3a:98: 417s 20:97:9d:c9:90:a2:7c:00:b3:ee:1b:46:c4:6c:55:8c:55:e6: 417s 9b:34:df:9f:27:a1:a3:fa:8f:40:49:e5:e9:e0:30:d5:82:e4: 417s 8f:e2:5a:91:83:21:ac:6a:cc:41:50:2c:f8:0b:6c:26:c6:b4: 417s 4b:08:f1:76:af:23:3c:86:45:7f:8c:0d:12:8c:38:5a:e4:f0: 417s 36:dc:0d:d8:01:57:d3:c6:f2:8e:f8:2a:2a:88:0d:cb:65:12: 417s f7:e1 417s + local found_md5 expected_md5 417s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + expected_md5=Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD 417s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-10504.pem 417s + found_md5=Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD 417s + '[' Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD '!=' Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD ']' 417s + output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-10504-auth.output 417s ++ basename /tmp/sssd-softhsm2-5yzQpU/SSSD-child-10504-auth.output .output 417s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-10504-auth.pem 417s + echo -n 053350 417s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 417s [p11_child[3559]] [main] (0x0400): p11_child started. 417s [p11_child[3559]] [main] (0x2000): Running in [auth] mode. 417s [p11_child[3559]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[3559]] [main] (0x2000): Running with real IDs [0][0]. 417s [p11_child[3559]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 417s [p11_child[3559]] [do_card] (0x4000): Module List: 417s [p11_child[3559]] [do_card] (0x4000): common name: [softhsm2]. 417s [p11_child[3559]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3559]] [do_card] (0x4000): Description [SoftHSM slot ID 0xd48a22c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 417s [p11_child[3559]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 417s [p11_child[3559]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0xd48a22c][222863916] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3559]] [do_card] (0x4000): Login required. 417s [p11_child[3559]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 417s [p11_child[3559]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 417s [p11_child[3559]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 417s [p11_child[3559]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xd48a22c;slot-manufacturer=SoftHSM%20project;slot-id=222863916;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ddcb39798d48a22c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 417s [p11_child[3559]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 417s [p11_child[3559]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 417s [p11_child[3559]] [do_card] (0x4000): Certificate verified and validated. 417s [p11_child[3559]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 417s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-10504-auth.output 417s + echo '-----BEGIN CERTIFICATE-----' 417s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-10504-auth.output 417s + echo '-----END CERTIFICATE-----' 417s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-10504-auth.pem 417s Certificate: 417s Data: 417s Version: 3 (0x2) 417s Serial Number: 5 (0x5) 417s Signature Algorithm: sha256WithRSAEncryption 417s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 417s Validity 417s Not Before: Apr 8 22:42:33 2024 GMT 417s Not After : Apr 8 22:42:33 2025 GMT 417s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 417s Subject Public Key Info: 417s Public Key Algorithm: rsaEncryption 417s Public-Key: (1024 bit) 417s Modulus: 417s 00:bd:43:9d:9b:48:36:79:ce:f7:1f:99:1a:a8:0e: 417s 7b:c6:9c:af:1d:9d:f1:7b:36:88:e1:c3:1a:9d:82: 417s 43:45:9a:6a:f5:5e:70:4a:e5:9c:ad:a5:9f:30:c1: 417s 8f:11:d3:80:1a:a4:76:b3:af:80:3c:33:6d:07:c2: 417s 92:8d:63:0d:af:6b:6e:26:16:ba:3f:d4:14:4a:39: 417s 60:81:6c:1d:9d:6b:e2:58:d4:2c:db:86:4d:30:c6: 417s 28:b7:95:e9:d6:c4:12:44:1e:00:f4:5d:33:fa:cb: 417s b8:14:50:ad:a3:ce:4a:c7:30:2b:b4:c6:6c:40:2e: 417s bb:15:3b:3f:be:47:42:9b:ad 417s Exponent: 65537 (0x10001) 417s X509v3 extensions: 417s X509v3 Authority Key Identifier: 417s B1:DD:B2:F2:0F:E9:26:4D:1B:9B:B8:37:FA:CE:D8:9B:AF:F9:3A:26 417s X509v3 Basic Constraints: 417s CA:FALSE 417s Netscape Cert Type: 417s SSL Client, S/MIME 417s Netscape Comment: 417s Test Organization Sub Intermediate CA trusted Certificate 417s X509v3 Subject Key Identifier: 417s CB:45:86:88:C7:86:95:94:9A:10:9C:E9:E7:5D:4E:CE:B0:96:69:84 417s X509v3 Key Usage: critical 417s Digital Signature, Non Repudiation, Key Encipherment 417s X509v3 Extended Key Usage: 417s TLS Web Client Authentication, E-mail Protection 417s X509v3 Subject Alternative Name: 417s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 417s Signature Algorithm: sha256WithRSAEncryption 417s Signature Value: 417s 9a:30:95:25:54:fb:80:d5:99:48:a4:b5:c3:9c:81:a5:9d:0a: 417s 6b:a8:69:17:12:92:fb:c7:c0:27:62:c1:95:b1:0c:cc:3a:98: 417s 20:97:9d:c9:90:a2:7c:00:b3:ee:1b:46:c4:6c:55:8c:55:e6: 417s 9b:34:df:9f:27:a1:a3:fa:8f:40:49:e5:e9:e0:30:d5:82:e4: 417s 8f:e2:5a:91:83:21:ac:6a:cc:41:50:2c:f8:0b:6c:26:c6:b4: 417s 4b:08:f1:76:af:23:3c:86:45:7f:8c:0d:12:8c:38:5a:e4:f0: 417s 36:dc:0d:d8:01:57:d3:c6:f2:8e:f8:2a:2a:88:0d:cb:65:12: 417s f7:e1 417s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-10504-auth.pem 417s + found_md5=Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD 417s + '[' Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD '!=' Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD ']' 417s + invalid_certificate /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem 417s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem 417s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-12011 417s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem 417s + local verify_option= 417s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 417s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-12011 417s + local key_cn 417s + local key_name 417s + local tokens_dir 417s + local output_cert_file 417s + token_name= 417s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 417s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 417s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s ++ sed -n 's/ *commonName *= //p' 417s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 417s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 417s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 417s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 417s + token_name='Test Organization Sub Int Token' 417s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 417s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 417s + echo 'Test Organization Sub Int Token' 417s + '[' -n '' ']' 417s + local output_base_name=SSSD-child-26138 417s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-26138.output 417s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-26138.pem 417s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem 417s [p11_child[3569]] [main] (0x0400): p11_child started. 417s [p11_child[3569]] [main] (0x2000): Running in [pre-auth] mode. 417s [p11_child[3569]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[3569]] [main] (0x2000): Running with real IDs [0][0]. 417s Test Organization Sub Int Token 417s [p11_child[3569]] [do_card] (0x4000): Module List: 417s [p11_child[3569]] [do_card] (0x4000): common name: [softhsm2]. 417s [p11_child[3569]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3569]] [do_card] (0x4000): Description [SoftHSM slot ID 0xd48a22c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 417s [p11_child[3569]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 417s [p11_child[3569]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0xd48a22c][222863916] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3569]] [do_card] (0x4000): Login NOT required. 417s [p11_child[3569]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 417s [p11_child[3569]] [do_verification] (0x0040): X509_verify_cert failed [0]. 417s [p11_child[3569]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 417s [p11_child[3569]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 417s [p11_child[3569]] [do_card] (0x4000): No certificate found. 417s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-26138.output 417s + return 2 417s + invalid_certificate /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 /tmp/sssd-softhsm2-5yzQpU/test-root-intermediate-chain-CA.pem partial_chain 417s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 /tmp/sssd-softhsm2-5yzQpU/test-root-intermediate-chain-CA.pem partial_chain 417s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-12011 417s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-root-intermediate-chain-CA.pem 417s + local verify_option=partial_chain 417s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 417s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-12011 417s + local key_cn 417s + local key_name 417s + local tokens_dir 417s + local output_cert_file 417s + token_name= 417s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 417s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 417s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s ++ sed -n 's/ *commonName *= //p' 417s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 417s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 417s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 417s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 417s + token_name='Test Organization Sub Int Token' 417s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 417s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 417s + echo 'Test Organization Sub Int Token' 417s + '[' -n partial_chain ']' 417s + local verify_arg=--verify=partial_chain 417s + local output_base_name=SSSD-child-20361 417s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-20361.output 417s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-20361.pem 417s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-root-intermediate-chain-CA.pem 417s Test Organization Sub Int Token 417s [p11_child[3576]] [main] (0x0400): p11_child started. 417s [p11_child[3576]] [main] (0x2000): Running in [pre-auth] mode. 417s [p11_child[3576]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[3576]] [main] (0x2000): Running with real IDs [0][0]. 417s [p11_child[3576]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 417s [p11_child[3576]] [do_card] (0x4000): Module List: 417s [p11_child[3576]] [do_card] (0x4000): common name: [softhsm2]. 417s [p11_child[3576]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3576]] [do_card] (0x4000): Description [SoftHSM slot ID 0xd48a22c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 417s [p11_child[3576]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 417s [p11_child[3576]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0xd48a22c][222863916] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3576]] [do_card] (0x4000): Login NOT required. 417s [p11_child[3576]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 417s [p11_child[3576]] [do_verification] (0x0040): X509_verify_cert failed [0]. 417s [p11_child[3576]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 417s [p11_child[3576]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 417s [p11_child[3576]] [do_card] (0x4000): No certificate found. 