0s autopkgtest [20:24:19]: starting date and time: 2024-11-15 20:24:19+0000 0s autopkgtest [20:24:19]: git checkout: 6f3be7a8 Fix armhf LXD image generation for plucky 0s autopkgtest [20:24:19]: host juju-7f2275-prod-proposed-migration-environment-15; command line: /home/ubuntu/autopkgtest/runner/autopkgtest --output-dir /tmp/autopkgtest-work.pwb13aey/out --timeout-copy=6000 --setup-commands /home/ubuntu/autopkgtest-cloud/worker-config-production/setup-canonical.sh --apt-pocket=proposed=src:systemd,src:openssh --apt-upgrade sssd --timeout-short=300 --timeout-copy=20000 --timeout-build=20000 '--env=ADT_TEST_TRIGGERS=systemd/255.4-1ubuntu8.5 openssh/1:9.6p1-3ubuntu13.7' -- ssh -s /home/ubuntu/autopkgtest/ssh-setup/nova -- --flavor autopkgtest-s390x --security-groups autopkgtest-juju-7f2275-prod-proposed-migration-environment-15@bos03-s390x-14.secgroup --name adt-noble-s390x-sssd-20241115-202419-juju-7f2275-prod-proposed-migration-environment-15-7c918832-6026-4bbd-8ddb-30b1e105869d --image adt/ubuntu-noble-s390x-server --keyname testbed-juju-7f2275-prod-proposed-migration-environment-15 --net-id=net_prod-proposed-migration-s390x -e TERM=linux -e ''"'"'http_proxy=http://squid.internal:3128'"'"'' -e ''"'"'https_proxy=http://squid.internal:3128'"'"'' -e ''"'"'no_proxy=127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,keyserver.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com'"'"'' --mirror=http://ftpmaster.internal/ubuntu/ 111s autopkgtest [20:26:10]: testbed dpkg architecture: s390x 111s autopkgtest [20:26:10]: testbed apt version: 2.7.14build2 111s autopkgtest [20:26:10]: @@@@@@@@@@@@@@@@@@@@ test bed setup 112s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [265 kB] 112s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [3240 B] 112s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [78.5 kB] 112s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [88.3 kB] 112s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main s390x Packages [155 kB] 113s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main s390x c-n-f Metadata [3744 B] 113s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/restricted s390x Packages [1176 B] 113s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted s390x c-n-f Metadata [116 B] 113s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x Packages [462 kB] 113s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x c-n-f Metadata [5504 B] 113s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/multiverse s390x c-n-f Metadata [116 B] 115s Fetched 1063 kB in 1s (1452 kB/s) 115s Reading package lists... 117s Reading package lists... 117s Building dependency tree... 117s Reading state information... 117s Calculating upgrade... 117s The following packages will be upgraded: 117s libnss-systemd libpam-systemd libsystemd-shared libsystemd0 libudev1 117s openssh-client openssh-server openssh-sftp-server systemd systemd-dev 117s systemd-resolved systemd-sysv systemd-timesyncd udev 117s 14 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 117s Need to get 10.5 MB of archives. 117s After this operation, 11.3 kB disk space will be freed. 117s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libnss-systemd s390x 255.4-1ubuntu8.5 [165 kB] 118s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main s390x systemd-dev all 255.4-1ubuntu8.5 [104 kB] 118s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main s390x systemd-timesyncd s390x 255.4-1ubuntu8.5 [35.1 kB] 118s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main s390x systemd-resolved s390x 255.4-1ubuntu8.5 [302 kB] 118s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libsystemd-shared s390x 255.4-1ubuntu8.5 [2123 kB] 118s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libsystemd0 s390x 255.4-1ubuntu8.5 [442 kB] 118s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main s390x systemd-sysv s390x 255.4-1ubuntu8.5 [11.9 kB] 118s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libpam-systemd s390x 255.4-1ubuntu8.5 [241 kB] 118s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/main s390x systemd s390x 255.4-1ubuntu8.5 [3531 kB] 118s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/main s390x udev s390x 255.4-1ubuntu8.5 [1883 kB] 118s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libudev1 s390x 255.4-1ubuntu8.5 [179 kB] 118s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/main s390x openssh-sftp-server s390x 1:9.6p1-3ubuntu13.7 [38.6 kB] 118s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/main s390x openssh-server s390x 1:9.6p1-3ubuntu13.7 [526 kB] 118s Get:14 http://ftpmaster.internal/ubuntu noble-proposed/main s390x openssh-client s390x 1:9.6p1-3ubuntu13.7 [931 kB] 118s Preconfiguring packages ... 118s Fetched 10.5 MB in 1s (12.8 MB/s) 118s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54283 files and directories currently installed.) 118s Preparing to unpack .../0-libnss-systemd_255.4-1ubuntu8.5_s390x.deb ... 118s Unpacking libnss-systemd:s390x (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 118s Preparing to unpack .../1-systemd-dev_255.4-1ubuntu8.5_all.deb ... 118s Unpacking systemd-dev (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 118s Preparing to unpack .../2-systemd-timesyncd_255.4-1ubuntu8.5_s390x.deb ... 118s Unpacking systemd-timesyncd (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 118s Preparing to unpack .../3-systemd-resolved_255.4-1ubuntu8.5_s390x.deb ... 118s Unpacking systemd-resolved (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 119s Preparing to unpack .../4-libsystemd-shared_255.4-1ubuntu8.5_s390x.deb ... 119s Unpacking libsystemd-shared:s390x (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 119s Preparing to unpack .../5-libsystemd0_255.4-1ubuntu8.5_s390x.deb ... 119s Unpacking libsystemd0:s390x (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 119s Setting up libsystemd0:s390x (255.4-1ubuntu8.5) ... 119s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54283 files and directories currently installed.) 119s Preparing to unpack .../systemd-sysv_255.4-1ubuntu8.5_s390x.deb ... 119s Unpacking systemd-sysv (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 119s Preparing to unpack .../libpam-systemd_255.4-1ubuntu8.5_s390x.deb ... 119s Unpacking libpam-systemd:s390x (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 119s Preparing to unpack .../systemd_255.4-1ubuntu8.5_s390x.deb ... 119s Unpacking systemd (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 119s Preparing to unpack .../udev_255.4-1ubuntu8.5_s390x.deb ... 119s Unpacking udev (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 119s Preparing to unpack .../libudev1_255.4-1ubuntu8.5_s390x.deb ... 119s Unpacking libudev1:s390x (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 119s Setting up libudev1:s390x (255.4-1ubuntu8.5) ... 119s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54283 files and directories currently installed.) 119s Preparing to unpack .../openssh-sftp-server_1%3a9.6p1-3ubuntu13.7_s390x.deb ... 119s Unpacking openssh-sftp-server (1:9.6p1-3ubuntu13.7) over (1:9.6p1-3ubuntu13.5) ... 119s Preparing to unpack .../openssh-server_1%3a9.6p1-3ubuntu13.7_s390x.deb ... 119s Unpacking openssh-server (1:9.6p1-3ubuntu13.7) over (1:9.6p1-3ubuntu13.5) ... 119s Preparing to unpack .../openssh-client_1%3a9.6p1-3ubuntu13.7_s390x.deb ... 119s Unpacking openssh-client (1:9.6p1-3ubuntu13.7) over (1:9.6p1-3ubuntu13.5) ... 119s Setting up openssh-client (1:9.6p1-3ubuntu13.7) ... 119s Setting up systemd-dev (255.4-1ubuntu8.5) ... 119s Setting up libsystemd-shared:s390x (255.4-1ubuntu8.5) ... 119s Setting up openssh-sftp-server (1:9.6p1-3ubuntu13.7) ... 119s Setting up openssh-server (1:9.6p1-3ubuntu13.7) ... 119s Replacing config file /etc/ssh/sshd_config with new version 120s Setting up systemd (255.4-1ubuntu8.5) ... 121s Setting up systemd-timesyncd (255.4-1ubuntu8.5) ... 121s Setting up udev (255.4-1ubuntu8.5) ... 121s Setting up systemd-resolved (255.4-1ubuntu8.5) ... 122s Setting up systemd-sysv (255.4-1ubuntu8.5) ... 122s Setting up libnss-systemd:s390x (255.4-1ubuntu8.5) ... 122s Setting up libpam-systemd:s390x (255.4-1ubuntu8.5) ... 122s Processing triggers for libc-bin (2.39-0ubuntu8.3) ... 122s Processing triggers for ufw (0.36.2-6) ... 122s Processing triggers for man-db (2.12.0-4build2) ... 122s Processing triggers for dbus (1.14.10-4ubuntu4.1) ... 122s Processing triggers for initramfs-tools (0.142ubuntu25.4) ... 122s update-initramfs: Generating /boot/initrd.img-6.8.0-48-generic 122s W: No lz4 in /usr/bin:/sbin:/bin, using gzip 124s Using config file '/etc/zipl.conf' 124s Building bootmap in '/boot' 124s Adding IPL section 'ubuntu' (default) 124s Preparing boot device for LD-IPL: vda (0000). 124s Done. 124s Reading package lists... 124s Building dependency tree... 124s Reading state information... 124s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 125s Hit:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease 125s Hit:2 http://ftpmaster.internal/ubuntu noble InRelease 125s Hit:3 http://ftpmaster.internal/ubuntu noble-updates InRelease 125s Hit:4 http://ftpmaster.internal/ubuntu noble-security InRelease 126s Reading package lists... 126s Reading package lists... 126s Building dependency tree... 126s Reading state information... 126s Calculating upgrade... 126s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 126s Reading package lists... 126s Building dependency tree... 126s Reading state information... 126s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 126s autopkgtest [20:26:25]: rebooting testbed after setup commands that affected boot 130s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 146s autopkgtest [20:26:45]: testbed running kernel: Linux 6.8.0-48-generic #48-Ubuntu SMP Fri Sep 27 13:02:00 UTC 2024 148s autopkgtest [20:26:47]: @@@@@@@@@@@@@@@@@@@@ apt-source sssd 161s Get:1 http://ftpmaster.internal/ubuntu noble-updates/main sssd 2.9.4-1.1ubuntu6.1 (dsc) [5064 B] 161s Get:2 http://ftpmaster.internal/ubuntu noble-updates/main sssd 2.9.4-1.1ubuntu6.1 (tar) [7983 kB] 161s Get:3 http://ftpmaster.internal/ubuntu noble-updates/main sssd 2.9.4-1.1ubuntu6.1 (diff) [51.3 kB] 161s gpgv: Signature made Mon Jun 10 14:26:32 2024 UTC 161s gpgv: using RSA key 50C4A0DDCF31E452CEB19B516569D855A744BE93 161s gpgv: Can't check signature: No public key 161s dpkg-source: warning: cannot verify inline signature for ./sssd_2.9.4-1.1ubuntu6.1.dsc: no acceptable signature found 161s autopkgtest [20:27:00]: testing package sssd version 2.9.4-1.1ubuntu6.1 162s autopkgtest [20:27:01]: build not needed 164s autopkgtest [20:27:03]: test ldap-user-group-ldap-auth: preparing testbed 166s Reading package lists... 166s Building dependency tree... 166s Reading state information... 167s Starting pkgProblemResolver with broken count: 0 167s Starting 2 pkgProblemResolver with broken count: 0 167s Done 167s The following additional packages will be installed: 167s expect ldap-utils libavahi-client3 libavahi-common-data libavahi-common3 167s libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 libdhash1t64 167s libevent-2.1-7t64 libini-config5t64 libipa-hbac-dev libipa-hbac0t64 libjose0 167s libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo libodbc2 167s libpam-pwquality libpam-sss libpath-utils1t64 libpwquality-common 167s libpwquality1 libref-array1t64 libsmbclient0 libsss-certmap-dev 167s libsss-certmap0 libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev 167s libsss-nss-idmap0 libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0t64 167s libverto-libevent1t64 libverto1t64 libwbclient0 python3-libipa-hbac 167s python3-libsss-nss-idmap python3-sss samba-libs slapd sssd sssd-ad 167s sssd-ad-common sssd-common sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 167s sssd-krb5-common sssd-ldap sssd-passkey sssd-proxy sssd-tools tcl-expect 167s tcl8.6 167s Suggested packages: 167s tk8.6 libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal 167s odbc-postgresql tdsodbc adcli libsasl2-modules-ldap tcl-tclreadline 167s Recommended packages: 167s cracklib-runtime libsasl2-modules-gssapi-mit 167s | libsasl2-modules-gssapi-heimdal 167s The following NEW packages will be installed: 167s autopkgtest-satdep expect ldap-utils libavahi-client3 libavahi-common-data 167s libavahi-common3 libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 167s libdhash1t64 libevent-2.1-7t64 libini-config5t64 libipa-hbac-dev 167s libipa-hbac0t64 libjose0 libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss 167s libnss-sudo libodbc2 libpam-pwquality libpam-sss libpath-utils1t64 167s libpwquality-common libpwquality1 libref-array1t64 libsmbclient0 167s libsss-certmap-dev libsss-certmap0 libsss-idmap-dev libsss-idmap0 167s libsss-nss-idmap-dev libsss-nss-idmap0 libsss-sudo libtalloc2 libtcl8.6 167s libtdb1 libtevent0t64 libverto-libevent1t64 libverto1t64 libwbclient0 167s python3-libipa-hbac python3-libsss-nss-idmap python3-sss samba-libs slapd 167s sssd sssd-ad sssd-ad-common sssd-common sssd-dbus sssd-idp sssd-ipa sssd-kcm 167s sssd-krb5 sssd-krb5-common sssd-ldap sssd-passkey sssd-proxy sssd-tools 167s tcl-expect tcl8.6 167s 0 upgraded, 65 newly installed, 0 to remove and 0 not upgraded. 167s Need to get 13.0 MB/13.0 MB of archives. 167s After this operation, 50.2 MB of additional disk space will be used. 167s Get:1 /tmp/autopkgtest.4Ib2y9/1-autopkgtest-satdep.deb autopkgtest-satdep s390x 0 [868 B] 167s Get:2 http://ftpmaster.internal/ubuntu noble/main s390x libltdl7 s390x 2.4.7-7build1 [41.8 kB] 167s Get:3 http://ftpmaster.internal/ubuntu noble-updates/main s390x libodbc2 s390x 2.3.12-1ubuntu0.24.04.1 [164 kB] 167s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main s390x slapd s390x 2.6.7+dfsg-1~exp1ubuntu8.1 [1604 kB] 167s Get:5 http://ftpmaster.internal/ubuntu noble/main s390x libtcl8.6 s390x 8.6.14+dfsg-1build1 [1038 kB] 167s Get:6 http://ftpmaster.internal/ubuntu noble/main s390x tcl8.6 s390x 8.6.14+dfsg-1build1 [14.7 kB] 167s Get:7 http://ftpmaster.internal/ubuntu noble/universe s390x tcl-expect s390x 5.45.4-3 [115 kB] 167s Get:8 http://ftpmaster.internal/ubuntu noble/universe s390x expect s390x 5.45.4-3 [137 kB] 167s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/main s390x ldap-utils s390x 2.6.7+dfsg-1~exp1ubuntu8.1 [165 kB] 167s Get:10 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-common-data s390x 0.8-13ubuntu6 [29.7 kB] 167s Get:11 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-common3 s390x 0.8-13ubuntu6 [24.1 kB] 167s Get:12 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-client3 s390x 0.8-13ubuntu6 [27.2 kB] 167s Get:13 http://ftpmaster.internal/ubuntu noble/main s390x libbasicobjects0t64 s390x 0.6.2-2.1build1 [5838 B] 168s Get:14 http://ftpmaster.internal/ubuntu noble/main s390x libcares2 s390x 1.27.0-1.0ubuntu1 [79.2 kB] 168s Get:15 http://ftpmaster.internal/ubuntu noble/main s390x libcollection4t64 s390x 0.6.2-2.1build1 [23.9 kB] 168s Get:16 http://ftpmaster.internal/ubuntu noble/main s390x libcrack2 s390x 2.9.6-5.1build2 [30.0 kB] 168s Get:17 http://ftpmaster.internal/ubuntu noble/main s390x libdhash1t64 s390x 0.6.2-2.1build1 [9126 B] 168s Get:18 http://ftpmaster.internal/ubuntu noble/main s390x libevent-2.1-7t64 s390x 2.1.12-stable-9ubuntu2 [147 kB] 168s Get:19 http://ftpmaster.internal/ubuntu noble/main s390x libpath-utils1t64 s390x 0.6.2-2.1build1 [9394 B] 168s Get:20 http://ftpmaster.internal/ubuntu noble/main s390x libref-array1t64 s390x 0.6.2-2.1build1 [7226 B] 168s Get:21 http://ftpmaster.internal/ubuntu noble/main s390x libini-config5t64 s390x 0.6.2-2.1build1 [46.6 kB] 168s Get:22 http://ftpmaster.internal/ubuntu noble-updates/main s390x libipa-hbac0t64 s390x 2.9.4-1.1ubuntu6.1 [17.5 kB] 168s Get:23 http://ftpmaster.internal/ubuntu noble/universe s390x libjose0 s390x 13-1 [45.7 kB] 168s Get:24 http://ftpmaster.internal/ubuntu noble/main s390x libverto-libevent1t64 s390x 0.3.1-1.2ubuntu3 [6384 B] 168s Get:25 http://ftpmaster.internal/ubuntu noble/main s390x libverto1t64 s390x 0.3.1-1.2ubuntu3 [11.0 kB] 168s Get:26 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libkrad0 s390x 1.20.1-6ubuntu2.2 [22.1 kB] 168s Get:27 http://ftpmaster.internal/ubuntu noble/main s390x libtalloc2 s390x 2.4.2-1build2 [28.4 kB] 168s Get:28 http://ftpmaster.internal/ubuntu noble/main s390x libtdb1 s390x 1.4.10-1build1 [50.0 kB] 168s Get:29 http://ftpmaster.internal/ubuntu noble/main s390x libtevent0t64 s390x 0.16.1-2build1 [43.4 kB] 168s Get:30 http://ftpmaster.internal/ubuntu noble/main s390x libldb2 s390x 2:2.8.0+samba4.19.5+dfsg-4ubuntu9 [192 kB] 168s Get:31 http://ftpmaster.internal/ubuntu noble/main s390x libnfsidmap1 s390x 1:2.6.4-3ubuntu5 [50.1 kB] 168s Get:32 http://ftpmaster.internal/ubuntu noble/universe s390x libnss-sudo all 1.9.15p5-3ubuntu5 [15.2 kB] 168s Get:33 http://ftpmaster.internal/ubuntu noble/main s390x libpwquality-common all 1.4.5-3build1 [7748 B] 168s Get:34 http://ftpmaster.internal/ubuntu noble/main s390x libpwquality1 s390x 1.4.5-3build1 [14.8 kB] 168s Get:35 http://ftpmaster.internal/ubuntu noble/main s390x libpam-pwquality s390x 1.4.5-3build1 [11.5 kB] 168s Get:36 http://ftpmaster.internal/ubuntu noble/main s390x libwbclient0 s390x 2:4.19.5+dfsg-4ubuntu9 [71.3 kB] 168s Get:37 http://ftpmaster.internal/ubuntu noble/main s390x samba-libs s390x 2:4.19.5+dfsg-4ubuntu9 [6231 kB] 168s Get:38 http://ftpmaster.internal/ubuntu noble/main s390x libsmbclient0 s390x 2:4.19.5+dfsg-4ubuntu9 [65.0 kB] 168s Get:39 http://ftpmaster.internal/ubuntu noble-updates/main s390x libnss-sss s390x 2.9.4-1.1ubuntu6.1 [33.1 kB] 168s Get:40 http://ftpmaster.internal/ubuntu noble-updates/main s390x libpam-sss s390x 2.9.4-1.1ubuntu6.1 [52.4 kB] 168s Get:41 http://ftpmaster.internal/ubuntu noble-updates/main s390x python3-sss s390x 2.9.4-1.1ubuntu6.1 [47.2 kB] 168s Get:42 http://ftpmaster.internal/ubuntu noble-updates/main s390x libsss-certmap0 s390x 2.9.4-1.1ubuntu6.1 [47.4 kB] 168s Get:43 http://ftpmaster.internal/ubuntu noble-updates/main s390x libsss-idmap0 s390x 2.9.4-1.1ubuntu6.1 [22.6 kB] 168s Get:44 http://ftpmaster.internal/ubuntu noble-updates/main s390x libsss-nss-idmap0 s390x 2.9.4-1.1ubuntu6.1 [31.9 kB] 168s Get:45 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-common s390x 2.9.4-1.1ubuntu6.1 [1125 kB] 168s Get:46 http://ftpmaster.internal/ubuntu noble-updates/universe s390x sssd-idp s390x 2.9.4-1.1ubuntu6.1 [27.3 kB] 168s Get:47 http://ftpmaster.internal/ubuntu noble-updates/universe s390x sssd-passkey s390x 2.9.4-1.1ubuntu6.1 [32.3 kB] 168s Get:48 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-ad-common s390x 2.9.4-1.1ubuntu6.1 [74.8 kB] 168s Get:49 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-krb5-common s390x 2.9.4-1.1ubuntu6.1 [90.3 kB] 168s Get:50 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-ad s390x 2.9.4-1.1ubuntu6.1 [134 kB] 168s Get:51 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-ipa s390x 2.9.4-1.1ubuntu6.1 [215 kB] 168s Get:52 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-krb5 s390x 2.9.4-1.1ubuntu6.1 [14.4 kB] 168s Get:53 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-ldap s390x 2.9.4-1.1ubuntu6.1 [31.0 kB] 168s Get:54 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-proxy s390x 2.9.4-1.1ubuntu6.1 [43.9 kB] 168s Get:55 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd s390x 2.9.4-1.1ubuntu6.1 [4122 B] 168s Get:56 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-dbus s390x 2.9.4-1.1ubuntu6.1 [101 kB] 168s Get:57 http://ftpmaster.internal/ubuntu noble-updates/universe s390x sssd-kcm s390x 2.9.4-1.1ubuntu6.1 [137 kB] 168s Get:58 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-tools s390x 2.9.4-1.1ubuntu6.1 [97.7 kB] 168s Get:59 http://ftpmaster.internal/ubuntu noble-updates/main s390x libipa-hbac-dev s390x 2.9.4-1.1ubuntu6.1 [6666 B] 168s Get:60 http://ftpmaster.internal/ubuntu noble-updates/main s390x libsss-certmap-dev s390x 2.9.4-1.1ubuntu6.1 [5734 B] 168s Get:61 http://ftpmaster.internal/ubuntu noble-updates/main s390x libsss-idmap-dev s390x 2.9.4-1.1ubuntu6.1 [8380 B] 168s Get:62 http://ftpmaster.internal/ubuntu noble-updates/main s390x libsss-nss-idmap-dev s390x 2.9.4-1.1ubuntu6.1 [6706 B] 168s Get:63 http://ftpmaster.internal/ubuntu noble-updates/universe s390x libsss-sudo s390x 2.9.4-1.1ubuntu6.1 [21.8 kB] 168s Get:64 http://ftpmaster.internal/ubuntu noble-updates/universe s390x python3-libipa-hbac s390x 2.9.4-1.1ubuntu6.1 [16.9 kB] 168s Get:65 http://ftpmaster.internal/ubuntu noble-updates/universe s390x python3-libsss-nss-idmap s390x 2.9.4-1.1ubuntu6.1 [9140 B] 168s Preconfiguring packages ... 169s Fetched 13.0 MB in 1s (9585 kB/s) 169s Selecting previously unselected package libltdl7:s390x. 169s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54283 files and directories currently installed.) 169s Preparing to unpack .../00-libltdl7_2.4.7-7build1_s390x.deb ... 169s Unpacking libltdl7:s390x (2.4.7-7build1) ... 169s Selecting previously unselected package libodbc2:s390x. 169s Preparing to unpack .../01-libodbc2_2.3.12-1ubuntu0.24.04.1_s390x.deb ... 169s Unpacking libodbc2:s390x (2.3.12-1ubuntu0.24.04.1) ... 169s Selecting previously unselected package slapd. 169s Preparing to unpack .../02-slapd_2.6.7+dfsg-1~exp1ubuntu8.1_s390x.deb ... 169s Unpacking slapd (2.6.7+dfsg-1~exp1ubuntu8.1) ... 169s Selecting previously unselected package libtcl8.6:s390x. 169s Preparing to unpack .../03-libtcl8.6_8.6.14+dfsg-1build1_s390x.deb ... 169s Unpacking libtcl8.6:s390x (8.6.14+dfsg-1build1) ... 169s Selecting previously unselected package tcl8.6. 169s Preparing to unpack .../04-tcl8.6_8.6.14+dfsg-1build1_s390x.deb ... 169s Unpacking tcl8.6 (8.6.14+dfsg-1build1) ... 169s Selecting previously unselected package tcl-expect:s390x. 169s Preparing to unpack .../05-tcl-expect_5.45.4-3_s390x.deb ... 169s Unpacking tcl-expect:s390x (5.45.4-3) ... 169s Selecting previously unselected package expect. 169s Preparing to unpack .../06-expect_5.45.4-3_s390x.deb ... 169s Unpacking expect (5.45.4-3) ... 169s Selecting previously unselected package ldap-utils. 169s Preparing to unpack .../07-ldap-utils_2.6.7+dfsg-1~exp1ubuntu8.1_s390x.deb ... 169s Unpacking ldap-utils (2.6.7+dfsg-1~exp1ubuntu8.1) ... 169s Selecting previously unselected package libavahi-common-data:s390x. 169s Preparing to unpack .../08-libavahi-common-data_0.8-13ubuntu6_s390x.deb ... 169s Unpacking libavahi-common-data:s390x (0.8-13ubuntu6) ... 169s Selecting previously unselected package libavahi-common3:s390x. 169s Preparing to unpack .../09-libavahi-common3_0.8-13ubuntu6_s390x.deb ... 169s Unpacking libavahi-common3:s390x (0.8-13ubuntu6) ... 169s Selecting previously unselected package libavahi-client3:s390x. 169s Preparing to unpack .../10-libavahi-client3_0.8-13ubuntu6_s390x.deb ... 169s Unpacking libavahi-client3:s390x (0.8-13ubuntu6) ... 169s Selecting previously unselected package libbasicobjects0t64:s390x. 169s Preparing to unpack .../11-libbasicobjects0t64_0.6.2-2.1build1_s390x.deb ... 169s Unpacking libbasicobjects0t64:s390x (0.6.2-2.1build1) ... 169s Selecting previously unselected package libcares2:s390x. 169s Preparing to unpack .../12-libcares2_1.27.0-1.0ubuntu1_s390x.deb ... 169s Unpacking libcares2:s390x (1.27.0-1.0ubuntu1) ... 169s Selecting previously unselected package libcollection4t64:s390x. 169s Preparing to unpack .../13-libcollection4t64_0.6.2-2.1build1_s390x.deb ... 169s Unpacking libcollection4t64:s390x (0.6.2-2.1build1) ... 169s Selecting previously unselected package libcrack2:s390x. 169s Preparing to unpack .../14-libcrack2_2.9.6-5.1build2_s390x.deb ... 169s Unpacking libcrack2:s390x (2.9.6-5.1build2) ... 169s Selecting previously unselected package libdhash1t64:s390x. 169s Preparing to unpack .../15-libdhash1t64_0.6.2-2.1build1_s390x.deb ... 169s Unpacking libdhash1t64:s390x (0.6.2-2.1build1) ... 169s Selecting previously unselected package libevent-2.1-7t64:s390x. 169s Preparing to unpack .../16-libevent-2.1-7t64_2.1.12-stable-9ubuntu2_s390x.deb ... 169s Unpacking libevent-2.1-7t64:s390x (2.1.12-stable-9ubuntu2) ... 169s Selecting previously unselected package libpath-utils1t64:s390x. 169s Preparing to unpack .../17-libpath-utils1t64_0.6.2-2.1build1_s390x.deb ... 169s Unpacking libpath-utils1t64:s390x (0.6.2-2.1build1) ... 169s Selecting previously unselected package libref-array1t64:s390x. 169s Preparing to unpack .../18-libref-array1t64_0.6.2-2.1build1_s390x.deb ... 169s Unpacking libref-array1t64:s390x (0.6.2-2.1build1) ... 169s Selecting previously unselected package libini-config5t64:s390x. 169s Preparing to unpack .../19-libini-config5t64_0.6.2-2.1build1_s390x.deb ... 169s Unpacking libini-config5t64:s390x (0.6.2-2.1build1) ... 169s Selecting previously unselected package libipa-hbac0t64. 169s Preparing to unpack .../20-libipa-hbac0t64_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking libipa-hbac0t64 (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package libjose0:s390x. 169s Preparing to unpack .../21-libjose0_13-1_s390x.deb ... 169s Unpacking libjose0:s390x (13-1) ... 169s Selecting previously unselected package libverto-libevent1t64:s390x. 169s Preparing to unpack .../22-libverto-libevent1t64_0.3.1-1.2ubuntu3_s390x.deb ... 169s Unpacking libverto-libevent1t64:s390x (0.3.1-1.2ubuntu3) ... 169s Selecting previously unselected package libverto1t64:s390x. 169s Preparing to unpack .../23-libverto1t64_0.3.1-1.2ubuntu3_s390x.deb ... 169s Unpacking libverto1t64:s390x (0.3.1-1.2ubuntu3) ... 169s Selecting previously unselected package libkrad0:s390x. 169s Preparing to unpack .../24-libkrad0_1.20.1-6ubuntu2.2_s390x.deb ... 169s Unpacking libkrad0:s390x (1.20.1-6ubuntu2.2) ... 169s Selecting previously unselected package libtalloc2:s390x. 169s Preparing to unpack .../25-libtalloc2_2.4.2-1build2_s390x.deb ... 169s Unpacking libtalloc2:s390x (2.4.2-1build2) ... 169s Selecting previously unselected package libtdb1:s390x. 169s Preparing to unpack .../26-libtdb1_1.4.10-1build1_s390x.deb ... 169s Unpacking libtdb1:s390x (1.4.10-1build1) ... 169s Selecting previously unselected package libtevent0t64:s390x. 169s Preparing to unpack .../27-libtevent0t64_0.16.1-2build1_s390x.deb ... 169s Unpacking libtevent0t64:s390x (0.16.1-2build1) ... 169s Selecting previously unselected package libldb2:s390x. 169s Preparing to unpack .../28-libldb2_2%3a2.8.0+samba4.19.5+dfsg-4ubuntu9_s390x.deb ... 169s Unpacking libldb2:s390x (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 169s Selecting previously unselected package libnfsidmap1:s390x. 169s Preparing to unpack .../29-libnfsidmap1_1%3a2.6.4-3ubuntu5_s390x.deb ... 169s Unpacking libnfsidmap1:s390x (1:2.6.4-3ubuntu5) ... 169s Selecting previously unselected package libnss-sudo. 169s Preparing to unpack .../30-libnss-sudo_1.9.15p5-3ubuntu5_all.deb ... 169s Unpacking libnss-sudo (1.9.15p5-3ubuntu5) ... 169s Selecting previously unselected package libpwquality-common. 169s Preparing to unpack .../31-libpwquality-common_1.4.5-3build1_all.deb ... 169s Unpacking libpwquality-common (1.4.5-3build1) ... 169s Selecting previously unselected package libpwquality1:s390x. 169s Preparing to unpack .../32-libpwquality1_1.4.5-3build1_s390x.deb ... 169s Unpacking libpwquality1:s390x (1.4.5-3build1) ... 169s Selecting previously unselected package libpam-pwquality:s390x. 169s Preparing to unpack .../33-libpam-pwquality_1.4.5-3build1_s390x.deb ... 169s Unpacking libpam-pwquality:s390x (1.4.5-3build1) ... 169s Selecting previously unselected package libwbclient0:s390x. 169s Preparing to unpack .../34-libwbclient0_2%3a4.19.5+dfsg-4ubuntu9_s390x.deb ... 169s Unpacking libwbclient0:s390x (2:4.19.5+dfsg-4ubuntu9) ... 169s Selecting previously unselected package samba-libs:s390x. 169s Preparing to unpack .../35-samba-libs_2%3a4.19.5+dfsg-4ubuntu9_s390x.deb ... 169s Unpacking samba-libs:s390x (2:4.19.5+dfsg-4ubuntu9) ... 169s Selecting previously unselected package libsmbclient0:s390x. 169s Preparing to unpack .../36-libsmbclient0_2%3a4.19.5+dfsg-4ubuntu9_s390x.deb ... 169s Unpacking libsmbclient0:s390x (2:4.19.5+dfsg-4ubuntu9) ... 169s Selecting previously unselected package libnss-sss:s390x. 169s Preparing to unpack .../37-libnss-sss_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking libnss-sss:s390x (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package libpam-sss:s390x. 169s Preparing to unpack .../38-libpam-sss_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking libpam-sss:s390x (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package python3-sss. 169s Preparing to unpack .../39-python3-sss_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking python3-sss (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package libsss-certmap0. 169s Preparing to unpack .../40-libsss-certmap0_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking libsss-certmap0 (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package libsss-idmap0. 169s Preparing to unpack .../41-libsss-idmap0_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking libsss-idmap0 (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package libsss-nss-idmap0. 169s Preparing to unpack .../42-libsss-nss-idmap0_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking libsss-nss-idmap0 (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package sssd-common. 169s Preparing to unpack .../43-sssd-common_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking sssd-common (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package sssd-idp. 169s Preparing to unpack .../44-sssd-idp_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking sssd-idp (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package sssd-passkey. 169s Preparing to unpack .../45-sssd-passkey_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking sssd-passkey (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package sssd-ad-common. 169s Preparing to unpack .../46-sssd-ad-common_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking sssd-ad-common (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package sssd-krb5-common. 169s Preparing to unpack .../47-sssd-krb5-common_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking sssd-krb5-common (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package sssd-ad. 169s Preparing to unpack .../48-sssd-ad_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking sssd-ad (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package sssd-ipa. 169s Preparing to unpack .../49-sssd-ipa_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking sssd-ipa (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package sssd-krb5. 169s Preparing to unpack .../50-sssd-krb5_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking sssd-krb5 (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package sssd-ldap. 169s Preparing to unpack .../51-sssd-ldap_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking sssd-ldap (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package sssd-proxy. 169s Preparing to unpack .../52-sssd-proxy_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking sssd-proxy (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package sssd. 169s Preparing to unpack .../53-sssd_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking sssd (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package sssd-dbus. 169s Preparing to unpack .../54-sssd-dbus_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking sssd-dbus (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package sssd-kcm. 169s Preparing to unpack .../55-sssd-kcm_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking sssd-kcm (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package sssd-tools. 169s Preparing to unpack .../56-sssd-tools_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking sssd-tools (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package libipa-hbac-dev. 169s Preparing to unpack .../57-libipa-hbac-dev_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking libipa-hbac-dev (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package libsss-certmap-dev. 169s Preparing to unpack .../58-libsss-certmap-dev_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking libsss-certmap-dev (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package libsss-idmap-dev. 169s Preparing to unpack .../59-libsss-idmap-dev_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking libsss-idmap-dev (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package libsss-nss-idmap-dev. 169s Preparing to unpack .../60-libsss-nss-idmap-dev_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking libsss-nss-idmap-dev (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package libsss-sudo. 169s Preparing to unpack .../61-libsss-sudo_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking libsss-sudo (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package python3-libipa-hbac. 169s Preparing to unpack .../62-python3-libipa-hbac_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking python3-libipa-hbac (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package python3-libsss-nss-idmap. 169s Preparing to unpack .../63-python3-libsss-nss-idmap_2.9.4-1.1ubuntu6.1_s390x.deb ... 169s Unpacking python3-libsss-nss-idmap (2.9.4-1.1ubuntu6.1) ... 169s Selecting previously unselected package autopkgtest-satdep. 169s Preparing to unpack .../64-1-autopkgtest-satdep.deb ... 169s Unpacking autopkgtest-satdep (0) ... 169s Setting up libpwquality-common (1.4.5-3build1) ... 169s Setting up libnfsidmap1:s390x (1:2.6.4-3ubuntu5) ... 169s Setting up libsss-idmap0 (2.9.4-1.1ubuntu6.1) ... 169s Setting up libbasicobjects0t64:s390x (0.6.2-2.1build1) ... 169s Setting up libipa-hbac0t64 (2.9.4-1.1ubuntu6.1) ... 169s Setting up libsss-idmap-dev (2.9.4-1.1ubuntu6.1) ... 169s Setting up libref-array1t64:s390x (0.6.2-2.1build1) ... 169s Setting up libipa-hbac-dev (2.9.4-1.1ubuntu6.1) ... 169s Setting up libtdb1:s390x (1.4.10-1build1) ... 169s Setting up libcollection4t64:s390x (0.6.2-2.1build1) ... 169s Setting up libevent-2.1-7t64:s390x (2.1.12-stable-9ubuntu2) ... 169s Setting up ldap-utils (2.6.7+dfsg-1~exp1ubuntu8.1) ... 169s Setting up libjose0:s390x (13-1) ... 169s Setting up libwbclient0:s390x (2:4.19.5+dfsg-4ubuntu9) ... 169s Setting up libtalloc2:s390x (2.4.2-1build2) ... 169s Setting up libpath-utils1t64:s390x (0.6.2-2.1build1) ... 169s Setting up libavahi-common-data:s390x (0.8-13ubuntu6) ... 169s Setting up libcares2:s390x (1.27.0-1.0ubuntu1) ... 169s Setting up libdhash1t64:s390x (0.6.2-2.1build1) ... 169s Setting up libtcl8.6:s390x (8.6.14+dfsg-1build1) ... 169s Setting up libltdl7:s390x (2.4.7-7build1) ... 169s Setting up libcrack2:s390x (2.9.6-5.1build2) ... 169s Setting up libodbc2:s390x (2.3.12-1ubuntu0.24.04.1) ... 169s Setting up python3-libipa-hbac (2.9.4-1.1ubuntu6.1) ... 169s Setting up libnss-sudo (1.9.15p5-3ubuntu5) ... 169s Setting up libsss-nss-idmap0 (2.9.4-1.1ubuntu6.1) ... 169s Setting up libini-config5t64:s390x (0.6.2-2.1build1) ... 169s Setting up libtevent0t64:s390x (0.16.1-2build1) ... 169s Setting up libnss-sss:s390x (2.9.4-1.1ubuntu6.1) ... 170s Setting up slapd (2.6.7+dfsg-1~exp1ubuntu8.1) ... 170s Creating new user openldap... done. 170s Creating initial configuration... done. 170s Creating LDAP directory... done. 170s Setting up tcl8.6 (8.6.14+dfsg-1build1) ... 170s Setting up libsss-sudo (2.9.4-1.1ubuntu6.1) ... 170s Setting up libsss-nss-idmap-dev (2.9.4-1.1ubuntu6.1) ... 170s Setting up libavahi-common3:s390x (0.8-13ubuntu6) ... 170s Setting up tcl-expect:s390x (5.45.4-3) ... 170s Setting up libsss-certmap0 (2.9.4-1.1ubuntu6.1) ... 170s Setting up libpwquality1:s390x (1.4.5-3build1) ... 170s Setting up python3-libsss-nss-idmap (2.9.4-1.1ubuntu6.1) ... 170s Setting up libldb2:s390x (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 170s Setting up libavahi-client3:s390x (0.8-13ubuntu6) ... 170s Setting up expect (5.45.4-3) ... 170s Setting up libpam-pwquality:s390x (1.4.5-3build1) ... 170s Setting up samba-libs:s390x (2:4.19.5+dfsg-4ubuntu9) ... 170s Setting up libsss-certmap-dev (2.9.4-1.1ubuntu6.1) ... 170s Setting up python3-sss (2.9.4-1.1ubuntu6.1) ... 170s Setting up libsmbclient0:s390x (2:4.19.5+dfsg-4ubuntu9) ... 170s Setting up libpam-sss:s390x (2.9.4-1.1ubuntu6.1) ... 170s Setting up sssd-common (2.9.4-1.1ubuntu6.1) ... 170s Creating SSSD system user & group... 170s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 170s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 170s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 170s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 171s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 171s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 171s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 171s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 171s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 172s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 172s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 172s sssd-autofs.service is a disabled or a static unit, not starting it. 172s sssd-nss.service is a disabled or a static unit, not starting it. 172s sssd-pam.service is a disabled or a static unit, not starting it. 172s sssd-ssh.service is a disabled or a static unit, not starting it. 172s sssd-sudo.service is a disabled or a static unit, not starting it. 172s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 172s Setting up sssd-proxy (2.9.4-1.1ubuntu6.1) ... 172s Setting up sssd-kcm (2.9.4-1.1ubuntu6.1) ... 172s Created symlink /etc/systemd/system/sockets.target.wants/sssd-kcm.socket → /usr/lib/systemd/system/sssd-kcm.socket. 172s sssd-kcm.service is a disabled or a static unit, not starting it. 172s Setting up sssd-dbus (2.9.4-1.1ubuntu6.1) ... 173s sssd-ifp.service is a disabled or a static unit, not starting it. 173s Setting up sssd-ad-common (2.9.4-1.1ubuntu6.1) ... 173s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 173s sssd-pac.service is a disabled or a static unit, not starting it. 173s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 173s Setting up sssd-krb5-common (2.9.4-1.1ubuntu6.1) ... 173s Setting up sssd-krb5 (2.9.4-1.1ubuntu6.1) ... 173s Setting up sssd-ldap (2.9.4-1.1ubuntu6.1) ... 173s Setting up sssd-ad (2.9.4-1.1ubuntu6.1) ... 173s Setting up sssd-tools (2.9.4-1.1ubuntu6.1) ... 173s Setting up sssd-ipa (2.9.4-1.1ubuntu6.1) ... 173s Setting up sssd (2.9.4-1.1ubuntu6.1) ... 173s Setting up libverto-libevent1t64:s390x (0.3.1-1.2ubuntu3) ... 173s Setting up libverto1t64:s390x (0.3.1-1.2ubuntu3) ... 173s Setting up libkrad0:s390x (1.20.1-6ubuntu2.2) ... 173s Setting up sssd-passkey (2.9.4-1.1ubuntu6.1) ... 173s Setting up sssd-idp (2.9.4-1.1ubuntu6.1) ... 173s Setting up autopkgtest-satdep (0) ... 