417s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-20361.output 417s + return 2 417s + valid_certificate /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem partial_chain 417s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem partial_chain 417s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-12011 417s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem 417s + local verify_option=partial_chain 417s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 417s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-12011 417s + local key_cn 417s + local key_name 417s + local tokens_dir 417s + local output_cert_file 417s + token_name= 417s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 417s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 417s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s ++ sed -n 's/ *commonName *= //p' 417s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 417s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 417s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 417s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 417s + token_name='Test Organization Sub Int Token' 417s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 417s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 417s + echo 'Test Organization Sub Int Token' 417s + '[' -n partial_chain ']' 417s + local verify_arg=--verify=partial_chain 417s + local output_base_name=SSSD-child-12803 417s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-12803.output 417s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-12803.pem 417s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem 417s Test Organization Sub Int Token 417s [p11_child[3583]] [main] (0x0400): p11_child started. 417s [p11_child[3583]] [main] (0x2000): Running in [pre-auth] mode. 417s [p11_child[3583]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[3583]] [main] (0x2000): Running with real IDs [0][0]. 417s [p11_child[3583]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 417s [p11_child[3583]] [do_card] (0x4000): Module List: 417s [p11_child[3583]] [do_card] (0x4000): common name: [softhsm2]. 417s [p11_child[3583]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3583]] [do_card] (0x4000): Description [SoftHSM slot ID 0xd48a22c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 417s [p11_child[3583]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 417s [p11_child[3583]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0xd48a22c][222863916] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3583]] [do_card] (0x4000): Login NOT required. 417s [p11_child[3583]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 417s [p11_child[3583]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 417s [p11_child[3583]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 417s [p11_child[3583]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xd48a22c;slot-manufacturer=SoftHSM%20project;slot-id=222863916;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ddcb39798d48a22c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 417s [p11_child[3583]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 417s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-12803.output 417s + echo '-----BEGIN CERTIFICATE-----' 417s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-12803.output 417s + echo '-----END CERTIFICATE-----' 417s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-12803.pem 417s Certificate: 417s Data: 417s Version: 3 (0x2) 417s Serial Number: 5 (0x5) 417s Signature Algorithm: sha256WithRSAEncryption 417s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 417s Validity 417s Not Before: Apr 8 22:42:33 2024 GMT 417s Not After : Apr 8 22:42:33 2025 GMT 417s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 417s Subject Public Key Info: 417s Public Key Algorithm: rsaEncryption 417s Public-Key: (1024 bit) 417s Modulus: 417s 00:bd:43:9d:9b:48:36:79:ce:f7:1f:99:1a:a8:0e: 417s 7b:c6:9c:af:1d:9d:f1:7b:36:88:e1:c3:1a:9d:82: 417s 43:45:9a:6a:f5:5e:70:4a:e5:9c:ad:a5:9f:30:c1: 417s 8f:11:d3:80:1a:a4:76:b3:af:80:3c:33:6d:07:c2: 417s 92:8d:63:0d:af:6b:6e:26:16:ba:3f:d4:14:4a:39: 417s 60:81:6c:1d:9d:6b:e2:58:d4:2c:db:86:4d:30:c6: 417s 28:b7:95:e9:d6:c4:12:44:1e:00:f4:5d:33:fa:cb: 417s b8:14:50:ad:a3:ce:4a:c7:30:2b:b4:c6:6c:40:2e: 417s bb:15:3b:3f:be:47:42:9b:ad 417s Exponent: 65537 (0x10001) 417s X509v3 extensions: 417s X509v3 Authority Key Identifier: 417s B1:DD:B2:F2:0F:E9:26:4D:1B:9B:B8:37:FA:CE:D8:9B:AF:F9:3A:26 417s X509v3 Basic Constraints: 417s CA:FALSE 417s Netscape Cert Type: 417s SSL Client, S/MIME 417s Netscape Comment: 417s Test Organization Sub Intermediate CA trusted Certificate 417s X509v3 Subject Key Identifier: 417s CB:45:86:88:C7:86:95:94:9A:10:9C:E9:E7:5D:4E:CE:B0:96:69:84 417s X509v3 Key Usage: critical 417s Digital Signature, Non Repudiation, Key Encipherment 417s X509v3 Extended Key Usage: 417s TLS Web Client Authentication, E-mail Protection 417s X509v3 Subject Alternative Name: 417s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 417s Signature Algorithm: sha256WithRSAEncryption 417s Signature Value: 417s 9a:30:95:25:54:fb:80:d5:99:48:a4:b5:c3:9c:81:a5:9d:0a: 417s 6b:a8:69:17:12:92:fb:c7:c0:27:62:c1:95:b1:0c:cc:3a:98: 417s 20:97:9d:c9:90:a2:7c:00:b3:ee:1b:46:c4:6c:55:8c:55:e6: 417s 9b:34:df:9f:27:a1:a3:fa:8f:40:49:e5:e9:e0:30:d5:82:e4: 417s 8f:e2:5a:91:83:21:ac:6a:cc:41:50:2c:f8:0b:6c:26:c6:b4: 417s 4b:08:f1:76:af:23:3c:86:45:7f:8c:0d:12:8c:38:5a:e4:f0: 417s 36:dc:0d:d8:01:57:d3:c6:f2:8e:f8:2a:2a:88:0d:cb:65:12: 417s f7:e1 417s + local found_md5 expected_md5 417s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + expected_md5=Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD 417s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-12803.pem 417s + found_md5=Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD 417s + '[' Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD '!=' Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD ']' 417s + output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-12803-auth.output 417s ++ basename /tmp/sssd-softhsm2-5yzQpU/SSSD-child-12803-auth.output .output 417s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-12803-auth.pem 417s + echo -n 053350 417s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 417s [p11_child[3591]] [main] (0x0400): p11_child started. 417s [p11_child[3591]] [main] (0x2000): Running in [auth] mode. 417s [p11_child[3591]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[3591]] [main] (0x2000): Running with real IDs [0][0]. 417s [p11_child[3591]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 417s [p11_child[3591]] [do_card] (0x4000): Module List: 417s [p11_child[3591]] [do_card] (0x4000): common name: [softhsm2]. 417s [p11_child[3591]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3591]] [do_card] (0x4000): Description [SoftHSM slot ID 0xd48a22c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 417s [p11_child[3591]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 417s [p11_child[3591]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0xd48a22c][222863916] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3591]] [do_card] (0x4000): Login required. 417s [p11_child[3591]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 417s [p11_child[3591]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 417s [p11_child[3591]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 417s [p11_child[3591]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xd48a22c;slot-manufacturer=SoftHSM%20project;slot-id=222863916;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ddcb39798d48a22c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 417s [p11_child[3591]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 417s [p11_child[3591]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 417s [p11_child[3591]] [do_card] (0x4000): Certificate verified and validated. 417s [p11_child[3591]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 417s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-12803-auth.output 417s + echo '-----BEGIN CERTIFICATE-----' 417s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-12803-auth.output 417s + echo '-----END CERTIFICATE-----' 417s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-12803-auth.pem 417s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-12803-auth.pem 417s Certificate: 417s Data: 417s Version: 3 (0x2) 417s Serial Number: 5 (0x5) 417s Signature Algorithm: sha256WithRSAEncryption 417s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 417s Validity 417s Not Before: Apr 8 22:42:33 2024 GMT 417s Not After : Apr 8 22:42:33 2025 GMT 417s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 417s Subject Public Key Info: 417s Public Key Algorithm: rsaEncryption 417s Public-Key: (1024 bit) 417s Modulus: 417s 00:bd:43:9d:9b:48:36:79:ce:f7:1f:99:1a:a8:0e: 417s 7b:c6:9c:af:1d:9d:f1:7b:36:88:e1:c3:1a:9d:82: 417s 43:45:9a:6a:f5:5e:70:4a:e5:9c:ad:a5:9f:30:c1: 417s 8f:11:d3:80:1a:a4:76:b3:af:80:3c:33:6d:07:c2: 417s 92:8d:63:0d:af:6b:6e:26:16:ba:3f:d4:14:4a:39: 417s 60:81:6c:1d:9d:6b:e2:58:d4:2c:db:86:4d:30:c6: 417s 28:b7:95:e9:d6:c4:12:44:1e:00:f4:5d:33:fa:cb: 417s b8:14:50:ad:a3:ce:4a:c7:30:2b:b4:c6:6c:40:2e: 417s bb:15:3b:3f:be:47:42:9b:ad 417s Exponent: 65537 (0x10001) 417s X509v3 extensions: 417s X509v3 Authority Key Identifier: 417s B1:DD:B2:F2:0F:E9:26:4D:1B:9B:B8:37:FA:CE:D8:9B:AF:F9:3A:26 417s X509v3 Basic Constraints: 417s CA:FALSE 417s Netscape Cert Type: 417s SSL Client, S/MIME 417s Netscape Comment: 417s Test Organization Sub Intermediate CA trusted Certificate 417s X509v3 Subject Key Identifier: 417s CB:45:86:88:C7:86:95:94:9A:10:9C:E9:E7:5D:4E:CE:B0:96:69:84 417s X509v3 Key Usage: critical 417s Digital Signature, Non Repudiation, Key Encipherment 417s X509v3 Extended Key Usage: 417s TLS Web Client Authentication, E-mail Protection 417s X509v3 Subject Alternative Name: 417s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 417s Signature Algorithm: sha256WithRSAEncryption 417s Signature Value: 417s 9a:30:95:25:54:fb:80:d5:99:48:a4:b5:c3:9c:81:a5:9d:0a: 417s 6b:a8:69:17:12:92:fb:c7:c0:27:62:c1:95:b1:0c:cc:3a:98: 417s 20:97:9d:c9:90:a2:7c:00:b3:ee:1b:46:c4:6c:55:8c:55:e6: 417s 9b:34:df:9f:27:a1:a3:fa:8f:40:49:e5:e9:e0:30:d5:82:e4: 417s 8f:e2:5a:91:83:21:ac:6a:cc:41:50:2c:f8:0b:6c:26:c6:b4: 417s 4b:08:f1:76:af:23:3c:86:45:7f:8c:0d:12:8c:38:5a:e4:f0: 417s 36:dc:0d:d8:01:57:d3:c6:f2:8e:f8:2a:2a:88:0d:cb:65:12: 417s f7:e1 417s + found_md5=Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD 417s + '[' Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD '!=' Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD ']' 417s + valid_certificate /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 /tmp/sssd-softhsm2-5yzQpU/test-intermediate-sub-chain-CA.pem partial_chain 417s + check_certificate /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 /tmp/sssd-softhsm2-5yzQpU/test-intermediate-sub-chain-CA.pem partial_chain 417s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-12011 417s + local key_ring=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-sub-chain-CA.pem 417s + local verify_option=partial_chain 417s + prepare_softhsm2_card /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-12011 417s + local certificate=/tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-12011 417s + local key_cn 417s + local key_name 417s + local tokens_dir 417s + local output_cert_file 417s + token_name= 417s ++ basename /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 417s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 417s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s ++ sed -n 's/ *commonName *= //p' 417s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 417s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 417s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 417s ++ basename /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 417s + tokens_dir=/tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 417s + token_name='Test Organization Sub Int Token' 417s Test Organization Sub Int Token 417s + '[' '!' -e /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 417s + '[' '!' -d /tmp/sssd-softhsm2-5yzQpU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 417s + echo 'Test Organization Sub Int Token' 417s + '[' -n partial_chain ']' 417s + local verify_arg=--verify=partial_chain 417s + local output_base_name=SSSD-child-30387 417s + local output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-30387.output 417s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-30387.pem 417s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-sub-chain-CA.pem 417s [p11_child[3601]] [main] (0x0400): p11_child started. 417s [p11_child[3601]] [main] (0x2000): Running in [pre-auth] mode. 417s [p11_child[3601]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[3601]] [main] (0x2000): Running with real IDs [0][0]. 417s [p11_child[3601]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 417s [p11_child[3601]] [do_card] (0x4000): Module List: 417s [p11_child[3601]] [do_card] (0x4000): common name: [softhsm2]. 417s [p11_child[3601]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3601]] [do_card] (0x4000): Description [SoftHSM slot ID 0xd48a22c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 417s [p11_child[3601]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 417s [p11_child[3601]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0xd48a22c][222863916] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3601]] [do_card] (0x4000): Login NOT required. 417s [p11_child[3601]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 417s [p11_child[3601]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 417s [p11_child[3601]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 417s [p11_child[3601]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xd48a22c;slot-manufacturer=SoftHSM%20project;slot-id=222863916;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ddcb39798d48a22c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 417s [p11_child[3601]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 417s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-30387.output 417s + echo '-----BEGIN CERTIFICATE-----' 417s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-30387.output 417s + echo '-----END CERTIFICATE-----' 417s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-30387.pem 417s Certificate: 417s Data: 417s Version: 3 (0x2) 417s Serial Number: 5 (0x5) 417s Signature Algorithm: sha256WithRSAEncryption 417s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 417s Validity 417s Not Before: Apr 8 22:42:33 2024 GMT 417s Not After : Apr 8 22:42:33 2025 GMT 417s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 417s Subject Public Key Info: 417s Public Key Algorithm: rsaEncryption 417s Public-Key: (1024 bit) 417s Modulus: 417s 00:bd:43:9d:9b:48:36:79:ce:f7:1f:99:1a:a8:0e: 417s 7b:c6:9c:af:1d:9d:f1:7b:36:88:e1:c3:1a:9d:82: 417s 43:45:9a:6a:f5:5e:70:4a:e5:9c:ad:a5:9f:30:c1: 417s 8f:11:d3:80:1a:a4:76:b3:af:80:3c:33:6d:07:c2: 417s 92:8d:63:0d:af:6b:6e:26:16:ba:3f:d4:14:4a:39: 417s 60:81:6c:1d:9d:6b:e2:58:d4:2c:db:86:4d:30:c6: 417s 28:b7:95:e9:d6:c4:12:44:1e:00:f4:5d:33:fa:cb: 417s b8:14:50:ad:a3:ce:4a:c7:30:2b:b4:c6:6c:40:2e: 417s bb:15:3b:3f:be:47:42:9b:ad 417s Exponent: 65537 (0x10001) 417s X509v3 extensions: 417s X509v3 Authority Key Identifier: 417s B1:DD:B2:F2:0F:E9:26:4D:1B:9B:B8:37:FA:CE:D8:9B:AF:F9:3A:26 417s X509v3 Basic Constraints: 417s CA:FALSE 417s Netscape Cert Type: 417s SSL Client, S/MIME 417s Netscape Comment: 417s Test Organization Sub Intermediate CA trusted Certificate 417s X509v3 Subject Key Identifier: 417s CB:45:86:88:C7:86:95:94:9A:10:9C:E9:E7:5D:4E:CE:B0:96:69:84 417s X509v3 Key Usage: critical 417s Digital Signature, Non Repudiation, Key Encipherment 417s X509v3 Extended Key Usage: 417s TLS Web Client Authentication, E-mail Protection 417s X509v3 Subject Alternative Name: 417s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 417s Signature Algorithm: sha256WithRSAEncryption 417s Signature Value: 417s 9a:30:95:25:54:fb:80:d5:99:48:a4:b5:c3:9c:81:a5:9d:0a: 417s 6b:a8:69:17:12:92:fb:c7:c0:27:62:c1:95:b1:0c:cc:3a:98: 417s 20:97:9d:c9:90:a2:7c:00:b3:ee:1b:46:c4:6c:55:8c:55:e6: 417s 9b:34:df:9f:27:a1:a3:fa:8f:40:49:e5:e9:e0:30:d5:82:e4: 417s 8f:e2:5a:91:83:21:ac:6a:cc:41:50:2c:f8:0b:6c:26:c6:b4: 417s 4b:08:f1:76:af:23:3c:86:45:7f:8c:0d:12:8c:38:5a:e4:f0: 417s 36:dc:0d:d8:01:57:d3:c6:f2:8e:f8:2a:2a:88:0d:cb:65:12: 417s f7:e1 417s + local found_md5 expected_md5 417s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + expected_md5=Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD 417s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-30387.pem 417s + found_md5=Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD 417s + '[' Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD '!=' Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD ']' 417s + output_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-30387-auth.output 417s ++ basename /tmp/sssd-softhsm2-5yzQpU/SSSD-child-30387-auth.output .output 417s + output_cert_file=/tmp/sssd-softhsm2-5yzQpU/SSSD-child-30387-auth.pem 417s + echo -n 053350 417s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-5yzQpU/test-intermediate-sub-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 417s [p11_child[3609]] [main] (0x0400): p11_child started. 417s [p11_child[3609]] [main] (0x2000): Running in [auth] mode. 417s [p11_child[3609]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[3609]] [main] (0x2000): Running with real IDs [0][0]. 417s [p11_child[3609]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 417s [p11_child[3609]] [do_card] (0x4000): Module List: 417s [p11_child[3609]] [do_card] (0x4000): common name: [softhsm2]. 417s [p11_child[3609]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3609]] [do_card] (0x4000): Description [SoftHSM slot ID 0xd48a22c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 417s [p11_child[3609]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 417s [p11_child[3609]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0xd48a22c][222863916] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 417s [p11_child[3609]] [do_card] (0x4000): Login required. 417s [p11_child[3609]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 417s [p11_child[3609]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 417s [p11_child[3609]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 417s [p11_child[3609]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200xd48a22c;slot-manufacturer=SoftHSM%20project;slot-id=222863916;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=ddcb39798d48a22c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 417s [p11_child[3609]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 417s [p11_child[3609]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 417s [p11_child[3609]] [do_card] (0x4000): Certificate verified and validated. 417s [p11_child[3609]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 417s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-30387-auth.output 417s + echo '-----BEGIN CERTIFICATE-----' 417s + tail -n1 /tmp/sssd-softhsm2-5yzQpU/SSSD-child-30387-auth.output 417s + echo '-----END CERTIFICATE-----' 417s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-30387-auth.pem 418s Certificate: 418s Data: 418s Version: 3 (0x2) 418s Serial Number: 5 (0x5) 418s Signature Algorithm: sha256WithRSAEncryption 418s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 418s Validity 418s Not Before: Apr 8 22:42:33 2024 GMT 418s Not After : Apr 8 22:42:33 2025 GMT 418s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 418s Subject Public Key Info: 418s Public Key Algorithm: rsaEncryption 418s Public-Key: (1024 bit) 418s Modulus: 418s 00:bd:43:9d:9b:48:36:79:ce:f7:1f:99:1a:a8:0e: 418s 7b:c6:9c:af:1d:9d:f1:7b:36:88:e1:c3:1a:9d:82: 418s 43:45:9a:6a:f5:5e:70:4a:e5:9c:ad:a5:9f:30:c1: 418s 8f:11:d3:80:1a:a4:76:b3:af:80:3c:33:6d:07:c2: 418s 92:8d:63:0d:af:6b:6e:26:16:ba:3f:d4:14:4a:39: 418s 60:81:6c:1d:9d:6b:e2:58:d4:2c:db:86:4d:30:c6: 418s 28:b7:95:e9:d6:c4:12:44:1e:00:f4:5d:33:fa:cb: 418s b8:14:50:ad:a3:ce:4a:c7:30:2b:b4:c6:6c:40:2e: 418s bb:15:3b:3f:be:47:42:9b:ad 418s Exponent: 65537 (0x10001) 418s X509v3 extensions: 418s X509v3 Authority Key Identifier: 418s B1:DD:B2:F2:0F:E9:26:4D:1B:9B:B8:37:FA:CE:D8:9B:AF:F9:3A:26 418s X509v3 Basic Constraints: 418s CA:FALSE 418s Netscape Cert Type: 418s SSL Client, S/MIME 418s Netscape Comment: 418s Test Organization Sub Intermediate CA trusted Certificate 418s X509v3 Subject Key Identifier: 418s CB:45:86:88:C7:86:95:94:9A:10:9C:E9:E7:5D:4E:CE:B0:96:69:84 418s X509v3 Key Usage: critical 418s Digital Signature, Non Repudiation, Key Encipherment 418s X509v3 Extended Key Usage: 418s TLS Web Client Authentication, E-mail Protection 418s X509v3 Subject Alternative Name: 418s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 418s Signature Algorithm: sha256WithRSAEncryption 418s Signature Value: 418s 9a:30:95:25:54:fb:80:d5:99:48:a4:b5:c3:9c:81:a5:9d:0a: 418s 6b:a8:69:17:12:92:fb:c7:c0:27:62:c1:95:b1:0c:cc:3a:98: 418s 20:97:9d:c9:90:a2:7c:00:b3:ee:1b:46:c4:6c:55:8c:55:e6: 418s 9b:34:df:9f:27:a1:a3:fa:8f:40:49:e5:e9:e0:30:d5:82:e4: 418s 8f:e2:5a:91:83:21:ac:6a:cc:41:50:2c:f8:0b:6c:26:c6:b4: 418s 4b:08:f1:76:af:23:3c:86:45:7f:8c:0d:12:8c:38:5a:e4:f0: 418s 36:dc:0d:d8:01:57:d3:c6:f2:8e:f8:2a:2a:88:0d:cb:65:12: 418s f7:e1 418s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-5yzQpU/SSSD-child-30387-auth.pem 418s + found_md5=Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD 418s + '[' Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD '!=' Modulus=BD439D9B483679CEF71F991AA80E7BC69CAF1D9DF17B3688E1C31A9D8243459A6AF55E704AE59CADA59F30C18F11D3801AA476B3AF803C336D07C2928D630DAF6B6E2616BA3FD4144A3960816C1D9D6BE258D42CDB864D30C628B795E9D6C412441E00F45D33FACBB81450ADA3CE4AC7302BB4C66C402EBB153B3FBE47429BAD ']' 418s + set +x 418s 418s Test completed, Root CA and intermediate issued certificates verified! 418s autopkgtest [22:42:39]: test sssd-softhism2-certificates-tests.sh: -----------------------] 419s sssd-softhism2-certificates-tests.sh PASS 419s autopkgtest [22:42:40]: test sssd-softhism2-certificates-tests.sh: - - - - - - - - - - results - - - - - - - - - - 419s autopkgtest [22:42:40]: test sssd-smart-card-pam-auth-configs: preparing testbed 422s Reading package lists... 423s Building dependency tree... 423s Reading state information... 423s Starting pkgProblemResolver with broken count: 0 423s Starting 2 pkgProblemResolver with broken count: 0 423s Done 423s The following additional packages will be installed: 423s pamtester 423s The following NEW packages will be installed: 423s autopkgtest-satdep pamtester 423s 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. 423s Need to get 12.2 kB/13.0 kB of archives. 423s After this operation, 36.9 kB of additional disk space will be used. 423s Get:1 /tmp/autopkgtest.hxZKH5/4-autopkgtest-satdep.deb autopkgtest-satdep s390x 0 [760 B] 423s Get:2 http://ftpmaster.internal/ubuntu noble/universe s390x pamtester s390x 0.1.2-4 [12.2 kB] 424s Fetched 12.2 kB in 0s (81.7 kB/s) 424s Selecting previously unselected package pamtester. 424s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 78931 files and directories currently installed.) 424s Preparing to unpack .../pamtester_0.1.2-4_s390x.deb ... 424s Unpacking pamtester (0.1.2-4) ... 424s Selecting previously unselected package autopkgtest-satdep. 424s Preparing to unpack .../4-autopkgtest-satdep.deb ... 424s Unpacking autopkgtest-satdep (0) ... 424s Setting up pamtester (0.1.2-4) ... 424s Setting up autopkgtest-satdep (0) ... 424s Processing triggers for man-db (2.12.0-4build1) ... 427s (Reading database ... 78937 files and directories currently installed.) 427s Removing autopkgtest-satdep (0) ... 