173s Processing triggers for libc-bin (2.39-0ubuntu8.3) ... 173s Processing triggers for ufw (0.36.2-6) ... 173s Processing triggers for man-db (2.12.0-4build2) ... 174s Processing triggers for dbus (1.14.10-4ubuntu4.1) ... 180s (Reading database ... 55574 files and directories currently installed.) 180s Removing autopkgtest-satdep (0) ... 181s autopkgtest [20:27:20]: test ldap-user-group-ldap-auth: [----------------------- 181s + . debian/tests/util 181s + . debian/tests/common-tests 181s + mydomain=example.com 181s + myhostname=ldap.example.com 181s + mysuffix=dc=example,dc=com 181s + admin_dn=cn=admin,dc=example,dc=com 181s + admin_pw=secret 181s + ldap_user=testuser1 181s + ldap_user_pw=testuser1secret 181s + ldap_group=ldapusers 181s + adjust_hostname ldap.example.com 181s + local myhostname=ldap.example.com 181s + echo ldap.example.com 181s + hostname ldap.example.com 181s + grep -qE ldap.example.com /etc/hosts 181s + echo 127.0.1.10 ldap.example.com 181s + reconfigure_slapd 181s + debconf-set-selections 181s + rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb 181s + dpkg-reconfigure -fnoninteractive -pcritical slapd 181s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8.1... done. 181s Moving old database directory to /var/backups: 181s - directory unknown... done. 181s Creating initial configuration... done. 181s Creating LDAP directory... done. 182s + generate_certs ldap.example.com 182s + local cn=ldap.example.com 182s + local cert=/etc/ldap/server.pem 182s + local key=/etc/ldap/server.key 182s + local cnf=/etc/ldap/openssl.cnf 182s + cat 182s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 182s ...........++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 182s ........++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 182s ----- 182s modifying entry "cn=config" 182s 182s adding new entry "ou=People,dc=example,dc=com" 182s 182s adding new entry "ou=Group,dc=example,dc=com" 182s 182s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 182s 182s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 182s 182s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 182s 182s + chmod 0640 /etc/ldap/server.key 182s + chgrp openldap /etc/ldap/server.key 182s + [ ! -f /etc/ldap/server.pem ] 182s + [ ! -f /etc/ldap/server.key ] 182s + enable_ldap_ssl 182s + cat 182s + cat 182s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 182s + populate_ldap_rfc2307 182s + cat 182s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 182s + configure_sssd_ldap_rfc2307 182s + cat 182s + chmod 0600 /etc/sssd/sssd.conf 182s + systemctl restart sssd 182s + enable_pam_mkhomedir 182s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 182s Assert local user databases do not have our LDAP test data 182s The LDAP user is known to the system via getent 182s The LDAP user's private group is known to the system via getent 182s The LDAP group ldapusers is known to the system via getent 182s The id(1) command can resolve the group membership of the LDAP user 182s The LDAP user can login on a terminal 182s + echo session optional pam_mkhomedir.so 182s + run_common_tests 182s + echo Assert local user databases do not have our LDAP test data 182s + check_local_user testuser1 182s + local local_user=testuser1 182s + grep -q ^testuser1 /etc/passwd 182s + check_local_group testuser1 182s + local local_group=testuser1 182s + grep -q ^testuser1 /etc/group 182s + check_local_group ldapusers 182s + local local_group=ldapusers 182s + grep -q ^ldapusers /etc/group 182s + echo The LDAP user is known to the system via getent 182s + check_getent_user testuser1 182s + local getent_user=testuser1 182s + local output 182s + getent passwd testuser1 182s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 182s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 182s + echo The LDAP user's private group is known to the system via getent 182s + check_getent_group testuser1 182s + local getent_group=testuser1 182s + local output 182s + getent group testuser1 182s + output=testuser1:*:10001:testuser1 182s + [ -z testuser1:*:10001:testuser1 ] 182s + echo The LDAP group ldapusers is known to the system via getent 182s + check_getent_group ldapusers 182s + local getent_group=ldapusers 182s + local output 182s + getent group ldapusers 182s + output=ldapusers:*:10100:testuser1 182s + [ -z ldapusers:*:10100:testuser1 ] 182s + echo The id(1) command can resolve the group membership of the LDAP user 182s + id -Gn testuser1 182s + output=testuser1 ldapusers 182s + [ testuser1 ldapusers != testuser1 ldapusers ] 182s + echo The LDAP user can login on a terminal 182s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1secret 182s spawn login 182s ldap.example.com login: testuser1 182s Password: 182s Welcome to Ubuntu 24.04.1 LTS (GNU/Linux 6.8.0-48-generic s390x) 182s 182s * Documentation: https://help.ubuntu.com 182s * Management: https://landscape.canonical.com 182s * Support: https://ubuntu.com/pro 182s 182s 182s The programs included with the Ubuntu system are free software; 182s the exact distribution terms for each program are described in the 182s individual files in /usr/share/doc/*/copyright. 182s 182s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 182s applicable law. 182s 182s 182s The programs included with the Ubuntu system are free software; 182s the exact distribution terms for each program are described in the 182s individual files in /usr/share/doc/*/copyright. 182s 182s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 182s applicable law. 182s 182s Creating directory '/home/testuser1'. 182s [?2004htestuser1@ldap:~$ id -un 182s [?2004l testuser1 182s [?2004htestuser1@ldap:~$ autopkgtest [20:27:21]: test ldap-user-group-ldap-auth: -----------------------] 183s autopkgtest [20:27:22]: test ldap-user-group-ldap-auth: - - - - - - - - - - results - - - - - - - - - - 183s ldap-user-group-ldap-auth PASS 183s autopkgtest [20:27:22]: test ldap-user-group-krb5-auth: preparing testbed 184s Reading package lists... 184s Building dependency tree... 184s Reading state information... 185s Starting pkgProblemResolver with broken count: 0 185s Starting 2 pkgProblemResolver with broken count: 0 185s Done 185s The following additional packages will be installed: 185s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4t64 185s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10t64 185s Suggested packages: 185s krb5-kdc-ldap krb5-kpropd krb5-k5tls krb5-doc 185s The following NEW packages will be installed: 185s autopkgtest-satdep krb5-admin-server krb5-config krb5-kdc krb5-user 185s libgssrpc4t64 libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10t64 185s 0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded. 185s Need to get 613 kB/614 kB of archives. 185s After this operation, 2082 kB of additional disk space will be used. 185s Get:1 /tmp/autopkgtest.4Ib2y9/2-autopkgtest-satdep.deb autopkgtest-satdep s390x 0 [888 B] 185s Get:2 http://ftpmaster.internal/ubuntu noble/main s390x krb5-config all 2.7 [22.0 kB] 185s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libgssrpc4t64 s390x 1.20.1-6ubuntu2.2 [59.2 kB] 185s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libkadm5clnt-mit12 s390x 1.20.1-6ubuntu2.2 [40.5 kB] 185s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libkdb5-10t64 s390x 1.20.1-6ubuntu2.2 [41.7 kB] 185s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libkadm5srv-mit12 s390x 1.20.1-6ubuntu2.2 [55.4 kB] 185s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x krb5-user s390x 1.20.1-6ubuntu2.2 [110 kB] 185s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x krb5-kdc s390x 1.20.1-6ubuntu2.2 [189 kB] 185s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x krb5-admin-server s390x 1.20.1-6ubuntu2.2 [95.8 kB] 186s Preconfiguring packages ... 186s Fetched 613 kB in 1s (1113 kB/s) 186s Selecting previously unselected package krb5-config. 186s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 55574 files and directories currently installed.) 186s Preparing to unpack .../0-krb5-config_2.7_all.deb ... 186s Unpacking krb5-config (2.7) ... 186s Selecting previously unselected package libgssrpc4t64:s390x. 186s Preparing to unpack .../1-libgssrpc4t64_1.20.1-6ubuntu2.2_s390x.deb ... 186s Unpacking libgssrpc4t64:s390x (1.20.1-6ubuntu2.2) ... 186s Selecting previously unselected package libkadm5clnt-mit12:s390x. 186s Preparing to unpack .../2-libkadm5clnt-mit12_1.20.1-6ubuntu2.2_s390x.deb ... 186s Unpacking libkadm5clnt-mit12:s390x (1.20.1-6ubuntu2.2) ... 186s Selecting previously unselected package libkdb5-10t64:s390x. 186s Preparing to unpack .../3-libkdb5-10t64_1.20.1-6ubuntu2.2_s390x.deb ... 186s Unpacking libkdb5-10t64:s390x (1.20.1-6ubuntu2.2) ... 186s Selecting previously unselected package libkadm5srv-mit12:s390x. 186s Preparing to unpack .../4-libkadm5srv-mit12_1.20.1-6ubuntu2.2_s390x.deb ... 186s Unpacking libkadm5srv-mit12:s390x (1.20.1-6ubuntu2.2) ... 186s Selecting previously unselected package krb5-user. 186s Preparing to unpack .../5-krb5-user_1.20.1-6ubuntu2.2_s390x.deb ... 186s Unpacking krb5-user (1.20.1-6ubuntu2.2) ... 186s Selecting previously unselected package krb5-kdc. 186s Preparing to unpack .../6-krb5-kdc_1.20.1-6ubuntu2.2_s390x.deb ... 186s Unpacking krb5-kdc (1.20.1-6ubuntu2.2) ... 186s Selecting previously unselected package krb5-admin-server. 186s Preparing to unpack .../7-krb5-admin-server_1.20.1-6ubuntu2.2_s390x.deb ... 186s Unpacking krb5-admin-server (1.20.1-6ubuntu2.2) ... 186s Selecting previously unselected package autopkgtest-satdep. 186s Preparing to unpack .../8-2-autopkgtest-satdep.deb ... 186s Unpacking autopkgtest-satdep (0) ... 186s Setting up libgssrpc4t64:s390x (1.20.1-6ubuntu2.2) ... 186s Setting up krb5-config (2.7) ... 186s Setting up libkadm5clnt-mit12:s390x (1.20.1-6ubuntu2.2) ... 186s Setting up libkdb5-10t64:s390x (1.20.1-6ubuntu2.2) ... 186s Setting up libkadm5srv-mit12:s390x (1.20.1-6ubuntu2.2) ... 186s Setting up krb5-user (1.20.1-6ubuntu2.2) ... 186s update-alternatives: using /usr/bin/kinit.mit to provide /usr/bin/kinit (kinit) in auto mode 186s update-alternatives: using /usr/bin/klist.mit to provide /usr/bin/klist (klist) in auto mode 186s update-alternatives: using /usr/bin/kswitch.mit to provide /usr/bin/kswitch (kswitch) in auto mode 186s update-alternatives: using /usr/bin/ksu.mit to provide /usr/bin/ksu (ksu) in auto mode 186s update-alternatives: using /usr/bin/kpasswd.mit to provide /usr/bin/kpasswd (kpasswd) in auto mode 186s update-alternatives: using /usr/bin/kdestroy.mit to provide /usr/bin/kdestroy (kdestroy) in auto mode 186s update-alternatives: using /usr/bin/kadmin.mit to provide /usr/bin/kadmin (kadmin) in auto mode 186s update-alternatives: using /usr/bin/ktutil.mit to provide /usr/bin/ktutil (ktutil) in auto mode 186s Setting up krb5-kdc (1.20.1-6ubuntu2.2) ... 186s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-kdc.service → /usr/lib/systemd/system/krb5-kdc.service. 187s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 187s Setting up krb5-admin-server (1.20.1-6ubuntu2.2) ... 187s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-admin-server.service → /usr/lib/systemd/system/krb5-admin-server.service. 187s Setting up autopkgtest-satdep (0) ... 187s Processing triggers for man-db (2.12.0-4build2) ... 188s Processing triggers for libc-bin (2.39-0ubuntu8.3) ... 194s (Reading database ... 55669 files and directories currently installed.) 194s Removing autopkgtest-satdep (0) ... 194s autopkgtest [20:27:33]: test ldap-user-group-krb5-auth: [----------------------- 194s + . debian/tests/util 194s + . debian/tests/common-tests 194s + mydomain=example.com 194s + myhostname=ldap.example.com 194s + mysuffix=dc=example,dc=com 194s + myrealm=EXAMPLE.COM 194s + admin_dn=cn=admin,dc=example,dc=com 194s + admin_pw=secret 194s + ldap_user=testuser1 194s + ldap_user_pw=testuser1secret 194s + kerberos_principal_pw=testuser1kerberos 194s + ldap_group=ldapusers 194s + adjust_hostname ldap.example.com 194s + local myhostname=ldap.example.com 194s + echo ldap.example.com 194s + hostname ldap.example.com 194s + grep -qE ldap.example.com /etc/hosts 194s + reconfigure_slapd 194s + debconf-set-selections 194s + rm -rf /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8.1 /var/backups/unknown-2.6.7+dfsg-1~exp1ubuntu8.1-20241115-202720.ldapdb 194s + dpkg-reconfigure -fnoninteractive -pcritical slapd 195s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8.1... done. 195s Moving old database directory to /var/backups: 195s - directory unknown... done. 195s Creating initial configuration... done. 195s Creating LDAP directory... done. 195s + generate_certs ldap.example.com 195s + local cn=ldap.example.com 195s + local cert=/etc/ldap/server.pem 195s + local key=/etc/ldap/server.key 195s + local cnf=/etc/ldap/openssl.cnf 195s + cat 195s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 195s ...............................................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 195s ..............+++++++++++++++++++++++++++++++++++++++++++++++++++++++modifying entry "cn=config" 195s 195s adding new entry "ou=People,dc=example,dc=com" 195s 195s adding new entry "ou=Group,dc=example,dc=com" 195s 195s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 195s 195s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 195s 195s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 195s 195s Initializing database '/var/lib/krb5kdc/principal' for realm 'EXAMPLE.COM', 195s master key name 'K/M@EXAMPLE.COM' 195s +++++++++ 195s ----- 195s + chmod 0640 /etc/ldap/server.key 195s + chgrp openldap /etc/ldap/server.key 195s + [ ! -f /etc/ldap/server.pem ] 195s + [ ! -f /etc/ldap/server.key ] 195s + enable_ldap_ssl 195s + cat 195s + cat 195s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 195s + populate_ldap_rfc2307 195s + cat 195s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 195s + create_realm EXAMPLE.COM ldap.example.com 195s + local realm_name=EXAMPLE.COM 195s + local kerberos_server=ldap.example.com 195s + rm -rf /var/lib/krb5kdc/* 195s + rm -rf /etc/krb5kdc/kdc.conf 195s + rm -f /etc/krb5.keytab 195s + cat 195s + cat 195s + echo # */admin * 195s + kdb5_util create -s -P secretpassword 195s + systemctl restart krb5-kdc.service krb5-admin-server.service 195s + create_krb_principal testuser1 testuser1kerberos 195s + local principal=testuser1 195s + local password=testuser1kerberos 195s + kadmin.local -q addprinc -pw testuser1kerberos testuser1 195s No policy specified for testuser1@EXAMPLE.COM; defaulting to no policy 195s Authenticating as principal root/admin@EXAMPLE.COM with password. 195s Principal "testuser1@EXAMPLE.COM" created. 195s + configure_sssd_ldap_rfc2307_krb5_auth 195s + cat 195s + chmod 0600 /etc/sssd/sssd.conf 195s + systemctl restart sssd 195s + enable_pam_mkhomedir 195s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 195s + run_common_tests 195s + echo Assert local user databases do not have our LDAP test data 195s + check_local_user testuser1 195s + local local_user=testuser1 195s + grep -q ^testuser1 /etc/passwd 195s + check_local_group testuser1 195s + local local_group=testuser1 195s + grep -q ^testuser1 /etc/group 195s Assert local user databases do not have our LDAP test data 195s + check_local_group ldapusers 195s + local local_group=ldapusers 195s + grep -q ^ldapusers /etc/group 195s The LDAP user is known to the system via getent 195s + echo The LDAP user is known to the system via getent 195s + check_getent_user testuser1 195s + local getent_user=testuser1 195s + local output 195s + getent passwd testuser1 195s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 195s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 195s + echo The LDAP user's private group is known to the system via getent 195s + check_getent_group testuser1 195s + local getent_group=testuser1 195s + local output 195s The LDAP user's private group is known to the system via getent 195s + getent group testuser1 195s The LDAP group ldapusers is known to the system via getent 195s + output=testuser1:*:10001:testuser1 195s + [ -z testuser1:*:10001:testuser1 ] 195s + echo The LDAP group ldapusers is known to the system via getent 195s + check_getent_group ldapusers 195s + local getent_group=ldapusers 195s + local output 195s + getent group ldapusers 195s + output=ldapusers:*:10100:testuser1 195s + [ -z ldapusers:*:10100:testuser1 ] 195s + echo The id(1) command can resolve the group membership of the LDAP user 195s The id(1) command can resolve the group membership of the LDAP user 195s + id -Gn testuser1 195s The Kerberos principal can login on a terminal 195s + output=testuser1 ldapusers 195s + [ testuser1 ldapusers != testuser1 ldapusers ] 195s + echo The Kerberos principal can login on a terminal 195s + kdestroy 195s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1kerberos testuser1@EXAMPLE.COM 195s spawn login 195s ldap.example.com login: testuser1 195s Password: 195s Welcome to Ubuntu 24.04.1 LTS (GNU/Linux 6.8.0-48-generic s390x) 195s 195s * Documentation: https://help.ubuntu.com 195s * Management: https://landscape.canonical.com 195s * Support: https://ubuntu.com/pro 195s 195s 195s The programs included with the Ubuntu system are free software; 195s the exact distribution terms for each program are described in the 195s individual files in /usr/share/doc/*/copyright. 195s 195s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 195s applicable law. 195s 195s [?2004htestuser1@ldap:~$ id -un 195s [?2004l testuser1 195s [?2004htestuser1@ldap:~$ klist 195s [?2004l Ticket cache: FILE:/tmp/krb5cc_10001_Lvsf0V 196s Default principal: testuser1@EXAMPLE.COMautopkgtest [20:27:35]: test ldap-user-group-krb5-auth: -----------------------] 196s autopkgtest [20:27:35]: test ldap-user-group-krb5-auth: - - - - - - - - - - results - - - - - - - - - - 196s ldap-user-group-krb5-auth PASS 196s autopkgtest [20:27:35]: test sssd-softhism2-certificates-tests.sh: preparing testbed 310s autopkgtest [20:29:29]: testbed dpkg architecture: s390x 310s autopkgtest [20:29:29]: testbed apt version: 2.7.14build2 310s autopkgtest [20:29:29]: @@@@@@@@@@@@@@@@@@@@ test bed setup 311s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [265 kB] 312s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [88.3 kB] 312s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [3240 B] 312s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [78.5 kB] 312s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main s390x Packages [155 kB] 312s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main s390x c-n-f Metadata [3744 B] 312s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/restricted s390x Packages [1176 B] 312s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted s390x c-n-f Metadata [116 B] 312s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x Packages [462 kB] 312s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe s390x c-n-f Metadata [5504 B] 312s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/multiverse s390x c-n-f Metadata [116 B] 314s Fetched 1063 kB in 1s (1500 kB/s) 314s Reading package lists... 316s Reading package lists... 316s Building dependency tree... 316s Reading state information... 316s Calculating upgrade... 316s The following packages will be upgraded: 316s libnss-systemd libpam-systemd libsystemd-shared libsystemd0 libudev1 316s openssh-client openssh-server openssh-sftp-server systemd systemd-dev 316s systemd-resolved systemd-sysv systemd-timesyncd udev 317s 14 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 317s Need to get 10.5 MB of archives. 317s After this operation, 11.3 kB disk space will be freed. 317s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libnss-systemd s390x 255.4-1ubuntu8.5 [165 kB] 317s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main s390x systemd-dev all 255.4-1ubuntu8.5 [104 kB] 317s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main s390x systemd-timesyncd s390x 255.4-1ubuntu8.5 [35.1 kB] 317s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main s390x systemd-resolved s390x 255.4-1ubuntu8.5 [302 kB] 317s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libsystemd-shared s390x 255.4-1ubuntu8.5 [2123 kB] 317s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libsystemd0 s390x 255.4-1ubuntu8.5 [442 kB] 317s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main s390x systemd-sysv s390x 255.4-1ubuntu8.5 [11.9 kB] 317s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libpam-systemd s390x 255.4-1ubuntu8.5 [241 kB] 317s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/main s390x systemd s390x 255.4-1ubuntu8.5 [3531 kB] 317s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/main s390x udev s390x 255.4-1ubuntu8.5 [1883 kB] 317s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/main s390x libudev1 s390x 255.4-1ubuntu8.5 [179 kB] 317s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/main s390x openssh-sftp-server s390x 1:9.6p1-3ubuntu13.7 [38.6 kB] 317s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/main s390x openssh-server s390x 1:9.6p1-3ubuntu13.7 [526 kB] 317s Get:14 http://ftpmaster.internal/ubuntu noble-proposed/main s390x openssh-client s390x 1:9.6p1-3ubuntu13.7 [931 kB] 318s Preconfiguring packages ... 318s Fetched 10.5 MB in 1s (12.3 MB/s) 318s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54283 files and directories currently installed.) 318s Preparing to unpack .../0-libnss-systemd_255.4-1ubuntu8.5_s390x.deb ... 318s Unpacking libnss-systemd:s390x (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 318s Preparing to unpack .../1-systemd-dev_255.4-1ubuntu8.5_all.deb ... 318s Unpacking systemd-dev (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 318s Preparing to unpack .../2-systemd-timesyncd_255.4-1ubuntu8.5_s390x.deb ... 318s Unpacking systemd-timesyncd (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 318s Preparing to unpack .../3-systemd-resolved_255.4-1ubuntu8.5_s390x.deb ... 318s Unpacking systemd-resolved (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 318s Preparing to unpack .../4-libsystemd-shared_255.4-1ubuntu8.5_s390x.deb ... 318s Unpacking libsystemd-shared:s390x (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 318s Preparing to unpack .../5-libsystemd0_255.4-1ubuntu8.5_s390x.deb ... 318s Unpacking libsystemd0:s390x (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 318s Setting up libsystemd0:s390x (255.4-1ubuntu8.5) ... 318s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54283 files and directories currently installed.) 318s Preparing to unpack .../systemd-sysv_255.4-1ubuntu8.5_s390x.deb ... 318s Unpacking systemd-sysv (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 318s Preparing to unpack .../libpam-systemd_255.4-1ubuntu8.5_s390x.deb ... 318s Unpacking libpam-systemd:s390x (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 318s Preparing to unpack .../systemd_255.4-1ubuntu8.5_s390x.deb ... 318s Unpacking systemd (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 318s Preparing to unpack .../udev_255.4-1ubuntu8.5_s390x.deb ... 318s Unpacking udev (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 318s Preparing to unpack .../libudev1_255.4-1ubuntu8.5_s390x.deb ... 318s Unpacking libudev1:s390x (255.4-1ubuntu8.5) over (255.4-1ubuntu8.4) ... 318s Setting up libudev1:s390x (255.4-1ubuntu8.5) ... 318s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54283 files and directories currently installed.) 318s Preparing to unpack .../openssh-sftp-server_1%3a9.6p1-3ubuntu13.7_s390x.deb ... 318s Unpacking openssh-sftp-server (1:9.6p1-3ubuntu13.7) over (1:9.6p1-3ubuntu13.5) ... 318s Preparing to unpack .../openssh-server_1%3a9.6p1-3ubuntu13.7_s390x.deb ... 318s Unpacking openssh-server (1:9.6p1-3ubuntu13.7) over (1:9.6p1-3ubuntu13.5) ... 318s Preparing to unpack .../openssh-client_1%3a9.6p1-3ubuntu13.7_s390x.deb ... 318s Unpacking openssh-client (1:9.6p1-3ubuntu13.7) over (1:9.6p1-3ubuntu13.5) ... 318s Setting up openssh-client (1:9.6p1-3ubuntu13.7) ... 318s Setting up systemd-dev (255.4-1ubuntu8.5) ... 318s Setting up libsystemd-shared:s390x (255.4-1ubuntu8.5) ... 318s Setting up openssh-sftp-server (1:9.6p1-3ubuntu13.7) ... 318s Setting up openssh-server (1:9.6p1-3ubuntu13.7) ... 318s Replacing config file /etc/ssh/sshd_config with new version 319s Setting up systemd (255.4-1ubuntu8.5) ... 320s Setting up systemd-timesyncd (255.4-1ubuntu8.5) ... 320s Setting up udev (255.4-1ubuntu8.5) ... 320s Setting up systemd-resolved (255.4-1ubuntu8.5) ... 321s Setting up systemd-sysv (255.4-1ubuntu8.5) ... 321s Setting up libnss-systemd:s390x (255.4-1ubuntu8.5) ... 321s Setting up libpam-systemd:s390x (255.4-1ubuntu8.5) ... 321s Processing triggers for libc-bin (2.39-0ubuntu8.3) ... 321s Processing triggers for ufw (0.36.2-6) ... 321s Processing triggers for man-db (2.12.0-4build2) ... 321s Processing triggers for dbus (1.14.10-4ubuntu4.1) ... 321s Processing triggers for initramfs-tools (0.142ubuntu25.4) ... 322s update-initramfs: Generating /boot/initrd.img-6.8.0-48-generic 322s W: No lz4 in /usr/bin:/sbin:/bin, using gzip 323s Using config file '/etc/zipl.conf' 323s Building bootmap in '/boot' 323s Adding IPL section 'ubuntu' (default) 323s Preparing boot device for LD-IPL: vda (0000). 323s Done. 324s Reading package lists... 324s Building dependency tree... 324s Reading state information... 324s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 324s Hit:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease 324s Hit:2 http://ftpmaster.internal/ubuntu noble InRelease 324s Hit:3 http://ftpmaster.internal/ubuntu noble-updates InRelease 324s Hit:4 http://ftpmaster.internal/ubuntu noble-security InRelease 325s Reading package lists... 325s Reading package lists... 325s Building dependency tree... 325s Reading state information... 325s Calculating upgrade... 325s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 325s Reading package lists... 326s Building dependency tree... 326s Reading state information... 326s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 326s autopkgtest [20:29:45]: rebooting testbed after setup commands that affected boot 330s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 354s Reading package lists... 354s Building dependency tree... 354s Reading state information... 354s Starting pkgProblemResolver with broken count: 0 354s Starting 2 pkgProblemResolver with broken count: 0 354s Done 354s The following additional packages will be installed: 354s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 354s libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 libdhash1t64 354s libevent-2.1-7t64 libgnutls-dane0t64 libini-config5t64 libipa-hbac0t64 354s libldb2 libnfsidmap1 libnss-sss libpam-pwquality libpam-sss 354s libpath-utils1t64 libpwquality-common libpwquality1 libref-array1t64 354s libsmbclient0 libsofthsm2 libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 354s libtalloc2 libtdb1 libtevent0t64 libunbound8 libwbclient0 python3-sss 354s samba-libs softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common 354s sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy 354s Suggested packages: 354s dns-root-data adcli libsss-sudo sssd-tools libsasl2-modules-ldap 354s Recommended packages: 354s cracklib-runtime libsasl2-modules-gssapi-mit 354s | libsasl2-modules-gssapi-heimdal ldap-utils 354s The following NEW packages will be installed: 354s autopkgtest-satdep gnutls-bin libavahi-client3 libavahi-common-data 354s libavahi-common3 libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 354s libdhash1t64 libevent-2.1-7t64 libgnutls-dane0t64 libini-config5t64 354s libipa-hbac0t64 libldb2 libnfsidmap1 libnss-sss libpam-pwquality libpam-sss 354s libpath-utils1t64 libpwquality-common libpwquality1 libref-array1t64 354s libsmbclient0 libsofthsm2 libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 354s libtalloc2 libtdb1 libtevent0t64 libunbound8 libwbclient0 python3-sss 354s samba-libs softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common 354s sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy 354s 0 upgraded, 46 newly installed, 0 to remove and 0 not upgraded. 354s Need to get 10.4 MB/10.4 MB of archives. 354s After this operation, 40.6 MB of additional disk space will be used. 354s Get:1 /tmp/autopkgtest.4Ib2y9/3-autopkgtest-satdep.deb autopkgtest-satdep s390x 0 [748 B] 355s Get:2 http://ftpmaster.internal/ubuntu noble/main s390x libevent-2.1-7t64 s390x 2.1.12-stable-9ubuntu2 [147 kB] 355s Get:3 http://ftpmaster.internal/ubuntu noble-updates/main s390x libunbound8 s390x 1.19.2-1ubuntu3.3 [452 kB] 355s Get:4 http://ftpmaster.internal/ubuntu noble-updates/main s390x libgnutls-dane0t64 s390x 3.8.3-1.1ubuntu3.2 [23.6 kB] 355s Get:5 http://ftpmaster.internal/ubuntu noble-updates/universe s390x gnutls-bin s390x 3.8.3-1.1ubuntu3.2 [283 kB] 355s Get:6 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-common-data s390x 0.8-13ubuntu6 [29.7 kB] 355s Get:7 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-common3 s390x 0.8-13ubuntu6 [24.1 kB] 355s Get:8 http://ftpmaster.internal/ubuntu noble/main s390x libavahi-client3 s390x 0.8-13ubuntu6 [27.2 kB] 355s Get:9 http://ftpmaster.internal/ubuntu noble/main s390x libbasicobjects0t64 s390x 0.6.2-2.1build1 [5838 B] 355s Get:10 http://ftpmaster.internal/ubuntu noble/main s390x libcares2 s390x 1.27.0-1.0ubuntu1 [79.2 kB] 355s Get:11 http://ftpmaster.internal/ubuntu noble/main s390x libcollection4t64 s390x 0.6.2-2.1build1 [23.9 kB] 355s Get:12 http://ftpmaster.internal/ubuntu noble/main s390x libcrack2 s390x 2.9.6-5.1build2 [30.0 kB] 355s Get:13 http://ftpmaster.internal/ubuntu noble/main s390x libdhash1t64 s390x 0.6.2-2.1build1 [9126 B] 355s Get:14 http://ftpmaster.internal/ubuntu noble/main s390x libpath-utils1t64 s390x 0.6.2-2.1build1 [9394 B] 355s Get:15 http://ftpmaster.internal/ubuntu noble/main s390x libref-array1t64 s390x 0.6.2-2.1build1 [7226 B] 355s Get:16 http://ftpmaster.internal/ubuntu noble/main s390x libini-config5t64 s390x 0.6.2-2.1build1 [46.6 kB] 355s Get:17 http://ftpmaster.internal/ubuntu noble-updates/main s390x libipa-hbac0t64 s390x 2.9.4-1.1ubuntu6.1 [17.5 kB] 355s Get:18 http://ftpmaster.internal/ubuntu noble/main s390x libtalloc2 s390x 2.4.2-1build2 [28.4 kB] 355s Get:19 http://ftpmaster.internal/ubuntu noble/main s390x libtdb1 s390x 1.4.10-1build1 [50.0 kB] 355s Get:20 http://ftpmaster.internal/ubuntu noble/main s390x libtevent0t64 s390x 0.16.1-2build1 [43.4 kB] 355s Get:21 http://ftpmaster.internal/ubuntu noble/main s390x libldb2 s390x 2:2.8.0+samba4.19.5+dfsg-4ubuntu9 [192 kB] 355s Get:22 http://ftpmaster.internal/ubuntu noble/main s390x libnfsidmap1 s390x 1:2.6.4-3ubuntu5 [50.1 kB] 355s Get:23 http://ftpmaster.internal/ubuntu noble/main s390x libpwquality-common all 1.4.5-3build1 [7748 B] 355s Get:24 http://ftpmaster.internal/ubuntu noble/main s390x libpwquality1 s390x 1.4.5-3build1 [14.8 kB] 355s Get:25 http://ftpmaster.internal/ubuntu noble/main s390x libpam-pwquality s390x 1.4.5-3build1 [11.5 kB] 355s Get:26 http://ftpmaster.internal/ubuntu noble/main s390x libwbclient0 s390x 2:4.19.5+dfsg-4ubuntu9 [71.3 kB] 355s Get:27 http://ftpmaster.internal/ubuntu noble/main s390x samba-libs s390x 2:4.19.5+dfsg-4ubuntu9 [6231 kB] 355s Get:28 http://ftpmaster.internal/ubuntu noble/main s390x libsmbclient0 s390x 2:4.19.5+dfsg-4ubuntu9 [65.0 kB] 355s Get:29 http://ftpmaster.internal/ubuntu noble/universe s390x softhsm2-common s390x 2.6.1-2.2ubuntu3 [6196 B] 355s Get:30 http://ftpmaster.internal/ubuntu noble/universe s390x libsofthsm2 s390x 2.6.1-2.2ubuntu3 [267 kB] 355s Get:31 http://ftpmaster.internal/ubuntu noble/universe s390x softhsm2 s390x 2.6.1-2.2ubuntu3 [176 kB] 355s Get:32 http://ftpmaster.internal/ubuntu noble-updates/main s390x python3-sss s390x 2.9.4-1.1ubuntu6.1 [47.2 kB] 355s Get:33 http://ftpmaster.internal/ubuntu noble-updates/main s390x libsss-idmap0 s390x 2.9.4-1.1ubuntu6.1 [22.6 kB] 355s Get:34 http://ftpmaster.internal/ubuntu noble-updates/main s390x libnss-sss s390x 2.9.4-1.1ubuntu6.1 [33.1 kB] 355s Get:35 http://ftpmaster.internal/ubuntu noble-updates/main s390x libpam-sss s390x 2.9.4-1.1ubuntu6.1 [52.4 kB] 355s Get:36 http://ftpmaster.internal/ubuntu noble-updates/main s390x libsss-certmap0 s390x 2.9.4-1.1ubuntu6.1 [47.4 kB] 355s Get:37 http://ftpmaster.internal/ubuntu noble-updates/main s390x libsss-nss-idmap0 s390x 2.9.4-1.1ubuntu6.1 [31.9 kB] 355s Get:38 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-common s390x 2.9.4-1.1ubuntu6.1 [1125 kB] 356s Get:39 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-ad-common s390x 2.9.4-1.1ubuntu6.1 [74.8 kB] 356s Get:40 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-krb5-common s390x 2.9.4-1.1ubuntu6.1 [90.3 kB] 356s Get:41 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-ad s390x 2.9.4-1.1ubuntu6.1 [134 kB] 356s Get:42 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-ipa s390x 2.9.4-1.1ubuntu6.1 [215 kB] 356s Get:43 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-krb5 s390x 2.9.4-1.1ubuntu6.1 [14.4 kB] 356s Get:44 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-ldap s390x 2.9.4-1.1ubuntu6.1 [31.0 kB] 356s Get:45 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd-proxy s390x 2.9.4-1.1ubuntu6.1 [43.9 kB] 356s Get:46 http://ftpmaster.internal/ubuntu noble-updates/main s390x sssd s390x 2.9.4-1.1ubuntu6.1 [4122 B] 356s Fetched 10.4 MB in 1s (9620 kB/s) 356s Selecting previously unselected package libevent-2.1-7t64:s390x. 356s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54283 files and directories currently installed.) 356s Preparing to unpack .../00-libevent-2.1-7t64_2.1.12-stable-9ubuntu2_s390x.deb ... 356s Unpacking libevent-2.1-7t64:s390x (2.1.12-stable-9ubuntu2) ... 356s Selecting previously unselected package libunbound8:s390x. 356s Preparing to unpack .../01-libunbound8_1.19.2-1ubuntu3.3_s390x.deb ... 356s Unpacking libunbound8:s390x (1.19.2-1ubuntu3.3) ... 356s Selecting previously unselected package libgnutls-dane0t64:s390x. 356s Preparing to unpack .../02-libgnutls-dane0t64_3.8.3-1.1ubuntu3.2_s390x.deb ... 356s Unpacking libgnutls-dane0t64:s390x (3.8.3-1.1ubuntu3.2) ... 356s Selecting previously unselected package gnutls-bin. 356s Preparing to unpack .../03-gnutls-bin_3.8.3-1.1ubuntu3.2_s390x.deb ... 356s Unpacking gnutls-bin (3.8.3-1.1ubuntu3.2) ... 356s Selecting previously unselected package libavahi-common-data:s390x. 356s Preparing to unpack .../04-libavahi-common-data_0.8-13ubuntu6_s390x.deb ... 356s Unpacking libavahi-common-data:s390x (0.8-13ubuntu6) ... 356s Selecting previously unselected package libavahi-common3:s390x. 356s Preparing to unpack .../05-libavahi-common3_0.8-13ubuntu6_s390x.deb ... 356s Unpacking libavahi-common3:s390x (0.8-13ubuntu6) ... 356s Selecting previously unselected package libavahi-client3:s390x. 356s Preparing to unpack .../06-libavahi-client3_0.8-13ubuntu6_s390x.deb ... 356s Unpacking libavahi-client3:s390x (0.8-13ubuntu6) ... 356s Selecting previously unselected package libbasicobjects0t64:s390x. 356s Preparing to unpack .../07-libbasicobjects0t64_0.6.2-2.1build1_s390x.deb ... 356s Unpacking libbasicobjects0t64:s390x (0.6.2-2.1build1) ... 356s Selecting previously unselected package libcares2:s390x. 356s Preparing to unpack .../08-libcares2_1.27.0-1.0ubuntu1_s390x.deb ... 356s Unpacking libcares2:s390x (1.27.0-1.0ubuntu1) ... 356s Selecting previously unselected package libcollection4t64:s390x. 356s Preparing to unpack .../09-libcollection4t64_0.6.2-2.1build1_s390x.deb ... 356s Unpacking libcollection4t64:s390x (0.6.2-2.1build1) ... 356s Selecting previously unselected package libcrack2:s390x. 356s Preparing to unpack .../10-libcrack2_2.9.6-5.1build2_s390x.deb ... 356s Unpacking libcrack2:s390x (2.9.6-5.1build2) ... 356s Selecting previously unselected package libdhash1t64:s390x. 356s Preparing to unpack .../11-libdhash1t64_0.6.2-2.1build1_s390x.deb ... 356s Unpacking libdhash1t64:s390x (0.6.2-2.1build1) ... 356s Selecting previously unselected package libpath-utils1t64:s390x. 356s Preparing to unpack .../12-libpath-utils1t64_0.6.2-2.1build1_s390x.deb ... 356s Unpacking libpath-utils1t64:s390x (0.6.2-2.1build1) ... 356s Selecting previously unselected package libref-array1t64:s390x. 356s Preparing to unpack .../13-libref-array1t64_0.6.2-2.1build1_s390x.deb ... 356s Unpacking libref-array1t64:s390x (0.6.2-2.1build1) ... 356s Selecting previously unselected package libini-config5t64:s390x. 356s Preparing to unpack .../14-libini-config5t64_0.6.2-2.1build1_s390x.deb ... 356s Unpacking libini-config5t64:s390x (0.6.2-2.1build1) ... 356s Selecting previously unselected package libipa-hbac0t64. 356s Preparing to unpack .../15-libipa-hbac0t64_2.9.4-1.1ubuntu6.1_s390x.deb ... 356s Unpacking libipa-hbac0t64 (2.9.4-1.1ubuntu6.1) ... 356s Selecting previously unselected package libtalloc2:s390x. 356s Preparing to unpack .../16-libtalloc2_2.4.2-1build2_s390x.deb ... 356s Unpacking libtalloc2:s390x (2.4.2-1build2) ... 356s Selecting previously unselected package libtdb1:s390x. 356s Preparing to unpack .../17-libtdb1_1.4.10-1build1_s390x.deb ... 356s Unpacking libtdb1:s390x (1.4.10-1build1) ... 356s Selecting previously unselected package libtevent0t64:s390x. 356s Preparing to unpack .../18-libtevent0t64_0.16.1-2build1_s390x.deb ... 356s Unpacking libtevent0t64:s390x (0.16.1-2build1) ... 356s Selecting previously unselected package libldb2:s390x. 356s Preparing to unpack .../19-libldb2_2%3a2.8.0+samba4.19.5+dfsg-4ubuntu9_s390x.deb ... 356s Unpacking libldb2:s390x (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 356s Selecting previously unselected package libnfsidmap1:s390x. 356s Preparing to unpack .../20-libnfsidmap1_1%3a2.6.4-3ubuntu5_s390x.deb ... 356s Unpacking libnfsidmap1:s390x (1:2.6.4-3ubuntu5) ... 356s Selecting previously unselected package libpwquality-common. 356s Preparing to unpack .../21-libpwquality-common_1.4.5-3build1_all.deb ... 356s Unpacking libpwquality-common (1.4.5-3build1) ... 356s Selecting previously unselected package libpwquality1:s390x. 356s Preparing to unpack .../22-libpwquality1_1.4.5-3build1_s390x.deb ... 356s Unpacking libpwquality1:s390x (1.4.5-3build1) ... 356s Selecting previously unselected package libpam-pwquality:s390x. 356s Preparing to unpack .../23-libpam-pwquality_1.4.5-3build1_s390x.deb ... 356s Unpacking libpam-pwquality:s390x (1.4.5-3build1) ... 356s Selecting previously unselected package libwbclient0:s390x. 356s Preparing to unpack .../24-libwbclient0_2%3a4.19.5+dfsg-4ubuntu9_s390x.deb ... 356s Unpacking libwbclient0:s390x (2:4.19.5+dfsg-4ubuntu9) ... 356s Selecting previously unselected package samba-libs:s390x. 356s Preparing to unpack .../25-samba-libs_2%3a4.19.5+dfsg-4ubuntu9_s390x.deb ... 356s Unpacking samba-libs:s390x (2:4.19.5+dfsg-4ubuntu9) ... 356s Selecting previously unselected package libsmbclient0:s390x. 356s Preparing to unpack .../26-libsmbclient0_2%3a4.19.5+dfsg-4ubuntu9_s390x.deb ... 356s Unpacking libsmbclient0:s390x (2:4.19.5+dfsg-4ubuntu9) ... 356s Selecting previously unselected package softhsm2-common. 356s Preparing to unpack .../27-softhsm2-common_2.6.1-2.2ubuntu3_s390x.deb ... 356s Unpacking softhsm2-common (2.6.1-2.2ubuntu3) ... 356s Selecting previously unselected package libsofthsm2. 356s Preparing to unpack .../28-libsofthsm2_2.6.1-2.2ubuntu3_s390x.deb ... 356s Unpacking libsofthsm2 (2.6.1-2.2ubuntu3) ... 356s Selecting previously unselected package softhsm2. 356s Preparing to unpack .../29-softhsm2_2.6.1-2.2ubuntu3_s390x.deb ... 356s Unpacking softhsm2 (2.6.1-2.2ubuntu3) ... 356s Selecting previously unselected package python3-sss. 356s Preparing to unpack .../30-python3-sss_2.9.4-1.1ubuntu6.1_s390x.deb ... 356s Unpacking python3-sss (2.9.4-1.1ubuntu6.1) ... 356s Selecting previously unselected package libsss-idmap0. 356s Preparing to unpack .../31-libsss-idmap0_2.9.4-1.1ubuntu6.1_s390x.deb ... 356s Unpacking libsss-idmap0 (2.9.4-1.1ubuntu6.1) ... 356s Selecting previously unselected package libnss-sss:s390x. 356s Preparing to unpack .../32-libnss-sss_2.9.4-1.1ubuntu6.1_s390x.deb ... 356s Unpacking libnss-sss:s390x (2.9.4-1.1ubuntu6.1) ... 356s Selecting previously unselected package libpam-sss:s390x. 356s Preparing to unpack .../33-libpam-sss_2.9.4-1.1ubuntu6.1_s390x.deb ... 356s Unpacking libpam-sss:s390x (2.9.4-1.1ubuntu6.1) ... 356s Selecting previously unselected package libsss-certmap0. 356s Preparing to unpack .../34-libsss-certmap0_2.9.4-1.1ubuntu6.1_s390x.deb ... 356s Unpacking libsss-certmap0 (2.9.4-1.1ubuntu6.1) ... 356s Selecting previously unselected package libsss-nss-idmap0. 356s Preparing to unpack .../35-libsss-nss-idmap0_2.9.4-1.1ubuntu6.1_s390x.deb ... 356s Unpacking libsss-nss-idmap0 (2.9.4-1.1ubuntu6.1) ... 356s Selecting previously unselected package sssd-common. 356s Preparing to unpack .../36-sssd-common_2.9.4-1.1ubuntu6.1_s390x.deb ... 356s Unpacking sssd-common (2.9.4-1.1ubuntu6.1) ... 356s Selecting previously unselected package sssd-ad-common. 356s Preparing to unpack .../37-sssd-ad-common_2.9.4-1.1ubuntu6.1_s390x.deb ... 356s Unpacking sssd-ad-common (2.9.4-1.1ubuntu6.1) ... 356s Selecting previously unselected package sssd-krb5-common. 356s Preparing to unpack .../38-sssd-krb5-common_2.9.4-1.1ubuntu6.1_s390x.deb ... 356s Unpacking sssd-krb5-common (2.9.4-1.1ubuntu6.1) ... 356s Selecting previously unselected package sssd-ad. 356s Preparing to unpack .../39-sssd-ad_2.9.4-1.1ubuntu6.1_s390x.deb ... 356s Unpacking sssd-ad (2.9.4-1.1ubuntu6.1) ... 356s Selecting previously unselected package sssd-ipa. 356s Preparing to unpack .../40-sssd-ipa_2.9.4-1.1ubuntu6.1_s390x.deb ... 356s Unpacking sssd-ipa (2.9.4-1.1ubuntu6.1) ... 356s Selecting previously unselected package sssd-krb5. 356s Preparing to unpack .../41-sssd-krb5_2.9.4-1.1ubuntu6.1_s390x.deb ... 356s Unpacking sssd-krb5 (2.9.4-1.1ubuntu6.1) ... 356s Selecting previously unselected package sssd-ldap. 356s Preparing to unpack .../42-sssd-ldap_2.9.4-1.1ubuntu6.1_s390x.deb ... 356s Unpacking sssd-ldap (2.9.4-1.1ubuntu6.1) ... 356s Selecting previously unselected package sssd-proxy. 356s Preparing to unpack .../43-sssd-proxy_2.9.4-1.1ubuntu6.1_s390x.deb ... 356s Unpacking sssd-proxy (2.9.4-1.1ubuntu6.1) ... 356s Selecting previously unselected package sssd. 356s Preparing to unpack .../44-sssd_2.9.4-1.1ubuntu6.1_s390x.deb ... 356s Unpacking sssd (2.9.4-1.1ubuntu6.1) ... 357s Selecting previously unselected package autopkgtest-satdep. 357s Preparing to unpack .../45-3-autopkgtest-satdep.deb ... 357s Unpacking autopkgtest-satdep (0) ... 357s Setting up libpwquality-common (1.4.5-3build1) ... 357s Setting up softhsm2-common (2.6.1-2.2ubuntu3) ... 357s 357s Creating config file /etc/softhsm/softhsm2.conf with new version 357s Setting up libnfsidmap1:s390x (1:2.6.4-3ubuntu5) ... 357s Setting up libsss-idmap0 (2.9.4-1.1ubuntu6.1) ... 357s Setting up libbasicobjects0t64:s390x (0.6.2-2.1build1) ... 357s Setting up libipa-hbac0t64 (2.9.4-1.1ubuntu6.1) ... 357s Setting up libref-array1t64:s390x (0.6.2-2.1build1) ... 357s Setting up libtdb1:s390x (1.4.10-1build1) ... 357s Setting up libcollection4t64:s390x (0.6.2-2.1build1) ... 357s Setting up libevent-2.1-7t64:s390x (2.1.12-stable-9ubuntu2) ... 357s Setting up libwbclient0:s390x (2:4.19.5+dfsg-4ubuntu9) ... 357s Setting up libtalloc2:s390x (2.4.2-1build2) ... 357s Setting up libpath-utils1t64:s390x (0.6.2-2.1build1) ... 357s Setting up libunbound8:s390x (1.19.2-1ubuntu3.3) ... 357s Setting up libgnutls-dane0t64:s390x (3.8.3-1.1ubuntu3.2) ... 357s Setting up libavahi-common-data:s390x (0.8-13ubuntu6) ... 357s Setting up libcares2:s390x (1.27.0-1.0ubuntu1) ... 357s Setting up libdhash1t64:s390x (0.6.2-2.1build1) ... 357s Setting up libcrack2:s390x (2.9.6-5.1build2) ... 357s Setting up libsss-nss-idmap0 (2.9.4-1.1ubuntu6.1) ... 357s Setting up libini-config5t64:s390x (0.6.2-2.1build1) ... 357s Setting up libtevent0t64:s390x (0.16.1-2build1) ... 357s Setting up libnss-sss:s390x (2.9.4-1.1ubuntu6.1) ... 357s Setting up gnutls-bin (3.8.3-1.1ubuntu3.2) ... 357s Setting up libsofthsm2 (2.6.1-2.2ubuntu3) ... 357s Setting up softhsm2 (2.6.1-2.2ubuntu3) ... 357s Setting up libavahi-common3:s390x (0.8-13ubuntu6) ... 357s Setting up libsss-certmap0 (2.9.4-1.1ubuntu6.1) ... 357s Setting up libpwquality1:s390x (1.4.5-3build1) ... 357s Setting up libldb2:s390x (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 357s Setting up libavahi-client3:s390x (0.8-13ubuntu6) ... 357s Setting up libpam-pwquality:s390x (1.4.5-3build1) ... 357s Setting up samba-libs:s390x (2:4.19.5+dfsg-4ubuntu9) ... 357s Setting up python3-sss (2.9.4-1.1ubuntu6.1) ... 357s Setting up libsmbclient0:s390x (2:4.19.5+dfsg-4ubuntu9) ... 357s Setting up libpam-sss:s390x (2.9.4-1.1ubuntu6.1) ... 357s Setting up sssd-common (2.9.4-1.1ubuntu6.1) ... 357s Creating SSSD system user & group... 357s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 357s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 357s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 357s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 357s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 358s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 358s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 358s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 358s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 359s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 359s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 359s sssd-autofs.service is a disabled or a static unit, not starting it. 359s sssd-nss.service is a disabled or a static unit, not starting it. 359s sssd-pam.service is a disabled or a static unit, not starting it. 359s sssd-ssh.service is a disabled or a static unit, not starting it. 359s sssd-sudo.service is a disabled or a static unit, not starting it. 359s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 359s Setting up sssd-proxy (2.9.4-1.1ubuntu6.1) ... 359s Setting up sssd-ad-common (2.9.4-1.1ubuntu6.1) ... 359s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 359s sssd-pac.service is a disabled or a static unit, not starting it. 359s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 359s Setting up sssd-krb5-common (2.9.4-1.1ubuntu6.1) ... 359s Setting up sssd-krb5 (2.9.4-1.1ubuntu6.1) ... 359s Setting up sssd-ldap (2.9.4-1.1ubuntu6.1) ... 359s Setting up sssd-ad (2.9.4-1.1ubuntu6.1) ... 359s Setting up sssd-ipa (2.9.4-1.1ubuntu6.1) ... 359s Setting up sssd (2.9.4-1.1ubuntu6.1) ... 359s Setting up autopkgtest-satdep (0) ... 359s Processing triggers for man-db (2.12.0-4build2) ... 360s Processing triggers for libc-bin (2.39-0ubuntu8.3) ... 362s (Reading database ... 54879 files and directories currently installed.) 362s Removing autopkgtest-satdep (0) ... 367s autopkgtest [20:30:26]: test sssd-softhism2-certificates-tests.sh: [----------------------- 367s + '[' -z ubuntu ']' 367s + required_tools=(p11tool openssl softhsm2-util) 367s + for cmd in "${required_tools[@]}" 367s + command -v p11tool 367s + for cmd in "${required_tools[@]}" 367s + command -v openssl 367s + for cmd in "${required_tools[@]}" 367s + command -v softhsm2-util 367s + PIN=053350 367s +++ find /usr/lib/softhsm/libsofthsm2.so 367s +++ head -n 1 367s ++ realpath /usr/lib/softhsm/libsofthsm2.so 367s + SOFTHSM2_MODULE=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 367s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 367s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 367s + '[' '!' -v NO_SSSD_TESTS ']' 367s + '[' '!' -x /usr/libexec/sssd/p11_child ']' 367s + ca_db_arg=ca_db 367s ++ /usr/libexec/sssd/p11_child --help 367s + p11_child_help='Usage: p11_child [OPTION...] 367s -d, --debug-level=INT Debug level 367s --debug-timestamps=INT Add debug timestamps 367s --debug-microseconds=INT Show timestamps with microseconds 367s --dumpable=INT Allow core dumps 367s --debug-fd=INT An open file descriptor for the debug 367s logs 367s --logger=stderr|files|journald Set logger 367s --auth Run in auth mode 367s --pre Run in pre-auth mode 367s --wait_for_card Wait until card is available 367s --verification Run in verification mode 367s --pin Expect PIN on stdin 367s --keypad Expect PIN on keypad 367s --verify=STRING Tune validation 367s --ca_db=STRING CA DB to use 367s --module_name=STRING Module name for authentication 367s --token_name=STRING Token name for authentication 367s --key_id=STRING Key ID for authentication 367s --label=STRING Label for authentication 367s --certificate=STRING certificate to verify, base64 encoded 367s --uri=STRING PKCS#11 URI to restrict selection 367s --chain-id=LONG Tevent chain ID used for logging 367s purposes 367s 367s Help options: 367s -?, --help Show this help message 367s --usage Display brief usage message' 367s + echo 'Usage: p11_child [OPTION...] 367s -d, --debug-level=INT Debug level 367s + grep nssdb -qs 367s --debug-timestamps=INT Add debug timestamps 367s --debug-microseconds=INT Show timestamps with microseconds 367s --dumpable=INT Allow core dumps 367s --debug-fd=INT An open file descriptor for the debug 367s logs 367s --logger=stderr|files|journald Set logger 367s --auth Run in auth mode 367s --pre Run in pre-auth mode 367s --wait_for_card Wait until card is available 367s --verification Run in verification mode 367s --pin Expect PIN on stdin 367s --keypad Expect PIN on keypad 367s --verify=STRING Tune validation 367s --ca_db=STRING CA DB to use 367s --module_name=STRING Module name for authentication 367s --token_name=STRING Token name for authentication 367s --key_id=STRING Key ID for authentication 367s --label=STRING Label for authentication 367s --certificate=STRING certificate to verify, base64 encoded 367s --uri=STRING PKCS#11 URI to restrict selection 367s --chain-id=LONG Tevent chain ID used for logging 367s purposes 367s 367s Help options: 367s -?, --help Show this help message 367s --usage Display brief usage message' 367s + echo 'Usage: p11_child [OPTION...] 367s -d, --debug-level=INT Debug level 367s --debug-timestamps=INT Add debug timestamps 367s --debug-microseconds=INT Show timestamps with microseconds 367s + grep -qs -- --ca_db 367s --dumpable=INT Allow core dumps 367s --debug-fd=INT An open file descriptor for the debug 367s logs 367s --logger=stderr|files|journald Set logger 367s --auth Run in auth mode 367s --pre Run in pre-auth mode 367s --wait_for_card Wait until card is available 367s --verification Run in verification mode 367s --pin Expect PIN on stdin 367s --keypad Expect PIN on keypad 367s --verify=STRING Tune validation 367s --ca_db=STRING CA DB to use 367s --module_name=STRING Module name for authentication 367s --token_name=STRING Token name for authentication 367s --key_id=STRING Key ID for authentication 367s --label=STRING Label for authentication 367s --certificate=STRING certificate to verify, base64 encoded 367s --uri=STRING PKCS#11 URI to restrict selection 367s --chain-id=LONG Tevent chain ID used for logging 367s purposes 367s 367s Help options: 367s -?, --help Show this help message 367s --usage Display brief usage message' 367s + '[' '!' -e /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so ']' 367s ++ mktemp -d -t sssd-softhsm2-XXXXXX 367s + tmpdir=/tmp/sssd-softhsm2-kroQZj 367s + keys_size=1024 367s + [[ ! -v KEEP_TEMPORARY_FILES ]] 367s + trap 'rm -rf "$tmpdir"' EXIT 367s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 367s + echo -n 01 367s + touch /tmp/sssd-softhsm2-kroQZj/index.txt 367s + mkdir -p /tmp/sssd-softhsm2-kroQZj/new_certs 367s + cat 367s + root_ca_key_pass=pass:random-root-CA-password-3790 367s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-kroQZj/test-root-CA-key.pem -passout pass:random-root-CA-password-3790 1024 367s + openssl req -passin pass:random-root-CA-password-3790 -batch -config /tmp/sssd-softhsm2-kroQZj/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-kroQZj/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 367s + openssl x509 -noout -in /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 367s + cat 367s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-11105 367s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-11105 1024 367s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-11105 -config /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.config -key /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-3790 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-certificate-request.pem 367s + openssl req -text -noout -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-certificate-request.pem 367s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-kroQZj/test-root-CA.config -passin pass:random-root-CA-password-3790 -keyfile /tmp/sssd-softhsm2-kroQZj/test-root-CA-key.pem -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem 367s Certificate Request: 367s Data: 367s Version: 1 (0x0) 367s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 367s Subject Public Key Info: 367s Public Key Algorithm: rsaEncryption 367s Public-Key: (1024 bit) 367s Modulus: 367s 00:a8:06:a2:ac:6c:62:bb:82:ff:3b:25:5d:69:f2: 367s f1:23:b7:4b:45:da:6f:05:fd:b6:1d:a1:f8:cf:40: 367s 68:cf:db:0c:dc:cf:67:4a:d5:53:cd:20:89:60:e6: 367s 34:9f:49:e9:d7:85:1a:0b:1b:9a:ff:87:c0:ec:c0: 367s 77:ed:35:cd:12:56:b4:50:c6:a7:a9:94:9e:3e:fb: 367s d2:63:ad:4b:d4:ac:b1:08:36:7a:ce:34:0e:79:37: 367s 56:bf:ec:57:18:f5:14:72:5b:0c:66:0f:85:49:e8: 367s fe:44:8d:42:11:4f:ae:c2:45:f0:ee:ae:ce:a0:6f: 367s 67:dd:f9:ad:07:44:de:43:1b 367s Exponent: 65537 (0x10001) 367s Attributes: 367s (none) 367s Requested Extensions: 367s Signature Algorithm: sha256WithRSAEncryption 367s Signature Value: 367s 0d:17:72:3b:5f:b6:36:3c:ff:5c:af:16:bf:9e:cc:20:9c:0d: 367s 04:93:ac:3e:aa:80:0b:a6:24:0d:ed:58:86:48:6f:8f:32:29: 367s c0:44:89:ab:36:e1:a8:2b:0b:b8:26:6d:84:f1:0e:5d:bb:2c: 367s cd:68:22:2a:40:f1:be:50:90:f7:18:59:50:e8:f5:f5:ea:df: 367s 29:72:b4:3e:c1:a4:3a:ad:96:f6:db:e2:1f:67:51:23:f3:9c: 367s 00:13:1f:e0:47:fc:16:b6:24:87:a1:54:75:f3:e1:f2:32:50: 367s fc:2f:a2:a0:39:28:6a:eb:72:18:06:f2:bb:22:b3:71:f7:87: 367s 68:24 367s Using configuration from /tmp/sssd-softhsm2-kroQZj/test-root-CA.config 367s Check that the request matches the signature 367s Signature ok 367s Certificate Details: 367s Serial Number: 1 (0x1) 367s Validity 367s Not Before: Nov 15 20:30:26 2024 GMT 367s Not After : Nov 15 20:30:26 2025 GMT 367s Subject: 367s organizationName = Test Organization 367s organizationalUnitName = Test Organization Unit 367s commonName = Test Organization Intermediate CA 367s X509v3 extensions: 367s X509v3 Subject Key Identifier: 367s 67:56:C2:0A:27:92:19:6A:2F:DF:6B:3D:54:E6:67:92:70:A5:F7:1A 367s X509v3 Authority Key Identifier: 367s keyid:BF:92:8B:40:FF:92:47:98:9D:13:02:DC:1B:D8:87:99:24:0D:50:80 367s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 367s serial:00 367s X509v3 Basic Constraints: 367s CA:TRUE 367s X509v3 Key Usage: critical 367s Digital Signature, Certificate Sign, CRL Sign 367s Certificate is to be certified until Nov 15 20:30:26 2025 GMT (365 days) 367s 367s Write out database with 1 new entries 367s Database updated 367s + openssl x509 -noout -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem 367s + openssl verify -CAfile /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem 367s /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem: OK 367s + cat 367s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-16522 367s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-16522 1024 367s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-16522 -config /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-11105 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-certificate-request.pem 367s + openssl req -text -noout -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-certificate-request.pem 367s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-11105 -keyfile /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem 367s Certificate Request: 367s Data: 367s Version: 1 (0x0) 367s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 367s Subject Public Key Info: 367s Public Key Algorithm: rsaEncryption 367s Public-Key: (1024 bit) 367s Modulus: 367s 00:d2:ac:9f:7d:f7:3a:1c:06:d7:6d:b1:c3:78:53: 367s 2a:61:8b:4c:ab:f3:6b:e1:5a:87:0b:96:6c:e6:d9: 367s 84:c8:f3:02:94:71:79:49:be:61:6e:03:82:91:13: 367s 51:b0:6d:b7:9b:e0:aa:ce:8a:91:79:cf:5d:5e:a0: 367s da:c8:08:a1:a7:b7:6a:55:f0:d8:5d:a9:d2:cf:45: 367s 33:ef:b7:72:77:9c:90:ae:f8:34:6c:b4:ef:02:e7: 367s a9:6a:38:80:0e:ab:e6:f9:2e:84:02:77:61:ff:b1: 367s 49:ab:ad:d2:a5:4d:d1:f5:81:e0:d4:1c:a8:d0:14: 367s 27:b8:01:d3:d4:4d:6a:ca:b1 367s Exponent: 65537 (0x10001) 367s Attributes: 367s (none) 367s Requested Extensions: 367s Signature Algorithm: sha256WithRSAEncryption 367s Signature Value: 367s 3d:31:a8:34:de:f5:75:94:70:f8:e6:1a:c3:52:c1:fb:65:a8: 367s c9:3b:45:6d:52:fe:ce:9a:55:b4:d3:1f:a4:88:60:0c:3c:34: 367s a7:2d:01:75:0e:8d:92:d5:93:98:1c:de:96:ce:93:03:11:b7: 367s d7:8a:7a:22:65:c2:6d:a2:d5:d1:d7:57:3f:60:ae:d8:22:d6: 367s f3:ac:5e:55:ef:cf:89:52:65:23:27:02:c5:f1:fd:2d:52:3d: 367s 45:8b:31:b6:c8:83:0c:e9:70:ba:43:fa:7d:cb:11:eb:71:c5: 367s d8:4a:e5:d5:da:ff:93:59:3c:94:f5:e8:4e:72:d6:54:ec:99: 367s 5b:e3 367s Using configuration from /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.config 367s Check that the request matches the signature 367s Signature ok 367s Certificate Details: 367s Serial Number: 2 (0x2) 367s Validity 367s Not Before: Nov 15 20:30:26 2024 GMT 367s Not After : Nov 15 20:30:26 2025 GMT 367s Subject: 367s organizationName = Test Organization 367s organizationalUnitName = Test Organization Unit 367s commonName = Test Organization Sub Intermediate CA 367s X509v3 extensions: 367s X509v3 Subject Key Identifier: 367s 95:FD:CF:F1:DE:9A:35:EB:83:6F:9A:31:A9:B6:5A:9A:A5:EE:B1:EB 367s X509v3 Authority Key Identifier: 367s keyid:67:56:C2:0A:27:92:19:6A:2F:DF:6B:3D:54:E6:67:92:70:A5:F7:1A 367s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 367s serial:01 367s X509v3 Basic Constraints: 367s CA:TRUE 367s X509v3 Key Usage: critical 367s Digital Signature, Certificate Sign, CRL Sign 367s Certificate is to be certified until Nov 15 20:30:26 2025 GMT (365 days) 367s 367s Write out database with 1 new entries 367s Database updated 367s + openssl x509 -noout -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem 367s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem 367s /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem: OK 367s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem 367s + local cmd=openssl 367s + shift 367s + openssl verify -CAfile /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem 367s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 367s error 20 at 0 depth lookup: unable to get local issuer certificate 367s error /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem: verification failed 367s + cat 367s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-29173 367s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-29173 1024 367s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-29173 -key /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001-request.pem 367s + openssl req -text -noout -in /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001-request.pem 367s Certificate Request: 367s Data: 367s Version: 1 (0x0) 367s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 367s Subject Public Key Info: 367s Public Key Algorithm: rsaEncryption 367s Public-Key: (1024 bit) 367s Modulus: 367s 00:a1:a1:53:77:2e:22:31:87:b6:ae:27:ba:86:15: 367s 74:b3:d0:2a:fb:dc:6c:5f:21:c5:4b:83:1f:c2:a8: 367s df:25:fd:49:4a:33:c0:9b:32:8b:03:61:86:24:85: 367s 2c:01:5c:e2:30:fd:91:0a:e5:ac:6e:ba:ac:4a:dd: 367s 1d:87:35:68:7c:cc:11:3d:c4:c8:b9:91:fe:4c:c5: 367s 40:97:f4:85:b4:6d:94:a1:20:a1:c8:9e:35:a2:30: 367s 21:7b:7f:7f:d6:58:53:57:4e:04:01:11:d2:4a:08: 367s 19:f7:52:45:84:e8:67:f2:99:b4:a8:bb:60:8e:65: 367s 50:38:e2:92:20:95:80:0e:f1 367s Exponent: 65537 (0x10001) 367s Attributes: 367s Requested Extensions: 367s X509v3 Basic Constraints: 367s CA:FALSE 367s Netscape Cert Type: 367s SSL Client, S/MIME 367s Netscape Comment: 367s Test Organization Root CA trusted Certificate 367s X509v3 Subject Key Identifier: 367s DF:4C:50:FD:E6:C5:66:AA:3D:76:2D:E4:7A:E6:71:D9:63:F6:AC:84 367s X509v3 Key Usage: critical 367s Digital Signature, Non Repudiation, Key Encipherment 367s X509v3 Extended Key Usage: 367s TLS Web Client Authentication, E-mail Protection 367s X509v3 Subject Alternative Name: 367s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 367s Signature Algorithm: sha256WithRSAEncryption 367s Signature Value: 367s 0b:2b:49:d4:f9:9a:09:6c:e9:97:d5:17:17:4b:36:17:6b:cd: 367s aa:86:22:57:09:e8:90:c8:ac:1d:b0:cb:5f:7d:b4:a7:b6:4b: 367s 59:00:39:bf:55:70:38:0b:72:d0:b2:e0:5e:33:55:dc:a8:03: 367s 93:8b:d8:04:21:00:20:a6:c7:3e:28:21:af:14:cd:56:6c:03: 367s 2e:5c:f5:bc:d9:4e:e2:e3:82:7f:ad:3f:f4:4b:e6:74:44:9f: 367s 1a:43:50:04:77:04:77:db:b0:8e:c5:9b:46:4b:b3:e0:a8:fa: 367s 6c:d6:0e:81:07:e2:14:89:97:93:43:f7:c1:9a:51:16:15:a7: 367s 6b:f1 367s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-kroQZj/test-root-CA.config -passin pass:random-root-CA-password-3790 -keyfile /tmp/sssd-softhsm2-kroQZj/test-root-CA-key.pem -in /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 367s Using configuration from /tmp/sssd-softhsm2-kroQZj/test-root-CA.config 367s Check that the request matches the signature 367s Signature ok 367s Certificate Details: 367s Serial Number: 3 (0x3) 367s Validity 367s Not Before: Nov 15 20:30:26 2024 GMT 367s Not After : Nov 15 20:30:26 2025 GMT 367s Subject: 367s organizationName = Test Organization 367s organizationalUnitName = Test Organization Unit 367s commonName = Test Organization Root Trusted Certificate 0001 367s X509v3 extensions: 367s X509v3 Authority Key Identifier: 367s BF:92:8B:40:FF:92:47:98:9D:13:02:DC:1B:D8:87:99:24:0D:50:80 367s X509v3 Basic Constraints: 367s CA:FALSE 367s Netscape Cert Type: 367s SSL Client, S/MIME 367s Netscape Comment: 367s Test Organization Root CA trusted Certificate 367s X509v3 Subject Key Identifier: 367s DF:4C:50:FD:E6:C5:66:AA:3D:76:2D:E4:7A:E6:71:D9:63:F6:AC:84 367s X509v3 Key Usage: critical 367s Digital Signature, Non Repudiation, Key Encipherment 367s X509v3 Extended Key Usage: 367s TLS Web Client Authentication, E-mail Protection 367s X509v3 Subject Alternative Name: 367s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 367s Certificate is to be certified until Nov 15 20:30:26 2025 GMT (365 days) 367s 367s Write out database with 1 new entries 367s Database updated 367s + openssl x509 -noout -in /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 367s + openssl verify -CAfile /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 367s /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem: OK 367s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 367s + local cmd=openssl 367s + shift 367s + openssl verify -CAfile /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 367s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 367s error 20 at 0 depth lookup: unable to get local issuer certificate 367s error /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem: verification failed 367s + cat 367s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-31041 367s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-31041 1024 367s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-31041 -key /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001-request.pem 367s + openssl req -text -noout -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001-request.pem 367s Certificate Request: 367s Data: 367s Version: 1 (0x0) 367s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 367s Subject Public Key Info: 367s Public Key Algorithm: rsaEncryption 367s Public-Key: (1024 bit) 367s Modulus: 367s 00:d3:ba:c3:ea:58:f3:48:f0:13:ec:f2:90:b2:1b: 367s 06:79:54:d6:65:5e:4a:04:d8:7c:3e:2f:eb:c7:06: 367s 20:29:2a:74:ab:e7:10:a3:04:8d:ef:45:3e:e0:2d: 367s ef:1b:31:e1:df:c1:d0:5d:9c:3a:8f:07:30:87:62: 367s f4:9e:a5:07:14:25:4b:2f:2c:1c:7e:88:e8:1c:16: 367s 1f:b3:99:90:b0:96:e8:a7:ec:0f:8b:d9:31:d0:ca: 367s 53:41:33:b2:9e:bb:f5:13:7b:5c:d7:ee:df:af:d9: 367s c7:12:4b:24:a1:b5:99:1a:47:5b:2c:69:39:fd:b0: 367s bb:c0:90:ee:3f:36:4f:6e:ef 367s Exponent: 65537 (0x10001) 367s Attributes: 367s Requested Extensions: 367s X509v3 Basic Constraints: 367s CA:FALSE 367s Netscape Cert Type: 367s SSL Client, S/MIME 367s Netscape Comment: 367s Test Organization Intermediate CA trusted Certificate 367s X509v3 Subject Key Identifier: 367s AF:48:67:4F:B3:88:11:D7:9B:74:5A:28:6B:A2:04:E2:E1:0E:0C:C4 367s X509v3 Key Usage: critical 367s Digital Signature, Non Repudiation, Key Encipherment 367s X509v3 Extended Key Usage: 367s TLS Web Client Authentication, E-mail Protection 367s X509v3 Subject Alternative Name: 367s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 367s Signature Algorithm: sha256WithRSAEncryption 367s Signature Value: 367s 13:5f:08:31:7a:cc:c2:c0:9a:e1:b5:5e:99:04:2a:59:bc:07: 367s 19:ee:5b:58:51:a8:98:dd:5c:ff:28:00:43:20:f9:27:30:f2: 367s 4a:d2:0b:ed:42:fe:7e:23:7a:cb:12:60:31:db:84:ff:77:f1: 367s a1:99:ae:41:62:de:e4:d5:bb:fc:ed:f2:1b:33:01:11:80:8d: 367s 28:dd:b3:80:8c:72:bf:74:7a:4b:71:80:42:a4:33:a8:52:c6: 367s da:45:2c:7f:76:24:09:fa:f7:96:0e:36:59:a8:75:3d:fc:01: 367s fc:5c:90:c3:ec:98:94:b4:b7:73:ed:16:5a:5a:bc:aa:a7:6f: 367s e7:b6 367s + openssl ca -passin pass:random-intermediate-CA-password-11105 -config /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 367s Using configuration from /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.config 367s Check that the request matches the signature 367s Signature ok 367s Certificate Details: 367s Serial Number: 4 (0x4) 367s Validity 367s Not Before: Nov 15 20:30:26 2024 GMT 367s Not After : Nov 15 20:30:26 2025 GMT 367s Subject: 367s organizationName = Test Organization 367s organizationalUnitName This certificate should not be trusted fully 367s /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem: OK 367s = Test Organization Unit 367s commonName = Test Organization Intermediate Trusted Certificate 0001 367s X509v3 extensions: 367s X509v3 Authority Key Identifier: 367s 67:56:C2:0A:27:92:19:6A:2F:DF:6B:3D:54:E6:67:92:70:A5:F7:1A 367s X509v3 Basic Constraints: 367s CA:FALSE 367s Netscape Cert Type: 367s SSL Client, S/MIME 367s Netscape Comment: 367s Test Organization Intermediate CA trusted Certificate 367s X509v3 Subject Key Identifier: 367s AF:48:67:4F:B3:88:11:D7:9B:74:5A:28:6B:A2:04:E2:E1:0E:0C:C4 367s X509v3 Key Usage: critical 367s Digital Signature, Non Repudiation, Key Encipherment 367s X509v3 Extended Key Usage: 367s TLS Web Client Authentication, E-mail Protection 367s X509v3 Subject Alternative Name: 367s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 367s Certificate is to be certified until Nov 15 20:30:26 2025 GMT (365 days) 367s 367s Write out database with 1 new entries 367s Database updated 367s + openssl x509 -noout -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 367s + echo 'This certificate should not be trusted fully' 367s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 367s + local cmd=openssl 367s + shift 367s + openssl verify -CAfile /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 367s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 367s error 2 at 1 depth lookup: unable to get issuer certificate 367s error /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 367s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 367s + cat 367s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6442 367s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-6442 1024 367s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-6442 -key /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 367s + openssl req -text -noout -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 367s Certificate Request: 367s Data: 367s Version: 1 (0x0) 367s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 367s Subject Public Key Info: 367s Public Key Algorithm: rsaEncryption 367s Public-Key: (1024 bit) 367s Modulus: 367s 00:bf:48:cf:4a:f1:0f:ae:84:4d:f2:48:0c:c2:97: 367s 0a:d6:2c:8a:68:e1:75:9d:c1:79:b0:36:4b:90:12: 367s 6e:55:cc:f2:90:c1:a7:88:37:7f:ab:32:82:c5:6b: 367s 97:60:10:76:59:f3:7b:18:24:c6:67:c1:8a:b0:b9: 367s ea:56:bd:58:c3:c0:2d:a7:c0:38:13:5f:6c:5f:7e: 367s 5e:2d:e6:b2:5e:96:5a:44:50:d1:53:7b:e6:08:36: 367s 70:7f:c0:4c:bf:01:c2:78:00:b3:03:42:90:a2:b0: 367s 50:5d:98:99:42:25:5e:4b:74:69:72:05:ef:bd:ac: 367s 22:7b:31:b7:54:cd:8a:81:97 367s Exponent: 65537 (0x10001) 367s Attributes: 367s Requested Extensions: 367s X509v3 Basic Constraints: 367s CA:FALSE 367s Netscape Cert Type: 367s SSL Client, S/MIME 367s Netscape Comment: 367s Test Organization Sub Intermediate CA trusted Certificate 367s X509v3 Subject Key Identifier: 367s 09:00:F2:39:9B:2C:61:ED:B2:74:09:C4:D6:A8:42:06:B7:2D:9F:76 367s X509v3 Key Usage: critical 367s Digital Signature, Non Repudiation, Key Encipherment 367s X509v3 Extended Key Usage: 367s TLS Web Client Authentication, E-mail Protection 367s X509v3 Subject Alternative Name: 367s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 367s Signature Algorithm: sha256WithRSAEncryption 367s Signature Value: 367s 2d:40:43:f3:88:6e:01:91:7e:85:a2:88:c7:b9:9f:3d:f9:89: 367s a2:e4:2c:fe:17:f5:5d:f5:fb:ac:97:e0:9d:e4:0b:19:a7:77: 367s 0c:3a:0a:fb:d7:09:ba:f6:70:96:7b:53:0c:51:2d:75:1e:37: 367s 54:5c:8a:0e:17:7a:b8:9b:0f:69:9d:20:3d:58:10:72:0a:86: 367s f3:99:e7:95:10:04:56:4f:64:d4:7b:01:4c:60:e0:74:78:40: 367s ec:d2:17:ec:e9:ba:fa:ae:aa:7d:3f:30:c8:37:19:5b:e9:71: 367s f3:c3:64:01:88:e0:97:83:a5:8f:3b:0f:05:53:01:7d:7e:fd: 367s d9:ab 367s + openssl ca -passin pass:random-sub-intermediate-CA-password-16522 -config /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 367s Using configuration from /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.config 367s Check that the request matches the signature 367s Signature ok 367s Certificate Details: 367s Serial Number: 5 (0x5) 367s Validity 367s Not Before: Nov 15 20:30:26 2024 GMT 367s Not After : Nov 15 20:30:26 2025 GMT 367s Subject: 367s organizationName = Test Organization 367s organizationalUnitName = Test Organization Unit 367s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 367s X509v3 extensions: 367s X509v3 Authority Key Identifier: 367s 95:FD:CF:F1:DE:9A:35:EB:83:6F:9A:31:A9:B6:5A:9A:A5:EE:B1:EB 367s X509v3 Basic Constraints: 367s CA:FALSE 367s Netscape Cert Type: 367s SSL Client, S/MIME 367s Netscape Comment: 367s Test Organization Sub Intermediate CA trusted Certificate 367s X509v3 Subject Key Identifier: 367s 09:00:F2:39:9B:2C:61:ED:B2:74:09:C4:D6:A8:42:06:B7:2D:9F:76 367s X509v3 Key Usage: critical 367s Digital Signature, Non Repudiation, Key Encipherment 367s X509v3 Extended Key Usage: 367s TLS Web Client Authentication, E-mail Protection 367s X509v3 Subject Alternative Name: 367s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 367s Certificate is to be certified until Nov 15 20:30:26 2025 GMT (365 days) 367s 367s Write out database with 1 new entries 367s Database updated 367s + openssl x509 -noout -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 367s This certificate should not be trusted fully 367s + echo 'This certificate should not be trusted fully' 367s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 367s + local cmd=openssl 367s + shift 367s + openssl verify -CAfile /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 367s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 367s error 2 at 1 depth lookup: unable to get issuer certificate 367s error /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 367s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 367s + local cmd=openssl 367s + shift 367s + openssl verify -CAfile /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 367s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 367s error 20 at 0 depth lookup: unable to get local issuer certificate 367s error /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 367s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 368s /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 368s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 368s + local cmd=openssl 368s + shift 368s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 368s OBuilding a the full-chain CA file... 368s = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 368s error 20 at 0 depth lookup: unable to get local issuer certificate 368s error /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 368s + echo 'Building a the full-chain CA file...' 368s + cat /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem 368s + cat /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem 368s + cat /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem 368s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 368s + openssl pkcs7 -print_certs -noout 368s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 368s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 368s 368s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 368s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 368s 368s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 368s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 368s 368s + openssl verify -CAfile /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem 368s /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem: OK 368s + openssl verify -CAfile /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem: OK 368s + openssl verify -CAfile /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 368s /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem: OK 368s + openssl verify -CAfile /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem /tmp/sssd-softhsm2-kroQZj/test-root-intermediate-chain-CA.pem 368s /tmp/sssd-softhsm2-kroQZj/test-root-intermediate-chain-CA.pem: OK 368s + openssl verify -CAfile /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 368s /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 368s Certificates generation completed! 368s + echo 'Certificates generation completed!' 368s + [[ -v NO_SSSD_TESTS ]] 368s + invalid_certificate /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 /dev/null 368s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 /dev/null 368s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s + local key_pass=pass:random-root-ca-trusted-cert-0001-29173 368s + local key_ring=/dev/null 368s + local verify_option= 368s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 368s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s + local key_pass=pass:random-root-ca-trusted-cert-0001-29173 368s + local key_cn 368s + local key_name 368s + local tokens_dir 368s + local output_cert_file 368s + token_name= 368s ++ basename /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem .pem 368s + key_name=test-root-CA-trusted-certificate-0001 368s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s ++ sed -n 's/ *commonName *= //p' 368s + key_cn='Test Organization Root Trusted Certificate 0001' 368s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 368s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf 368s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf 368s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 368s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001 368s + token_name='Test Organization Root Tr Token' 368s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 368s + local key_file 368s + local decrypted_key 368s + mkdir -p /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001 368s + key_file=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001-key.pem 368s + decrypted_key=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001-key-decrypted.pem 368s + cat 368s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 053350 --so-pin 053350 --free 368s Slot 0 has a free/uninitialized token. 368s The token has been initialized and is reassigned to slot 1968229811 368s + softhsm2-util --show-slots 368s Available slots: 368s Slot 1968229811 368s Slot info: 368s Description: SoftHSM slot ID 0x7550cdb3 368s Manufacturer ID: SoftHSM project 368s Hardware version: 2.6 368s Firmware version: 2.6 368s Token present: yes 368s Token info: 368s Manufacturer ID: SoftHSM project 368s Model: SoftHSM v2 368s Hardware version: 2.6 368s Firmware version: 2.6 368s Serial number: d5c372b47550cdb3 368s Initialized: yes 368s User PIN init.: yes 368s Label: Test Organization Root Tr Token 368s Slot 1 368s Slot info: 368s Description: SoftHSM slot ID 0x1 368s Manufacturer ID: SoftHSM project 368s Hardware version: 2.6 368s Firmware version: 2.6 368s Token present: yes 368s Token info: 368s Manufacturer ID: SoftHSM project 368s Model: SoftHSM v2 368s Hardware version: 2.6 368s Firmware version: 2.6 368s Serial number: 368s Initialized: no 368s User PIN init.: no 368s Label: 368s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 368s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-29173 -in /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001-key-decrypted.pem 368s writing RSA key 368s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 368s + rm /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001-key-decrypted.pem 368s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 368s Object 0: 368s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d5c372b47550cdb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 368s Type: X.509 Certificate (RSA-1024) 368s Expires: Sat Nov 15 20:30:26 2025 368s Label: Test Organization Root Trusted Certificate 0001 368s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 368s 368s Test Organization Root Tr Token 368s + echo 'Test Organization Root Tr Token' 368s + '[' -n '' ']' 368s + local output_base_name=SSSD-child-31127 368s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-31127.output 368s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-31127.pem 368s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 368s [p11_child[2216]] [main] (0x0400): p11_child started. 