428s autopkgtest [22:42:49]: test sssd-smart-card-pam-auth-configs: env OFFLINE_MODE=1 bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 428s autopkgtest [22:42:49]: test sssd-smart-card-pam-auth-configs: [----------------------- 428s + '[' -z ubuntu ']' 428s + export DEBIAN_FRONTEND=noninteractive 428s + DEBIAN_FRONTEND=noninteractive 428s + required_tools=(pamtester softhsm2-util sssd) 428s + [[ ! -v OFFLINE_MODE ]] 428s + for cmd in "${required_tools[@]}" 428s + command -v pamtester 428s + for cmd in "${required_tools[@]}" 428s + command -v softhsm2-util 428s + for cmd in "${required_tools[@]}" 428s + command -v sssd 428s + PIN=123456 428s ++ mktemp -d -t sssd-softhsm2-certs-XXXXXX 428s + tmpdir=/tmp/sssd-softhsm2-certs-V8h4Wi 428s + backupsdir= 428s + alternative_pam_configs=(sss-smart-card-optional sss-smart-card-required) 428s + declare -a restore_paths 428s + declare -a delete_paths 428s + trap handle_exit EXIT 428s ++ dirname debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 428s + tester=debian/tests/sssd-softhism2-certificates-tests.sh 428s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 428s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 428s + export PIN TEST_TMPDIR=/tmp/sssd-softhsm2-certs-V8h4Wi GENERATE_SMART_CARDS=1 KEEP_TEMPORARY_FILES=1 NO_SSSD_TESTS=1 428s + TEST_TMPDIR=/tmp/sssd-softhsm2-certs-V8h4Wi 428s + GENERATE_SMART_CARDS=1 428s + KEEP_TEMPORARY_FILES=1 428s + NO_SSSD_TESTS=1 428s + bash debian/tests/sssd-softhism2-certificates-tests.sh 428s + '[' -z ubuntu ']' 428s + required_tools=(p11tool openssl softhsm2-util) 428s + for cmd in "${required_tools[@]}" 428s + command -v p11tool 428s + for cmd in "${required_tools[@]}" 428s + command -v openssl 428s + for cmd in "${required_tools[@]}" 429s + command -v softhsm2-util 429s + PIN=123456 429s +++ find /usr/lib/softhsm/libsofthsm2.so 429s +++ head -n 1 429s ++ realpath /usr/lib/softhsm/libsofthsm2.so 429s + SOFTHSM2_MODULE=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 429s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 429s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 429s + '[' '!' -v NO_SSSD_TESTS ']' 429s + '[' '!' -e /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so ']' 429s + tmpdir=/tmp/sssd-softhsm2-certs-V8h4Wi 429s + keys_size=1024 429s + [[ ! -v KEEP_TEMPORARY_FILES ]] 429s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 429s + echo -n 01 429s + touch /tmp/sssd-softhsm2-certs-V8h4Wi/index.txt 429s + mkdir -p /tmp/sssd-softhsm2-certs-V8h4Wi/new_certs 429s + cat 429s + root_ca_key_pass=pass:random-root-CA-password-4160 429s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-key.pem -passout pass:random-root-CA-password-4160 1024 429s + openssl req -passin pass:random-root-CA-password-4160 -batch -config /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA.pem 429s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA.pem 429s + cat 429s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-31668 429s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-31668 1024 429s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-31668 -config /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-4160 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-certificate-request.pem 429s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-certificate-request.pem 429s Certificate Request: 429s Data: 429s Version: 1 (0x0) 429s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 429s Subject Public Key Info: 429s Public Key Algorithm: rsaEncryption 429s Public-Key: (1024 bit) 429s Modulus: 429s 00:b9:0e:ce:60:05:75:4a:d9:33:ef:10:d7:0d:c4: 429s 96:ab:59:6e:29:d4:3f:93:16:61:12:0d:f2:bb:30: 429s 2e:8b:21:95:62:33:14:5f:a6:b2:96:5a:e0:3e:c9: 429s 61:ee:53:5d:fd:d8:02:01:d9:4f:f6:6c:ab:9a:81: 429s 8a:d9:12:f9:54:7c:10:4b:8f:d0:47:35:1e:35:91: 429s d1:0c:d6:b1:98:8c:0f:53:36:91:bb:56:a0:5a:8c: 429s 29:f0:dc:bf:93:47:6c:72:0d:02:dc:b4:e3:10:e2: 429s d9:9e:b7:8e:a5:77:4b:3e:c8:72:14:59:45:0c:52: 429s 87:54:4c:3e:53:f6:6c:3e:15 429s Exponent: 65537 (0x10001) 429s Attributes: 429s (none) 429s Requested Extensions: 429s Signature Algorithm: sha256WithRSAEncryption 429s Signature Value: 429s 8e:95:1a:15:26:68:66:40:08:f7:7c:96:85:60:a2:42:26:30: 429s 5b:3a:8c:0d:89:04:66:b2:70:85:8f:8e:51:1c:7d:eb:bf:42: 429s fd:7c:01:03:eb:49:55:30:eb:fe:78:01:f8:c9:c1:43:20:e7: 429s 23:1b:1d:e9:6e:d5:cc:61:c0:f2:84:99:e1:74:c5:6f:40:fd: 429s 79:0b:a8:93:9e:2d:57:c3:0b:c1:21:01:d8:5d:be:6b:6a:a5: 429s f3:cf:71:ec:5c:6f:5a:a2:5c:bc:66:dc:60:89:6d:f9:db:86: 429s a2:cf:e1:6f:44:ed:d9:fe:d2:c9:d6:ee:2b:7c:0f:d5:a6:9b: 429s e9:38 429s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA.config -passin pass:random-root-CA-password-4160 -keyfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem 429s Using configuration from /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA.config 429s Check that the request matches the signature 429s Signature ok 429s Certificate Details: 429s Serial Number: 1 (0x1) 429s Validity 429s Not Before: Apr 8 22:42:50 2024 GMT 429s Not After : Apr 8 22:42:50 2025 GMT 429s Subject: 429s organizationName = Test Organization 429s organizationalUnitName = Test Organization Unit 429s commonName = Test Organization Intermediate CA 429s X509v3 extensions: 429s X509v3 Subject Key Identifier: 429s 65:4D:E2:ED:03:34:8F:BA:2B:C2:B6:12:33:C5:F3:C2:1B:DA:11:32 429s X509v3 Authority Key Identifier: 429s keyid:60:29:E3:46:AC:46:72:BA:F2:8D:51:B5:58:B9:1D:08:28:CA:78:51 429s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 429s serial:00 429s X509v3 Basic Constraints: 429s CA:TRUE 429s X509v3 Key Usage: critical 429s Digital Signature, Certificate Sign, CRL Sign 429s Certificate is to be certified until Apr 8 22:42:50 2025 GMT (365 days) 429s 429s Write out database with 1 new entries 429s Database updated 429s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem 429s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem 429s /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem: OK 429s + cat 429s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-17223 429s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-17223 1024 429s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-17223 -config /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-31668 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-certificate-request.pem 429s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-certificate-request.pem 429s Certificate Request: 429s Data: 429s Version: 1 (0x0) 429s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 429s Subject Public Key Info: 429s Public Key Algorithm: rsaEncryption 429s Public-Key: (1024 bit) 429s Modulus: 429s 00:d3:33:14:77:a6:13:4b:26:2f:50:99:9e:1a:c3: 429s 5a:0c:38:ba:c9:68:3e:50:bb:54:53:9d:19:05:59: 429s bf:6d:4a:76:94:e1:a2:39:eb:20:75:a2:d5:73:a0: 429s 5e:f8:8c:d1:0f:f9:e9:c6:8e:3b:e3:8f:b3:0c:7d: 429s 8f:36:3a:ea:83:36:bc:0c:e5:fe:bf:a5:96:c7:8c: 429s 63:83:94:16:d6:fe:38:a0:ac:dc:be:cd:fe:e5:98: 429s dc:d6:99:a1:d8:1a:fe:48:13:41:53:b5:d7:ae:b3: 429s 68:12:94:cf:93:09:62:fe:a0:01:99:8d:78:38:7e: 429s 18:6e:10:1e:de:62:e8:71:ef 429s Exponent: 65537 (0x10001) 429s Attributes: 429s (none) 429s Requested Extensions: 429s Signature Algorithm: sha256WithRSAEncryption 429s Signature Value: 429s b5:4f:ce:22:1a:c8:e8:9d:b3:c8:ac:c7:22:99:a1:e0:0a:43: 429s e5:2b:e3:04:3f:0f:8b:d5:c3:94:03:ea:c5:17:86:c3:16:fd: 429s 29:d1:0b:bf:51:1c:3a:f6:04:f7:e4:cf:6c:75:d4:71:d3:85: 429s 1c:3f:56:e5:4e:ac:ff:45:7c:79:e1:c6:9a:14:d2:ba:99:8e: 429s cf:bb:ea:f8:07:ac:0b:01:67:47:68:4f:05:5c:ba:1f:2f:a2: 429s f3:41:a4:36:2e:62:3b:6d:a6:de:d1:b3:31:bd:9c:41:2e:89: 429s 66:4e:a7:9e:63:6d:15:3b:37:84:5d:e4:6b:00:76:e3:b8:e4: 429s f8:ac 429s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-31668 -keyfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.pem 429s Using configuration from /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.config 429s Check that the request matches the signature 429s Signature ok 429s Certificate Details: 429s Serial Number: 2 (0x2) 429s Validity 429s Not Before: Apr 8 22:42:50 2024 GMT 429s Not After : Apr 8 22:42:50 2025 GMT 429s Subject: 429s organizationName = Test Organization 429s organizationalUnitName = Test Organization Unit 429s commonName = Test Organization Sub Intermediate CA 429s X509v3 extensions: 429s X509v3 Subject Key Identifier: 429s 5B:AB:EC:86:5B:4A:6B:89:24:82:5D:D6:33:AE:E7:74:7A:F7:A6:14 429s X509v3 Authority Key Identifier: 429s keyid:65:4D:E2:ED:03:34:8F:BA:2B:C2:B6:12:33:C5:F3:C2:1B:DA:11:32 429s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 429s serial:01 429s X509v3 Basic Constraints: 429s CA:TRUE 429s X509v3 Key Usage: critical 429s Digital Signature, Certificate Sign, CRL Sign 429s Certificate is to be certified until Apr 8 22:42:50 2025 GMT (365 days) 429s 429s Write out database with 1 new entries 429s Database updated 429s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.pem 429s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.pem 429s /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.pem: OK 429s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.pem 429s + local cmd=openssl 429s + shift 429s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.pem 429s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 429s error 20 at 0 depth lookup: unable to get local issuer certificate 429s error /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.pem: verification failed 429s + cat 429s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-26822 429s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-26822 1024 429s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-26822 -key /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001-request.pem 429s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001-request.pem 429s Certificate Request: 429s Data: 429s Version: 1 (0x0) 429s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 429s Subject Public Key Info: 429s Public Key Algorithm: rsaEncryption 429s Public-Key: (1024 bit) 429s Modulus: 429s 00:b5:00:f0:02:87:64:6e:3a:d5:73:1a:7f:9c:bb: 429s fb:df:32:1c:47:9c:fa:99:d3:f6:70:b2:84:70:47: 429s b9:49:34:f8:c1:0e:d8:b9:1a:e3:e7:79:08:74:f2: 429s 5c:fe:01:24:13:23:48:ac:7b:9f:49:ec:7d:1a:12: 429s a0:5a:23:18:83:bf:c2:f3:3a:b6:a2:31:26:98:0e: 429s ce:39:ee:cf:7a:c6:92:97:ab:cf:5d:cb:c1:44:31: 429s a4:3c:4f:a4:ef:e4:3c:17:82:25:41:a7:e7:bd:b2: 429s d3:5b:79:0f:94:d4:eb:4e:df:84:af:42:53:a3:c2: 429s 6a:29:92:fa:c0:1c:c9:f8:f5 429s Exponent: 65537 (0x10001) 429s Attributes: 429s Requested Extensions: 429s X509v3 Basic Constraints: 429s CA:FALSE 429s Netscape Cert Type: 429s SSL Client, S/MIME 429s Netscape Comment: 429s Test Organization Root CA trusted Certificate 429s X509v3 Subject Key Identifier: 429s 41:39:FA:F8:3A:16:78:13:90:F8:D7:8B:35:42:20:05:3B:2C:24:57 429s X509v3 Key Usage: critical 429s Digital Signature, Non Repudiation, Key Encipherment 429s X509v3 Extended Key Usage: 429s TLS Web Client Authentication, E-mail Protection 429s X509v3 Subject Alternative Name: 429s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 429s Signature Algorithm: sha256WithRSAEncryption 429s Signature Value: 429s 80:32:bf:58:e5:2b:33:eb:78:e6:ea:52:ea:62:68:71:d7:ee: 429s e6:b3:f2:f4:70:e0:b5:0b:d8:5a:8c:69:20:83:dd:64:57:cf: 429s d5:de:85:5c:61:07:89:39:8b:b7:f2:cc:df:c6:a2:08:26:a3: 429s 45:96:ae:e1:bb:36:5d:e6:c0:7e:e0:f4:1e:4e:d1:62:d1:f8: 429s 50:46:42:fe:42:d0:b6:ad:23:0b:89:f6:f0:73:90:e9:9d:9b: 429s 95:4e:cd:22:f7:43:44:7f:b6:88:75:1d:0c:c6:41:d4:79:a6: 429s e1:cc:e2:27:77:75:c4:4f:fe:d7:34:7d:78:11:6d:02:5f:51: 429s 0a:47 429s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA.config -passin pass:random-root-CA-password-4160 -keyfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001.pem 429s Using configuration from /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA.config 429s Check that the request matches the signature 429s Signature ok 429s Certificate Details: 429s Serial Number: 3 (0x3) 429s Validity 429s Not Before: Apr 8 22:42:50 2024 GMT 429s Not After : Apr 8 22:42:50 2025 GMT 429s Subject: 429s organizationName = Test Organization 429s organizationalUnitName = Test Organization Unit 429s commonName = Test Organization Root Trusted Certificate 0001 429s X509v3 extensions: 429s X509v3 Authority Key Identifier: 429s 60:29:E3:46:AC:46:72:BA:F2:8D:51:B5:58:B9:1D:08:28:CA:78:51 429s X509v3 Basic Constraints: 429s CA:FALSE 429s Netscape Cert Type: 429s SSL Client, S/MIME 429s Netscape Comment: 429s Test Organization Root CA trusted Certificate 429s X509v3 Subject Key Identifier: 429s 41:39:FA:F8:3A:16:78:13:90:F8:D7:8B:35:42:20:05:3B:2C:24:57 429s X509v3 Key Usage: critical 429s Digital Signature, Non Repudiation, Key Encipherment 429s X509v3 Extended Key Usage: 429s TLS Web Client Authentication, E-mail Protection 429s X509v3 Subject Alternative Name: 429s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 429s Certificate is to be certified until Apr 8 22:42:50 2025 GMT (365 days) 429s 429s Write out database with 1 new entries 429s Database updated 429s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001.pem 429s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001.pem 429s /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001.pem: OK 429s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001.pem 429s + local cmd=openssl 