368s [p11_child[2216]] [main] (0x2000): Running in [pre-auth] mode. 368s [p11_child[2216]] [main] (0x2000): Running with effective IDs: [0][0]. 368s [p11_child[2216]] [main] (0x2000): Running with real IDs [0][0]. 368s [p11_child[2216]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 368s [p11_child[2216]] [do_work] (0x0040): init_verification failed. 368s [p11_child[2216]] [main] (0x0020): p11_child failed (5) 368s + return 2 368s + valid_certificate /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 /dev/null no_verification 368s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 /dev/null no_verification 368s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s + local key_pass=pass:random-root-ca-trusted-cert-0001-29173 368s + local key_ring=/dev/null 368s + local verify_option=no_verification 368s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 368s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s + local key_pass=pass:random-root-ca-trusted-cert-0001-29173 368s + local key_cn 368s + local key_name 368s + local tokens_dir 368s + local output_cert_file 368s + token_name= 368s ++ basename /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem .pem 368s + key_name=test-root-CA-trusted-certificate-0001 368s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s ++ sed -n 's/ *commonName *= //p' 368s + key_cn='Test Organization Root Trusted Certificate 0001' 368s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 368s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf 368s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf 368s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 368s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001 368s + token_name='Test Organization Root Tr Token' 368s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 368s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001 ']' 368s + echo 'Test Organization Root Tr Token' 368s Test Organization Root Tr Token 368s + '[' -n no_verification ']' 368s + local verify_arg=--verify=no_verification 368s + local output_base_name=SSSD-child-7562 368s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-7562.output 368s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-7562.pem 368s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 368s [p11_child[2222]] [main] (0x0400): p11_child started. 368s [p11_child[2222]] [main] (0x2000): Running in [pre-auth] mode. 368s [p11_child[2222]] [main] (0x2000): Running with effective IDs: [0][0]. 368s [p11_child[2222]] [main] (0x2000): Running with real IDs [0][0]. 368s [p11_child[2222]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 368s [p11_child[2222]] [do_card] (0x4000): Module List: 368s [p11_child[2222]] [do_card] (0x4000): common name: [softhsm2]. 368s [p11_child[2222]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2222]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7550cdb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 368s [p11_child[2222]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 368s [p11_child[2222]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7550cdb3][1968229811] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2222]] [do_card] (0x4000): Login NOT required. 368s [p11_child[2222]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 368s [p11_child[2222]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 368s [p11_child[2222]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7550cdb3;slot-manufacturer=SoftHSM%20project;slot-id=1968229811;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d5c372b47550cdb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 368s [p11_child[2222]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 368s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-7562.output 368s + echo '-----BEGIN CERTIFICATE-----' 368s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-7562.output 368s + echo '-----END CERTIFICATE-----' 368s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-7562.pem 368s Certificate: 368s Data: 368s Version: 3 (0x2) 368s Serial Number: 3 (0x3) 368s Signature Algorithm: sha256WithRSAEncryption 368s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 368s Validity 368s Not Before: Nov 15 20:30:26 2024 GMT 368s Not After : Nov 15 20:30:26 2025 GMT 368s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 368s Subject Public Key Info: 368s Public Key Algorithm: rsaEncryption 368s Public-Key: (1024 bit) 368s Modulus: 368s 00:a1:a1:53:77:2e:22:31:87:b6:ae:27:ba:86:15: 368s 74:b3:d0:2a:fb:dc:6c:5f:21:c5:4b:83:1f:c2:a8: 368s df:25:fd:49:4a:33:c0:9b:32:8b:03:61:86:24:85: 368s 2c:01:5c:e2:30:fd:91:0a:e5:ac:6e:ba:ac:4a:dd: 368s 1d:87:35:68:7c:cc:11:3d:c4:c8:b9:91:fe:4c:c5: 368s 40:97:f4:85:b4:6d:94:a1:20:a1:c8:9e:35:a2:30: 368s 21:7b:7f:7f:d6:58:53:57:4e:04:01:11:d2:4a:08: 368s 19:f7:52:45:84:e8:67:f2:99:b4:a8:bb:60:8e:65: 368s 50:38:e2:92:20:95:80:0e:f1 368s Exponent: 65537 (0x10001) 368s X509v3 extensions: 368s X509v3 Authority Key Identifier: 368s BF:92:8B:40:FF:92:47:98:9D:13:02:DC:1B:D8:87:99:24:0D:50:80 368s X509v3 Basic Constraints: 368s CA:FALSE 368s Netscape Cert Type: 368s SSL Client, S/MIME 368s Netscape Comment: 368s Test Organization Root CA trusted Certificate 368s X509v3 Subject Key Identifier: 368s DF:4C:50:FD:E6:C5:66:AA:3D:76:2D:E4:7A:E6:71:D9:63:F6:AC:84 368s X509v3 Key Usage: critical 368s Digital Signature, Non Repudiation, Key Encipherment 368s X509v3 Extended Key Usage: 368s TLS Web Client Authentication, E-mail Protection 368s X509v3 Subject Alternative Name: 368s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 368s Signature Algorithm: sha256WithRSAEncryption 368s Signature Value: 368s 6d:fc:a8:0c:47:68:bc:7e:60:51:f0:8c:65:da:aa:7d:c3:af: 368s c9:80:6f:ba:80:d1:a2:f0:e6:1d:e6:f9:c8:94:d4:05:f8:0c: 368s 1b:8e:86:e7:10:0c:60:f4:19:14:62:6c:38:16:9d:fe:36:e1: 368s 29:85:b7:15:71:0b:e8:21:08:b3:ee:d6:79:81:ae:7b:d3:0d: 368s d2:57:be:24:64:ba:2d:40:1c:ff:a1:27:bb:45:c3:e1:9f:db: 368s 95:47:7b:64:2e:77:a3:33:30:c3:67:44:8a:9d:2e:92:c2:a8: 368s 8e:3d:aa:0a:5b:2b:39:65:c3:7d:3b:12:ed:07:72:74:f4:34: 368s 0a:ba 368s + local found_md5 expected_md5 368s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s + expected_md5=Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 368s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-7562.pem 368s + found_md5=Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 368s + '[' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 '!=' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 ']' 368s + output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-7562-auth.output 368s ++ basename /tmp/sssd-softhsm2-kroQZj/SSSD-child-7562-auth.output .output 368s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-7562-auth.pem 368s + echo -n 053350 368s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 368s [p11_child[2230]] [main] (0x0400): p11_child started. 368s [p11_child[2230]] [main] (0x2000): Running in [auth] mode. 368s [p11_child[2230]] [main] (0x2000): Running with effective IDs: [0][0]. 368s [p11_child[2230]] [main] (0x2000): Running with real IDs [0][0]. 368s [p11_child[2230]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 368s [p11_child[2230]] [do_card] (0x4000): Module List: 368s [p11_child[2230]] [do_card] (0x4000): common name: [softhsm2]. 368s [p11_child[2230]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2230]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7550cdb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 368s [p11_child[2230]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 368s [p11_child[2230]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7550cdb3][1968229811] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2230]] [do_card] (0x4000): Login required. 368s [p11_child[2230]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 368s [p11_child[2230]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 368s [p11_child[2230]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7550cdb3;slot-manufacturer=SoftHSM%20project;slot-id=1968229811;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d5c372b47550cdb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 368s [p11_child[2230]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 368s [p11_child[2230]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 368s [p11_child[2230]] [do_card] (0x4000): Certificate verified and validated. 368s [p11_child[2230]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 368s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-7562-auth.output 368s + echo '-----BEGIN CERTIFICATE-----' 368s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-7562-auth.output 368s + echo '-----END CERTIFICATE-----' 368s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-7562-auth.pem 368s Certificate: 368s Data: 368s Version: 3 (0x2) 368s Serial Number: 3 (0x3) 368s Signature Algorithm: sha256WithRSAEncryption 368s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 368s Validity 368s Not Before: Nov 15 20:30:26 2024 GMT 368s Not After : Nov 15 20:30:26 2025 GMT 368s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 368s Subject Public Key Info: 368s Public Key Algorithm: rsaEncryption 368s Public-Key: (1024 bit) 368s Modulus: 368s 00:a1:a1:53:77:2e:22:31:87:b6:ae:27:ba:86:15: 368s 74:b3:d0:2a:fb:dc:6c:5f:21:c5:4b:83:1f:c2:a8: 368s df:25:fd:49:4a:33:c0:9b:32:8b:03:61:86:24:85: 368s 2c:01:5c:e2:30:fd:91:0a:e5:ac:6e:ba:ac:4a:dd: 368s 1d:87:35:68:7c:cc:11:3d:c4:c8:b9:91:fe:4c:c5: 368s 40:97:f4:85:b4:6d:94:a1:20:a1:c8:9e:35:a2:30: 368s 21:7b:7f:7f:d6:58:53:57:4e:04:01:11:d2:4a:08: 368s 19:f7:52:45:84:e8:67:f2:99:b4:a8:bb:60:8e:65: 368s 50:38:e2:92:20:95:80:0e:f1 368s Exponent: 65537 (0x10001) 368s X509v3 extensions: 368s X509v3 Authority Key Identifier: 368s BF:92:8B:40:FF:92:47:98:9D:13:02:DC:1B:D8:87:99:24:0D:50:80 368s X509v3 Basic Constraints: 368s CA:FALSE 368s Netscape Cert Type: 368s SSL Client, S/MIME 368s Netscape Comment: 368s Test Organization Root CA trusted Certificate 368s X509v3 Subject Key Identifier: 368s DF:4C:50:FD:E6:C5:66:AA:3D:76:2D:E4:7A:E6:71:D9:63:F6:AC:84 368s X509v3 Key Usage: critical 368s Digital Signature, Non Repudiation, Key Encipherment 368s X509v3 Extended Key Usage: 368s TLS Web Client Authentication, E-mail Protection 368s X509v3 Subject Alternative Name: 368s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 368s Signature Algorithm: sha256WithRSAEncryption 368s Signature Value: 368s 6d:fc:a8:0c:47:68:bc:7e:60:51:f0:8c:65:da:aa:7d:c3:af: 368s c9:80:6f:ba:80:d1:a2:f0:e6:1d:e6:f9:c8:94:d4:05:f8:0c: 368s 1b:8e:86:e7:10:0c:60:f4:19:14:62:6c:38:16:9d:fe:36:e1: 368s 29:85:b7:15:71:0b:e8:21:08:b3:ee:d6:79:81:ae:7b:d3:0d: 368s d2:57:be:24:64:ba:2d:40:1c:ff:a1:27:bb:45:c3:e1:9f:db: 368s 95:47:7b:64:2e:77:a3:33:30:c3:67:44:8a:9d:2e:92:c2:a8: 368s 8e:3d:aa:0a:5b:2b:39:65:c3:7d:3b:12:ed:07:72:74:f4:34: 368s 0a:ba 368s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-7562-auth.pem 368s + found_md5=Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 368s + '[' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 '!=' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 ']' 368s + valid_certificate /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 368s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 368s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s + local key_pass=pass:random-root-ca-trusted-cert-0001-29173 368s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 368s + local verify_option= 368s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 368s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s + local key_pass=pass:random-root-ca-trusted-cert-0001-29173 368s + local key_cn 368s + local key_name 368s + local tokens_dir 368s + local output_cert_file 368s + token_name= 368s ++ basename /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem .pem 368s + key_name=test-root-CA-trusted-certificate-0001 368s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s ++ sed -n 's/ *commonName *= //p' 368s + key_cn='Test Organization Root Trusted Certificate 0001' 368s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 368s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf 368s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf 368s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 368s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001 368s + token_name='Test Organization Root Tr Token' 368s Test Organization Root Tr Token 368s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 368s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001 ']' 368s + echo 'Test Organization Root Tr Token' 368s + '[' -n '' ']' 368s + local output_base_name=SSSD-child-5012 368s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-5012.output 368s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-5012.pem 368s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 368s [p11_child[2240]] [main] (0x0400): p11_child started. 368s [p11_child[2240]] [main] (0x2000): Running in [pre-auth] mode. 368s [p11_child[2240]] [main] (0x2000): Running with effective IDs: [0][0]. 368s [p11_child[2240]] [main] (0x2000): Running with real IDs [0][0]. 368s [p11_child[2240]] [do_card] (0x4000): Module List: 368s [p11_child[2240]] [do_card] (0x4000): common name: [softhsm2]. 368s [p11_child[2240]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2240]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7550cdb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 368s [p11_child[2240]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 368s [p11_child[2240]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7550cdb3][1968229811] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2240]] [do_card] (0x4000): Login NOT required. 368s [p11_child[2240]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 368s [p11_child[2240]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 368s [p11_child[2240]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 368s [p11_child[2240]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7550cdb3;slot-manufacturer=SoftHSM%20project;slot-id=1968229811;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d5c372b47550cdb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 368s [p11_child[2240]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 368s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-5012.output 368s + echo '-----BEGIN CERTIFICATE-----' 368s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-5012.output 368s + echo '-----END CERTIFICATE-----' 368s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-5012.pem 368s Certificate: 368s Data: 368s Version: 3 (0x2) 368s Serial Number: 3 (0x3) 368s Signature Algorithm: sha256WithRSAEncryption 368s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 368s Validity 368s Not Before: Nov 15 20:30:26 2024 GMT 368s Not After : Nov 15 20:30:26 2025 GMT 368s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 368s Subject Public Key Info: 368s Public Key Algorithm: rsaEncryption 368s Public-Key: (1024 bit) 368s Modulus: 368s 00:a1:a1:53:77:2e:22:31:87:b6:ae:27:ba:86:15: 368s 74:b3:d0:2a:fb:dc:6c:5f:21:c5:4b:83:1f:c2:a8: 368s df:25:fd:49:4a:33:c0:9b:32:8b:03:61:86:24:85: 368s 2c:01:5c:e2:30:fd:91:0a:e5:ac:6e:ba:ac:4a:dd: 368s 1d:87:35:68:7c:cc:11:3d:c4:c8:b9:91:fe:4c:c5: 368s 40:97:f4:85:b4:6d:94:a1:20:a1:c8:9e:35:a2:30: 368s 21:7b:7f:7f:d6:58:53:57:4e:04:01:11:d2:4a:08: 368s 19:f7:52:45:84:e8:67:f2:99:b4:a8:bb:60:8e:65: 368s 50:38:e2:92:20:95:80:0e:f1 368s Exponent: 65537 (0x10001) 368s X509v3 extensions: 368s X509v3 Authority Key Identifier: 368s BF:92:8B:40:FF:92:47:98:9D:13:02:DC:1B:D8:87:99:24:0D:50:80 368s X509v3 Basic Constraints: 368s CA:FALSE 368s Netscape Cert Type: 368s SSL Client, S/MIME 368s Netscape Comment: 368s Test Organization Root CA trusted Certificate 368s X509v3 Subject Key Identifier: 368s DF:4C:50:FD:E6:C5:66:AA:3D:76:2D:E4:7A:E6:71:D9:63:F6:AC:84 368s X509v3 Key Usage: critical 368s Digital Signature, Non Repudiation, Key Encipherment 368s X509v3 Extended Key Usage: 368s TLS Web Client Authentication, E-mail Protection 368s X509v3 Subject Alternative Name: 368s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 368s Signature Algorithm: sha256WithRSAEncryption 368s Signature Value: 368s 6d:fc:a8:0c:47:68:bc:7e:60:51:f0:8c:65:da:aa:7d:c3:af: 368s c9:80:6f:ba:80:d1:a2:f0:e6:1d:e6:f9:c8:94:d4:05:f8:0c: 368s 1b:8e:86:e7:10:0c:60:f4:19:14:62:6c:38:16:9d:fe:36:e1: 368s 29:85:b7:15:71:0b:e8:21:08:b3:ee:d6:79:81:ae:7b:d3:0d: 368s d2:57:be:24:64:ba:2d:40:1c:ff:a1:27:bb:45:c3:e1:9f:db: 368s 95:47:7b:64:2e:77:a3:33:30:c3:67:44:8a:9d:2e:92:c2:a8: 368s 8e:3d:aa:0a:5b:2b:39:65:c3:7d:3b:12:ed:07:72:74:f4:34: 368s 0a:ba 368s + local found_md5 expected_md5 368s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s + expected_md5=Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 368s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-5012.pem 368s + found_md5=Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 368s + '[' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 '!=' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 ']' 368s + output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-5012-auth.output 368s ++ basename /tmp/sssd-softhsm2-kroQZj/SSSD-child-5012-auth.output .output 368s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-5012-auth.pem 368s + echo -n 053350 368s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kroQZj/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 368s [p11_child[2248]] [main] (0x0400): p11_child started. 368s [p11_child[2248]] [main] (0x2000): Running in [auth] mode. 368s [p11_child[2248]] [main] (0x2000): Running with effective IDs: [0][0]. 368s [p11_child[2248]] [main] (0x2000): Running with real IDs [0][0]. 368s [p11_child[2248]] [do_card] (0x4000): Module List: 368s [p11_child[2248]] [do_card] (0x4000): common name: [softhsm2]. 368s [p11_child[2248]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2248]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7550cdb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 368s [p11_child[2248]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 368s [p11_child[2248]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7550cdb3][1968229811] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2248]] [do_card] (0x4000): Login required. 368s [p11_child[2248]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 368s [p11_child[2248]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 368s [p11_child[2248]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 368s [p11_child[2248]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7550cdb3;slot-manufacturer=SoftHSM%20project;slot-id=1968229811;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d5c372b47550cdb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 368s [p11_child[2248]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 368s [p11_child[2248]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 368s [p11_child[2248]] [do_card] (0x4000): Certificate verified and validated. 368s [p11_child[2248]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 368s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-5012-auth.output 368s + echo '-----BEGIN CERTIFICATE-----' 368s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-5012-auth.output 368s + echo '-----END CERTIFICATE-----' 368s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-5012-auth.pem 368s Certificate: 368s Data: 368s Version: 3 (0x2) 368s Serial Number: 3 (0x3) 368s Signature Algorithm: sha256WithRSAEncryption 368s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 368s Validity 368s Not Before: Nov 15 20:30:26 2024 GMT 368s Not After : Nov 15 20:30:26 2025 GMT 368s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 368s Subject Public Key Info: 368s Public Key Algorithm: rsaEncryption 368s Public-Key: (1024 bit) 368s Modulus: 368s 00:a1:a1:53:77:2e:22:31:87:b6:ae:27:ba:86:15: 368s 74:b3:d0:2a:fb:dc:6c:5f:21:c5:4b:83:1f:c2:a8: 368s df:25:fd:49:4a:33:c0:9b:32:8b:03:61:86:24:85: 368s 2c:01:5c:e2:30:fd:91:0a:e5:ac:6e:ba:ac:4a:dd: 368s 1d:87:35:68:7c:cc:11:3d:c4:c8:b9:91:fe:4c:c5: 368s 40:97:f4:85:b4:6d:94:a1:20:a1:c8:9e:35:a2:30: 368s 21:7b:7f:7f:d6:58:53:57:4e:04:01:11:d2:4a:08: 368s 19:f7:52:45:84:e8:67:f2:99:b4:a8:bb:60:8e:65: 368s 50:38:e2:92:20:95:80:0e:f1 368s Exponent: 65537 (0x10001) 368s X509v3 extensions: 368s X509v3 Authority Key Identifier: 368s BF:92:8B:40:FF:92:47:98:9D:13:02:DC:1B:D8:87:99:24:0D:50:80 368s X509v3 Basic Constraints: 368s CA:FALSE 368s Netscape Cert Type: 368s SSL Client, S/MIME 368s Netscape Comment: 368s Test Organization Root CA trusted Certificate 368s X509v3 Subject Key Identifier: 368s DF:4C:50:FD:E6:C5:66:AA:3D:76:2D:E4:7A:E6:71:D9:63:F6:AC:84 368s X509v3 Key Usage: critical 368s Digital Signature, Non Repudiation, Key Encipherment 368s X509v3 Extended Key Usage: 368s TLS Web Client Authentication, E-mail Protection 368s X509v3 Subject Alternative Name: 368s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 368s Signature Algorithm: sha256WithRSAEncryption 368s Signature Value: 368s 6d:fc:a8:0c:47:68:bc:7e:60:51:f0:8c:65:da:aa:7d:c3:af: 368s c9:80:6f:ba:80:d1:a2:f0:e6:1d:e6:f9:c8:94:d4:05:f8:0c: 368s 1b:8e:86:e7:10:0c:60:f4:19:14:62:6c:38:16:9d:fe:36:e1: 368s 29:85:b7:15:71:0b:e8:21:08:b3:ee:d6:79:81:ae:7b:d3:0d: 368s d2:57:be:24:64:ba:2d:40:1c:ff:a1:27:bb:45:c3:e1:9f:db: 368s 95:47:7b:64:2e:77:a3:33:30:c3:67:44:8a:9d:2e:92:c2:a8: 368s 8e:3d:aa:0a:5b:2b:39:65:c3:7d:3b:12:ed:07:72:74:f4:34: 368s 0a:ba 368s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-5012-auth.pem 368s + found_md5=Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 368s + '[' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 '!=' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 ']' 368s + valid_certificate /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem partial_chain 368s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem partial_chain 368s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s + local key_pass=pass:random-root-ca-trusted-cert-0001-29173 368s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 368s + local verify_option=partial_chain 368s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 368s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s + local key_pass=pass:random-root-ca-trusted-cert-0001-29173 368s + local key_cn 368s + local key_name 368s + local tokens_dir 368s + local output_cert_file 368s + token_name= 368s ++ basename /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem .pem 368s + key_name=test-root-CA-trusted-certificate-0001 368s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s ++ sed -n 's/ *commonName *= //p' 368s + key_cn='Test Organization Root Trusted Certificate 0001' 368s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 368s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf 368s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf 368s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 368s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001 368s + token_name='Test Organization Root Tr Token' 368s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 368s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001 ']' 368s + echo 'Test Organization Root Tr Token' 368s Test Organization Root Tr Token 368s + '[' -n partial_chain ']' 368s + local verify_arg=--verify=partial_chain 368s + local output_base_name=SSSD-child-12770 368s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-12770.output 368s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-12770.pem 368s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 368s [p11_child[2258]] [main] (0x0400): p11_child started. 368s [p11_child[2258]] [main] (0x2000): Running in [pre-auth] mode. 368s [p11_child[2258]] [main] (0x2000): Running with effective IDs: [0][0]. 368s [p11_child[2258]] [main] (0x2000): Running with real IDs [0][0]. 368s [p11_child[2258]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 368s [p11_child[2258]] [do_card] (0x4000): Module List: 368s [p11_child[2258]] [do_card] (0x4000): common name: [softhsm2]. 368s [p11_child[2258]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2258]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7550cdb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 368s [p11_child[2258]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 368s [p11_child[2258]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7550cdb3][1968229811] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2258]] [do_card] (0x4000): Login NOT required. 368s [p11_child[2258]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 368s [p11_child[2258]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 368s [p11_child[2258]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 368s [p11_child[2258]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7550cdb3;slot-manufacturer=SoftHSM%20project;slot-id=1968229811;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d5c372b47550cdb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 368s [p11_child[2258]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 368s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-12770.output 368s + echo '-----BEGIN CERTIFICATE-----' 368s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-12770.output 368s + echo '-----END CERTIFICATE-----' 368s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-12770.pem 368s Certificate: 368s Data: 368s Version: 3 (0x2) 368s Serial Number: 3 (0x3) 368s Signature Algorithm: sha256WithRSAEncryption 368s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 368s Validity 368s Not Before: Nov 15 20:30:26 2024 GMT 368s Not After : Nov 15 20:30:26 2025 GMT 368s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 368s Subject Public Key Info: 368s Public Key Algorithm: rsaEncryption 368s Public-Key: (1024 bit) 368s Modulus: 368s 00:a1:a1:53:77:2e:22:31:87:b6:ae:27:ba:86:15: 368s 74:b3:d0:2a:fb:dc:6c:5f:21:c5:4b:83:1f:c2:a8: 368s df:25:fd:49:4a:33:c0:9b:32:8b:03:61:86:24:85: 368s 2c:01:5c:e2:30:fd:91:0a:e5:ac:6e:ba:ac:4a:dd: 368s 1d:87:35:68:7c:cc:11:3d:c4:c8:b9:91:fe:4c:c5: 368s 40:97:f4:85:b4:6d:94:a1:20:a1:c8:9e:35:a2:30: 368s 21:7b:7f:7f:d6:58:53:57:4e:04:01:11:d2:4a:08: 368s 19:f7:52:45:84:e8:67:f2:99:b4:a8:bb:60:8e:65: 368s 50:38:e2:92:20:95:80:0e:f1 368s Exponent: 65537 (0x10001) 368s X509v3 extensions: 368s X509v3 Authority Key Identifier: 368s BF:92:8B:40:FF:92:47:98:9D:13:02:DC:1B:D8:87:99:24:0D:50:80 368s X509v3 Basic Constraints: 368s CA:FALSE 368s Netscape Cert Type: 368s SSL Client, S/MIME 368s Netscape Comment: 368s Test Organization Root CA trusted Certificate 368s X509v3 Subject Key Identifier: 368s DF:4C:50:FD:E6:C5:66:AA:3D:76:2D:E4:7A:E6:71:D9:63:F6:AC:84 368s X509v3 Key Usage: critical 368s Digital Signature, Non Repudiation, Key Encipherment 368s X509v3 Extended Key Usage: 368s TLS Web Client Authentication, E-mail Protection 368s X509v3 Subject Alternative Name: 368s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 368s Signature Algorithm: sha256WithRSAEncryption 368s Signature Value: 368s 6d:fc:a8:0c:47:68:bc:7e:60:51:f0:8c:65:da:aa:7d:c3:af: 368s c9:80:6f:ba:80:d1:a2:f0:e6:1d:e6:f9:c8:94:d4:05:f8:0c: 368s 1b:8e:86:e7:10:0c:60:f4:19:14:62:6c:38:16:9d:fe:36:e1: 368s 29:85:b7:15:71:0b:e8:21:08:b3:ee:d6:79:81:ae:7b:d3:0d: 368s d2:57:be:24:64:ba:2d:40:1c:ff:a1:27:bb:45:c3:e1:9f:db: 368s 95:47:7b:64:2e:77:a3:33:30:c3:67:44:8a:9d:2e:92:c2:a8: 368s 8e:3d:aa:0a:5b:2b:39:65:c3:7d:3b:12:ed:07:72:74:f4:34: 368s 0a:ba 368s + local found_md5 expected_md5 368s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s + expected_md5=Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 368s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-12770.pem 368s + found_md5=Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 368s + '[' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 '!=' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 ']' 368s + output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-12770-auth.output 368s ++ basename /tmp/sssd-softhsm2-kroQZj/SSSD-child-12770-auth.output .output 368s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-12770-auth.pem 368s + echo -n 053350 368s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kroQZj/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 368s [p11_child[2266]] [main] (0x0400): p11_child started. 368s [p11_child[2266]] [main] (0x2000): Running in [auth] mode. 368s [p11_child[2266]] [main] (0x2000): Running with effective IDs: [0][0]. 368s [p11_child[2266]] [main] (0x2000): Running with real IDs [0][0]. 368s [p11_child[2266]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 368s [p11_child[2266]] [do_card] (0x4000): Module List: 368s [p11_child[2266]] [do_card] (0x4000): common name: [softhsm2]. 368s [p11_child[2266]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2266]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7550cdb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 368s [p11_child[2266]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 368s [p11_child[2266]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7550cdb3][1968229811] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2266]] [do_card] (0x4000): Login required. 368s [p11_child[2266]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 368s [p11_child[2266]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 368s [p11_child[2266]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 368s [p11_child[2266]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7550cdb3;slot-manufacturer=SoftHSM%20project;slot-id=1968229811;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d5c372b47550cdb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 368s [p11_child[2266]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 368s [p11_child[2266]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 368s [p11_child[2266]] [do_card] (0x4000): Certificate verified and validated. 368s [p11_child[2266]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 368s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-12770-auth.output 368s + echo '-----BEGIN CERTIFICATE-----' 368s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-12770-auth.output 368s + echo '-----END CERTIFICATE-----' 368s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-12770-auth.pem 368s Certificate: 368s Data: 368s Version: 3 (0x2) 368s Serial Number: 3 (0x3) 368s Signature Algorithm: sha256WithRSAEncryption 368s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 368s Validity 368s Not Before: Nov 15 20:30:26 2024 GMT 368s Not After : Nov 15 20:30:26 2025 GMT 368s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 368s Subject Public Key Info: 368s Public Key Algorithm: rsaEncryption 368s Public-Key: (1024 bit) 368s Modulus: 368s 00:a1:a1:53:77:2e:22:31:87:b6:ae:27:ba:86:15: 368s 74:b3:d0:2a:fb:dc:6c:5f:21:c5:4b:83:1f:c2:a8: 368s df:25:fd:49:4a:33:c0:9b:32:8b:03:61:86:24:85: 368s 2c:01:5c:e2:30:fd:91:0a:e5:ac:6e:ba:ac:4a:dd: 368s 1d:87:35:68:7c:cc:11:3d:c4:c8:b9:91:fe:4c:c5: 368s 40:97:f4:85:b4:6d:94:a1:20:a1:c8:9e:35:a2:30: 368s 21:7b:7f:7f:d6:58:53:57:4e:04:01:11:d2:4a:08: 368s 19:f7:52:45:84:e8:67:f2:99:b4:a8:bb:60:8e:65: 368s 50:38:e2:92:20:95:80:0e:f1 368s Exponent: 65537 (0x10001) 368s X509v3 extensions: 368s X509v3 Authority Key Identifier: 368s BF:92:8B:40:FF:92:47:98:9D:13:02:DC:1B:D8:87:99:24:0D:50:80 368s X509v3 Basic Constraints: 368s CA:FALSE 368s Netscape Cert Type: 368s SSL Client, S/MIME 368s Netscape Comment: 368s Test Organization Root CA trusted Certificate 368s X509v3 Subject Key Identifier: 368s DF:4C:50:FD:E6:C5:66:AA:3D:76:2D:E4:7A:E6:71:D9:63:F6:AC:84 368s X509v3 Key Usage: critical 368s Digital Signature, Non Repudiation, Key Encipherment 368s X509v3 Extended Key Usage: 368s TLS Web Client Authentication, E-mail Protection 368s X509v3 Subject Alternative Name: 368s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 368s Signature Algorithm: sha256WithRSAEncryption 368s Signature Value: 368s 6d:fc:a8:0c:47:68:bc:7e:60:51:f0:8c:65:da:aa:7d:c3:af: 368s c9:80:6f:ba:80:d1:a2:f0:e6:1d:e6:f9:c8:94:d4:05:f8:0c: 368s 1b:8e:86:e7:10:0c:60:f4:19:14:62:6c:38:16:9d:fe:36:e1: 368s 29:85:b7:15:71:0b:e8:21:08:b3:ee:d6:79:81:ae:7b:d3:0d: 368s d2:57:be:24:64:ba:2d:40:1c:ff:a1:27:bb:45:c3:e1:9f:db: 368s 95:47:7b:64:2e:77:a3:33:30:c3:67:44:8a:9d:2e:92:c2:a8: 368s 8e:3d:aa:0a:5b:2b:39:65:c3:7d:3b:12:ed:07:72:74:f4:34: 368s 0a:ba 368s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-12770-auth.pem 368s + found_md5=Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 368s + '[' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 '!=' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 ']' 368s + valid_certificate /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 368s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 368s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s + local key_pass=pass:random-root-ca-trusted-cert-0001-29173 368s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 368s + local verify_option= 368s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 368s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s + local key_pass=pass:random-root-ca-trusted-cert-0001-29173 368s + local key_cn 368s + local key_name 368s + local tokens_dir 368s + local output_cert_file 368s + token_name= 368s ++ basename /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem .pem 368s + key_name=test-root-CA-trusted-certificate-0001 368s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s ++ sed -n 's/ *commonName *= //p' 368s + key_cn='Test Organization Root Trusted Certificate 0001' 368s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 368s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf 368s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf 368s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 368s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001 368s + token_name='Test Organization Root Tr Token' 368s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 368s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001 ']' 368s + echo 'Test Organization Root Tr Token' 368s Test Organization Root Tr Token 368s + '[' -n '' ']' 368s + local output_base_name=SSSD-child-26730 368s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-26730.output 368s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-26730.pem 368s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 368s [p11_child[2276]] [main] (0x0400): p11_child started. 368s [p11_child[2276]] [main] (0x2000): Running in [pre-auth] mode. 368s [p11_child[2276]] [main] (0x2000): Running with effective IDs: [0][0]. 368s [p11_child[2276]] [main] (0x2000): Running with real IDs [0][0]. 368s [p11_child[2276]] [do_card] (0x4000): Module List: 368s [p11_child[2276]] [do_card] (0x4000): common name: [softhsm2]. 368s [p11_child[2276]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2276]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7550cdb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 368s [p11_child[2276]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 368s [p11_child[2276]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7550cdb3][1968229811] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2276]] [do_card] (0x4000): Login NOT required. 368s [p11_child[2276]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 368s [p11_child[2276]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 368s [p11_child[2276]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 368s [p11_child[2276]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7550cdb3;slot-manufacturer=SoftHSM%20project;slot-id=1968229811;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d5c372b47550cdb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 368s [p11_child[2276]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 368s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-26730.output 368s + echo '-----BEGIN CERTIFICATE-----' 368s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-26730.output 368s + echo '-----END CERTIFICATE-----' 368s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-26730.pem 368s Certificate: 368s Data: 368s Version: 3 (0x2) 368s Serial Number: 3 (0x3) 368s Signature Algorithm: sha256WithRSAEncryption 368s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 368s Validity 368s Not Before: Nov 15 20:30:26 2024 GMT 368s Not After : Nov 15 20:30:26 2025 GMT 368s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 368s Subject Public Key Info: 368s Public Key Algorithm: rsaEncryption 368s Public-Key: (1024 bit) 368s Modulus: 368s 00:a1:a1:53:77:2e:22:31:87:b6:ae:27:ba:86:15: 368s 74:b3:d0:2a:fb:dc:6c:5f:21:c5:4b:83:1f:c2:a8: 368s df:25:fd:49:4a:33:c0:9b:32:8b:03:61:86:24:85: 368s 2c:01:5c:e2:30:fd:91:0a:e5:ac:6e:ba:ac:4a:dd: 368s 1d:87:35:68:7c:cc:11:3d:c4:c8:b9:91:fe:4c:c5: 368s 40:97:f4:85:b4:6d:94:a1:20:a1:c8:9e:35:a2:30: 368s 21:7b:7f:7f:d6:58:53:57:4e:04:01:11:d2:4a:08: 368s 19:f7:52:45:84:e8:67:f2:99:b4:a8:bb:60:8e:65: 368s 50:38:e2:92:20:95:80:0e:f1 368s Exponent: 65537 (0x10001) 368s X509v3 extensions: 368s X509v3 Authority Key Identifier: 368s BF:92:8B:40:FF:92:47:98:9D:13:02:DC:1B:D8:87:99:24:0D:50:80 368s X509v3 Basic Constraints: 368s CA:FALSE 368s Netscape Cert Type: 368s SSL Client, S/MIME 368s Netscape Comment: 368s Test Organization Root CA trusted Certificate 368s X509v3 Subject Key Identifier: 368s DF:4C:50:FD:E6:C5:66:AA:3D:76:2D:E4:7A:E6:71:D9:63:F6:AC:84 368s X509v3 Key Usage: critical 368s Digital Signature, Non Repudiation, Key Encipherment 368s X509v3 Extended Key Usage: 368s TLS Web Client Authentication, E-mail Protection 368s X509v3 Subject Alternative Name: 368s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 368s Signature Algorithm: sha256WithRSAEncryption 368s Signature Value: 368s 6d:fc:a8:0c:47:68:bc:7e:60:51:f0:8c:65:da:aa:7d:c3:af: 368s c9:80:6f:ba:80:d1:a2:f0:e6:1d:e6:f9:c8:94:d4:05:f8:0c: 368s 1b:8e:86:e7:10:0c:60:f4:19:14:62:6c:38:16:9d:fe:36:e1: 368s 29:85:b7:15:71:0b:e8:21:08:b3:ee:d6:79:81:ae:7b:d3:0d: 368s d2:57:be:24:64:ba:2d:40:1c:ff:a1:27:bb:45:c3:e1:9f:db: 368s 95:47:7b:64:2e:77:a3:33:30:c3:67:44:8a:9d:2e:92:c2:a8: 368s 8e:3d:aa:0a:5b:2b:39:65:c3:7d:3b:12:ed:07:72:74:f4:34: 368s 0a:ba 368s + local found_md5 expected_md5 368s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s + expected_md5=Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 368s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-26730.pem 368s + found_md5=Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 368s + '[' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 '!=' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 ']' 368s + output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-26730-auth.output 368s ++ basename /tmp/sssd-softhsm2-kroQZj/SSSD-child-26730-auth.output .output 368s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-26730-auth.pem 368s + echo -n 053350 368s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 368s [p11_child[2284]] [main] (0x0400): p11_child started. 368s [p11_child[2284]] [main] (0x2000): Running in [auth] mode. 368s [p11_child[2284]] [main] (0x2000): Running with effective IDs: [0][0]. 368s [p11_child[2284]] [main] (0x2000): Running with real IDs [0][0]. 368s [p11_child[2284]] [do_card] (0x4000): Module List: 368s [p11_child[2284]] [do_card] (0x4000): common name: [softhsm2]. 368s [p11_child[2284]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2284]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7550cdb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 368s [p11_child[2284]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 368s [p11_child[2284]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7550cdb3][1968229811] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2284]] [do_card] (0x4000): Login required. 368s [p11_child[2284]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 368s [p11_child[2284]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 368s [p11_child[2284]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 368s [p11_child[2284]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7550cdb3;slot-manufacturer=SoftHSM%20project;slot-id=1968229811;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d5c372b47550cdb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 368s [p11_child[2284]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 368s [p11_child[2284]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 368s [p11_child[2284]] [do_card] (0x4000): Certificate verified and validated. 368s [p11_child[2284]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 368s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-26730-auth.output 368s + echo '-----BEGIN CERTIFICATE-----' 368s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-26730-auth.output 368s + echo '-----END CERTIFICATE-----' 368s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-26730-auth.pem 368s Certificate: 368s Data: 368s Version: 3 (0x2) 368s Serial Number: 3 (0x3) 368s Signature Algorithm: sha256WithRSAEncryption 368s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 368s Validity 368s Not Before: Nov 15 20:30:26 2024 GMT 368s Not After : Nov 15 20:30:26 2025 GMT 368s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 368s Subject Public Key Info: 368s Public Key Algorithm: rsaEncryption 368s Public-Key: (1024 bit) 368s Modulus: 368s 00:a1:a1:53:77:2e:22:31:87:b6:ae:27:ba:86:15: 368s 74:b3:d0:2a:fb:dc:6c:5f:21:c5:4b:83:1f:c2:a8: 368s df:25:fd:49:4a:33:c0:9b:32:8b:03:61:86:24:85: 368s 2c:01:5c:e2:30:fd:91:0a:e5:ac:6e:ba:ac:4a:dd: 368s 1d:87:35:68:7c:cc:11:3d:c4:c8:b9:91:fe:4c:c5: 368s 40:97:f4:85:b4:6d:94:a1:20:a1:c8:9e:35:a2:30: 368s 21:7b:7f:7f:d6:58:53:57:4e:04:01:11:d2:4a:08: 368s 19:f7:52:45:84:e8:67:f2:99:b4:a8:bb:60:8e:65: 368s 50:38:e2:92:20:95:80:0e:f1 368s Exponent: 65537 (0x10001) 368s X509v3 extensions: 368s X509v3 Authority Key Identifier: 368s BF:92:8B:40:FF:92:47:98:9D:13:02:DC:1B:D8:87:99:24:0D:50:80 368s X509v3 Basic Constraints: 368s CA:FALSE 368s Netscape Cert Type: 368s SSL Client, S/MIME 368s Netscape Comment: 368s Test Organization Root CA trusted Certificate 368s X509v3 Subject Key Identifier: 368s DF:4C:50:FD:E6:C5:66:AA:3D:76:2D:E4:7A:E6:71:D9:63:F6:AC:84 368s X509v3 Key Usage: critical 368s Digital Signature, Non Repudiation, Key Encipherment 368s X509v3 Extended Key Usage: 368s TLS Web Client Authentication, E-mail Protection 368s X509v3 Subject Alternative Name: 368s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 368s Signature Algorithm: sha256WithRSAEncryption 368s Signature Value: 368s 6d:fc:a8:0c:47:68:bc:7e:60:51:f0:8c:65:da:aa:7d:c3:af: 368s c9:80:6f:ba:80:d1:a2:f0:e6:1d:e6:f9:c8:94:d4:05:f8:0c: 368s 1b:8e:86:e7:10:0c:60:f4:19:14:62:6c:38:16:9d:fe:36:e1: 368s 29:85:b7:15:71:0b:e8:21:08:b3:ee:d6:79:81:ae:7b:d3:0d: 368s d2:57:be:24:64:ba:2d:40:1c:ff:a1:27:bb:45:c3:e1:9f:db: 368s 95:47:7b:64:2e:77:a3:33:30:c3:67:44:8a:9d:2e:92:c2:a8: 368s 8e:3d:aa:0a:5b:2b:39:65:c3:7d:3b:12:ed:07:72:74:f4:34: 368s 0a:ba 368s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-26730-auth.pem 368s + found_md5=Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 368s + '[' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 '!=' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 ']' 368s + valid_certificate /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem partial_chain 368s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem partial_chain 368s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s + local key_pass=pass:random-root-ca-trusted-cert-0001-29173 368s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 368s + local verify_option=partial_chain 368s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 368s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s + local key_pass=pass:random-root-ca-trusted-cert-0001-29173 368s + local key_cn 368s + local key_name 368s + local tokens_dir 368s + local output_cert_file 368s + token_name= 368s ++ basename /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem .pem 368s + key_name=test-root-CA-trusted-certificate-0001 368s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s ++ sed -n 's/ *commonName *= //p' 368s + key_cn='Test Organization Root Trusted Certificate 0001' 368s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 368s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf 368s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf 368s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 368s Test Organization Root Tr Token 368s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001 368s + token_name='Test Organization Root Tr Token' 368s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 368s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001 ']' 368s + echo 'Test Organization Root Tr Token' 368s + '[' -n partial_chain ']' 368s + local verify_arg=--verify=partial_chain 368s + local output_base_name=SSSD-child-8835 368s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-8835.output 368s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-8835.pem 368s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 368s [p11_child[2294]] [main] (0x0400): p11_child started. 368s [p11_child[2294]] [main] (0x2000): Running in [pre-auth] mode. 368s [p11_child[2294]] [main] (0x2000): Running with effective IDs: [0][0]. 368s [p11_child[2294]] [main] (0x2000): Running with real IDs [0][0]. 368s [p11_child[2294]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 368s [p11_child[2294]] [do_card] (0x4000): Module List: 368s [p11_child[2294]] [do_card] (0x4000): common name: [softhsm2]. 368s [p11_child[2294]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2294]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7550cdb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 368s [p11_child[2294]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 368s [p11_child[2294]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7550cdb3][1968229811] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2294]] [do_card] (0x4000): Login NOT required. 368s [p11_child[2294]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 368s [p11_child[2294]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 368s [p11_child[2294]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 368s [p11_child[2294]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7550cdb3;slot-manufacturer=SoftHSM%20project;slot-id=1968229811;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d5c372b47550cdb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 368s [p11_child[2294]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 368s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-8835.output 368s + echo '-----BEGIN CERTIFICATE-----' 368s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-8835.output 368s + echo '-----END CERTIFICATE-----' 368s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-8835.pem 368s Certificate: 368s Data: 368s Version: 3 (0x2) 368s Serial Number: 3 (0x3) 368s Signature Algorithm: sha256WithRSAEncryption 368s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 368s Validity 368s Not Before: Nov 15 20:30:26 2024 GMT 368s Not After : Nov 15 20:30:26 2025 GMT 368s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 368s Subject Public Key Info: 368s Public Key Algorithm: rsaEncryption 368s Public-Key: (1024 bit) 368s Modulus: 368s 00:a1:a1:53:77:2e:22:31:87:b6:ae:27:ba:86:15: 368s 74:b3:d0:2a:fb:dc:6c:5f:21:c5:4b:83:1f:c2:a8: 368s df:25:fd:49:4a:33:c0:9b:32:8b:03:61:86:24:85: 368s 2c:01:5c:e2:30:fd:91:0a:e5:ac:6e:ba:ac:4a:dd: 368s 1d:87:35:68:7c:cc:11:3d:c4:c8:b9:91:fe:4c:c5: 368s 40:97:f4:85:b4:6d:94:a1:20:a1:c8:9e:35:a2:30: 368s 21:7b:7f:7f:d6:58:53:57:4e:04:01:11:d2:4a:08: 368s 19:f7:52:45:84:e8:67:f2:99:b4:a8:bb:60:8e:65: 368s 50:38:e2:92:20:95:80:0e:f1 368s Exponent: 65537 (0x10001) 368s X509v3 extensions: 368s X509v3 Authority Key Identifier: 368s BF:92:8B:40:FF:92:47:98:9D:13:02:DC:1B:D8:87:99:24:0D:50:80 368s X509v3 Basic Constraints: 368s CA:FALSE 368s Netscape Cert Type: 368s SSL Client, S/MIME 368s Netscape Comment: 368s Test Organization Root CA trusted Certificate 368s X509v3 Subject Key Identifier: 368s DF:4C:50:FD:E6:C5:66:AA:3D:76:2D:E4:7A:E6:71:D9:63:F6:AC:84 368s X509v3 Key Usage: critical 368s Digital Signature, Non Repudiation, Key Encipherment 368s X509v3 Extended Key Usage: 368s TLS Web Client Authentication, E-mail Protection 368s X509v3 Subject Alternative Name: 368s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 368s Signature Algorithm: sha256WithRSAEncryption 368s Signature Value: 368s 6d:fc:a8:0c:47:68:bc:7e:60:51:f0:8c:65:da:aa:7d:c3:af: 368s c9:80:6f:ba:80:d1:a2:f0:e6:1d:e6:f9:c8:94:d4:05:f8:0c: 368s 1b:8e:86:e7:10:0c:60:f4:19:14:62:6c:38:16:9d:fe:36:e1: 368s 29:85:b7:15:71:0b:e8:21:08:b3:ee:d6:79:81:ae:7b:d3:0d: 368s d2:57:be:24:64:ba:2d:40:1c:ff:a1:27:bb:45:c3:e1:9f:db: 368s 95:47:7b:64:2e:77:a3:33:30:c3:67:44:8a:9d:2e:92:c2:a8: 368s 8e:3d:aa:0a:5b:2b:39:65:c3:7d:3b:12:ed:07:72:74:f4:34: 368s 0a:ba 368s + local found_md5 expected_md5 368s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 368s + expected_md5=Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 368s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-8835.pem 368s + found_md5=Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 368s + '[' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 '!=' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 ']' 368s + output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-8835-auth.output 368s ++ basename /tmp/sssd-softhsm2-kroQZj/SSSD-child-8835-auth.output .output 368s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-8835-auth.pem 368s + echo -n 053350 368s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 368s [p11_child[2302]] [main] (0x0400): p11_child started. 368s [p11_child[2302]] [main] (0x2000): Running in [auth] mode. 368s [p11_child[2302]] [main] (0x2000): Running with effective IDs: [0][0]. 368s [p11_child[2302]] [main] (0x2000): Running with real IDs [0][0]. 368s [p11_child[2302]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 368s [p11_child[2302]] [do_card] (0x4000): Module List: 368s [p11_child[2302]] [do_card] (0x4000): common name: [softhsm2]. 368s [p11_child[2302]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2302]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7550cdb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 368s [p11_child[2302]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 368s [p11_child[2302]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7550cdb3][1968229811] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 368s [p11_child[2302]] [do_card] (0x4000): Login required. 368s [p11_child[2302]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 368s [p11_child[2302]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 368s [p11_child[2302]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 368s [p11_child[2302]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7550cdb3;slot-manufacturer=SoftHSM%20project;slot-id=1968229811;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d5c372b47550cdb3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 368s [p11_child[2302]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 368s [p11_child[2302]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 368s [p11_child[2302]] [do_card] (0x4000): Certificate verified and validated. 368s [p11_child[2302]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 368s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-8835-auth.output 368s + echo '-----BEGIN CERTIFICATE-----' 368s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-8835-auth.output 368s + echo '-----END CERTIFICATE-----' 368s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-8835-auth.pem 369s Certificate: 369s Data: 369s Version: 3 (0x2) 369s Serial Number: 3 (0x3) 369s Signature Algorithm: sha256WithRSAEncryption 369s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 369s Validity 369s Not Before: Nov 15 20:30:26 2024 GMT 369s Not After : Nov 15 20:30:26 2025 GMT 369s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 369s Subject Public Key Info: 369s Public Key Algorithm: rsaEncryption 369s Public-Key: (1024 bit) 369s Modulus: 369s 00:a1:a1:53:77:2e:22:31:87:b6:ae:27:ba:86:15: 369s 74:b3:d0:2a:fb:dc:6c:5f:21:c5:4b:83:1f:c2:a8: 369s df:25:fd:49:4a:33:c0:9b:32:8b:03:61:86:24:85: 369s 2c:01:5c:e2:30:fd:91:0a:e5:ac:6e:ba:ac:4a:dd: 369s 1d:87:35:68:7c:cc:11:3d:c4:c8:b9:91:fe:4c:c5: 369s 40:97:f4:85:b4:6d:94:a1:20:a1:c8:9e:35:a2:30: 369s 21:7b:7f:7f:d6:58:53:57:4e:04:01:11:d2:4a:08: 369s 19:f7:52:45:84:e8:67:f2:99:b4:a8:bb:60:8e:65: 369s 50:38:e2:92:20:95:80:0e:f1 369s Exponent: 65537 (0x10001) 369s X509v3 extensions: 369s X509v3 Authority Key Identifier: 369s BF:92:8B:40:FF:92:47:98:9D:13:02:DC:1B:D8:87:99:24:0D:50:80 369s X509v3 Basic Constraints: 369s CA:FALSE 369s Netscape Cert Type: 369s SSL Client, S/MIME 369s Netscape Comment: 369s Test Organization Root CA trusted Certificate 369s X509v3 Subject Key Identifier: 369s DF:4C:50:FD:E6:C5:66:AA:3D:76:2D:E4:7A:E6:71:D9:63:F6:AC:84 369s X509v3 Key Usage: critical 369s Digital Signature, Non Repudiation, Key Encipherment 369s X509v3 Extended Key Usage: 369s TLS Web Client Authentication, E-mail Protection 369s X509v3 Subject Alternative Name: 369s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 369s Signature Algorithm: sha256WithRSAEncryption 369s Signature Value: 369s 6d:fc:a8:0c:47:68:bc:7e:60:51:f0:8c:65:da:aa:7d:c3:af: 369s c9:80:6f:ba:80:d1:a2:f0:e6:1d:e6:f9:c8:94:d4:05:f8:0c: 369s 1b:8e:86:e7:10:0c:60:f4:19:14:62:6c:38:16:9d:fe:36:e1: 369s 29:85:b7:15:71:0b:e8:21:08:b3:ee:d6:79:81:ae:7b:d3:0d: 369s d2:57:be:24:64:ba:2d:40:1c:ff:a1:27:bb:45:c3:e1:9f:db: 369s 95:47:7b:64:2e:77:a3:33:30:c3:67:44:8a:9d:2e:92:c2:a8: 369s 8e:3d:aa:0a:5b:2b:39:65:c3:7d:3b:12:ed:07:72:74:f4:34: 369s 0a:ba 369s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-8835-auth.pem 369s + found_md5=Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 369s + '[' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 '!=' Modulus=A1A153772E223187B6AE27BA861574B3D02AFBDC6C5F21C54B831FC2A8DF25FD494A33C09B328B03618624852C015CE230FD910AE5AC6EBAAC4ADD1D8735687CCC113DC4C8B991FE4CC54097F485B46D94A120A1C89E35A230217B7F7FD65853574E040111D24A0819F7524584E867F299B4A8BB608E655038E2922095800EF1 ']' 369s + invalid_certificate /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem 369s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-root-ca-trusted-cert-0001-29173 369s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem 369s + local verify_option= 369s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-root-ca-trusted-cert-0001-29173 369s + local key_cn 369s + local key_name 369s + local tokens_dir 369s + local output_cert_file 369s + token_name= 369s ++ basename /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem .pem 369s + key_name=test-root-CA-trusted-certificate-0001 369s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 369s ++ sed -n 's/ *commonName *= //p' 369s + key_cn='Test Organization Root Trusted Certificate 0001' 369s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 369s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf 369s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf 369s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 369s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001 369s + token_name='Test Organization Root Tr Token' 369s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 369s Test Organization Root Tr Token 369s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001 ']' 369s + echo 'Test Organization Root Tr Token' 369s + '[' -n '' ']' 369s + local output_base_name=SSSD-child-20714 369s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-20714.output 369s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-20714.pem 369s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem 369s [p11_child[2312]] [main] (0x0400): p11_child started. 369s [p11_child[2312]] [main] (0x2000): Running in [pre-auth] mode. 369s [p11_child[2312]] [main] (0x2000): Running with effective IDs: [0][0]. 369s [p11_child[2312]] [main] (0x2000): Running with real IDs [0][0]. 369s [p11_child[2312]] [do_card] (0x4000): Module List: 369s [p11_child[2312]] [do_card] (0x4000): common name: [softhsm2]. 369s [p11_child[2312]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2312]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7550cdb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 369s [p11_child[2312]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 369s [p11_child[2312]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7550cdb3][1968229811] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2312]] [do_card] (0x4000): Login NOT required. 369s [p11_child[2312]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 369s [p11_child[2312]] [do_verification] (0x0040): X509_verify_cert failed [0]. 369s [p11_child[2312]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 369s [p11_child[2312]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 369s [p11_child[2312]] [do_card] (0x4000): No certificate found. 369s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-20714.output 369s + return 2 369s + invalid_certificate /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem partial_chain 369s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem partial_chain 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-root-ca-trusted-cert-0001-29173 369s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem 369s + local verify_option=partial_chain 369s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29173 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-root-ca-trusted-cert-0001-29173 369s + local key_cn 369s + local key_name 369s + local tokens_dir 369s + local output_cert_file 369s + token_name= 369s ++ basename /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem .pem 369s + key_name=test-root-CA-trusted-certificate-0001 369s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-root-CA-trusted-certificate-0001.pem 369s ++ sed -n 's/ *commonName *= //p' 369s + key_cn='Test Organization Root Trusted Certificate 0001' 369s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 369s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf 369s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf 369s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 369s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001 369s + token_name='Test Organization Root Tr Token' 369s Test Organization Root Tr Token 369s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 369s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-root-CA-trusted-certificate-0001 ']' 369s + echo 'Test Organization Root Tr Token' 369s + '[' -n partial_chain ']' 369s + local verify_arg=--verify=partial_chain 369s + local output_base_name=SSSD-child-28797 369s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-28797.output 369s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-28797.pem 369s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem 369s [p11_child[2319]] [main] (0x0400): p11_child started. 369s [p11_child[2319]] [main] (0x2000): Running in [pre-auth] mode. 369s [p11_child[2319]] [main] (0x2000): Running with effective IDs: [0][0]. 369s [p11_child[2319]] [main] (0x2000): Running with real IDs [0][0]. 369s [p11_child[2319]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 369s [p11_child[2319]] [do_card] (0x4000): Module List: 369s [p11_child[2319]] [do_card] (0x4000): common name: [softhsm2]. 369s [p11_child[2319]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2319]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7550cdb3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 369s [p11_child[2319]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 369s [p11_child[2319]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7550cdb3][1968229811] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2319]] [do_card] (0x4000): Login NOT required. 369s [p11_child[2319]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 369s [p11_child[2319]] [do_verification] (0x0040): X509_verify_cert failed [0]. 369s [p11_child[2319]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 369s [p11_child[2319]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 369s [p11_child[2319]] [do_card] (0x4000): No certificate found. 369s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-28797.output 369s + return 2 369s + invalid_certificate /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 /dev/null 369s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 /dev/null 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local key_ring=/dev/null 369s + local verify_option= 369s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local key_cn 369s + local key_name 369s + local tokens_dir 369s + local output_cert_file 369s + token_name= 369s ++ basename /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem .pem 369s + key_name=test-intermediate-CA-trusted-certificate-0001 369s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s ++ sed -n 's/ *commonName *= //p' 369s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 369s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 369s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 369s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001 369s + token_name='Test Organization Interme Token' 369s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 369s + local key_file 369s + local decrypted_key 369s + mkdir -p /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001 369s + key_file=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001-key.pem 369s + decrypted_key=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 369s + cat 369s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 053350 --so-pin 053350 --free 369s Slot 0 has a free/uninitialized token. 369s The token has been initialized and is reassigned to slot 1319012035 369s + softhsm2-util --show-slots 369s Available slots: 369s Slot 1319012035 369s Slot info: 369s Description: SoftHSM slot ID 0x4e9e86c3 369s Manufacturer ID: SoftHSM project 369s Hardware version: 2.6 369s Firmware version: 2.6 369s Token present: yes 369s Token info: 369s Manufacturer ID: SoftHSM project 369s Model: SoftHSM v2 369s Hardware version: 2.6 369s Firmware version: 2.6 369s Serial number: 13eda5cece9e86c3 369s Initialized: yes 369s User PIN init.: yes 369s Label: Test Organization Interme Token 369s Slot 1 369s Slot info: 369s Description: SoftHSM slot ID 0x1 369s Manufacturer ID: SoftHSM project 369s Hardware version: 2.6 369s Firmware version: 2.6 369s Token present: yes 369s Token info: 369s Manufacturer ID: SoftHSM project 369s Model: SoftHSM v2 369s Hardware version: 2.6 369s Firmware version: 2.6 369s Serial number: 369s Initialized: no 369s User PIN init.: no 369s Label: 369s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 369s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-31041 -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 369s writing RSA key 369s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 369s + rm /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 369s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 369s Object 0: 369s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=13eda5cece9e86c3;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 369s Type: X.509 Certificate (RSA-1024) 369s Expires: Sat Nov 15 20:30:26 2025 369s Label: Test Organization Intermediate Trusted Certificate 0001 369s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 369s 369s Test Organization Interme Token 369s + echo 'Test Organization Interme Token' 369s + '[' -n '' ']' 369s + local output_base_name=SSSD-child-3694 369s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-3694.output 369s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-3694.pem 369s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 369s [p11_child[2335]] [main] (0x0400): p11_child started. 369s [p11_child[2335]] [main] (0x2000): Running in [pre-auth] mode. 369s [p11_child[2335]] [main] (0x2000): Running with effective IDs: [0][0]. 369s [p11_child[2335]] [main] (0x2000): Running with real IDs [0][0]. 369s [p11_child[2335]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 369s [p11_child[2335]] [do_work] (0x0040): init_verification failed. 369s [p11_child[2335]] [main] (0x0020): p11_child failed (5) 369s + return 2 369s + valid_certificate /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 /dev/null no_verification 369s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 /dev/null no_verification 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local key_ring=/dev/null 369s + local verify_option=no_verification 369s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local key_cn 369s + local key_name 369s + local tokens_dir 369s + local output_cert_file 369s + token_name= 369s ++ basename /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem .pem 369s + key_name=test-intermediate-CA-trusted-certificate-0001 369s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s ++ sed -n 's/ *commonName *= //p' 369s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 369s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 369s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 369s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001 369s + token_name='Test Organization Interme Token' 369s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 369s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 369s Test Organization Interme Token 369s + echo 'Test Organization Interme Token' 369s + '[' -n no_verification ']' 369s + local verify_arg=--verify=no_verification 369s + local output_base_name=SSSD-child-25183 369s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-25183.output 369s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-25183.pem 369s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 369s [p11_child[2341]] [main] (0x0400): p11_child started. 369s [p11_child[2341]] [main] (0x2000): Running in [pre-auth] mode. 369s [p11_child[2341]] [main] (0x2000): Running with effective IDs: [0][0]. 369s [p11_child[2341]] [main] (0x2000): Running with real IDs [0][0]. 369s [p11_child[2341]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 369s [p11_child[2341]] [do_card] (0x4000): Module List: 369s [p11_child[2341]] [do_card] (0x4000): common name: [softhsm2]. 369s [p11_child[2341]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2341]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4e9e86c3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 369s [p11_child[2341]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 369s [p11_child[2341]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4e9e86c3][1319012035] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2341]] [do_card] (0x4000): Login NOT required. 369s [p11_child[2341]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 369s [p11_child[2341]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 369s [p11_child[2341]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4e9e86c3;slot-manufacturer=SoftHSM%20project;slot-id=1319012035;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=13eda5cece9e86c3;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 369s [p11_child[2341]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 369s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-25183.output 369s + echo '-----BEGIN CERTIFICATE-----' 369s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-25183.output 369s + echo '-----END CERTIFICATE-----' 369s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-25183.pem 369s Certificate: 369s Data: 369s Version: 3 (0x2) 369s Serial Number: 4 (0x4) 369s Signature Algorithm: sha256WithRSAEncryption 369s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 369s Validity 369s Not Before: Nov 15 20:30:26 2024 GMT 369s Not After : Nov 15 20:30:26 2025 GMT 369s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 369s Subject Public Key Info: 369s Public Key Algorithm: rsaEncryption 369s Public-Key: (1024 bit) 369s Modulus: 369s 00:d3:ba:c3:ea:58:f3:48:f0:13:ec:f2:90:b2:1b: 369s 06:79:54:d6:65:5e:4a:04:d8:7c:3e:2f:eb:c7:06: 369s 20:29:2a:74:ab:e7:10:a3:04:8d:ef:45:3e:e0:2d: 369s ef:1b:31:e1:df:c1:d0:5d:9c:3a:8f:07:30:87:62: 369s f4:9e:a5:07:14:25:4b:2f:2c:1c:7e:88:e8:1c:16: 369s 1f:b3:99:90:b0:96:e8:a7:ec:0f:8b:d9:31:d0:ca: 369s 53:41:33:b2:9e:bb:f5:13:7b:5c:d7:ee:df:af:d9: 369s c7:12:4b:24:a1:b5:99:1a:47:5b:2c:69:39:fd:b0: 369s bb:c0:90:ee:3f:36:4f:6e:ef 369s Exponent: 65537 (0x10001) 369s X509v3 extensions: 369s X509v3 Authority Key Identifier: 369s 67:56:C2:0A:27:92:19:6A:2F:DF:6B:3D:54:E6:67:92:70:A5:F7:1A 369s X509v3 Basic Constraints: 369s CA:FALSE 369s Netscape Cert Type: 369s SSL Client, S/MIME 369s Netscape Comment: 369s Test Organization Intermediate CA trusted Certificate 369s X509v3 Subject Key Identifier: 369s AF:48:67:4F:B3:88:11:D7:9B:74:5A:28:6B:A2:04:E2:E1:0E:0C:C4 369s X509v3 Key Usage: critical 369s Digital Signature, Non Repudiation, Key Encipherment 369s X509v3 Extended Key Usage: 369s TLS Web Client Authentication, E-mail Protection 369s X509v3 Subject Alternative Name: 369s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 369s Signature Algorithm: sha256WithRSAEncryption 369s Signature Value: 369s 9f:79:b7:34:a2:94:e4:33:bf:ae:7d:45:92:af:5c:f0:89:d0: 369s 1b:4d:ac:97:8f:61:14:d8:62:25:55:8a:0d:49:72:bf:5b:f0: 369s 2d:60:4d:58:ff:72:01:4a:85:8d:cc:ac:91:bd:ff:fa:ea:28: 369s 97:ce:eb:18:1e:14:6c:21:30:a4:0c:54:3f:9b:3a:f1:2c:95: 369s 79:eb:fa:ca:0b:a9:2a:74:9b:68:32:42:d0:1a:81:ac:35:2b: 369s bd:16:37:49:a7:ee:1a:e0:0e:0e:b5:de:97:33:01:6f:59:02: 369s 8d:0f:ff:3f:16:26:2c:c4:df:81:24:42:54:40:50:ef:87:cd: 369s 3f:48 369s + local found_md5 expected_md5 369s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + expected_md5=Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF 369s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-25183.pem 369s + found_md5=Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF 369s + '[' Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF '!=' Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF ']' 369s + output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-25183-auth.output 369s ++ basename /tmp/sssd-softhsm2-kroQZj/SSSD-child-25183-auth.output .output 369s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-25183-auth.pem 369s + echo -n 053350 369s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Interme Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 369s [p11_child[2349]] [main] (0x0400): p11_child started. 369s [p11_child[2349]] [main] (0x2000): Running in [auth] mode. 369s [p11_child[2349]] [main] (0x2000): Running with effective IDs: [0][0]. 369s [p11_child[2349]] [main] (0x2000): Running with real IDs [0][0]. 369s [p11_child[2349]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 369s [p11_child[2349]] [do_card] (0x4000): Module List: 369s [p11_child[2349]] [do_card] (0x4000): common name: [softhsm2]. 369s [p11_child[2349]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2349]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4e9e86c3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 369s [p11_child[2349]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 369s [p11_child[2349]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4e9e86c3][1319012035] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2349]] [do_card] (0x4000): Login required. 369s [p11_child[2349]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 369s [p11_child[2349]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 369s [p11_child[2349]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4e9e86c3;slot-manufacturer=SoftHSM%20project;slot-id=1319012035;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=13eda5cece9e86c3;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 369s [p11_child[2349]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 369s [p11_child[2349]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 369s [p11_child[2349]] [do_card] (0x4000): Certificate verified and validated. 369s [p11_child[2349]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 369s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-25183-auth.output 369s + echo '-----BEGIN CERTIFICATE-----' 369s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-25183-auth.output 369s + echo '-----END CERTIFICATE-----' 369s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-25183-auth.pem 369s Certificate: 369s Data: 369s Version: 3 (0x2) 369s Serial Number: 4 (0x4) 369s Signature Algorithm: sha256WithRSAEncryption 369s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 369s Validity 369s Not Before: Nov 15 20:30:26 2024 GMT 369s Not After : Nov 15 20:30:26 2025 GMT 369s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 369s Subject Public Key Info: 369s Public Key Algorithm: rsaEncryption 369s Public-Key: (1024 bit) 369s Modulus: 369s 00:d3:ba:c3:ea:58:f3:48:f0:13:ec:f2:90:b2:1b: 369s 06:79:54:d6:65:5e:4a:04:d8:7c:3e:2f:eb:c7:06: 369s 20:29:2a:74:ab:e7:10:a3:04:8d:ef:45:3e:e0:2d: 369s ef:1b:31:e1:df:c1:d0:5d:9c:3a:8f:07:30:87:62: 369s f4:9e:a5:07:14:25:4b:2f:2c:1c:7e:88:e8:1c:16: 369s 1f:b3:99:90:b0:96:e8:a7:ec:0f:8b:d9:31:d0:ca: 369s 53:41:33:b2:9e:bb:f5:13:7b:5c:d7:ee:df:af:d9: 369s c7:12:4b:24:a1:b5:99:1a:47:5b:2c:69:39:fd:b0: 369s bb:c0:90:ee:3f:36:4f:6e:ef 369s Exponent: 65537 (0x10001) 369s X509v3 extensions: 369s X509v3 Authority Key Identifier: 369s 67:56:C2:0A:27:92:19:6A:2F:DF:6B:3D:54:E6:67:92:70:A5:F7:1A 369s X509v3 Basic Constraints: 369s CA:FALSE 369s Netscape Cert Type: 369s SSL Client, S/MIME 369s Netscape Comment: 369s Test Organization Intermediate CA trusted Certificate 369s X509v3 Subject Key Identifier: 369s AF:48:67:4F:B3:88:11:D7:9B:74:5A:28:6B:A2:04:E2:E1:0E:0C:C4 369s X509v3 Key Usage: critical 369s Digital Signature, Non Repudiation, Key Encipherment 369s X509v3 Extended Key Usage: 369s TLS Web Client Authentication, E-mail Protection 369s X509v3 Subject Alternative Name: 369s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 369s Signature Algorithm: sha256WithRSAEncryption 369s Signature Value: 369s 9f:79:b7:34:a2:94:e4:33:bf:ae:7d:45:92:af:5c:f0:89:d0: 369s 1b:4d:ac:97:8f:61:14:d8:62:25:55:8a:0d:49:72:bf:5b:f0: 369s 2d:60:4d:58:ff:72:01:4a:85:8d:cc:ac:91:bd:ff:fa:ea:28: 369s 97:ce:eb:18:1e:14:6c:21:30:a4:0c:54:3f:9b:3a:f1:2c:95: 369s 79:eb:fa:ca:0b:a9:2a:74:9b:68:32:42:d0:1a:81:ac:35:2b: 369s bd:16:37:49:a7:ee:1a:e0:0e:0e:b5:de:97:33:01:6f:59:02: 369s 8d:0f:ff:3f:16:26:2c:c4:df:81:24:42:54:40:50:ef:87:cd: 369s 3f:48 369s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-25183-auth.pem 369s + found_md5=Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF 369s + '[' Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF '!=' Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF ']' 369s + invalid_certificate /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 369s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 369s + local verify_option= 369s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local key_cn 369s + local key_name 369s + local tokens_dir 369s + local output_cert_file 369s + token_name= 369s ++ basename /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem .pem 369s + key_name=test-intermediate-CA-trusted-certificate-0001 369s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s ++ sed -n 's/ *commonName *= //p' 369s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 369s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 369s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 369s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001 369s + token_name='Test Organization Interme Token' 369s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 369s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 369s Test Organization Interme Token 369s + echo 'Test Organization Interme Token' 369s + '[' -n '' ']' 369s + local output_base_name=SSSD-child-18426 369s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-18426.output 369s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-18426.pem 369s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 369s [p11_child[2359]] [main] (0x0400): p11_child started. 369s [p11_child[2359]] [main] (0x2000): Running in [pre-auth] mode. 369s [p11_child[2359]] [main] (0x2000): Running with effective IDs: [0][0]. 369s [p11_child[2359]] [main] (0x2000): Running with real IDs [0][0]. 369s [p11_child[2359]] [do_card] (0x4000): Module List: 369s [p11_child[2359]] [do_card] (0x4000): common name: [softhsm2]. 369s [p11_child[2359]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2359]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4e9e86c3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 369s [p11_child[2359]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 369s [p11_child[2359]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4e9e86c3][1319012035] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2359]] [do_card] (0x4000): Login NOT required. 