429s + shift 429s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001.pem 429s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 429s error 20 at 0 depth lookup: unable to get local issuer certificate 429s error /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001.pem: verification failed 429s + cat 429s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-2551 429s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-2551 1024 429s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-2551 -key /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001-request.pem 429s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001-request.pem 429s Certificate Request: 429s Data: 429s Version: 1 (0x0) 429s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 429s Subject Public Key Info: 429s Public Key Algorithm: rsaEncryption 429s Public-Key: (1024 bit) 429s Modulus: 429s 00:ed:f3:3a:e1:a2:7c:e8:6c:5e:68:45:c5:c7:c6: 429s 38:4c:5d:7f:bd:96:51:43:d4:bd:8a:4a:76:aa:90: 429s 7e:22:25:58:00:36:9e:de:d1:33:bf:82:6d:aa:01: 429s 5d:f3:f3:77:64:c5:5f:54:9f:69:78:ab:10:f3:10: 429s 12:73:6c:ab:a9:6d:c3:c8:21:52:f6:4a:03:ac:0b: 429s 1e:39:b4:2a:1d:a7:b7:a8:91:8b:26:0d:dc:13:cc: 429s 1a:9c:cc:10:42:b3:dc:35:2b:bd:34:96:28:35:15: 429s ef:ed:19:77:78:04:6d:4f:71:8c:a6:b6:24:49:d3: 429s fa:b3:a3:ba:33:e3:c6:72:5b 429s Exponent: 65537 (0x10001) 429s Attributes: 429s Requested Extensions: 429s X509v3 Basic Constraints: 429s CA:FALSE 429s Netscape Cert Type: 429s SSL Client, S/MIME 429s Netscape Comment: 429s Test Organization Intermediate CA trusted Certificate 429s X509v3 Subject Key Identifier: 429s A6:46:E8:4F:7A:46:FB:B8:CB:96:41:EA:13:C3:B7:59:C9:45:32:6E 429s X509v3 Key Usage: critical 429s Digital Signature, Non Repudiation, Key Encipherment 429s X509v3 Extended Key Usage: 429s TLS Web Client Authentication, E-mail Protection 429s X509v3 Subject Alternative Name: 429s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 429s Signature Algorithm: sha256WithRSAEncryption 429s Signature Value: 429s 2e:fe:f6:1c:74:58:6b:ef:5b:6f:ed:fa:b6:1e:91:ea:77:a8: 429s 74:83:fa:1a:b4:e5:58:e3:04:54:bb:db:2a:6b:37:8c:9a:5f: 429s fd:6b:dd:81:dd:85:35:90:1f:35:9e:84:1a:bc:c6:88:ba:a7: 429s 53:db:f8:f7:48:c0:a4:e5:1c:17:6e:6b:02:e2:a8:fe:b8:a7: 429s 15:48:9d:97:81:06:66:b4:bb:f6:70:34:c5:07:7f:8c:84:bb: 429s f5:3f:d9:a0:dc:6f:3e:d2:d8:65:ba:c3:13:38:b3:71:b0:1d: 429s 17:4d:15:b5:c5:ff:96:44:ba:41:45:92:74:79:92:4b:dd:e2: 429s a0:40 429s + openssl ca -passin pass:random-intermediate-CA-password-31668 -config /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001.pem 429s Using configuration from /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.config 429s Check that the request matches the signature 429s Signature ok 429s Certificate Details: 429s Serial Number: 4 (0x4) 429s Validity 429s Not Before: Apr 8 22:42:50 2024 GMT 429s Not After : Apr 8 22:42:50 2025 GMT 429s Subject: 429s organizationName = Test Organization 429s organizationalUnitName = Test Organization Unit 429s commonName = Test Organization Intermediate Trusted Certificate 0001 429s X509v3 extensions: 429s X509v3 Authority Key Identifier: 429s 65:4D:E2:ED:03:34:8F:BA:2B:C2:B6:12:33:C5:F3:C2:1B:DA:11:32 429s X509v3 Basic Constraints: 429s CA:FALSE 429s Netscape Cert Type: 429s SSL Client, S/MIME 429s Netscape Comment: 429s Test Organization Intermediate CA trusted Certificate 429s X509v3 Subject Key Identifier: 429s A6:46:E8:4F:7A:46:FB:B8:CB:96:41:EA:13:C3:B7:59:C9:45:32:6E 429s X509v3 Key Usage: critical 429s Digital Signature, Non Repudiation, Key Encipherment 429s X509v3 Extended Key Usage: 429s TLS Web Client Authentication, E-mail Protection 429s X509v3 Subject Alternative Name: 429s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 429s Certificate is to be certified until Apr 8 22:42:50 2025 GMT (365 days) 429s 429s Write out database with 1 new entries 429s Database updated 429s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001.pem 429s This certificate should not be trusted fully 429s + echo 'This certificate should not be trusted fully' 429s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001.pem 429s + local cmd=openssl 429s + shift 429s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001.pem 429s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 429s error 2 at 1 depth lookup: unable to get issuer certificate 429s error /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 429s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001.pem 429s /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001.pem: OK 429s + cat 429s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-14791 429s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-14791 1024 429s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-14791 -key /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 429s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 429s Certificate Request: 429s Data: 429s Version: 1 (0x0) 429s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 429s Subject Public Key Info: 429s Public Key Algorithm: rsaEncryption 429s Public-Key: (1024 bit) 429s Modulus: 429s 00:c0:f6:bf:07:c4:8a:37:2a:86:f3:59:37:c8:a6: 429s 07:9f:6a:26:71:9d:fa:94:c4:b5:13:c7:4e:c5:1d: 429s b5:19:8a:05:fc:e9:d0:1b:42:51:e1:16:1c:94:49: 429s 29:fe:9c:f8:42:f6:71:5c:26:a5:8a:01:63:1f:b7: 429s 31:1e:7e:b9:06:65:43:63:7c:6b:74:b4:a1:d6:02: 429s b0:b8:c6:84:2e:df:4a:9e:de:b9:d7:df:1c:31:42: 429s fd:71:e3:38:f9:e8:47:31:54:65:b6:84:3f:2d:77: 429s fe:58:1b:40:a1:6d:f9:37:ed:2b:da:44:cb:58:e7: 429s 9d:55:84:4a:96:37:69:85:c7 429s Exponent: 65537 (0x10001) 429s Attributes: 429s Requested Extensions: 429s X509v3 Basic Constraints: 429s CA:FALSE 429s Netscape Cert Type: 429s SSL Client, S/MIME 429s Netscape Comment: 429s Test Organization Sub Intermediate CA trusted Certificate 429s X509v3 Subject Key Identifier: 429s 62:C1:57:18:A8:FE:39:FD:A5:15:C2:48:17:0B:D9:E5:A3:1E:6A:BA 429s X509v3 Key Usage: critical 429s Digital Signature, Non Repudiation, Key Encipherment 429s X509v3 Extended Key Usage: 429s TLS Web Client Authentication, E-mail Protection 429s X509v3 Subject Alternative Name: 429s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 429s Signature Algorithm: sha256WithRSAEncryption 429s Signature Value: 429s ba:59:3d:75:3a:ba:61:12:70:b4:45:b7:d2:66:92:dd:ec:fd: 429s 20:ef:24:fe:c0:de:72:46:71:b8:d4:91:32:91:e4:71:43:83: 429s d0:c5:ac:8f:97:07:e8:1c:06:5e:29:1a:3b:10:72:9c:8a:18: 429s ea:3e:f3:ff:25:77:c8:82:ce:16:25:21:61:b1:1e:1e:9b:1d: 429s 2a:22:93:10:23:e7:53:32:85:a6:2e:bb:53:b8:30:6b:cd:11: 429s 02:25:0b:60:5e:33:af:f1:1d:43:1f:88:00:4a:6d:ab:09:d9: 429s 74:3d:15:ab:4a:69:3d:ba:ee:62:50:95:de:2d:85:2d:6a:68: 429s 3b:af 429s + openssl ca -passin pass:random-sub-intermediate-CA-password-17223 -config /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem 429s Using configuration from /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.config 429s Check that the request matches the signature 429s Signature ok 429s Certificate Details: 429s Serial Number: 5 (0x5) 429s Validity 429s Not Before: Apr 8 22:42:50 2024 GMT 429s Not After : Apr 8 22:42:50 2025 GMT 429s Subject: 429s organizationName = Test Organization 429s organizationalUnitName = Test Organization Unit 429s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 429s X509v3 extensions: 429s X509v3 Authority Key Identifier: 429s 5B:AB:EC:86:5B:4A:6B:89:24:82:5D:D6:33:AE:E7:74:7A:F7:A6:14 429s X509v3 Basic Constraints: 429s CA:FALSE 429s Netscape Cert Type: 429s SSL Client, S/MIME 429s Netscape Comment: 429s Test Organization Sub Intermediate CA trusted Certificate 429s X509v3 Subject Key Identifier: 429s 62:C1:57:18:A8:FE:39:FD:A5:15:C2:48:17:0B:D9:E5:A3:1E:6A:BA 429s X509v3 Key Usage: critical 429s Digital Signature, Non Repudiation, Key Encipherment 429s X509v3 Extended Key Usage: 429s TLS Web Client Authentication, E-mail Protection 429s X509v3 Subject Alternative Name: 429s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 429s Certificate is to be certified until Apr 8 22:42:50 2025 GMT (365 days) 429s 429s Write out database with 1 new entries 429s Database updated 429s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem 429s This certificate should not be trusted fully 429s + echo 'This certificate should not be trusted fully' 429s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem 429s + local cmd=openssl 429s + shift 429s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem 429s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 429s error 2 at 1 depth lookup: unable to get issuer certificate 429s error /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 429s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem 429s + local cmd=openssl 429s + shift 429s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem 429s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 429s error 20 at 0 depth lookup: unable to get local issuer certificate 429s error /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 429s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem 429s /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 429s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem 429s + local cmd=openssl 429s + shift 429s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem 429s O = TeBuilding a the full-chain CA file... 429s st Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 429s error 20 at 0 depth lookup: unable to get local issuer certificate 429s error /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 429s + echo 'Building a the full-chain CA file...' 429s + cat /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.pem 429s + cat /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem 429s + cat /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.pem 429s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-full-chain-CA.pem 429s + openssl pkcs7 -print_certs -noout 429s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem 429s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001.pem 429s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 429s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 429s 429s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 429s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 429s 429s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 429s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 429s 429s /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA.pem: OK 429s /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001.pem: OK 429s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001.pem 429s /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001.pem: OK 429s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-intermediate-chain-CA.pem 429s /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-intermediate-chain-CA.pem: OK 429s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-V8h4Wi/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem 429s + echo 'Certificates generation completed!' 429s /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 429s Certificates generation completed! 429s + [[ -v NO_SSSD_TESTS ]] 429s + [[ -v GENERATE_SMART_CARDS ]] 429s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-26822 429s + local certificate=/tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001.pem 429s + local key_pass=pass:random-root-ca-trusted-cert-0001-26822 429s + local key_cn 429s + local key_name 429s + local tokens_dir 429s + local output_cert_file 429s + token_name= 429s ++ basename /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001.pem .pem 429s + key_name=test-root-CA-trusted-certificate-0001 429s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001.pem 429s ++ sed -n 's/ *commonName *= //p' 429s + key_cn='Test Organization Root Trusted Certificate 0001' 429s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 429s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-root-CA-trusted-certificate-0001.conf 429s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-root-CA-trusted-certificate-0001.conf 429s ++ basename /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 429s + tokens_dir=/tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-root-CA-trusted-certificate-0001 429s + token_name='Test Organization Root Tr Token' 429s + '[' '!' -e /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 429s + local key_file 429s + local decrypted_key 429s + mkdir -p /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-root-CA-trusted-certificate-0001 429s + key_file=/tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001-key.pem 429s + decrypted_key=/tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001-key-decrypted.pem 429s + cat 429s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 123456 --so-pin 123456 --free 429s Slot 0 has a free/uninitialized token. 