369s [p11_child[2359]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 369s [p11_child[2359]] [do_verification] (0x0040): X509_verify_cert failed [0]. 369s [p11_child[2359]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 369s [p11_child[2359]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 369s [p11_child[2359]] [do_card] (0x4000): No certificate found. 369s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-18426.output 369s + return 2 369s + invalid_certificate /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem partial_chain 369s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem partial_chain 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 369s + local verify_option=partial_chain 369s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local key_cn 369s + local key_name 369s + local tokens_dir 369s + local output_cert_file 369s + token_name= 369s ++ basename /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem .pem 369s + key_name=test-intermediate-CA-trusted-certificate-0001 369s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s ++ sed -n 's/ *commonName *= //p' 369s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 369s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 369s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 369s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001 369s Test Organization Interme Token 369s + token_name='Test Organization Interme Token' 369s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 369s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 369s + echo 'Test Organization Interme Token' 369s + '[' -n partial_chain ']' 369s + local verify_arg=--verify=partial_chain 369s + local output_base_name=SSSD-child-22506 369s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-22506.output 369s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-22506.pem 369s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 369s [p11_child[2366]] [main] (0x0400): p11_child started. 369s [p11_child[2366]] [main] (0x2000): Running in [pre-auth] mode. 369s [p11_child[2366]] [main] (0x2000): Running with effective IDs: [0][0]. 369s [p11_child[2366]] [main] (0x2000): Running with real IDs [0][0]. 369s [p11_child[2366]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 369s [p11_child[2366]] [do_card] (0x4000): Module List: 369s [p11_child[2366]] [do_card] (0x4000): common name: [softhsm2]. 369s [p11_child[2366]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2366]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4e9e86c3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 369s [p11_child[2366]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 369s [p11_child[2366]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4e9e86c3][1319012035] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2366]] [do_card] (0x4000): Login NOT required. 369s [p11_child[2366]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 369s [p11_child[2366]] [do_verification] (0x0040): X509_verify_cert failed [0]. 369s [p11_child[2366]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 369s [p11_child[2366]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 369s [p11_child[2366]] [do_card] (0x4000): No certificate found. 369s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-22506.output 369s + return 2 369s + valid_certificate /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 369s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 369s + local verify_option= 369s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local key_cn 369s + local key_name 369s + local tokens_dir 369s + local output_cert_file 369s + token_name= 369s ++ basename /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem .pem 369s + key_name=test-intermediate-CA-trusted-certificate-0001 369s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s ++ sed -n 's/ *commonName *= //p' 369s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 369s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 369s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 369s Test Organization Interme Token 369s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001 369s + token_name='Test Organization Interme Token' 369s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 369s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 369s + echo 'Test Organization Interme Token' 369s + '[' -n '' ']' 369s + local output_base_name=SSSD-child-24045 369s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-24045.output 369s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-24045.pem 369s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 369s [p11_child[2373]] [main] (0x0400): p11_child started. 369s [p11_child[2373]] [main] (0x2000): Running in [pre-auth] mode. 369s [p11_child[2373]] [main] (0x2000): Running with effective IDs: [0][0]. 369s [p11_child[2373]] [main] (0x2000): Running with real IDs [0][0]. 369s [p11_child[2373]] [do_card] (0x4000): Module List: 369s [p11_child[2373]] [do_card] (0x4000): common name: [softhsm2]. 369s [p11_child[2373]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2373]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4e9e86c3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 369s [p11_child[2373]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 369s [p11_child[2373]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4e9e86c3][1319012035] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2373]] [do_card] (0x4000): Login NOT required. 369s [p11_child[2373]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 369s [p11_child[2373]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 369s [p11_child[2373]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 369s [p11_child[2373]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4e9e86c3;slot-manufacturer=SoftHSM%20project;slot-id=1319012035;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=13eda5cece9e86c3;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 369s [p11_child[2373]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 369s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-24045.output 369s + echo '-----BEGIN CERTIFICATE-----' 369s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-24045.output 369s + echo '-----END CERTIFICATE-----' 369s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-24045.pem 369s Certificate: 369s Data: 369s Version: 3 (0x2) 369s Serial Number: 4 (0x4) 369s Signature Algorithm: sha256WithRSAEncryption 369s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 369s Validity 369s Not Before: Nov 15 20:30:26 2024 GMT 369s Not After : Nov 15 20:30:26 2025 GMT 369s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 369s Subject Public Key Info: 369s Public Key Algorithm: rsaEncryption 369s Public-Key: (1024 bit) 369s Modulus: 369s 00:d3:ba:c3:ea:58:f3:48:f0:13:ec:f2:90:b2:1b: 369s 06:79:54:d6:65:5e:4a:04:d8:7c:3e:2f:eb:c7:06: 369s 20:29:2a:74:ab:e7:10:a3:04:8d:ef:45:3e:e0:2d: 369s ef:1b:31:e1:df:c1:d0:5d:9c:3a:8f:07:30:87:62: 369s f4:9e:a5:07:14:25:4b:2f:2c:1c:7e:88:e8:1c:16: 369s 1f:b3:99:90:b0:96:e8:a7:ec:0f:8b:d9:31:d0:ca: 369s 53:41:33:b2:9e:bb:f5:13:7b:5c:d7:ee:df:af:d9: 369s c7:12:4b:24:a1:b5:99:1a:47:5b:2c:69:39:fd:b0: 369s bb:c0:90:ee:3f:36:4f:6e:ef 369s Exponent: 65537 (0x10001) 369s X509v3 extensions: 369s X509v3 Authority Key Identifier: 369s 67:56:C2:0A:27:92:19:6A:2F:DF:6B:3D:54:E6:67:92:70:A5:F7:1A 369s X509v3 Basic Constraints: 369s CA:FALSE 369s Netscape Cert Type: 369s SSL Client, S/MIME 369s Netscape Comment: 369s Test Organization Intermediate CA trusted Certificate 369s X509v3 Subject Key Identifier: 369s AF:48:67:4F:B3:88:11:D7:9B:74:5A:28:6B:A2:04:E2:E1:0E:0C:C4 369s X509v3 Key Usage: critical 369s Digital Signature, Non Repudiation, Key Encipherment 369s X509v3 Extended Key Usage: 369s TLS Web Client Authentication, E-mail Protection 369s X509v3 Subject Alternative Name: 369s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 369s Signature Algorithm: sha256WithRSAEncryption 369s Signature Value: 369s 9f:79:b7:34:a2:94:e4:33:bf:ae:7d:45:92:af:5c:f0:89:d0: 369s 1b:4d:ac:97:8f:61:14:d8:62:25:55:8a:0d:49:72:bf:5b:f0: 369s 2d:60:4d:58:ff:72:01:4a:85:8d:cc:ac:91:bd:ff:fa:ea:28: 369s 97:ce:eb:18:1e:14:6c:21:30:a4:0c:54:3f:9b:3a:f1:2c:95: 369s 79:eb:fa:ca:0b:a9:2a:74:9b:68:32:42:d0:1a:81:ac:35:2b: 369s bd:16:37:49:a7:ee:1a:e0:0e:0e:b5:de:97:33:01:6f:59:02: 369s 8d:0f:ff:3f:16:26:2c:c4:df:81:24:42:54:40:50:ef:87:cd: 369s 3f:48 369s + local found_md5 expected_md5 369s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + expected_md5=Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF 369s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-24045.pem 369s + found_md5=Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF 369s + '[' Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF '!=' Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF ']' 369s + output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-24045-auth.output 369s ++ basename /tmp/sssd-softhsm2-kroQZj/SSSD-child-24045-auth.output .output 369s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-24045-auth.pem 369s + echo -n 053350 369s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Interme Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 369s [p11_child[2381]] [main] (0x0400): p11_child started. 369s [p11_child[2381]] [main] (0x2000): Running in [auth] mode. 369s [p11_child[2381]] [main] (0x2000): Running with effective IDs: [0][0]. 369s [p11_child[2381]] [main] (0x2000): Running with real IDs [0][0]. 369s [p11_child[2381]] [do_card] (0x4000): Module List: 369s [p11_child[2381]] [do_card] (0x4000): common name: [softhsm2]. 369s [p11_child[2381]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2381]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4e9e86c3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 369s [p11_child[2381]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 369s [p11_child[2381]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4e9e86c3][1319012035] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2381]] [do_card] (0x4000): Login required. 369s [p11_child[2381]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 369s [p11_child[2381]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 369s [p11_child[2381]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 369s [p11_child[2381]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4e9e86c3;slot-manufacturer=SoftHSM%20project;slot-id=1319012035;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=13eda5cece9e86c3;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 369s [p11_child[2381]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 369s [p11_child[2381]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 369s [p11_child[2381]] [do_card] (0x4000): Certificate verified and validated. 369s [p11_child[2381]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 369s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-24045-auth.output 369s + echo '-----BEGIN CERTIFICATE-----' 369s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-24045-auth.output 369s + echo '-----END CERTIFICATE-----' 369s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-24045-auth.pem 369s Certificate: 369s Data: 369s Version: 3 (0x2) 369s Serial Number: 4 (0x4) 369s Signature Algorithm: sha256WithRSAEncryption 369s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 369s Validity 369s Not Before: Nov 15 20:30:26 2024 GMT 369s Not After : Nov 15 20:30:26 2025 GMT 369s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 369s Subject Public Key Info: 369s Public Key Algorithm: rsaEncryption 369s Public-Key: (1024 bit) 369s Modulus: 369s 00:d3:ba:c3:ea:58:f3:48:f0:13:ec:f2:90:b2:1b: 369s 06:79:54:d6:65:5e:4a:04:d8:7c:3e:2f:eb:c7:06: 369s 20:29:2a:74:ab:e7:10:a3:04:8d:ef:45:3e:e0:2d: 369s ef:1b:31:e1:df:c1:d0:5d:9c:3a:8f:07:30:87:62: 369s f4:9e:a5:07:14:25:4b:2f:2c:1c:7e:88:e8:1c:16: 369s 1f:b3:99:90:b0:96:e8:a7:ec:0f:8b:d9:31:d0:ca: 369s 53:41:33:b2:9e:bb:f5:13:7b:5c:d7:ee:df:af:d9: 369s c7:12:4b:24:a1:b5:99:1a:47:5b:2c:69:39:fd:b0: 369s bb:c0:90:ee:3f:36:4f:6e:ef 369s Exponent: 65537 (0x10001) 369s X509v3 extensions: 369s X509v3 Authority Key Identifier: 369s 67:56:C2:0A:27:92:19:6A:2F:DF:6B:3D:54:E6:67:92:70:A5:F7:1A 369s X509v3 Basic Constraints: 369s CA:FALSE 369s Netscape Cert Type: 369s SSL Client, S/MIME 369s Netscape Comment: 369s Test Organization Intermediate CA trusted Certificate 369s X509v3 Subject Key Identifier: 369s AF:48:67:4F:B3:88:11:D7:9B:74:5A:28:6B:A2:04:E2:E1:0E:0C:C4 369s X509v3 Key Usage: critical 369s Digital Signature, Non Repudiation, Key Encipherment 369s X509v3 Extended Key Usage: 369s TLS Web Client Authentication, E-mail Protection 369s X509v3 Subject Alternative Name: 369s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 369s Signature Algorithm: sha256WithRSAEncryption 369s Signature Value: 369s 9f:79:b7:34:a2:94:e4:33:bf:ae:7d:45:92:af:5c:f0:89:d0: 369s 1b:4d:ac:97:8f:61:14:d8:62:25:55:8a:0d:49:72:bf:5b:f0: 369s 2d:60:4d:58:ff:72:01:4a:85:8d:cc:ac:91:bd:ff:fa:ea:28: 369s 97:ce:eb:18:1e:14:6c:21:30:a4:0c:54:3f:9b:3a:f1:2c:95: 369s 79:eb:fa:ca:0b:a9:2a:74:9b:68:32:42:d0:1a:81:ac:35:2b: 369s bd:16:37:49:a7:ee:1a:e0:0e:0e:b5:de:97:33:01:6f:59:02: 369s 8d:0f:ff:3f:16:26:2c:c4:df:81:24:42:54:40:50:ef:87:cd: 369s 3f:48 369s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-24045-auth.pem 369s + found_md5=Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF 369s + '[' Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF '!=' Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF ']' 369s + valid_certificate /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem partial_chain 369s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem partial_chain 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 369s + local verify_option=partial_chain 369s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local key_cn 369s + local key_name 369s + local tokens_dir 369s + local output_cert_file 369s + token_name= 369s ++ basename /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem .pem 369s + key_name=test-intermediate-CA-trusted-certificate-0001 369s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s ++ sed -n 's/ *commonName *= //p' 369s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 369s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 369s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 369s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001 369s Test Organization Interme Token 369s + token_name='Test Organization Interme Token' 369s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 369s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 369s + echo 'Test Organization Interme Token' 369s + '[' -n partial_chain ']' 369s + local verify_arg=--verify=partial_chain 369s + local output_base_name=SSSD-child-22857 369s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-22857.output 369s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-22857.pem 369s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 369s [p11_child[2391]] [main] (0x0400): p11_child started. 369s [p11_child[2391]] [main] (0x2000): Running in [pre-auth] mode. 369s [p11_child[2391]] [main] (0x2000): Running with effective IDs: [0][0]. 369s [p11_child[2391]] [main] (0x2000): Running with real IDs [0][0]. 369s [p11_child[2391]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 369s [p11_child[2391]] [do_card] (0x4000): Module List: 369s [p11_child[2391]] [do_card] (0x4000): common name: [softhsm2]. 369s [p11_child[2391]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2391]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4e9e86c3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 369s [p11_child[2391]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 369s [p11_child[2391]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4e9e86c3][1319012035] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2391]] [do_card] (0x4000): Login NOT required. 369s [p11_child[2391]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 369s [p11_child[2391]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 369s [p11_child[2391]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 369s [p11_child[2391]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4e9e86c3;slot-manufacturer=SoftHSM%20project;slot-id=1319012035;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=13eda5cece9e86c3;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 369s [p11_child[2391]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 369s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-22857.output 369s + echo '-----BEGIN CERTIFICATE-----' 369s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-22857.output 369s + echo '-----END CERTIFICATE-----' 369s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-22857.pem 369s Certificate: 369s Data: 369s Version: 3 (0x2) 369s Serial Number: 4 (0x4) 369s Signature Algorithm: sha256WithRSAEncryption 369s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 369s Validity 369s Not Before: Nov 15 20:30:26 2024 GMT 369s Not After : Nov 15 20:30:26 2025 GMT 369s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 369s Subject Public Key Info: 369s Public Key Algorithm: rsaEncryption 369s Public-Key: (1024 bit) 369s Modulus: 369s 00:d3:ba:c3:ea:58:f3:48:f0:13:ec:f2:90:b2:1b: 369s 06:79:54:d6:65:5e:4a:04:d8:7c:3e:2f:eb:c7:06: 369s 20:29:2a:74:ab:e7:10:a3:04:8d:ef:45:3e:e0:2d: 369s ef:1b:31:e1:df:c1:d0:5d:9c:3a:8f:07:30:87:62: 369s f4:9e:a5:07:14:25:4b:2f:2c:1c:7e:88:e8:1c:16: 369s 1f:b3:99:90:b0:96:e8:a7:ec:0f:8b:d9:31:d0:ca: 369s 53:41:33:b2:9e:bb:f5:13:7b:5c:d7:ee:df:af:d9: 369s c7:12:4b:24:a1:b5:99:1a:47:5b:2c:69:39:fd:b0: 369s bb:c0:90:ee:3f:36:4f:6e:ef 369s Exponent: 65537 (0x10001) 369s X509v3 extensions: 369s X509v3 Authority Key Identifier: 369s 67:56:C2:0A:27:92:19:6A:2F:DF:6B:3D:54:E6:67:92:70:A5:F7:1A 369s X509v3 Basic Constraints: 369s CA:FALSE 369s Netscape Cert Type: 369s SSL Client, S/MIME 369s Netscape Comment: 369s Test Organization Intermediate CA trusted Certificate 369s X509v3 Subject Key Identifier: 369s AF:48:67:4F:B3:88:11:D7:9B:74:5A:28:6B:A2:04:E2:E1:0E:0C:C4 369s X509v3 Key Usage: critical 369s Digital Signature, Non Repudiation, Key Encipherment 369s X509v3 Extended Key Usage: 369s TLS Web Client Authentication, E-mail Protection 369s X509v3 Subject Alternative Name: 369s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 369s Signature Algorithm: sha256WithRSAEncryption 369s Signature Value: 369s 9f:79:b7:34:a2:94:e4:33:bf:ae:7d:45:92:af:5c:f0:89:d0: 369s 1b:4d:ac:97:8f:61:14:d8:62:25:55:8a:0d:49:72:bf:5b:f0: 369s 2d:60:4d:58:ff:72:01:4a:85:8d:cc:ac:91:bd:ff:fa:ea:28: 369s 97:ce:eb:18:1e:14:6c:21:30:a4:0c:54:3f:9b:3a:f1:2c:95: 369s 79:eb:fa:ca:0b:a9:2a:74:9b:68:32:42:d0:1a:81:ac:35:2b: 369s bd:16:37:49:a7:ee:1a:e0:0e:0e:b5:de:97:33:01:6f:59:02: 369s 8d:0f:ff:3f:16:26:2c:c4:df:81:24:42:54:40:50:ef:87:cd: 369s 3f:48 369s + local found_md5 expected_md5 369s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + expected_md5=Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF 369s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-22857.pem 369s + found_md5=Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF 369s + '[' Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF '!=' Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF ']' 369s + output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-22857-auth.output 369s ++ basename /tmp/sssd-softhsm2-kroQZj/SSSD-child-22857-auth.output .output 369s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-22857-auth.pem 369s + echo -n 053350 369s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 369s [p11_child[2399]] [main] (0x0400): p11_child started. 369s [p11_child[2399]] [main] (0x2000): Running in [auth] mode. 369s [p11_child[2399]] [main] (0x2000): Running with effective IDs: [0][0]. 369s [p11_child[2399]] [main] (0x2000): Running with real IDs [0][0]. 369s [p11_child[2399]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 369s [p11_child[2399]] [do_card] (0x4000): Module List: 369s [p11_child[2399]] [do_card] (0x4000): common name: [softhsm2]. 369s [p11_child[2399]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2399]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4e9e86c3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 369s [p11_child[2399]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 369s [p11_child[2399]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4e9e86c3][1319012035] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2399]] [do_card] (0x4000): Login required. 369s [p11_child[2399]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 369s [p11_child[2399]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 369s [p11_child[2399]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 369s [p11_child[2399]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4e9e86c3;slot-manufacturer=SoftHSM%20project;slot-id=1319012035;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=13eda5cece9e86c3;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 369s [p11_child[2399]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 369s [p11_child[2399]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 369s [p11_child[2399]] [do_card] (0x4000): Certificate verified and validated. 369s [p11_child[2399]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 369s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-22857-auth.output 369s + echo '-----BEGIN CERTIFICATE-----' 369s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-22857-auth.output 369s + echo '-----END CERTIFICATE-----' 369s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-22857-auth.pem 369s Certificate: 369s Data: 369s Version: 3 (0x2) 369s Serial Number: 4 (0x4) 369s Signature Algorithm: sha256WithRSAEncryption 369s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 369s Validity 369s Not Before: Nov 15 20:30:26 2024 GMT 369s Not After : Nov 15 20:30:26 2025 GMT 369s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 369s Subject Public Key Info: 369s Public Key Algorithm: rsaEncryption 369s Public-Key: (1024 bit) 369s Modulus: 369s 00:d3:ba:c3:ea:58:f3:48:f0:13:ec:f2:90:b2:1b: 369s 06:79:54:d6:65:5e:4a:04:d8:7c:3e:2f:eb:c7:06: 369s 20:29:2a:74:ab:e7:10:a3:04:8d:ef:45:3e:e0:2d: 369s ef:1b:31:e1:df:c1:d0:5d:9c:3a:8f:07:30:87:62: 369s f4:9e:a5:07:14:25:4b:2f:2c:1c:7e:88:e8:1c:16: 369s 1f:b3:99:90:b0:96:e8:a7:ec:0f:8b:d9:31:d0:ca: 369s 53:41:33:b2:9e:bb:f5:13:7b:5c:d7:ee:df:af:d9: 369s c7:12:4b:24:a1:b5:99:1a:47:5b:2c:69:39:fd:b0: 369s bb:c0:90:ee:3f:36:4f:6e:ef 369s Exponent: 65537 (0x10001) 369s X509v3 extensions: 369s X509v3 Authority Key Identifier: 369s 67:56:C2:0A:27:92:19:6A:2F:DF:6B:3D:54:E6:67:92:70:A5:F7:1A 369s X509v3 Basic Constraints: 369s CA:FALSE 369s Netscape Cert Type: 369s SSL Client, S/MIME 369s Netscape Comment: 369s Test Organization Intermediate CA trusted Certificate 369s X509v3 Subject Key Identifier: 369s AF:48:67:4F:B3:88:11:D7:9B:74:5A:28:6B:A2:04:E2:E1:0E:0C:C4 369s X509v3 Key Usage: critical 369s Digital Signature, Non Repudiation, Key Encipherment 369s X509v3 Extended Key Usage: 369s TLS Web Client Authentication, E-mail Protection 369s X509v3 Subject Alternative Name: 369s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 369s Signature Algorithm: sha256WithRSAEncryption 369s Signature Value: 369s 9f:79:b7:34:a2:94:e4:33:bf:ae:7d:45:92:af:5c:f0:89:d0: 369s 1b:4d:ac:97:8f:61:14:d8:62:25:55:8a:0d:49:72:bf:5b:f0: 369s 2d:60:4d:58:ff:72:01:4a:85:8d:cc:ac:91:bd:ff:fa:ea:28: 369s 97:ce:eb:18:1e:14:6c:21:30:a4:0c:54:3f:9b:3a:f1:2c:95: 369s 79:eb:fa:ca:0b:a9:2a:74:9b:68:32:42:d0:1a:81:ac:35:2b: 369s bd:16:37:49:a7:ee:1a:e0:0e:0e:b5:de:97:33:01:6f:59:02: 369s 8d:0f:ff:3f:16:26:2c:c4:df:81:24:42:54:40:50:ef:87:cd: 369s 3f:48 369s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-22857-auth.pem 369s + found_md5=Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF 369s + '[' Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF '!=' Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF ']' 369s + invalid_certificate /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem 369s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem 369s + local verify_option= 369s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local key_cn 369s + local key_name 369s + local tokens_dir 369s + local output_cert_file 369s + token_name= 369s ++ basename /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem .pem 369s + key_name=test-intermediate-CA-trusted-certificate-0001 369s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s ++ sed -n 's/ *commonName *= //p' 369s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 369s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 369s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s Test Organization Interme Token 369s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 369s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001 369s + token_name='Test Organization Interme Token' 369s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 369s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 369s + echo 'Test Organization Interme Token' 369s + '[' -n '' ']' 369s + local output_base_name=SSSD-child-27279 369s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-27279.output 369s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-27279.pem 369s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem 369s [p11_child[2409]] [main] (0x0400): p11_child started. 369s [p11_child[2409]] [main] (0x2000): Running in [pre-auth] mode. 369s [p11_child[2409]] [main] (0x2000): Running with effective IDs: [0][0]. 369s [p11_child[2409]] [main] (0x2000): Running with real IDs [0][0]. 369s [p11_child[2409]] [do_card] (0x4000): Module List: 369s [p11_child[2409]] [do_card] (0x4000): common name: [softhsm2]. 369s [p11_child[2409]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2409]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4e9e86c3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 369s [p11_child[2409]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 369s [p11_child[2409]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4e9e86c3][1319012035] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2409]] [do_card] (0x4000): Login NOT required. 369s [p11_child[2409]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 369s [p11_child[2409]] [do_verification] (0x0040): X509_verify_cert failed [0]. 369s [p11_child[2409]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 369s [p11_child[2409]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 369s [p11_child[2409]] [do_card] (0x4000): No certificate found. 369s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-27279.output 369s + return 2 369s + valid_certificate /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem partial_chain 369s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem partial_chain 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem 369s + local verify_option=partial_chain 369s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-31041 369s + local key_cn 369s + local key_name 369s + local tokens_dir 369s + local output_cert_file 369s + token_name= 369s ++ basename /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem .pem 369s + key_name=test-intermediate-CA-trusted-certificate-0001 369s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s ++ sed -n 's/ *commonName *= //p' 369s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 369s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 369s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 369s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 369s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001 369s Test Organization Interme Token 369s + token_name='Test Organization Interme Token' 369s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 369s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 369s + echo 'Test Organization Interme Token' 369s + '[' -n partial_chain ']' 369s + local verify_arg=--verify=partial_chain 369s + local output_base_name=SSSD-child-15901 369s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-15901.output 369s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-15901.pem 369s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem 369s [p11_child[2416]] [main] (0x0400): p11_child started. 369s [p11_child[2416]] [main] (0x2000): Running in [pre-auth] mode. 369s [p11_child[2416]] [main] (0x2000): Running with effective IDs: [0][0]. 369s [p11_child[2416]] [main] (0x2000): Running with real IDs [0][0]. 369s [p11_child[2416]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 369s [p11_child[2416]] [do_card] (0x4000): Module List: 369s [p11_child[2416]] [do_card] (0x4000): common name: [softhsm2]. 369s [p11_child[2416]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2416]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4e9e86c3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 369s [p11_child[2416]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 369s [p11_child[2416]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4e9e86c3][1319012035] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 369s [p11_child[2416]] [do_card] (0x4000): Login NOT required. 369s [p11_child[2416]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 369s [p11_child[2416]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 369s [p11_child[2416]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 369s [p11_child[2416]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4e9e86c3;slot-manufacturer=SoftHSM%20project;slot-id=1319012035;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=13eda5cece9e86c3;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 369s [p11_child[2416]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 369s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-15901.output 369s + echo '-----BEGIN CERTIFICATE-----' 369s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-15901.output 369s + echo '-----END CERTIFICATE-----' 369s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-15901.pem 369s Certificate: 369s Data: 369s Version: 3 (0x2) 369s Serial Number: 4 (0x4) 369s Signature Algorithm: sha256WithRSAEncryption 369s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 369s Validity 369s Not Before: Nov 15 20:30:26 2024 GMT 369s Not After : Nov 15 20:30:26 2025 GMT 369s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 369s Subject Public Key Info: 369s Public Key Algorithm: rsaEncryption 369s Public-Key: (1024 bit) 369s Modulus: 369s 00:d3:ba:c3:ea:58:f3:48:f0:13:ec:f2:90:b2:1b: 369s 06:79:54:d6:65:5e:4a:04:d8:7c:3e:2f:eb:c7:06: 369s 20:29:2a:74:ab:e7:10:a3:04:8d:ef:45:3e:e0:2d: 369s ef:1b:31:e1:df:c1:d0:5d:9c:3a:8f:07:30:87:62: 369s f4:9e:a5:07:14:25:4b:2f:2c:1c:7e:88:e8:1c:16: 369s 1f:b3:99:90:b0:96:e8:a7:ec:0f:8b:d9:31:d0:ca: 369s 53:41:33:b2:9e:bb:f5:13:7b:5c:d7:ee:df:af:d9: 369s c7:12:4b:24:a1:b5:99:1a:47:5b:2c:69:39:fd:b0: 369s bb:c0:90:ee:3f:36:4f:6e:ef 369s Exponent: 65537 (0x10001) 369s X509v3 extensions: 369s X509v3 Authority Key Identifier: 369s 67:56:C2:0A:27:92:19:6A:2F:DF:6B:3D:54:E6:67:92:70:A5:F7:1A 369s X509v3 Basic Constraints: 369s CA:FALSE 369s Netscape Cert Type: 369s SSL Client, S/MIME 369s Netscape Comment: 369s Test Organization Intermediate CA trusted Certificate 369s X509v3 Subject Key Identifier: 369s AF:48:67:4F:B3:88:11:D7:9B:74:5A:28:6B:A2:04:E2:E1:0E:0C:C4 369s X509v3 Key Usage: critical 369s Digital Signature, Non Repudiation, Key Encipherment 369s X509v3 Extended Key Usage: 369s TLS Web Client Authentication, E-mail Protection 369s X509v3 Subject Alternative Name: 369s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 369s Signature Algorithm: sha256WithRSAEncryption 369s Signature Value: 369s 9f:79:b7:34:a2:94:e4:33:bf:ae:7d:45:92:af:5c:f0:89:d0: 369s 1b:4d:ac:97:8f:61:14:d8:62:25:55:8a:0d:49:72:bf:5b:f0: 369s 2d:60:4d:58:ff:72:01:4a:85:8d:cc:ac:91:bd:ff:fa:ea:28: 369s 97:ce:eb:18:1e:14:6c:21:30:a4:0c:54:3f:9b:3a:f1:2c:95: 369s 79:eb:fa:ca:0b:a9:2a:74:9b:68:32:42:d0:1a:81:ac:35:2b: 369s bd:16:37:49:a7:ee:1a:e0:0e:0e:b5:de:97:33:01:6f:59:02: 369s 8d:0f:ff:3f:16:26:2c:c4:df:81:24:42:54:40:50:ef:87:cd: 369s 3f:48 369s + local found_md5 expected_md5 369s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/test-intermediate-CA-trusted-certificate-0001.pem 369s + expected_md5=Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF 369s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-15901.pem 370s + found_md5=Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF 370s + '[' Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF '!=' Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF ']' 370s + output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-15901-auth.output 370s ++ basename /tmp/sssd-softhsm2-kroQZj/SSSD-child-15901-auth.output .output 370s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-15901-auth.pem 370s + echo -n 053350 370s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kroQZj/test-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 370s [p11_child[2424]] [main] (0x0400): p11_child started. 370s [p11_child[2424]] [main] (0x2000): Running in [auth] mode. 370s [p11_child[2424]] [main] (0x2000): Running with effective IDs: [0][0]. 370s [p11_child[2424]] [main] (0x2000): Running with real IDs [0][0]. 370s [p11_child[2424]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 370s [p11_child[2424]] [do_card] (0x4000): Module List: 370s [p11_child[2424]] [do_card] (0x4000): common name: [softhsm2]. 370s [p11_child[2424]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2424]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4e9e86c3] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 370s [p11_child[2424]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 370s [p11_child[2424]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4e9e86c3][1319012035] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2424]] [do_card] (0x4000): Login required. 370s [p11_child[2424]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 370s [p11_child[2424]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 370s [p11_child[2424]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 370s [p11_child[2424]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4e9e86c3;slot-manufacturer=SoftHSM%20project;slot-id=1319012035;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=13eda5cece9e86c3;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 370s [p11_child[2424]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 370s [p11_child[2424]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 370s [p11_child[2424]] [do_card] (0x4000): Certificate verified and validated. 370s [p11_child[2424]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 370s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-15901-auth.output 370s + echo '-----BEGIN CERTIFICATE-----' 370s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-15901-auth.output 370s + echo '-----END CERTIFICATE-----' 370s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-15901-auth.pem 370s Certificate: 370s Data: 370s Version: 3 (0x2) 370s Serial Number: 4 (0x4) 370s Signature Algorithm: sha256WithRSAEncryption 370s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 370s Validity 370s Not Before: Nov 15 20:30:26 2024 GMT 370s Not After : Nov 15 20:30:26 2025 GMT 370s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 370s Subject Public Key Info: 370s Public Key Algorithm: rsaEncryption 370s Public-Key: (1024 bit) 370s Modulus: 370s 00:d3:ba:c3:ea:58:f3:48:f0:13:ec:f2:90:b2:1b: 370s 06:79:54:d6:65:5e:4a:04:d8:7c:3e:2f:eb:c7:06: 370s 20:29:2a:74:ab:e7:10:a3:04:8d:ef:45:3e:e0:2d: 370s ef:1b:31:e1:df:c1:d0:5d:9c:3a:8f:07:30:87:62: 370s f4:9e:a5:07:14:25:4b:2f:2c:1c:7e:88:e8:1c:16: 370s 1f:b3:99:90:b0:96:e8:a7:ec:0f:8b:d9:31:d0:ca: 370s 53:41:33:b2:9e:bb:f5:13:7b:5c:d7:ee:df:af:d9: 370s c7:12:4b:24:a1:b5:99:1a:47:5b:2c:69:39:fd:b0: 370s bb:c0:90:ee:3f:36:4f:6e:ef 370s Exponent: 65537 (0x10001) 370s X509v3 extensions: 370s X509v3 Authority Key Identifier: 370s 67:56:C2:0A:27:92:19:6A:2F:DF:6B:3D:54:E6:67:92:70:A5:F7:1A 370s X509v3 Basic Constraints: 370s CA:FALSE 370s Netscape Cert Type: 370s SSL Client, S/MIME 370s Netscape Comment: 370s Test Organization Intermediate CA trusted Certificate 370s X509v3 Subject Key Identifier: 370s AF:48:67:4F:B3:88:11:D7:9B:74:5A:28:6B:A2:04:E2:E1:0E:0C:C4 370s X509v3 Key Usage: critical 370s Digital Signature, Non Repudiation, Key Encipherment 370s X509v3 Extended Key Usage: 370s TLS Web Client Authentication, E-mail Protection 370s X509v3 Subject Alternative Name: 370s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 370s Signature Algorithm: sha256WithRSAEncryption 370s Signature Value: 370s 9f:79:b7:34:a2:94:e4:33:bf:ae:7d:45:92:af:5c:f0:89:d0: 370s 1b:4d:ac:97:8f:61:14:d8:62:25:55:8a:0d:49:72:bf:5b:f0: 370s 2d:60:4d:58:ff:72:01:4a:85:8d:cc:ac:91:bd:ff:fa:ea:28: 370s 97:ce:eb:18:1e:14:6c:21:30:a4:0c:54:3f:9b:3a:f1:2c:95: 370s 79:eb:fa:ca:0b:a9:2a:74:9b:68:32:42:d0:1a:81:ac:35:2b: 370s bd:16:37:49:a7:ee:1a:e0:0e:0e:b5:de:97:33:01:6f:59:02: 370s 8d:0f:ff:3f:16:26:2c:c4:df:81:24:42:54:40:50:ef:87:cd: 370s 3f:48 370s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-15901-auth.pem 370s + found_md5=Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF 370s + '[' Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF '!=' Modulus=D3BAC3EA58F348F013ECF290B21B067954D6655E4A04D87C3E2FEBC70620292A74ABE710A3048DEF453EE02DEF1B31E1DFC1D05D9C3A8F07308762F49EA50714254B2F2C1C7E88E81C161FB39990B096E8A7EC0F8BD931D0CA534133B29EBBF5137B5CD7EEDFAFD9C7124B24A1B5991A475B2C6939FDB0BBC090EE3F364F6EEF ']' 370s + invalid_certificate /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 370s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 370s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 370s + local verify_option= 370s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local key_cn 370s + local key_name 370s + local tokens_dir 370s + local output_cert_file 370s + token_name= 370s ++ basename /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 370s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 370s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s ++ sed -n 's/ *commonName *= //p' 370s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 370s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 370s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 370s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 370s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 370s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 370s + token_name='Test Organization Sub Int Token' 370s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 370s + local key_file 370s + local decrypted_key 370s + mkdir -p /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 370s + key_file=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 370s + decrypted_key=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 370s + cat 370s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 053350 --so-pin 053350 --free 370s Slot 0 has a free/uninitialized token. 