429s The token has been initialized and is reassigned to slot 1606141804 429s + softhsm2-util --show-slots 429s Available slots: 429s Slot 1606141804 429s Slot info: 429s Description: SoftHSM slot ID 0x5fbbc76c 429s Manufacturer ID: SoftHSM project 429s Hardware version: 2.6 429s Firmware version: 2.6 429s Token present: yes 429s Token info: 429s Manufacturer ID: SoftHSM project 429s Model: SoftHSM v2 429s Hardware version: 2.6 429s Firmware version: 2.6 429s Serial number: 5a7f7d21dfbbc76c 429s Initialized: yes 429s User PIN init.: yes 429s Label: Test Organization Root Tr Token 429s Slot 1 429s Slot info: 429s Description: SoftHSM slot ID 0x1 429s Manufacturer ID: SoftHSM project 429s Hardware version: 2.6 429s Firmware version: 2.6 429s Token present: yes 429s Token info: 429s Manufacturer ID: SoftHSM project 429s Model: SoftHSM v2 429s Hardware version: 2.6 429s Firmware version: 2.6 429s Serial number: 429s Initialized: no 429s User PIN init.: no 429s Label: 429s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 429s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-26822 -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001-key-decrypted.pem 429s writing RSA key 430s Object 0: 430s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5a7f7d21dfbbc76c;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 430s Type: X.509 Certificate (RSA-1024) 430s Expires: Tue Apr 8 22:42:50 2025 430s Label: Test Organization Root Trusted Certificate 0001 430s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 430s 430s Test Organization Root Tr Token 430s Slot 0 has a free/uninitialized token. 430s The token has been initialized and is reassigned to slot 1879734553 430s Available slots: 430s Slot 1879734553 430s Slot info: 430s Description: SoftHSM slot ID 0x700a7919 430s Manufacturer ID: SoftHSM project 430s Hardware version: 2.6 430s Firmware version: 2.6 430s Token present: yes 430s Token info: 430s Manufacturer ID: SoftHSM project 430s Model: SoftHSM v2 430s Hardware version: 2.6 430s Firmware version: 2.6 430s Serial number: 0bcb3ac6f00a7919 430s Initialized: yes 430s User PIN init.: yes 430s Label: Test Organization Interme Token 430s Slot 1 430s Slot info: 430s Description: SoftHSM slot ID 0x1 430s Manufacturer ID: SoftHSM project 430s Hardware version: 2.6 430s Firmware version: 2.6 430s Token present: yes 430s Token info: 430s Manufacturer ID: SoftHSM project 430s Model: SoftHSM v2 430s Hardware version: 2.6 430s Firmware version: 2.6 430s Serial number: 430s Initialized: no 430s User PIN init.: no 430s Label: 430s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 430s + rm /tmp/sssd-softhsm2-certs-V8h4Wi/test-root-CA-trusted-certificate-0001-key-decrypted.pem 430s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 430s + echo 'Test Organization Root Tr Token' 430s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-2551 430s + local certificate=/tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001.pem 430s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-2551 430s + local key_cn 430s + local key_name 430s + local tokens_dir 430s + local output_cert_file 430s + token_name= 430s ++ basename /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001.pem .pem 430s + key_name=test-intermediate-CA-trusted-certificate-0001 430s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001.pem 430s ++ sed -n 's/ *commonName *= //p' 430s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 430s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 430s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 430s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 430s ++ basename /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 430s + tokens_dir=/tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-intermediate-CA-trusted-certificate-0001 430s + token_name='Test Organization Interme Token' 430s + '[' '!' -e /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 430s + local key_file 430s + local decrypted_key 430s + mkdir -p /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-intermediate-CA-trusted-certificate-0001 430s + key_file=/tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001-key.pem 430s + decrypted_key=/tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 430s + cat 430s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 123456 --so-pin 123456 --free 430s + softhsm2-util --show-slots 430s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 430s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-2551 -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 430s writing RSA key 430s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 430s + rm /tmp/sssd-softhsm2-certs-V8h4Wi/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 430s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 430s Object 0: 430s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=0bcb3ac6f00a7919;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 430s Type: X.509 Certificate (RSA-1024) 430s Expires: Tue Apr 8 22:42:50 2025 430s Label: Test Organization Intermediate Trusted Certificate 0001 430s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 430s 430s + echo 'Test Organization Interme Token' 430s Test Organization Interme Token 430s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-14791 430s + local certificate=/tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem 430s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-14791 430s + local key_cn 430s + local key_name 430s + local tokens_dir 430s + local output_cert_file 430s + token_name= 430s ++ basename /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 430s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 430s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem 430s ++ sed -n 's/ *commonName *= //p' 430s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 430s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 430s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 430s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 430s ++ basename /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 430s + tokens_dir=/tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 430s + token_name='Test Organization Sub Int Token' 430s + '[' '!' -e /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 430s + local key_file 430s + local decrypted_key 430s + mkdir -p /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 430s + key_file=/tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 430s + decrypted_key=/tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 430s + cat 430s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 123456 --so-pin 123456 --free 430s Slot 0 has a free/uninitialized token. 430s The token has been initialized and is reassigned to slot 782684494 430s + softhsm2-util --show-slots 430s Available slots: 430s Slot 782684494 430s Slot info: 430s Description: SoftHSM slot ID 0x2ea6d14e 430s Manufacturer ID: SoftHSM project 430s Hardware version: 2.6 430s Firmware version: 2.6 430s Token present: yes 430s Token info: 430s Manufacturer ID: SoftHSM project 430s Model: SoftHSM v2 430s Hardware version: 2.6 430s Firmware version: 2.6 430s Serial number: 6b18fc5aaea6d14e 430s Initialized: yes 430s User PIN init.: yes 430s Label: Test Organization Sub Int Token 430s Slot 1 430s Slot info: 430s Description: SoftHSM slot ID 0x1 430s Manufacturer ID: SoftHSM project 430s Hardware version: 2.6 430s Firmware version: 2.6 430s Token present: yes 430s Token info: 430s Manufacturer ID: SoftHSM project 430s Model: SoftHSM v2 430s Hardware version: 2.6 430s Firmware version: 2.6 430s Serial number: 430s Initialized: no 430s User PIN init.: no 430s Label: 430s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 430s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-14791 -in /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 430s writing RSA key 430s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 430s + rm /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 430s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 430s Object 0: 430s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6b18fc5aaea6d14e;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 430s Type: X.509 Certificate (RSA-1024) 430s Expires: Tue Apr 8 22:42:50 2025 430s Label: Test Organization Sub Intermediate Trusted Certificate 0001 430s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 430s 430s + echo 'Test Organization Sub Int Token' 430s + echo 'Certificates generation completed!' 430s + exit 0 430s Test Organization Sub Int Token 430s Certificates generation completed! 430s + find /tmp/sssd-softhsm2-certs-V8h4Wi -type d -exec chmod 777 '{}' ';' 430s + find /tmp/sssd-softhsm2-certs-V8h4Wi -type f -exec chmod 666 '{}' ';' 430s + backup_file /etc/sssd/sssd.conf 430s + '[' -z '' ']' 430s ++ mktemp -d -t sssd-softhsm2-backups-XXXXXX 430s + backupsdir=/tmp/sssd-softhsm2-backups-M8IfWq 430s + '[' -e /etc/sssd/sssd.conf ']' 430s + delete_paths+=("$1") 430s + rm -f /etc/sssd/sssd.conf 430s ++ runuser -u ubuntu -- sh -c 'echo ~' 430s + user_home=/home/ubuntu 430s + mkdir -p /home/ubuntu 430s + chown ubuntu:ubuntu /home/ubuntu 430s ++ runuser -u ubuntu -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}' 430s + user_config=/home/ubuntu/.config 430s + system_config=/etc 430s + softhsm2_conf_paths=("${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf" "root:$system_config/softhsm/softhsm2.conf") 430s + for path_pair in "${softhsm2_conf_paths[@]}" 430s + IFS=: 430s + read -r -a path 430s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 430s + backup_file /home/ubuntu/.config/softhsm2/softhsm2.conf 430s + '[' -z /tmp/sssd-softhsm2-backups-M8IfWq ']' 430s + '[' -e /home/ubuntu/.config/softhsm2/softhsm2.conf ']' 430s + delete_paths+=("$1") 430s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 430s + for path_pair in "${softhsm2_conf_paths[@]}" 430s + IFS=: 430s + read -r -a path 430s + path=/etc/softhsm/softhsm2.conf 430s + backup_file /etc/softhsm/softhsm2.conf 430s + '[' -z /tmp/sssd-softhsm2-backups-M8IfWq ']' 430s + '[' -e /etc/softhsm/softhsm2.conf ']' 430s ++ dirname /etc/softhsm/softhsm2.conf 430s + local back_dir=/tmp/sssd-softhsm2-backups-M8IfWq//etc/softhsm 430s ++ basename /etc/softhsm/softhsm2.conf 430s + local back_path=/tmp/sssd-softhsm2-backups-M8IfWq//etc/softhsm/softhsm2.conf 430s + '[' '!' -e /tmp/sssd-softhsm2-backups-M8IfWq//etc/softhsm/softhsm2.conf ']' 430s + mkdir -p /tmp/sssd-softhsm2-backups-M8IfWq//etc/softhsm 430s + cp -a /etc/softhsm/softhsm2.conf /tmp/sssd-softhsm2-backups-M8IfWq//etc/softhsm/softhsm2.conf 430s + restore_paths+=("$back_path") 430s + rm -f /etc/softhsm/softhsm2.conf 430s + test_authentication login /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-root-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-V8h4Wi/test-full-chain-CA.pem 430s + pam_service=login 430s + certificate_config=/tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-root-CA-trusted-certificate-0001.conf 430s + ca_db=/tmp/sssd-softhsm2-certs-V8h4Wi/test-full-chain-CA.pem 430s + verification_options= 430s + mkdir -p -m 700 /etc/sssd 430s Using CA DB '/tmp/sssd-softhsm2-certs-V8h4Wi/test-full-chain-CA.pem' with verification options: '' 430s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-V8h4Wi/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 430s + cat 430s + chmod 600 /etc/sssd/sssd.conf 430s + for path_pair in "${softhsm2_conf_paths[@]}" 430s + IFS=: 430s + read -r -a path 430s + user=ubuntu 430s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 430s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 430s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 430s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-root-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 430s + runuser -u ubuntu -- softhsm2-util --show-slots 430s + grep 'Test Organization' 430s Label: Test Organization Root Tr Token 430s + for path_pair in "${softhsm2_conf_paths[@]}" 430s + IFS=: 430s + read -r -a path 430s + user=root 430s + path=/etc/softhsm/softhsm2.conf 430s ++ dirname /etc/softhsm/softhsm2.conf 430s + runuser -u root -- mkdir -p /etc/softhsm 430s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-root-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 430s + runuser -u root -- softhsm2-util --show-slots 430s + grep 'Test Organization' 430s Label: Test Organization Root Tr Token 430s + systemctl restart sssd 430s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 430s + for alternative in "${alternative_pam_configs[@]}" 430s + pam-auth-update --enable sss-smart-card-optional 430s + cat /etc/pam.d/common-auth 430s # 430s # /etc/pam.d/common-auth - authentication settings common to all services 430s # 430s # This file is included from other service-specific PAM config files, 430s # and should contain a list of the authentication modules that define 430s # the central authentication scheme for use on the system 430s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 430s # traditional Unix authentication mechanisms. 430s # 430s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 430s # To take advantage of this, it is recommended that you configure any 430s # local modules either before or after the default block, and use 430s # pam-auth-update to manage selection of other modules. See 430s # pam-auth-update(8) for details. 430s 430s # here are the per-package modules (the "Primary" block) 430s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 430s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 430s auth [success=1 default=ignore] pam_sss.so use_first_pass 430s # here's the fallback if no module succeeds 430s auth requisite pam_deny.so 430s # prime the stack with a positive return value if there isn't one already; 430s # this avoids us returning an error just because nothing sets a success code 430s # since the modules above will each just jump around 430s auth required pam_permit.so 430s # and here are more per-package modules (the "Additional" block) 430s auth optional pam_cap.so 430s # end of pam-auth-update config 430s + echo -n -e 123456 430s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 431s pamtester: invoking pam_start(login, ubuntu, ...) 431s pamtester: performing operation - authenticate 431s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 431s + echo -n -e 123456 431s + runuser -u ubuntu -- pamtester -v login '' authenticate 431s pamtester: invoking pam_start(login, , ...) 431s pamtester: performing operation - authenticate 431s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 431s + echo -n -e wrong123456 431s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 431s pamtester: invoking pam_start(login, ubuntu, ...) 431s pamtester: performing operation - authenticate 434s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 434s + echo -n -e wrong123456 434s + runuser -u ubuntu -- pamtester -v login '' authenticate 434s pamtester: invoking pam_start(login, , ...) 434s pamtester: performing operation - authenticate 437s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 437s + echo -n -e 123456 437s + pamtester -v login root authenticate 437s pamtester: invoking pam_start(login, root, ...) 437s pamtester: performing operation - authenticate 441s Password: pamtester: Authentication failure 441s + for alternative in "${alternative_pam_configs[@]}" 441s + pam-auth-update --enable sss-smart-card-required 441s PAM configuration 441s ----------------- 441s 441s Incompatible PAM profiles selected. 441s 441s The following PAM profiles cannot be used together: 441s 441s SSS required smart card authentication, SSS optional smart card 441s authentication 441s 441s Please select a different set of modules to enable. 441s 441s + cat /etc/pam.d/common-auth 441s # 441s # /etc/pam.d/common-auth - authentication settings common to all services 441s # 441s # This file is included from other service-specific PAM config files, 441s # and should contain a list of the authentication modules that define 441s # the central authentication scheme for use on the system 441s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 441s # traditional Unix authentication mechanisms. 441s # 441s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 441s # To take advantage of this, it is recommended that you configure any 441s # local modules either before or after the default block, and use 441s # pam-auth-update to manage selection of other modules. See 441s # pam-auth-update(8) for details. 441s 441s # here are the per-package modules (the "Primary" block) 441s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 441s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 441s auth [success=1 default=ignore] pam_sss.so use_first_pass 441s # here's the fallback if no module succeeds 441s auth requisite pam_deny.so 441s # prime the stack with a positive return value if there isn't one already; 441s # this avoids us returning an error just because nothing sets a success code 441s # since the modules above will each just jump around 441s auth required pam_permit.so 441s # and here are more per-package modules (the "Additional" block) 441s auth optional pam_cap.so 441s # end of pam-auth-update config 441s + echo -n -e 123456 441s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 441s pamtester: invoking pam_start(login, ubuntu, ...) 441s pamtester: performing operation - authenticate 441s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 441s + echo -n -e 123456 441s + runuser -u ubuntu -- pamtester -v login '' authenticate 441s pamtester: invoking pam_start(login, , ...) 441s pamtester: performing operation - authenticate 441s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 441s + echo -n -e wrong123456 441s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 441s pamtester: invoking pam_start(login, ubuntu, ...) 441s pamtester: performing operation - authenticate 444s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 444s + echo -n -e wrong123456 444s + runuser -u ubuntu -- pamtester -v login '' authenticate 444s pamtester: invoking pam_start(login, , ...) 444s pamtester: performing operation - authenticate 447s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 447s + echo -n -e 123456 447s + pamtester -v login root authenticate 447s pamtester: invoking pam_start(login, root, ...) 447s pamtester: performing operation - authenticate 451s pamtester: Authentication service cannot retrieve authentication info 451s + test_authentication login /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-V8h4Wi/test-full-chain-CA.pem 451s + pam_service=login 451s + certificate_config=/tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 451s + ca_db=/tmp/sssd-softhsm2-certs-V8h4Wi/test-full-chain-CA.pem 451s + verification_options= 451s + mkdir -p -m 700 /etc/sssd 451s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-V8h4Wi/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 451s Using CA DB '/tmp/sssd-softhsm2-certs-V8h4Wi/test-full-chain-CA.pem' with verification options: '' 451s + cat 451s + chmod 600 /etc/sssd/sssd.conf 451s Label: Test Organization Sub Int Token 451s Label: Test Organization Sub Int Token 451s + for path_pair in "${softhsm2_conf_paths[@]}" 451s + IFS=: 451s + read -r -a path 451s + user=ubuntu 451s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 451s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 451s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 451s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 451s + runuser -u ubuntu -- softhsm2-util --show-slots 451s + grep 'Test Organization' 451s + for path_pair in "${softhsm2_conf_paths[@]}" 451s + IFS=: 451s + read -r -a path 451s + user=root 451s + path=/etc/softhsm/softhsm2.conf 451s ++ dirname /etc/softhsm/softhsm2.conf 451s + runuser -u root -- mkdir -p /etc/softhsm 451s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 451s + runuser -u root -- softhsm2-util --show-slots 451s + grep 'Test Organization' 451s + systemctl restart sssd 451s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 451s + for alternative in "${alternative_pam_configs[@]}" 451s + pam-auth-update --enable sss-smart-card-optional 452s + cat /etc/pam.d/common-auth 452s # 452s # /etc/pam.d/common-auth - authentication settings common to all services 452s # 452s # This file is included from other service-specific PAM config files, 452s # and should contain a list of the authentication modules that define 452s # the central authentication scheme for use on the system 452s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 452s # traditional Unix authentication mechanisms. 452s # 452s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 452s # To take advantage of this, it is recommended that you configure any 452s # local modules either before or after the default block, and use 452s # pam-auth-update to manage selection of other modules. See 452s # pam-auth-update(8) for details. 452s 452s # here are the per-package modules (the "Primary" block) 452s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 452s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 452s auth [success=1 default=ignore] pam_sss.so use_first_pass 452s # here's the fallback if no module succeeds 452s auth requisite pam_deny.so 452s # prime the stack with a positive return value if there isn't one already; 452s # this avoids us returning an error just because nothing sets a success code 452s # since the modules above will each just jump around 452s auth required pam_permit.so 452s # and here are more per-package modules (the "Additional" block) 452s auth optional pam_cap.so 452s # end of pam-auth-update config 452s + echo -n -e 123456 452s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 452s pamtester: invoking pam_start(login, ubuntu, ...) 452s pamtester: performing operation - authenticate 452s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 452s + echo -n -e 123456 452s + runuser -u ubuntu -- pamtester -v login '' authenticate 452s pamtester: invoking pam_start(login, , ...) 452s pamtester: performing operation - authenticate 452s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 452s + echo -n -e wrong123456 452s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 452s pamtester: invoking pam_start(login, ubuntu, ...) 452s pamtester: performing operation - authenticate 455s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 455s + echo -n -e wrong123456 455s + runuser -u ubuntu -- pamtester -v login '' authenticate 455s pamtester: invoking pam_start(login, , ...) 455s pamtester: performing operation - authenticate 458s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 458s + echo -n -e 123456 458s + pamtester -v login root authenticate 458s pamtester: invoking pam_start(login, root, ...) 458s pamtester: performing operation - authenticate 462s Password: pamtester: Authentication failure 462s + for alternative in "${alternative_pam_configs[@]}" 462s + pam-auth-update --enable sss-smart-card-required 462s PAM configuration 462s ----------------- 462s 462s Incompatible PAM profiles selected. 462s 462s The following PAM profiles cannot be used together: 462s 462s SSS required smart card authentication, SSS optional smart card 462s authentication 462s 462s Please select a different set of modules to enable. 462s 462s # 462s # /etc/pam.d/common-auth - authentication settings common to all services 462s # 462s # This file is included from other service-specific PAM config files, 462s # and should contain a list of the authentication modules that define 462s # the central authentication scheme for use on the system 462s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 462s # traditional Unix authentication mechanisms. 462s # 462s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 462s # To take advantage of this, it is recommended that you configure any 462s # local modules either before or after the default block, and use 462s # pam-auth-update to manage selection of other modules. See 462s # pam-auth-update(8) for details. 462s 462s # here are the per-package modules (the "Primary" block) 462s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 462s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 462s auth [success=1 default=ignore] pam_sss.so use_first_pass 462s # here's the fallback if no module succeeds 462s auth requisite pam_deny.so 462s # prime the stack with a positive return value if there isn't one already; 462s # this avoids us returning an error just because nothing sets a success code 462s # since the modules above will each just jump around 462s auth required pam_permit.so 462s # and here are more per-package modules (the "Additional" block) 462s auth optional pam_cap.so 462s # end of pam-auth-update config 462s + cat /etc/pam.d/common-auth 462s + echo -n -e 123456 462s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 462s pamtester: invoking pam_start(login, ubuntu, ...) 462s pamtester: performing operation - authenticate 462s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 462s + echo -n -e 123456 462s + runuser -u ubuntu -- pamtester -v login '' authenticate 462s pamtester: invoking pam_start(login, , ...) 462s pamtester: performing operation - authenticate 462s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 462s + echo -n -e wrong123456 462s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 462s pamtester: invoking pam_start(login, ubuntu, ...) 462s pamtester: performing operation - authenticate 464s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 464s + echo -n -e wrong123456 464s + runuser -u ubuntu -- pamtester -v login '' authenticate 464s pamtester: invoking pam_start(login, , ...) 464s pamtester: performing operation - authenticate 468s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 468s + echo -n -e 123456 468s + pamtester -v login root authenticate 468s pamtester: invoking pam_start(login, root, ...) 468s pamtester: performing operation - authenticate 471s pamtester: Authentication service cannot retrieve authentication info 471s + test_authentication login /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.pem partial_chain 471s + pam_service=login 471s + certificate_config=/tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 471s + ca_db=/tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.pem 471s + verification_options=partial_chain 471s + mkdir -p -m 700 /etc/sssd 471s Using CA DB '/tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.pem' with verification options: 'partial_chain' 471s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-V8h4Wi/test-sub-intermediate-CA.pem'\'' with verification options: '\''partial_chain'\''' 471s + cat 471s + chmod 600 /etc/sssd/sssd.conf 471s + for path_pair in "${softhsm2_conf_paths[@]}" 471s + IFS=: 471s + read -r -a path 471s + user=ubuntu 471s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 471s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 471s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 471s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 471s + runuser -u ubuntu -- softhsm2-util --show-slots 471s + grep 'Test Organization' 471s + for path_pair in "${softhsm2_conf_paths[@]}" 471s + IFS=: 471s + read -r -a path 471s + user=root 471s + path=/etc/softhsm/softhsm2.conf 471s ++ dirname /etc/softhsm/softhsm2.conf 471s + runuser -u root -- mkdir -p /etc/softhsm 471s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-V8h4Wi/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 471s + runuser -u root -- softhsm2-util --show-slots 471s + grep 'Test Organization' 471s + systemctl restart sssd 471s Label: Test Organization Sub Int Token 471s Label: Test Organization Sub Int Token 472s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 472s + for alternative in "${alternative_pam_configs[@]}" 472s + pam-auth-update --enable sss-smart-card-optional 472s + cat /etc/pam.d/common-auth 472s # 472s # /etc/pam.d/common-auth - authentication settings common to all services 472s # 472s # This file is included from other service-specific PAM config files, 472s # and should contain a list of the authentication modules that define 472s # the central authentication scheme for use on the system 472s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 472s # traditional Unix authentication mechanisms. 472s # 472s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 472s # To take advantage of this, it is recommended that you configure any 472s # local modules either before or after the default block, and use 472s # pam-auth-update to manage selection of other modules. See 472s # pam-auth-update(8) for details. 472s 472s # here are the per-package modules (the "Primary" block) 472s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 472s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 472s auth [success=1 default=ignore] pam_sss.so use_first_pass 472s # here's the fallback if no module succeeds 472s auth requisite pam_deny.so 472s # prime the stack with a positive return value if there isn't one already; 472s # this avoids us returning an error just because nothing sets a success code 472s # since the modules above will each just jump around 472s auth required pam_permit.so 472s # and here are more per-package modules (the "Additional" block) 472s auth optional pam_cap.so 472s # end of pam-auth-update config 472s + echo -n -e 123456 472s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 472s pamtester: invoking pam_start(login, ubuntu, ...) 472s pamtester: performing operation - authenticate 472s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 472s + echo -n -e 123456 472s + runuser -u ubuntu -- pamtester -v login '' authenticate 472s pamtester: invoking pam_start(login, , ...) 472s pamtester: performing operation - authenticate 472s PIN for Test Organization Sub Int Token: + echo -n -e wrong123456 472s pamtester: successfully authenticated 472s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 472s pamtester: invoking pam_start(login, ubuntu, ...) 472s pamtester: performing operation - authenticate 475s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 475s + echo -n -e wrong123456 475s + runuser -u ubuntu -- pamtester -v login '' authenticate 475s pamtester: invoking pam_start(login, , ...) 475s pamtester: performing operation - authenticate 478s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 478s + echo -n -e 123456 478s + pamtester -v login root authenticate 478s pamtester: invoking pam_start(login, root, ...) 478s pamtester: performing operation - authenticate 481s Password: pamtester: Authentication failure 481s + for alternative in "${alternative_pam_configs[@]}" 481s + pam-auth-update --enable sss-smart-card-required 481s PAM configuration 481s ----------------- 481s 481s Incompatible PAM profiles selected. 481s 481s The following PAM profiles cannot be used together: 481s 481s SSS required smart card authentication, SSS optional smart card 481s authentication 481s 481s Please select a different set of modules to enable. 481s 481s + cat /etc/pam.d/common-auth 481s + echo -n -e 123456 481s # 481s # /etc/pam.d/common-auth - authentication settings common to all services 481s # 481s # This file is included from other service-specific PAM config files, 481s # and should contain a list of the authentication modules that define 481s # the central authentication scheme for use on the system 481s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 481s # traditional Unix authentication mechanisms. 481s # 481s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 481s # To take advantage of this, it is recommended that you configure any 481s # local modules either before or after the default block, and use 481s # pam-auth-update to manage selection of other modules. See 481s # pam-auth-update(8) for details. 481s 481s # here are the per-package modules (the "Primary" block) 481s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 481s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 481s auth [success=1 default=ignore] pam_sss.so use_first_pass 481s # here's the fallback if no module succeeds 481s auth requisite pam_deny.so 481s # prime the stack with a positive return value if there isn't one already; 481s # this avoids us returning an error just because nothing sets a success code 481s # since the modules above will each just jump around 481s auth required pam_permit.so 481s # and here are more per-package modules (the "Additional" block) 481s auth optional pam_cap.so 481s # end of pam-auth-update config 481s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 481s pamtester: invoking pam_start(login, ubuntu, ...) 481s pamtester: performing operation - authenticate 481s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 481s + runuser -u ubuntu -- pamtester -v login '' authenticate 481s + echo -n -e 123456 481s pamtester: invoking pam_start(login, , ...) 481s pamtester: performing operation - authenticate 481s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 481s + echo -n -e wrong123456 481s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 481s pamtester: invoking pam_start(login, ubuntu, ...) 481s pamtester: performing operation - authenticate 484s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 484s + echo -n -e wrong123456 484s + runuser -u ubuntu -- pamtester -v login '' authenticate 484s pamtester: invoking pam_start(login, , ...) 484s pamtester: performing operation - authenticate 487s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 487s + echo -n -e 123456 487s + pamtester -v login root authenticate 487s pamtester: invoking pam_start(login, root, ...) 487s pamtester: performing operation - authenticate 490s pamtester: Authentication service cannot retrieve authentication info 490s + handle_exit 490s + exit_code=0 490s + restore_changes 490s + for path in "${restore_paths[@]}" 490s + local original_path 490s ++ realpath --strip --relative-base=/tmp/sssd-softhsm2-backups-M8IfWq /tmp/sssd-softhsm2-backups-M8IfWq//etc/softhsm/softhsm2.conf 490s + original_path=/etc/softhsm/softhsm2.conf 490s + rm /etc/softhsm/softhsm2.conf 490s + mv /tmp/sssd-softhsm2-backups-M8IfWq//etc/softhsm/softhsm2.conf /etc/softhsm/softhsm2.conf 490s + for path in "${delete_paths[@]}" 490s + rm -f /etc/sssd/sssd.conf 490s + for path in "${delete_paths[@]}" 490s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 490s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 490s + '[' -e /etc/sssd/sssd.conf ']' 490s + systemctl stop sssd 490s + '[' -e /etc/softhsm/softhsm2.conf ']' 490s + chmod 600 /etc/softhsm/softhsm2.conf 490s + rm -rf /tmp/sssd-softhsm2-certs-V8h4Wi 490s + '[' 0 = 0 ']' 490s + rm -rf /tmp/sssd-softhsm2-backups-M8IfWq 490s Script completed successfully! 490s + set +x 490s autopkgtest [22:43:51]: test sssd-smart-card-pam-auth-configs: -----------------------] 491s autopkgtest [22:43:52]: test sssd-smart-card-pam-auth-configs: - - - - - - - - - - results - - - - - - - - - - 491s sssd-smart-card-pam-auth-configs PASS 491s autopkgtest [22:43:52]: @@@@@@@@@@@@@@@@@@@@ summary 491s ldap-user-group-ldap-auth PASS 491s ldap-user-group-krb5-auth PASS 491s sssd-softhism2-certificates-tests.sh PASS 491s sssd-smart-card-pam-auth-configs PASS 522s Creating nova instance adt-noble-s390x-sssd-20240408-223541-juju-7f2275-prod-proposed-migration-environment-3-d3ba21b6-d556-4eb2-95fc-e57df7741616 from image adt/ubuntu-noble-s390x-server-20240408.img (UUID ba451603-1cf6-4234-8732-73f1ede19770)... 522s Creating nova instance adt-noble-s390x-sssd-20240408-223541-juju-7f2275-prod-proposed-migration-environment-3-d3ba21b6-d556-4eb2-95fc-e57df7741616 from image adt/ubuntu-noble-s390x-server-20240408.img (UUID ba451603-1cf6-4234-8732-73f1ede19770)...