370s The token has been initialized and is reassigned to slot 936689617 370s + softhsm2-util --show-slots 370s Available slots: 370s Slot 936689617 370s Slot info: 370s Description: SoftHSM slot ID 0x37d4bfd1 370s Manufacturer ID: SoftHSM project 370s Hardware version: 2.6 370s Firmware version: 2.6 370s Token present: yes 370s Token info: 370s Manufacturer ID: SoftHSM project 370s Model: SoftHSM v2 370s Hardware version: 2.6 370s Firmware version: 2.6 370s Serial number: 673e33f237d4bfd1 370s Initialized: yes 370s User PIN init.: yes 370s Label: Test Organization Sub Int Token 370s Slot 1 370s Slot info: 370s Description: SoftHSM slot ID 0x1 370s Manufacturer ID: SoftHSM project 370s Hardware version: 2.6 370s Firmware version: 2.6 370s Token present: yes 370s Token info: 370s Manufacturer ID: SoftHSM project 370s Model: SoftHSM v2 370s Hardware version: 2.6 370s Firmware version: 2.6 370s Serial number: 370s Initialized: no 370s User PIN init.: no 370s Label: 370s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 370s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-6442 -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 370s writing RSA key 370s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 370s + rm /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 370s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 370s Object 0: 370s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=673e33f237d4bfd1;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 370s Type: X.509 Certificate (RSA-1024) 370s Expires: Sat Nov 15 20:30:26 2025 370s Label: Test Organization Sub Intermediate Trusted Certificate 0001 370s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 370s 370s Test Organization Sub Int Token 370s + echo 'Test Organization Sub Int Token' 370s + '[' -n '' ']' 370s + local output_base_name=SSSD-child-4509 370s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-4509.output 370s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-4509.pem 370s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 370s [p11_child[2443]] [main] (0x0400): p11_child started. 370s [p11_child[2443]] [main] (0x2000): Running in [pre-auth] mode. 370s [p11_child[2443]] [main] (0x2000): Running with effective IDs: [0][0]. 370s [p11_child[2443]] [main] (0x2000): Running with real IDs [0][0]. 370s [p11_child[2443]] [do_card] (0x4000): Module List: 370s [p11_child[2443]] [do_card] (0x4000): common name: [softhsm2]. 370s [p11_child[2443]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2443]] [do_card] (0x4000): Description [SoftHSM slot ID 0x37d4bfd1] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 370s [p11_child[2443]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 370s [p11_child[2443]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x37d4bfd1][936689617] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2443]] [do_card] (0x4000): Login NOT required. 370s [p11_child[2443]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 370s [p11_child[2443]] [do_verification] (0x0040): X509_verify_cert failed [0]. 370s [p11_child[2443]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 370s [p11_child[2443]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 370s [p11_child[2443]] [do_card] (0x4000): No certificate found. 370s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-4509.output 370s + return 2 370s + invalid_certificate /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem partial_chain 370s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 /tmp/sssd-softhsm2-kroQZj/test-root-CA.pem partial_chain 370s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 370s + local verify_option=partial_chain 370s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local key_cn 370s + local key_name 370s + local tokens_dir 370s + local output_cert_file 370s + token_name= 370s ++ basename /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 370s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 370s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s ++ sed -n 's/ *commonName *= //p' 370s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 370s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 370s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 370s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 370s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 370s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 370s Test Organization Sub Int Token 370s + token_name='Test Organization Sub Int Token' 370s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 370s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 370s + echo 'Test Organization Sub Int Token' 370s + '[' -n partial_chain ']' 370s + local verify_arg=--verify=partial_chain 370s + local output_base_name=SSSD-child-26599 370s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-26599.output 370s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-26599.pem 370s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kroQZj/test-root-CA.pem 370s [p11_child[2450]] [main] (0x0400): p11_child started. 370s [p11_child[2450]] [main] (0x2000): Running in [pre-auth] mode. 370s [p11_child[2450]] [main] (0x2000): Running with effective IDs: [0][0]. 370s [p11_child[2450]] [main] (0x2000): Running with real IDs [0][0]. 370s [p11_child[2450]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 370s [p11_child[2450]] [do_card] (0x4000): Module List: 370s [p11_child[2450]] [do_card] (0x4000): common name: [softhsm2]. 370s [p11_child[2450]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2450]] [do_card] (0x4000): Description [SoftHSM slot ID 0x37d4bfd1] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 370s [p11_child[2450]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 370s [p11_child[2450]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x37d4bfd1][936689617] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2450]] [do_card] (0x4000): Login NOT required. 370s [p11_child[2450]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 370s [p11_child[2450]] [do_verification] (0x0040): X509_verify_cert failed [0]. 370s [p11_child[2450]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 370s [p11_child[2450]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 370s [p11_child[2450]] [do_card] (0x4000): No certificate found. 370s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-26599.output 370s + return 2 370s + valid_certificate /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 370s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 370s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 370s + local verify_option= 370s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local key_cn 370s + local key_name 370s + local tokens_dir 370s + local output_cert_file 370s + token_name= 370s ++ basename /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 370s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 370s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s ++ sed -n 's/ *commonName *= //p' 370s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 370s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 370s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 370s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 370s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 370s Test Organization Sub Int Token 370s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 370s + token_name='Test Organization Sub Int Token' 370s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 370s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 370s + echo 'Test Organization Sub Int Token' 370s + '[' -n '' ']' 370s + local output_base_name=SSSD-child-8745 370s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-8745.output 370s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-8745.pem 370s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 370s [p11_child[2457]] [main] (0x0400): p11_child started. 370s [p11_child[2457]] [main] (0x2000): Running in [pre-auth] mode. 370s [p11_child[2457]] [main] (0x2000): Running with effective IDs: [0][0]. 370s [p11_child[2457]] [main] (0x2000): Running with real IDs [0][0]. 370s [p11_child[2457]] [do_card] (0x4000): Module List: 370s [p11_child[2457]] [do_card] (0x4000): common name: [softhsm2]. 370s [p11_child[2457]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2457]] [do_card] (0x4000): Description [SoftHSM slot ID 0x37d4bfd1] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 370s [p11_child[2457]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 370s [p11_child[2457]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x37d4bfd1][936689617] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2457]] [do_card] (0x4000): Login NOT required. 370s [p11_child[2457]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 370s [p11_child[2457]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 370s [p11_child[2457]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 370s [p11_child[2457]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x37d4bfd1;slot-manufacturer=SoftHSM%20project;slot-id=936689617;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=673e33f237d4bfd1;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 370s [p11_child[2457]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 370s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-8745.output 370s + echo '-----BEGIN CERTIFICATE-----' 370s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-8745.output 370s + echo '-----END CERTIFICATE-----' 370s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-8745.pem 370s + local found_md5 expected_md5 370s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s Certificate: 370s Data: 370s Version: 3 (0x2) 370s Serial Number: 5 (0x5) 370s Signature Algorithm: sha256WithRSAEncryption 370s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 370s Validity 370s Not Before: Nov 15 20:30:26 2024 GMT 370s Not After : Nov 15 20:30:26 2025 GMT 370s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 370s Subject Public Key Info: 370s Public Key Algorithm: rsaEncryption 370s Public-Key: (1024 bit) 370s Modulus: 370s 00:bf:48:cf:4a:f1:0f:ae:84:4d:f2:48:0c:c2:97: 370s 0a:d6:2c:8a:68:e1:75:9d:c1:79:b0:36:4b:90:12: 370s 6e:55:cc:f2:90:c1:a7:88:37:7f:ab:32:82:c5:6b: 370s 97:60:10:76:59:f3:7b:18:24:c6:67:c1:8a:b0:b9: 370s ea:56:bd:58:c3:c0:2d:a7:c0:38:13:5f:6c:5f:7e: 370s 5e:2d:e6:b2:5e:96:5a:44:50:d1:53:7b:e6:08:36: 370s 70:7f:c0:4c:bf:01:c2:78:00:b3:03:42:90:a2:b0: 370s 50:5d:98:99:42:25:5e:4b:74:69:72:05:ef:bd:ac: 370s 22:7b:31:b7:54:cd:8a:81:97 370s Exponent: 65537 (0x10001) 370s X509v3 extensions: 370s X509v3 Authority Key Identifier: 370s 95:FD:CF:F1:DE:9A:35:EB:83:6F:9A:31:A9:B6:5A:9A:A5:EE:B1:EB 370s X509v3 Basic Constraints: 370s CA:FALSE 370s Netscape Cert Type: 370s SSL Client, S/MIME 370s Netscape Comment: 370s Test Organization Sub Intermediate CA trusted Certificate 370s X509v3 Subject Key Identifier: 370s 09:00:F2:39:9B:2C:61:ED:B2:74:09:C4:D6:A8:42:06:B7:2D:9F:76 370s X509v3 Key Usage: critical 370s Digital Signature, Non Repudiation, Key Encipherment 370s X509v3 Extended Key Usage: 370s TLS Web Client Authentication, E-mail Protection 370s X509v3 Subject Alternative Name: 370s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 370s Signature Algorithm: sha256WithRSAEncryption 370s Signature Value: 370s bd:7c:a6:42:7b:40:07:22:b4:18:0b:0f:d4:3e:82:f2:6d:4e: 370s 7b:f4:a7:bc:77:ac:9b:b3:8e:d2:b0:ed:a0:a0:37:c9:64:74: 370s 8f:92:5a:80:3b:45:bf:4d:aa:a8:1f:cb:7a:8d:a0:cd:7f:71: 370s d5:cd:76:31:6a:16:3a:4c:cd:f9:f2:bc:75:8e:30:47:b3:af: 370s 1a:37:21:24:83:c6:cf:99:58:d1:93:99:17:f2:6a:da:91:9c: 370s a0:2f:b9:c7:ef:8c:9e:ca:4c:dc:4c:d0:33:9a:4b:be:16:9f: 370s a2:a6:c6:01:95:d7:88:66:44:ac:71:0b:58:4b:8c:ce:5c:3c: 370s 97:c8 370s + expected_md5=Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 370s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-8745.pem 370s + found_md5=Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 370s + '[' Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 '!=' Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 ']' 370s + output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-8745-auth.output 370s ++ basename /tmp/sssd-softhsm2-kroQZj/SSSD-child-8745-auth.output .output 370s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-8745-auth.pem 370s + echo -n 053350 370s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 370s [p11_child[2465]] [main] (0x0400): p11_child started. 370s [p11_child[2465]] [main] (0x2000): Running in [auth] mode. 370s [p11_child[2465]] [main] (0x2000): Running with effective IDs: [0][0]. 370s [p11_child[2465]] [main] (0x2000): Running with real IDs [0][0]. 370s [p11_child[2465]] [do_card] (0x4000): Module List: 370s [p11_child[2465]] [do_card] (0x4000): common name: [softhsm2]. 370s [p11_child[2465]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2465]] [do_card] (0x4000): Description [SoftHSM slot ID 0x37d4bfd1] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 370s [p11_child[2465]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 370s [p11_child[2465]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x37d4bfd1][936689617] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2465]] [do_card] (0x4000): Login required. 370s [p11_child[2465]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 370s [p11_child[2465]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 370s [p11_child[2465]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 370s [p11_child[2465]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x37d4bfd1;slot-manufacturer=SoftHSM%20project;slot-id=936689617;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=673e33f237d4bfd1;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 370s [p11_child[2465]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 370s [p11_child[2465]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 370s [p11_child[2465]] [do_card] (0x4000): Certificate verified and validated. 370s [p11_child[2465]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 370s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-8745-auth.output 370s + echo '-----BEGIN CERTIFICATE-----' 370s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-8745-auth.output 370s + echo '-----END CERTIFICATE-----' 370s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-8745-auth.pem 370s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-8745-auth.pem 370s Certificate: 370s Data: 370s Version: 3 (0x2) 370s Serial Number: 5 (0x5) 370s Signature Algorithm: sha256WithRSAEncryption 370s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 370s Validity 370s Not Before: Nov 15 20:30:26 2024 GMT 370s Not After : Nov 15 20:30:26 2025 GMT 370s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 370s Subject Public Key Info: 370s Public Key Algorithm: rsaEncryption 370s Public-Key: (1024 bit) 370s Modulus: 370s 00:bf:48:cf:4a:f1:0f:ae:84:4d:f2:48:0c:c2:97: 370s 0a:d6:2c:8a:68:e1:75:9d:c1:79:b0:36:4b:90:12: 370s 6e:55:cc:f2:90:c1:a7:88:37:7f:ab:32:82:c5:6b: 370s 97:60:10:76:59:f3:7b:18:24:c6:67:c1:8a:b0:b9: 370s ea:56:bd:58:c3:c0:2d:a7:c0:38:13:5f:6c:5f:7e: 370s 5e:2d:e6:b2:5e:96:5a:44:50:d1:53:7b:e6:08:36: 370s 70:7f:c0:4c:bf:01:c2:78:00:b3:03:42:90:a2:b0: 370s 50:5d:98:99:42:25:5e:4b:74:69:72:05:ef:bd:ac: 370s 22:7b:31:b7:54:cd:8a:81:97 370s Exponent: 65537 (0x10001) 370s X509v3 extensions: 370s X509v3 Authority Key Identifier: 370s 95:FD:CF:F1:DE:9A:35:EB:83:6F:9A:31:A9:B6:5A:9A:A5:EE:B1:EB 370s X509v3 Basic Constraints: 370s CA:FALSE 370s Netscape Cert Type: 370s SSL Client, S/MIME 370s Netscape Comment: 370s Test Organization Sub Intermediate CA trusted Certificate 370s X509v3 Subject Key Identifier: 370s 09:00:F2:39:9B:2C:61:ED:B2:74:09:C4:D6:A8:42:06:B7:2D:9F:76 370s X509v3 Key Usage: critical 370s Digital Signature, Non Repudiation, Key Encipherment 370s X509v3 Extended Key Usage: 370s TLS Web Client Authentication, E-mail Protection 370s X509v3 Subject Alternative Name: 370s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 370s Signature Algorithm: sha256WithRSAEncryption 370s Signature Value: 370s bd:7c:a6:42:7b:40:07:22:b4:18:0b:0f:d4:3e:82:f2:6d:4e: 370s 7b:f4:a7:bc:77:ac:9b:b3:8e:d2:b0:ed:a0:a0:37:c9:64:74: 370s 8f:92:5a:80:3b:45:bf:4d:aa:a8:1f:cb:7a:8d:a0:cd:7f:71: 370s d5:cd:76:31:6a:16:3a:4c:cd:f9:f2:bc:75:8e:30:47:b3:af: 370s 1a:37:21:24:83:c6:cf:99:58:d1:93:99:17:f2:6a:da:91:9c: 370s a0:2f:b9:c7:ef:8c:9e:ca:4c:dc:4c:d0:33:9a:4b:be:16:9f: 370s a2:a6:c6:01:95:d7:88:66:44:ac:71:0b:58:4b:8c:ce:5c:3c: 370s 97:c8 370s + found_md5=Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 370s + '[' Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 '!=' Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 ']' 370s + valid_certificate /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem partial_chain 370s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 /tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem partial_chain 370s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 370s + local verify_option=partial_chain 370s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local key_cn 370s + local key_name 370s + local tokens_dir 370s + local output_cert_file 370s + token_name= 370s ++ basename /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 370s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 370s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s ++ sed -n 's/ *commonName *= //p' 370s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 370s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 370s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 370s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 370s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 370s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 370s + token_name='Test Organization Sub Int Token' 370s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 370s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 370s + echo 'Test Organization Sub Int Token' 370s + '[' -n partial_chain ']' 370s + local verify_arg=--verify=partial_chain 370s + local output_base_name=SSSD-child-15937 370s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-15937.output 370s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-15937.pem 370s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem 370s Test Organization Sub Int Token 370s [p11_child[2475]] [main] (0x0400): p11_child started. 370s [p11_child[2475]] [main] (0x2000): Running in [pre-auth] mode. 370s [p11_child[2475]] [main] (0x2000): Running with effective IDs: [0][0]. 370s [p11_child[2475]] [main] (0x2000): Running with real IDs [0][0]. 370s [p11_child[2475]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 370s [p11_child[2475]] [do_card] (0x4000): Module List: 370s [p11_child[2475]] [do_card] (0x4000): common name: [softhsm2]. 370s [p11_child[2475]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2475]] [do_card] (0x4000): Description [SoftHSM slot ID 0x37d4bfd1] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 370s [p11_child[2475]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 370s [p11_child[2475]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x37d4bfd1][936689617] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2475]] [do_card] (0x4000): Login NOT required. 370s [p11_child[2475]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 370s [p11_child[2475]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 370s [p11_child[2475]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 370s [p11_child[2475]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x37d4bfd1;slot-manufacturer=SoftHSM%20project;slot-id=936689617;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=673e33f237d4bfd1;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 370s [p11_child[2475]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 370s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-15937.output 370s + echo '-----BEGIN CERTIFICATE-----' 370s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-15937.output 370s + echo '-----END CERTIFICATE-----' 370s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-15937.pem 370s + local found_md5 expected_md5 370s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s Certificate: 370s Data: 370s Version: 3 (0x2) 370s Serial Number: 5 (0x5) 370s Signature Algorithm: sha256WithRSAEncryption 370s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 370s Validity 370s Not Before: Nov 15 20:30:26 2024 GMT 370s Not After : Nov 15 20:30:26 2025 GMT 370s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 370s Subject Public Key Info: 370s Public Key Algorithm: rsaEncryption 370s Public-Key: (1024 bit) 370s Modulus: 370s 00:bf:48:cf:4a:f1:0f:ae:84:4d:f2:48:0c:c2:97: 370s 0a:d6:2c:8a:68:e1:75:9d:c1:79:b0:36:4b:90:12: 370s 6e:55:cc:f2:90:c1:a7:88:37:7f:ab:32:82:c5:6b: 370s 97:60:10:76:59:f3:7b:18:24:c6:67:c1:8a:b0:b9: 370s ea:56:bd:58:c3:c0:2d:a7:c0:38:13:5f:6c:5f:7e: 370s 5e:2d:e6:b2:5e:96:5a:44:50:d1:53:7b:e6:08:36: 370s 70:7f:c0:4c:bf:01:c2:78:00:b3:03:42:90:a2:b0: 370s 50:5d:98:99:42:25:5e:4b:74:69:72:05:ef:bd:ac: 370s 22:7b:31:b7:54:cd:8a:81:97 370s Exponent: 65537 (0x10001) 370s X509v3 extensions: 370s X509v3 Authority Key Identifier: 370s 95:FD:CF:F1:DE:9A:35:EB:83:6F:9A:31:A9:B6:5A:9A:A5:EE:B1:EB 370s X509v3 Basic Constraints: 370s CA:FALSE 370s Netscape Cert Type: 370s SSL Client, S/MIME 370s Netscape Comment: 370s Test Organization Sub Intermediate CA trusted Certificate 370s X509v3 Subject Key Identifier: 370s 09:00:F2:39:9B:2C:61:ED:B2:74:09:C4:D6:A8:42:06:B7:2D:9F:76 370s X509v3 Key Usage: critical 370s Digital Signature, Non Repudiation, Key Encipherment 370s X509v3 Extended Key Usage: 370s TLS Web Client Authentication, E-mail Protection 370s X509v3 Subject Alternative Name: 370s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 370s Signature Algorithm: sha256WithRSAEncryption 370s Signature Value: 370s bd:7c:a6:42:7b:40:07:22:b4:18:0b:0f:d4:3e:82:f2:6d:4e: 370s 7b:f4:a7:bc:77:ac:9b:b3:8e:d2:b0:ed:a0:a0:37:c9:64:74: 370s 8f:92:5a:80:3b:45:bf:4d:aa:a8:1f:cb:7a:8d:a0:cd:7f:71: 370s d5:cd:76:31:6a:16:3a:4c:cd:f9:f2:bc:75:8e:30:47:b3:af: 370s 1a:37:21:24:83:c6:cf:99:58:d1:93:99:17:f2:6a:da:91:9c: 370s a0:2f:b9:c7:ef:8c:9e:ca:4c:dc:4c:d0:33:9a:4b:be:16:9f: 370s a2:a6:c6:01:95:d7:88:66:44:ac:71:0b:58:4b:8c:ce:5c:3c: 370s 97:c8 370s + expected_md5=Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 370s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-15937.pem 370s + found_md5=Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 370s + '[' Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 '!=' Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 ']' 370s + output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-15937-auth.output 370s ++ basename /tmp/sssd-softhsm2-kroQZj/SSSD-child-15937-auth.output .output 370s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-15937-auth.pem 370s + echo -n 053350 370s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kroQZj/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 370s [p11_child[2483]] [main] (0x0400): p11_child started. 370s [p11_child[2483]] [main] (0x2000): Running in [auth] mode. 370s [p11_child[2483]] [main] (0x2000): Running with effective IDs: [0][0]. 370s [p11_child[2483]] [main] (0x2000): Running with real IDs [0][0]. 370s [p11_child[2483]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 370s [p11_child[2483]] [do_card] (0x4000): Module List: 370s [p11_child[2483]] [do_card] (0x4000): common name: [softhsm2]. 370s [p11_child[2483]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2483]] [do_card] (0x4000): Description [SoftHSM slot ID 0x37d4bfd1] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 370s [p11_child[2483]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 370s [p11_child[2483]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x37d4bfd1][936689617] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2483]] [do_card] (0x4000): Login required. 370s [p11_child[2483]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 370s [p11_child[2483]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 370s [p11_child[2483]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 370s [p11_child[2483]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x37d4bfd1;slot-manufacturer=SoftHSM%20project;slot-id=936689617;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=673e33f237d4bfd1;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 370s [p11_child[2483]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 370s [p11_child[2483]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 370s [p11_child[2483]] [do_card] (0x4000): Certificate verified and validated. 370s [p11_child[2483]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 370s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-15937-auth.output 370s + echo '-----BEGIN CERTIFICATE-----' 370s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-15937-auth.output 370s + echo '-----END CERTIFICATE-----' 370s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-15937-auth.pem 370s Certificate: 370s Data: 370s Version: 3 (0x2) 370s Serial Number: 5 (0x5) 370s Signature Algorithm: sha256WithRSAEncryption 370s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 370s Validity 370s Not Before: Nov 15 20:30:26 2024 GMT 370s Not After : Nov 15 20:30:26 2025 GMT 370s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 370s Subject Public Key Info: 370s Public Key Algorithm: rsaEncryption 370s Public-Key: (1024 bit) 370s Modulus: 370s 00:bf:48:cf:4a:f1:0f:ae:84:4d:f2:48:0c:c2:97: 370s 0a:d6:2c:8a:68:e1:75:9d:c1:79:b0:36:4b:90:12: 370s 6e:55:cc:f2:90:c1:a7:88:37:7f:ab:32:82:c5:6b: 370s 97:60:10:76:59:f3:7b:18:24:c6:67:c1:8a:b0:b9: 370s ea:56:bd:58:c3:c0:2d:a7:c0:38:13:5f:6c:5f:7e: 370s 5e:2d:e6:b2:5e:96:5a:44:50:d1:53:7b:e6:08:36: 370s 70:7f:c0:4c:bf:01:c2:78:00:b3:03:42:90:a2:b0: 370s 50:5d:98:99:42:25:5e:4b:74:69:72:05:ef:bd:ac: 370s 22:7b:31:b7:54:cd:8a:81:97 370s Exponent: 65537 (0x10001) 370s X509v3 extensions: 370s X509v3 Authority Key Identifier: 370s 95:FD:CF:F1:DE:9A:35:EB:83:6F:9A:31:A9:B6:5A:9A:A5:EE:B1:EB 370s X509v3 Basic Constraints: 370s CA:FALSE 370s Netscape Cert Type: 370s SSL Client, S/MIME 370s Netscape Comment: 370s Test Organization Sub Intermediate CA trusted Certificate 370s X509v3 Subject Key Identifier: 370s 09:00:F2:39:9B:2C:61:ED:B2:74:09:C4:D6:A8:42:06:B7:2D:9F:76 370s X509v3 Key Usage: critical 370s Digital Signature, Non Repudiation, Key Encipherment 370s X509v3 Extended Key Usage: 370s TLS Web Client Authentication, E-mail Protection 370s X509v3 Subject Alternative Name: 370s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 370s Signature Algorithm: sha256WithRSAEncryption 370s Signature Value: 370s bd:7c:a6:42:7b:40:07:22:b4:18:0b:0f:d4:3e:82:f2:6d:4e: 370s 7b:f4:a7:bc:77:ac:9b:b3:8e:d2:b0:ed:a0:a0:37:c9:64:74: 370s 8f:92:5a:80:3b:45:bf:4d:aa:a8:1f:cb:7a:8d:a0:cd:7f:71: 370s d5:cd:76:31:6a:16:3a:4c:cd:f9:f2:bc:75:8e:30:47:b3:af: 370s 1a:37:21:24:83:c6:cf:99:58:d1:93:99:17:f2:6a:da:91:9c: 370s a0:2f:b9:c7:ef:8c:9e:ca:4c:dc:4c:d0:33:9a:4b:be:16:9f: 370s a2:a6:c6:01:95:d7:88:66:44:ac:71:0b:58:4b:8c:ce:5c:3c: 370s 97:c8 370s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-15937-auth.pem 370s + found_md5=Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 370s + '[' Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 '!=' Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 ']' 370s + invalid_certificate /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem 370s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem 370s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem 370s + local verify_option= 370s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local key_cn 370s + local key_name 370s + local tokens_dir 370s + local output_cert_file 370s + token_name= 370s ++ basename /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 370s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 370s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s ++ sed -n 's/ *commonName *= //p' 370s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 370s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 370s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 370s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 370s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 370s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 370s + token_name='Test Organization Sub Int Token' 370s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 370s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 370s + echo 'Test Organization Sub Int Token' 370s + '[' -n '' ']' 370s + local output_base_name=SSSD-child-30226 370s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-30226.output 370s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-30226.pem 370s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem 370s Test Organization Sub Int Token 370s [p11_child[2493]] [main] (0x0400): p11_child started. 370s [p11_child[2493]] [main] (0x2000): Running in [pre-auth] mode. 370s [p11_child[2493]] [main] (0x2000): Running with effective IDs: [0][0]. 370s [p11_child[2493]] [main] (0x2000): Running with real IDs [0][0]. 370s [p11_child[2493]] [do_card] (0x4000): Module List: 370s [p11_child[2493]] [do_card] (0x4000): common name: [softhsm2]. 370s [p11_child[2493]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2493]] [do_card] (0x4000): Description [SoftHSM slot ID 0x37d4bfd1] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 370s [p11_child[2493]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 370s [p11_child[2493]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x37d4bfd1][936689617] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2493]] [do_card] (0x4000): Login NOT required. 370s [p11_child[2493]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 370s [p11_child[2493]] [do_verification] (0x0040): X509_verify_cert failed [0]. 370s [p11_child[2493]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 370s [p11_child[2493]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 370s [p11_child[2493]] [do_card] (0x4000): No certificate found. 370s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-30226.output 370s + return 2 370s + invalid_certificate /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 /tmp/sssd-softhsm2-kroQZj/test-root-intermediate-chain-CA.pem partial_chain 370s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 /tmp/sssd-softhsm2-kroQZj/test-root-intermediate-chain-CA.pem partial_chain 370s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-root-intermediate-chain-CA.pem 370s + local verify_option=partial_chain 370s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local key_cn 370s + local key_name 370s + local tokens_dir 370s + local output_cert_file 370s + token_name= 370s ++ basename /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 370s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 370s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s ++ sed -n 's/ *commonName *= //p' 370s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 370s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 370s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 370s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 370s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 370s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 370s + token_name='Test Organization Sub Int Token' 370s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 370s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 370s Test Organization Sub Int Token 370s + echo 'Test Organization Sub Int Token' 370s + '[' -n partial_chain ']' 370s + local verify_arg=--verify=partial_chain 370s + local output_base_name=SSSD-child-32655 370s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-32655.output 370s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-32655.pem 370s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kroQZj/test-root-intermediate-chain-CA.pem 370s [p11_child[2500]] [main] (0x0400): p11_child started. 370s [p11_child[2500]] [main] (0x2000): Running in [pre-auth] mode. 370s [p11_child[2500]] [main] (0x2000): Running with effective IDs: [0][0]. 370s [p11_child[2500]] [main] (0x2000): Running with real IDs [0][0]. 370s [p11_child[2500]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 370s [p11_child[2500]] [do_card] (0x4000): Module List: 370s [p11_child[2500]] [do_card] (0x4000): common name: [softhsm2]. 370s [p11_child[2500]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2500]] [do_card] (0x4000): Description [SoftHSM slot ID 0x37d4bfd1] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 370s [p11_child[2500]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 370s [p11_child[2500]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x37d4bfd1][936689617] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2500]] [do_card] (0x4000): Login NOT required. 370s [p11_child[2500]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 370s [p11_child[2500]] [do_verification] (0x0040): X509_verify_cert failed [0]. 370s [p11_child[2500]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 370s [p11_child[2500]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 370s [p11_child[2500]] [do_card] (0x4000): No certificate found. 370s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-32655.output 370s + return 2 370s + valid_certificate /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem partial_chain 370s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem partial_chain 370s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem 370s + local verify_option=partial_chain 370s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local key_cn 370s + local key_name 370s + local tokens_dir 370s + local output_cert_file 370s + token_name= 370s ++ basename /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 370s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 370s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s ++ sed -n 's/ *commonName *= //p' 370s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 370s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 370s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 370s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 370s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 370s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 370s + token_name='Test Organization Sub Int Token' 370s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 370s Test Organization Sub Int Token 370s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 370s + echo 'Test Organization Sub Int Token' 370s + '[' -n partial_chain ']' 370s + local verify_arg=--verify=partial_chain 370s + local output_base_name=SSSD-child-4976 370s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-4976.output 370s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-4976.pem 370s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem 370s [p11_child[2507]] [main] (0x0400): p11_child started. 370s [p11_child[2507]] [main] (0x2000): Running in [pre-auth] mode. 370s [p11_child[2507]] [main] (0x2000): Running with effective IDs: [0][0]. 370s [p11_child[2507]] [main] (0x2000): Running with real IDs [0][0]. 370s [p11_child[2507]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 370s [p11_child[2507]] [do_card] (0x4000): Module List: 370s [p11_child[2507]] [do_card] (0x4000): common name: [softhsm2]. 370s [p11_child[2507]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2507]] [do_card] (0x4000): Description [SoftHSM slot ID 0x37d4bfd1] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 370s [p11_child[2507]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 370s [p11_child[2507]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x37d4bfd1][936689617] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2507]] [do_card] (0x4000): Login NOT required. 370s [p11_child[2507]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 370s [p11_child[2507]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 370s [p11_child[2507]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 370s [p11_child[2507]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x37d4bfd1;slot-manufacturer=SoftHSM%20project;slot-id=936689617;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=673e33f237d4bfd1;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 370s [p11_child[2507]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 370s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-4976.output 370s + echo '-----BEGIN CERTIFICATE-----' 370s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-4976.output 370s + echo '-----END CERTIFICATE-----' 370s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-4976.pem 370s Certificate: 370s Data: 370s Version: 3 (0x2) 370s Serial Number: 5 (0x5) 370s Signature Algorithm: sha256WithRSAEncryption 370s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 370s Validity 370s Not Before: Nov 15 20:30:26 2024 GMT 370s Not After : Nov 15 20:30:26 2025 GMT 370s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 370s Subject Public Key Info: 370s Public Key Algorithm: rsaEncryption 370s Public-Key: (1024 bit) 370s Modulus: 370s 00:bf:48:cf:4a:f1:0f:ae:84:4d:f2:48:0c:c2:97: 370s 0a:d6:2c:8a:68:e1:75:9d:c1:79:b0:36:4b:90:12: 370s 6e:55:cc:f2:90:c1:a7:88:37:7f:ab:32:82:c5:6b: 370s 97:60:10:76:59:f3:7b:18:24:c6:67:c1:8a:b0:b9: 370s ea:56:bd:58:c3:c0:2d:a7:c0:38:13:5f:6c:5f:7e: 370s 5e:2d:e6:b2:5e:96:5a:44:50:d1:53:7b:e6:08:36: 370s 70:7f:c0:4c:bf:01:c2:78:00:b3:03:42:90:a2:b0: 370s 50:5d:98:99:42:25:5e:4b:74:69:72:05:ef:bd:ac: 370s 22:7b:31:b7:54:cd:8a:81:97 370s Exponent: 65537 (0x10001) 370s X509v3 extensions: 370s X509v3 Authority Key Identifier: 370s 95:FD:CF:F1:DE:9A:35:EB:83:6F:9A:31:A9:B6:5A:9A:A5:EE:B1:EB 370s X509v3 Basic Constraints: 370s CA:FALSE 370s Netscape Cert Type: 370s SSL Client, S/MIME 370s Netscape Comment: 370s Test Organization Sub Intermediate CA trusted Certificate 370s X509v3 Subject Key Identifier: 370s 09:00:F2:39:9B:2C:61:ED:B2:74:09:C4:D6:A8:42:06:B7:2D:9F:76 370s X509v3 Key Usage: critical 370s Digital Signature, Non Repudiation, Key Encipherment 370s X509v3 Extended Key Usage: 370s TLS Web Client Authentication, E-mail Protection 370s X509v3 Subject Alternative Name: 370s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 370s Signature Algorithm: sha256WithRSAEncryption 370s Signature Value: 370s bd:7c:a6:42:7b:40:07:22:b4:18:0b:0f:d4:3e:82:f2:6d:4e: 370s 7b:f4:a7:bc:77:ac:9b:b3:8e:d2:b0:ed:a0:a0:37:c9:64:74: 370s 8f:92:5a:80:3b:45:bf:4d:aa:a8:1f:cb:7a:8d:a0:cd:7f:71: 370s d5:cd:76:31:6a:16:3a:4c:cd:f9:f2:bc:75:8e:30:47:b3:af: 370s 1a:37:21:24:83:c6:cf:99:58:d1:93:99:17:f2:6a:da:91:9c: 370s a0:2f:b9:c7:ef:8c:9e:ca:4c:dc:4c:d0:33:9a:4b:be:16:9f: 370s a2:a6:c6:01:95:d7:88:66:44:ac:71:0b:58:4b:8c:ce:5c:3c: 370s 97:c8 370s + local found_md5 expected_md5 370s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + expected_md5=Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 370s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-4976.pem 370s + found_md5=Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 370s + '[' Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 '!=' Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 ']' 370s + output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-4976-auth.output 370s ++ basename /tmp/sssd-softhsm2-kroQZj/SSSD-child-4976-auth.output .output 370s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-4976-auth.pem 370s + echo -n 053350 370s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 370s [p11_child[2515]] [main] (0x0400): p11_child started. 370s [p11_child[2515]] [main] (0x2000): Running in [auth] mode. 370s [p11_child[2515]] [main] (0x2000): Running with effective IDs: [0][0]. 370s [p11_child[2515]] [main] (0x2000): Running with real IDs [0][0]. 370s [p11_child[2515]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 370s [p11_child[2515]] [do_card] (0x4000): Module List: 370s [p11_child[2515]] [do_card] (0x4000): common name: [softhsm2]. 370s [p11_child[2515]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2515]] [do_card] (0x4000): Description [SoftHSM slot ID 0x37d4bfd1] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 370s [p11_child[2515]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 370s [p11_child[2515]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x37d4bfd1][936689617] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2515]] [do_card] (0x4000): Login required. 370s [p11_child[2515]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 370s [p11_child[2515]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 370s [p11_child[2515]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 370s [p11_child[2515]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x37d4bfd1;slot-manufacturer=SoftHSM%20project;slot-id=936689617;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=673e33f237d4bfd1;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 370s [p11_child[2515]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 370s [p11_child[2515]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 370s [p11_child[2515]] [do_card] (0x4000): Certificate verified and validated. 370s [p11_child[2515]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 370s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-4976-auth.output 370s + echo '-----BEGIN CERTIFICATE-----' 370s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-4976-auth.output 370s + echo '-----END CERTIFICATE-----' 370s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-4976-auth.pem 370s Certificate: 370s Data: 370s Version: 3 (0x2) 370s Serial Number: 5 (0x5) 370s Signature Algorithm: sha256WithRSAEncryption 370s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 370s Validity 370s Not Before: Nov 15 20:30:26 2024 GMT 370s Not After : Nov 15 20:30:26 2025 GMT 370s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 370s Subject Public Key Info: 370s Public Key Algorithm: rsaEncryption 370s Public-Key: (1024 bit) 370s Modulus: 370s 00:bf:48:cf:4a:f1:0f:ae:84:4d:f2:48:0c:c2:97: 370s 0a:d6:2c:8a:68:e1:75:9d:c1:79:b0:36:4b:90:12: 370s 6e:55:cc:f2:90:c1:a7:88:37:7f:ab:32:82:c5:6b: 370s 97:60:10:76:59:f3:7b:18:24:c6:67:c1:8a:b0:b9: 370s ea:56:bd:58:c3:c0:2d:a7:c0:38:13:5f:6c:5f:7e: 370s 5e:2d:e6:b2:5e:96:5a:44:50:d1:53:7b:e6:08:36: 370s 70:7f:c0:4c:bf:01:c2:78:00:b3:03:42:90:a2:b0: 370s 50:5d:98:99:42:25:5e:4b:74:69:72:05:ef:bd:ac: 370s 22:7b:31:b7:54:cd:8a:81:97 370s Exponent: 65537 (0x10001) 370s X509v3 extensions: 370s X509v3 Authority Key Identifier: 370s 95:FD:CF:F1:DE:9A:35:EB:83:6F:9A:31:A9:B6:5A:9A:A5:EE:B1:EB 370s X509v3 Basic Constraints: 370s CA:FALSE 370s Netscape Cert Type: 370s SSL Client, S/MIME 370s Netscape Comment: 370s Test Organization Sub Intermediate CA trusted Certificate 370s X509v3 Subject Key Identifier: 370s 09:00:F2:39:9B:2C:61:ED:B2:74:09:C4:D6:A8:42:06:B7:2D:9F:76 370s X509v3 Key Usage: critical 370s Digital Signature, Non Repudiation, Key Encipherment 370s X509v3 Extended Key Usage: 370s TLS Web Client Authentication, E-mail Protection 370s X509v3 Subject Alternative Name: 370s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 370s Signature Algorithm: sha256WithRSAEncryption 370s Signature Value: 370s bd:7c:a6:42:7b:40:07:22:b4:18:0b:0f:d4:3e:82:f2:6d:4e: 370s 7b:f4:a7:bc:77:ac:9b:b3:8e:d2:b0:ed:a0:a0:37:c9:64:74: 370s 8f:92:5a:80:3b:45:bf:4d:aa:a8:1f:cb:7a:8d:a0:cd:7f:71: 370s d5:cd:76:31:6a:16:3a:4c:cd:f9:f2:bc:75:8e:30:47:b3:af: 370s 1a:37:21:24:83:c6:cf:99:58:d1:93:99:17:f2:6a:da:91:9c: 370s a0:2f:b9:c7:ef:8c:9e:ca:4c:dc:4c:d0:33:9a:4b:be:16:9f: 370s a2:a6:c6:01:95:d7:88:66:44:ac:71:0b:58:4b:8c:ce:5c:3c: 370s 97:c8 370s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-4976-auth.pem 370s + found_md5=Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 370s + '[' Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 '!=' Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 ']' 370s + valid_certificate /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 /tmp/sssd-softhsm2-kroQZj/test-intermediate-sub-chain-CA.pem partial_chain 370s + check_certificate /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 /tmp/sssd-softhsm2-kroQZj/test-intermediate-sub-chain-CA.pem partial_chain 370s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local key_ring=/tmp/sssd-softhsm2-kroQZj/test-intermediate-sub-chain-CA.pem 370s + local verify_option=partial_chain 370s + prepare_softhsm2_card /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local certificate=/tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-6442 370s + local key_cn 370s + local key_name 370s + local tokens_dir 370s + local output_cert_file 370s + token_name= 370s ++ basename /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 370s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 370s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s ++ sed -n 's/ *commonName *= //p' 370s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 370s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 370s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 370s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 370s ++ basename /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 370s Test Organization Sub Int Token 370s + tokens_dir=/tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 370s + token_name='Test Organization Sub Int Token' 370s + '[' '!' -e /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 370s + '[' '!' -d /tmp/sssd-softhsm2-kroQZj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 370s + echo 'Test Organization Sub Int Token' 370s + '[' -n partial_chain ']' 370s + local verify_arg=--verify=partial_chain 370s + local output_base_name=SSSD-child-14850 370s + local output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-14850.output 370s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-14850.pem 370s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-kroQZj/test-intermediate-sub-chain-CA.pem 370s [p11_child[2525]] [main] (0x0400): p11_child started. 370s [p11_child[2525]] [main] (0x2000): Running in [pre-auth] mode. 370s [p11_child[2525]] [main] (0x2000): Running with effective IDs: [0][0]. 370s [p11_child[2525]] [main] (0x2000): Running with real IDs [0][0]. 370s [p11_child[2525]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 370s [p11_child[2525]] [do_card] (0x4000): Module List: 370s [p11_child[2525]] [do_card] (0x4000): common name: [softhsm2]. 370s [p11_child[2525]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2525]] [do_card] (0x4000): Description [SoftHSM slot ID 0x37d4bfd1] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 370s [p11_child[2525]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 370s [p11_child[2525]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x37d4bfd1][936689617] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2525]] [do_card] (0x4000): Login NOT required. 370s [p11_child[2525]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 370s [p11_child[2525]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 370s [p11_child[2525]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 370s [p11_child[2525]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x37d4bfd1;slot-manufacturer=SoftHSM%20project;slot-id=936689617;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=673e33f237d4bfd1;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 370s [p11_child[2525]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 370s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-14850.output 370s + echo '-----BEGIN CERTIFICATE-----' 370s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-14850.output 370s + echo '-----END CERTIFICATE-----' 370s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-14850.pem 370s Certificate: 370s Data: 370s Version: 3 (0x2) 370s Serial Number: 5 (0x5) 370s Signature Algorithm: sha256WithRSAEncryption 370s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 370s Validity 370s Not Before: Nov 15 20:30:26 2024 GMT 370s Not After : Nov 15 20:30:26 2025 GMT 370s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 370s Subject Public Key Info: 370s Public Key Algorithm: rsaEncryption 370s Public-Key: (1024 bit) 370s Modulus: 370s 00:bf:48:cf:4a:f1:0f:ae:84:4d:f2:48:0c:c2:97: 370s 0a:d6:2c:8a:68:e1:75:9d:c1:79:b0:36:4b:90:12: 370s 6e:55:cc:f2:90:c1:a7:88:37:7f:ab:32:82:c5:6b: 370s 97:60:10:76:59:f3:7b:18:24:c6:67:c1:8a:b0:b9: 370s ea:56:bd:58:c3:c0:2d:a7:c0:38:13:5f:6c:5f:7e: 370s 5e:2d:e6:b2:5e:96:5a:44:50:d1:53:7b:e6:08:36: 370s 70:7f:c0:4c:bf:01:c2:78:00:b3:03:42:90:a2:b0: 370s 50:5d:98:99:42:25:5e:4b:74:69:72:05:ef:bd:ac: 370s 22:7b:31:b7:54:cd:8a:81:97 370s Exponent: 65537 (0x10001) 370s X509v3 extensions: 370s X509v3 Authority Key Identifier: 370s 95:FD:CF:F1:DE:9A:35:EB:83:6F:9A:31:A9:B6:5A:9A:A5:EE:B1:EB 370s X509v3 Basic Constraints: 370s CA:FALSE 370s Netscape Cert Type: 370s SSL Client, S/MIME 370s Netscape Comment: 370s Test Organization Sub Intermediate CA trusted Certificate 370s X509v3 Subject Key Identifier: 370s 09:00:F2:39:9B:2C:61:ED:B2:74:09:C4:D6:A8:42:06:B7:2D:9F:76 370s X509v3 Key Usage: critical 370s Digital Signature, Non Repudiation, Key Encipherment 370s X509v3 Extended Key Usage: 370s TLS Web Client Authentication, E-mail Protection 370s X509v3 Subject Alternative Name: 370s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 370s Signature Algorithm: sha256WithRSAEncryption 370s Signature Value: 370s bd:7c:a6:42:7b:40:07:22:b4:18:0b:0f:d4:3e:82:f2:6d:4e: 370s 7b:f4:a7:bc:77:ac:9b:b3:8e:d2:b0:ed:a0:a0:37:c9:64:74: 370s 8f:92:5a:80:3b:45:bf:4d:aa:a8:1f:cb:7a:8d:a0:cd:7f:71: 370s d5:cd:76:31:6a:16:3a:4c:cd:f9:f2:bc:75:8e:30:47:b3:af: 370s 1a:37:21:24:83:c6:cf:99:58:d1:93:99:17:f2:6a:da:91:9c: 370s a0:2f:b9:c7:ef:8c:9e:ca:4c:dc:4c:d0:33:9a:4b:be:16:9f: 370s a2:a6:c6:01:95:d7:88:66:44:ac:71:0b:58:4b:8c:ce:5c:3c: 370s 97:c8 370s + local found_md5 expected_md5 370s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/test-sub-intermediate-CA-trusted-certificate-0001.pem 370s + expected_md5=Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 370s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-14850.pem 370s + found_md5=Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 370s + '[' Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 '!=' Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 ']' 370s + output_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-14850-auth.output 370s ++ basename /tmp/sssd-softhsm2-kroQZj/SSSD-child-14850-auth.output .output 370s + output_cert_file=/tmp/sssd-softhsm2-kroQZj/SSSD-child-14850-auth.pem 370s + echo -n 053350 370s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-kroQZj/test-intermediate-sub-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 370s [p11_child[2533]] [main] (0x0400): p11_child started. 370s [p11_child[2533]] [main] (0x2000): Running in [auth] mode. 370s [p11_child[2533]] [main] (0x2000): Running with effective IDs: [0][0]. 370s [p11_child[2533]] [main] (0x2000): Running with real IDs [0][0]. 370s [p11_child[2533]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 370s [p11_child[2533]] [do_card] (0x4000): Module List: 370s [p11_child[2533]] [do_card] (0x4000): common name: [softhsm2]. 370s [p11_child[2533]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2533]] [do_card] (0x4000): Description [SoftHSM slot ID 0x37d4bfd1] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 370s [p11_child[2533]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 370s [p11_child[2533]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x37d4bfd1][936689617] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 370s [p11_child[2533]] [do_card] (0x4000): Login required. 370s [p11_child[2533]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 370s [p11_child[2533]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 370s [p11_child[2533]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 370s [p11_child[2533]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x37d4bfd1;slot-manufacturer=SoftHSM%20project;slot-id=936689617;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=673e33f237d4bfd1;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 370s [p11_child[2533]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 370s [p11_child[2533]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 370s [p11_child[2533]] [do_card] (0x4000): Certificate verified and validated. 370s [p11_child[2533]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 370s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-kroQZj/SSSD-child-14850-auth.output 370s + echo '-----BEGIN CERTIFICATE-----' 370s + tail -n1 /tmp/sssd-softhsm2-kroQZj/SSSD-child-14850-auth.output 370s + echo '-----END CERTIFICATE-----' 370s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-14850-auth.pem 370s Certificate: 370s Data: 370s Version: 3 (0x2) 370s Serial Number: 5 (0x5) 370s Signature Algorithm: sha256WithRSAEncryption 370s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 370s Validity 370s Not Before: Nov 15 20:30:26 2024 GMT 370s Not After : Nov 15 20:30:26 2025 GMT 370s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 370s Subject Public Key Info: 370s Public Key Algorithm: rsaEncryption 370s Public-Key: (1024 bit) 370s Modulus: 370s 00:bf:48:cf:4a:f1:0f:ae:84:4d:f2:48:0c:c2:97: 370s 0a:d6:2c:8a:68:e1:75:9d:c1:79:b0:36:4b:90:12: 370s 6e:55:cc:f2:90:c1:a7:88:37:7f:ab:32:82:c5:6b: 370s 97:60:10:76:59:f3:7b:18:24:c6:67:c1:8a:b0:b9: 370s ea:56:bd:58:c3:c0:2d:a7:c0:38:13:5f:6c:5f:7e: 370s 5e:2d:e6:b2:5e:96:5a:44:50:d1:53:7b:e6:08:36: 370s 70:7f:c0:4c:bf:01:c2:78:00:b3:03:42:90:a2:b0: 370s 50:5d:98:99:42:25:5e:4b:74:69:72:05:ef:bd:ac: 370s 22:7b:31:b7:54:cd:8a:81:97 370s Exponent: 65537 (0x10001) 370s X509v3 extensions: 370s X509v3 Authority Key Identifier: 370s 95:FD:CF:F1:DE:9A:35:EB:83:6F:9A:31:A9:B6:5A:9A:A5:EE:B1:EB 370s X509v3 Basic Constraints: 370s CA:FALSE 370s Netscape Cert Type: 370s SSL Client, S/MIME 370s Netscape Comment: 370s Test Organization Sub Intermediate CA trusted Certificate 370s X509v3 Subject Key Identifier: 370s 09:00:F2:39:9B:2C:61:ED:B2:74:09:C4:D6:A8:42:06:B7:2D:9F:76 370s X509v3 Key Usage: critical 370s Digital Signature, Non Repudiation, Key Encipherment 370s X509v3 Extended Key Usage: 370s TLS Web Client Authentication, E-mail Protection 370s X509v3 Subject Alternative Name: 370s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 370s Signature Algorithm: sha256WithRSAEncryption 370s Signature Value: 370s bd:7c:a6:42:7b:40:07:22:b4:18:0b:0f:d4:3e:82:f2:6d:4e: 370s 7b:f4:a7:bc:77:ac:9b:b3:8e:d2:b0:ed:a0:a0:37:c9:64:74: 370s 8f:92:5a:80:3b:45:bf:4d:aa:a8:1f:cb:7a:8d:a0:cd:7f:71: 370s d5:cd:76:31:6a:16:3a:4c:cd:f9:f2:bc:75:8e:30:47:b3:af: 370s 1a:37:21:24:83:c6:cf:99:58:d1:93:99:17:f2:6a:da:91:9c: 370s a0:2f:b9:c7:ef:8c:9e:ca:4c:dc:4c:d0:33:9a:4b:be:16:9f: 370s a2:a6:c6:01:95:d7:88:66:44:ac:71:0b:58:4b:8c:ce:5c:3c: 370s 97:c8 370s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-kroQZj/SSSD-child-14850-auth.pem 370s 370s Test completed, Root CA and intermediate issued certificates verified! 370s + found_md5=Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 370s + '[' Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 '!=' Modulus=BF48CF4AF10FAE844DF2480CC2970AD62C8A68E1759DC179B0364B90126E55CCF290C1A788377FAB3282C56B9760107659F37B1824C667C18AB0B9EA56BD58C3C02DA7C038135F6C5F7E5E2DE6B25E965A4450D1537BE60836707FC04CBF01C27800B3034290A2B0505D989942255E4B74697205EFBDAC227B31B754CD8A8197 ']' 370s + set +x 371s autopkgtest [20:30:30]: test sssd-softhism2-certificates-tests.sh: -----------------------] 371s sssd-softhism2-certificates-tests.sh PASS 371s autopkgtest [20:30:30]: test sssd-softhism2-certificates-tests.sh: - - - - - - - - - - results - - - - - - - - - - 372s autopkgtest [20:30:31]: test sssd-smart-card-pam-auth-configs: preparing testbed 373s Reading package lists... 373s Building dependency tree... 373s Reading state information... 373s Starting pkgProblemResolver with broken count: 0 373s Starting 2 pkgProblemResolver with broken count: 0 373s Done 373s The following additional packages will be installed: 373s pamtester 373s The following NEW packages will be installed: 373s autopkgtest-satdep pamtester 373s 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. 373s Need to get 12.2 kB/13.0 kB of archives. 373s After this operation, 36.9 kB of additional disk space will be used. 373s Get:1 /tmp/autopkgtest.4Ib2y9/4-autopkgtest-satdep.deb autopkgtest-satdep s390x 0 [760 B] 373s Get:2 http://ftpmaster.internal/ubuntu noble/universe s390x pamtester s390x 0.1.2-4 [12.2 kB] 374s Fetched 12.2 kB in 0s (86.4 kB/s) 374s Selecting previously unselected package pamtester. 374s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54880 files and directories currently installed.) 374s Preparing to unpack .../pamtester_0.1.2-4_s390x.deb ... 374s Unpacking pamtester (0.1.2-4) ... 374s Selecting previously unselected package autopkgtest-satdep. 374s Preparing to unpack .../4-autopkgtest-satdep.deb ... 374s Unpacking autopkgtest-satdep (0) ... 374s Setting up pamtester (0.1.2-4) ... 374s Setting up autopkgtest-satdep (0) ... 374s Processing triggers for man-db (2.12.0-4build2) ... 376s (Reading database ... 54886 files and directories currently installed.) 376s Removing autopkgtest-satdep (0) ... 376s autopkgtest [20:30:35]: test sssd-smart-card-pam-auth-configs: env OFFLINE_MODE=1 bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 376s autopkgtest [20:30:35]: test sssd-smart-card-pam-auth-configs: [----------------------- 376s + '[' -z ubuntu ']' 376s + export DEBIAN_FRONTEND=noninteractive 376s + DEBIAN_FRONTEND=noninteractive 376s + required_tools=(pamtester softhsm2-util sssd) 376s + [[ ! -v OFFLINE_MODE ]] 376s + for cmd in "${required_tools[@]}" 376s + command -v pamtester 376s + for cmd in "${required_tools[@]}" 376s + command -v softhsm2-util 376s + for cmd in "${required_tools[@]}" 376s + command -v sssd 376s + PIN=123456 376s ++ mktemp -d -t sssd-softhsm2-certs-XXXXXX 376s + tmpdir=/tmp/sssd-softhsm2-certs-4dU6lS 376s + backupsdir= 376s + alternative_pam_configs=(sss-smart-card-optional sss-smart-card-required) 376s + declare -a restore_paths 376s + declare -a delete_paths 376s + trap handle_exit EXIT 376s ++ dirname debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 376s + tester=debian/tests/sssd-softhism2-certificates-tests.sh 376s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 376s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 376s + export PIN TEST_TMPDIR=/tmp/sssd-softhsm2-certs-4dU6lS GENERATE_SMART_CARDS=1 KEEP_TEMPORARY_FILES=1 NO_SSSD_TESTS=1 376s + TEST_TMPDIR=/tmp/sssd-softhsm2-certs-4dU6lS 376s + GENERATE_SMART_CARDS=1 376s + KEEP_TEMPORARY_FILES=1 376s + NO_SSSD_TESTS=1 376s + bash debian/tests/sssd-softhism2-certificates-tests.sh 376s + '[' -z ubuntu ']' 376s + required_tools=(p11tool openssl softhsm2-util) 376s + for cmd in "${required_tools[@]}" 376s + command -v p11tool 376s + for cmd in "${required_tools[@]}" 376s + command -v openssl 376s + for cmd in "${required_tools[@]}" 376s + command -v softhsm2-util 376s + PIN=123456 376s +++ find /usr/lib/softhsm/libsofthsm2.so 376s +++ head -n 1 376s ++ realpath /usr/lib/softhsm/libsofthsm2.so 376s + SOFTHSM2_MODULE=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 376s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 376s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 376s + '[' '!' -v NO_SSSD_TESTS ']' 376s + '[' '!' -e /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so ']' 376s + tmpdir=/tmp/sssd-softhsm2-certs-4dU6lS 376s + keys_size=1024 376s + [[ ! -v KEEP_TEMPORARY_FILES ]] 376s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 376s + echo -n 01 376s + touch /tmp/sssd-softhsm2-certs-4dU6lS/index.txt 376s + mkdir -p /tmp/sssd-softhsm2-certs-4dU6lS/new_certs 376s + cat 376s + root_ca_key_pass=pass:random-root-CA-password-23005 376s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-key.pem -passout pass:random-root-CA-password-23005 1024 376s + openssl req -passin pass:random-root-CA-password-23005 -batch -config /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA.pem 376s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA.pem 376s + cat 376s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-22361 376s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-22361 1024 376s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-22361 -config /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-23005 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-certificate-request.pem 376s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-certificate-request.pem 376s Certificate Request: 376s Data: 376s Version: 1 (0x0) 376s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 376s Subject Public Key Info: 376s Public Key Algorithm: rsaEncryption 376s Public-Key: (1024 bit) 376s Modulus: 376s 00:bd:0f:ab:1a:09:79:4d:8d:97:05:b7:12:6d:62: 376s 2e:cb:3f:fe:31:66:80:c2:23:bd:b4:29:b1:22:dd: 376s a8:56:6f:25:9e:d3:b9:4f:92:e9:8d:a0:6e:02:29: 376s 47:c1:62:0b:1e:fb:2d:13:e2:ba:5e:51:80:3f:bf: 376s fa:54:8c:a3:fc:4b:98:08:c1:88:57:3e:4e:08:23: 376s 8b:cc:58:29:2c:8d:f6:42:2f:59:a1:16:58:12:44: 376s a0:d6:c5:cb:67:c5:91:c2:7f:d8:99:46:f1:ee:89: 376s 83:dd:b4:35:06:7b:33:51:ca:b6:5e:a4:01:b5:3c: 376s bc:0c:05:df:b5:20:ba:57:a9 376s Exponent: 65537 (0x10001) 376s Attributes: 376s (none) 376s Requested Extensions: 376s Signature Algorithm: sha256WithRSAEncryption 376s Signature Value: 376s b3:47:7b:fe:38:d6:b3:c0:b7:57:73:a5:b0:f1:ba:bc:f3:9a: 376s 6e:1c:eb:05:8f:8a:ab:86:6e:11:74:b2:40:54:16:36:eb:a8: 376s ab:99:71:5b:56:43:51:67:97:b3:83:81:a2:bd:c3:fc:a5:89: 376s 4c:35:d0:eb:a7:52:3a:39:35:09:f5:a9:b1:f9:18:d0:42:43: 376s db:c6:bf:be:c7:8c:4b:4b:10:f6:c0:8c:6c:15:5a:2e:6d:df: 376s 07:2d:d0:c0:9c:44:00:6f:42:6a:79:d6:fe:aa:e7:12:5a:d2: 376s 18:58:b3:cb:1c:47:06:28:1f:f0:b3:63:89:78:9d:28:f5:b9: 376s fa:cf 376s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA.config -passin pass:random-root-CA-password-23005 -keyfile /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem 376s Using configuration from /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA.config 376s Check that the request matches the signature 376s Signature ok 376s Certificate Details: 376s Serial Number: 1 (0x1) 376s Validity 376s Not Before: Nov 15 20:30:35 2024 GMT 376s Not After : Nov 15 20:30:35 2025 GMT 376s Subject: 376s organizationName = Test Organization 376s organizationalUnitName = Test Organization Unit 376s commonName = Test Organization Intermediate CA 376s X509v3 extensions: 376s X509v3 Subject Key Identifier: 376s AA:DD:48:FE:D9:86:4C:4C:92:08:AF:BD:2D:97:7D:13:C1:A3:CA:37 376s X509v3 Authority Key Identifier: 376s keyid:55:CF:81:95:49:76:0D:65:41:6F:D9:E0:EF:85:57:48:29:19:C5:A4 376s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 376s serial:00 376s X509v3 Basic Constraints: 376s CA:TRUE 376s X509v3 Key Usage: critical 376s Digital Signature, Certificate Sign, CRL Sign 376s Certificate is to be certified until Nov 15 20:30:35 2025 GMT (365 days) 376s 376s Write out database with 1 new entries 376s Database updated 376s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem 376s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem 376s /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem: OK 376s + cat 376s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-19794 376s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-19794 1024 377s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-19794 -config /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-22361 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-certificate-request.pem 377s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-certificate-request.pem 377s Certificate Request: 377s Data: 377s Version: 1 (0x0) 377s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 377s Subject Public Key Info: 377s Public Key Algorithm: rsaEncryption 377s Public-Key: (1024 bit) 377s Modulus: 377s 00:b7:5d:c7:cf:b2:f9:ee:ca:13:81:09:4e:db:4b: 377s d8:0d:73:b5:86:03:6b:c6:a1:cf:e4:8e:b6:ed:3b: 377s 08:d5:22:78:18:81:2d:99:de:25:e5:06:e0:97:c5: 377s 30:84:11:be:1e:98:8f:0d:70:ac:5e:cd:08:ab:b7: 377s 93:01:b0:98:a4:db:f1:96:a7:b6:27:7e:db:33:d8: 377s 3a:9c:a7:ea:72:70:c7:54:af:17:fe:66:a1:43:24: 377s 22:49:2d:20:ee:68:58:27:03:fe:e8:9e:42:df:69: 377s 52:7d:37:0c:e1:3f:ca:f9:12:6c:72:73:0f:a2:ac: 377s fd:61:c5:ee:1e:c5:55:de:a9 377s Exponent: 65537 (0x10001) 377s Attributes: 377s (none) 377s Requested Extensions: 377s Signature Algorithm: sha256WithRSAEncryption 377s Signature Value: 377s 49:82:f3:f9:37:9a:2c:ff:2a:3b:dc:f8:a7:56:33:d4:db:05: 377s 82:fa:fb:d3:88:b0:a8:66:c1:9c:50:6d:43:1c:e6:56:6b:5d: 377s 7d:7f:e3:9d:24:00:18:ba:21:6f:03:00:4f:ff:ca:40:e8:87: 377s db:a1:b6:6b:8f:0c:8c:da:ed:d6:ac:df:50:15:64:74:51:2e: 377s 23:44:86:1d:51:d2:5b:48:b3:f4:0a:e2:3a:b7:9b:48:aa:dc: 377s 5b:19:c5:7c:9b:34:69:35:04:98:19:23:60:d0:9b:58:c8:89: 377s 95:e2:e4:1c:25:41:65:ce:60:86:1a:66:bd:87:1f:1b:99:ca: 377s f6:e3 377s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-22361 -keyfile /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.pem 377s Using configuration from /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.config 377s Check that the request matches the signature 377s Signature ok 377s Certificate Details: 377s Serial Number: 2 (0x2) 377s Validity 377s Not Before: Nov 15 20:30:36 2024 GMT 377s Not After : Nov 15 20:30:36 2025 GMT 377s Subject: 377s organizationName = Test Organization 377s organizationalUnitName = Test Organization Unit 377s commonName = Test Organization Sub Intermediate CA 377s X509v3 extensions: 377s X509v3 Subject Key Identifier: 377s 29:D8:34:35:EE:58:0A:EA:30:D0:42:4D:C8:06:5A:25:21:3F:55:A2 377s X509v3 Authority Key Identifier: 377s keyid:AA:DD:48:FE:D9:86:4C:4C:92:08:AF:BD:2D:97:7D:13:C1:A3:CA:37 377s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 377s serial:01 377s X509v3 Basic Constraints: 377s CA:TRUE 377s X509v3 Key Usage: critical 377s Digital Signature, Certificate Sign, CRL Sign 377s Certificate is to be certified until Nov 15 20:30:36 2025 GMT (365 days) 377s 377s Write out database with 1 new entries 377s Database updated 377s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.pem 377s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.pem 377s /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.pem: OK 377s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.pem 377s + local cmd=openssl 377s + shift 377s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.pem 377s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 377s error 20 at 0 depth lookup: unable to get local issuer certificate 377s error /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.pem: verification failed 377s + cat 377s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-3600 377s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-3600 1024 377s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-3600 -key /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001-request.pem 377s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001-request.pem 377s Certificate Request: 377s Data: 377s Version: 1 (0x0) 377s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 377s Subject Public Key Info: 377s Public Key Algorithm: rsaEncryption 377s Public-Key: (1024 bit) 377s Modulus: 377s 00:c1:cc:47:ac:e2:4e:d1:b9:59:66:6f:77:55:c7: 377s 69:7b:4a:82:6a:c0:c7:d2:b4:d4:98:73:42:91:0a: 377s 81:05:6c:e6:69:9d:50:78:12:cf:3a:7d:8b:1a:fb: 377s e1:44:04:71:05:6f:11:b0:18:b7:28:0b:4d:9b:4d: 377s 8f:ac:c7:aa:7a:7a:6b:db:f6:ac:1a:a1:19:aa:94: 377s e7:3c:c6:a0:26:6c:e5:cf:81:21:21:13:ee:9b:f9: 377s 6e:9e:85:ed:b2:ed:22:52:39:20:e8:f1:71:7d:31: 377s 91:2a:b8:2f:04:4b:ea:c7:8e:2d:cf:c8:b1:20:52: 377s 4e:34:19:5e:9a:a4:dd:a8:b1 377s Exponent: 65537 (0x10001) 377s Attributes: 377s Requested Extensions: 377s X509v3 Basic Constraints: 377s CA:FALSE 377s Netscape Cert Type: 377s SSL Client, S/MIME 377s Netscape Comment: 377s Test Organization Root CA trusted Certificate 377s X509v3 Subject Key Identifier: 377s 14:8B:27:B1:8A:43:A2:51:57:D9:B7:B4:91:76:BB:32:A1:63:58:BE 377s X509v3 Key Usage: critical 377s Digital Signature, Non Repudiation, Key Encipherment 377s X509v3 Extended Key Usage: 377s TLS Web Client Authentication, E-mail Protection 377s X509v3 Subject Alternative Name: 377s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 377s Signature Algorithm: sha256WithRSAEncryption 377s Signature Value: 377s 06:57:c4:3b:bb:ea:db:80:9e:18:77:c0:17:41:4f:eb:e9:40: 377s 58:87:e8:da:72:8c:57:a4:da:b3:92:29:44:55:ae:c5:09:09: 377s ee:34:34:f1:de:7f:b2:d6:5a:29:f3:d6:46:e7:62:a3:e0:5c: 377s d8:d5:ff:0b:90:0e:3b:7f:bf:b2:65:9e:26:18:ff:41:6b:7d: 377s 30:35:97:8c:84:f6:39:bd:03:31:45:07:57:8b:09:07:23:b4: 377s 3b:90:dc:81:e6:8f:d2:0b:06:c3:7c:0f:59:bf:1b:4b:f6:b5: 377s be:a9:c4:00:f7:88:24:a8:35:1b:ee:25:c1:25:86:85:9c:40: 377s 9a:ed 377s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA.config -passin pass:random-root-CA-password-23005 -keyfile /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001.pem 377s Using configuration from /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA.config 377s Check that the request matches the signature 377s Signature ok 377s Certificate Details: 377s Serial Number: 3 (0x3) 377s Validity 377s Not Before: Nov 15 20:30:36 2024 GMT 377s Not After : Nov 15 20:30:36 2025 GMT 377s Subject: 377s organizationName = Test Organization 377s organizationalUnitName = Test Organization Unit 377s commonName = Test Organization Root Trusted Certificate 0001 377s X509v3 extensions: 377s X509v3 Authority Key Identifier: 377s 55:CF:81:95:49:76:0D:65:41:6F:D9:E0:EF:85:57:48:29:19:C5:A4 377s X509v3 Basic Constraints: 377s CA:FALSE 377s Netscape Cert Type: 377s SSL Client, S/MIME 377s Netscape Comment: 377s Test Organization Root CA trusted Certificate 377s X509v3 Subject Key Identifier: 377s 14:8B:27:B1:8A:43:A2:51:57:D9:B7:B4:91:76:BB:32:A1:63:58:BE 377s X509v3 Key Usage: critical 377s Digital Signature, Non Repudiation, Key Encipherment 377s X509v3 Extended Key Usage: 377s TLS Web Client Authentication, E-mail Protection 377s X509v3 Subject Alternative Name: 377s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 377s Certificate is to be certified until Nov 15 20:30:36 2025 GMT (365 days) 377s 377s Write out database with 1 new entries 377s Database updated 377s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001.pem 377s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001.pem 377s /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001.pem: OK 377s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001.pem 377s + local cmd=openssl 377s + shift 377s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001.pem 377s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 377s error 20 at 0 depth lookup: unable to get local issuer certificate 377s error /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001.pem: verification failed 377s + cat 377s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-32558 377s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-32558 1024 377s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-32558 -key /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001-request.pem 377s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001-request.pem 377s Certificate Request: 377s Data: 377s Version: 1 (0x0) 377s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 377s Subject Public Key Info: 377s Public Key Algorithm: rsaEncryption 377s Public-Key: (1024 bit) 377s Modulus: 377s 00:bd:a0:f7:bb:7b:5a:25:81:ab:ba:0b:06:95:b8: 377s 95:75:57:8a:3a:fa:e5:e0:4d:21:34:03:6a:9a:97: 377s d0:33:4f:f2:f1:77:66:d8:28:df:80:f6:27:ba:a8: 377s ec:b9:26:7c:0a:1c:00:a1:c9:26:02:59:d3:e2:61: 377s 81:d3:f2:5f:d0:11:21:69:9f:bb:8b:b5:68:81:b5: 377s d0:77:30:9a:46:91:89:0b:c6:d0:a9:b9:67:97:a3: 377s ce:9e:ba:ad:17:47:b5:22:c5:ff:40:3e:b6:6e:94: 377s 2f:94:b3:4f:eb:86:f4:dc:e3:fc:c2:9c:cf:28:95: 377s 35:76:ff:8d:73:d4:84:df:ad 377s Exponent: 65537 (0x10001) 377s Attributes: 377s Requested Extensions: 377s X509v3 Basic Constraints: 377s CA:FALSE 377s Netscape Cert Type: 377s SSL Client, S/MIME 377s Netscape Comment: 377s Test Organization Intermediate CA trusted Certificate 377s X509v3 Subject Key Identifier: 377s BF:54:A2:98:1F:1F:65:6A:60:0E:47:79:81:F6:6E:22:ED:0B:C0:7B 377s X509v3 Key Usage: critical 377s Digital Signature, Non Repudiation, Key Encipherment 377s X509v3 Extended Key Usage: 377s TLS Web Client Authentication, E-mail Protection 377s X509v3 Subject Alternative Name: 377s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 377s Signature Algorithm: sha256WithRSAEncryption 377s Signature Value: 377s b8:d7:cd:c1:27:ad:03:dc:de:be:03:79:1d:27:ee:27:f5:14: 377s 3c:e8:aa:54:db:4b:25:5f:9b:db:25:d1:74:79:3b:ff:8e:e0: 377s 53:90:58:bf:42:82:1d:2d:20:41:2d:43:dc:5c:3a:67:b2:db: 377s 35:f8:0a:49:c1:f3:35:57:42:4c:e1:e2:25:15:ea:02:2e:ac: 377s 76:f6:73:28:5b:06:4a:91:98:c5:32:a7:e1:13:39:59:a0:9d: 377s 0e:cc:4a:25:9a:72:8b:d4:b8:ea:fc:b4:12:ec:fa:d1:f9:62: 377s 2d:b4:fb:4f:63:15:7f:74:18:74:7a:44:5a:99:d3:fb:c8:38: 377s 32:31 377s + openssl ca -passin pass:random-intermediate-CA-password-22361 -config /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001.pem 377s Using configuration from /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.config 377s Check that the request matches the signature 377s Signature ok 377s Certificate Details: 377s Serial Number: 4 (0x4) 377s Validity 377s Not Before: Nov 15 20:30:36 2024 GMT 377s Not After : Nov 15 20:30:36 2025 GMT 377s Subject: 377s organizationName = Test Organization 377s organizationalUnitName = Test Organization Unit 377s commonName = Test Organization Intermediate Trusted Certificate 0001 377s X509v3 extensions: 377s X509v3 Authority Key Identifier: 377s AA:DD:48:FE:D9:86:4C:4C:92:08:AF:BD:2D:97:7D:13:C1:A3:CA:37 377s X509v3 Basic Constraints: 377s CA:FALSE 377s Netscape Cert Type: 377s SSL Client, S/MIME 377s Netscape Comment: 377s Test Organization Intermediate CA trusted Certificate 377s X509v3 Subject Key Identifier: 377s BF:54:A2:98:1F:1F:65:6A:60:0E:47:79:81:F6:6E:22:ED:0B:C0:7B 377s X509v3 Key Usage: critical 377s Digital Signature, Non Repudiation, Key Encipherment 377s X509v3 Extended Key Usage: 377s TLS Web Client Authentication, E-mail Protection 377s X509v3 Subject Alternative Name: 377s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 377s Certificate is to be certified until Nov 15 20:30:36 2025 GMT (365 days) 377s 377s Write out database with 1 new entries 377s Database updated 377s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001.pem 377s This certificate should not be trusted fully 377s + echo 'This certificate should not be trusted fully' 377s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001.pem 377s + local cmd=openssl 377s + shift 377s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001.pem 377s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 377s error 2 at 1 depth lookup: unable to get issuer certificate 377s error /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 377s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001.pem 377s /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001.pem: OK 377s + cat 377s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-2972 377s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-2972 1024 377s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-2972 -key /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 377s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 377s Certificate Request: 377s Data: 377s Version: 1 (0x0) 377s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 377s Subject Public Key Info: 377s Public Key Algorithm: rsaEncryption 377s Public-Key: (1024 bit) 377s Modulus: 377s 00:d8:21:92:6d:e2:69:d3:9e:3b:17:12:f2:da:21: 377s 99:fd:0f:78:e5:04:25:c7:e9:53:14:64:2d:2e:95: 377s 6d:2b:0c:5c:c6:07:6d:7d:57:fb:80:3b:af:5b:cb: 377s e4:c2:ba:b1:78:77:41:05:04:2c:99:8d:be:9e:5b: 377s 85:16:fb:58:93:52:0f:ed:d4:54:44:48:06:ea:0f: 377s 33:9a:37:54:cd:29:0e:10:db:00:0a:2e:bd:e4:40: 377s 63:61:60:8d:6e:ee:91:72:d4:03:aa:ba:a4:25:6f: 377s f3:35:42:45:4d:c1:30:be:1f:af:1a:06:02:43:96: 377s b8:47:c5:df:97:72:d3:d4:5d 377s Exponent: 65537 (0x10001) 377s Attributes: 377s Requested Extensions: 377s X509v3 Basic Constraints: 377s CA:FALSE 377s Netscape Cert Type: 377s SSL Client, S/MIME 377s Netscape Comment: 377s Test Organization Sub Intermediate CA trusted Certificate 377s X509v3 Subject Key Identifier: 377s 96:0E:38:B3:EF:62:6F:99:76:90:29:B8:8A:44:CA:1F:78:6A:4F:67 377s X509v3 Key Usage: critical 377s Digital Signature, Non Repudiation, Key Encipherment 377s X509v3 Extended Key Usage: 377s TLS Web Client Authentication, E-mail Protection 377s X509v3 Subject Alternative Name: 377s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 377s Signature Algorithm: sha256WithRSAEncryption 377s Signature Value: 377s 70:a0:0e:89:16:4c:24:70:df:66:20:70:be:36:2e:81:d3:dc: 377s 50:b8:a8:be:21:f8:2a:08:3b:01:fa:92:b7:6f:3b:00:2a:06: 377s 64:b7:6a:7d:a6:07:bb:e6:ef:b4:a4:ef:74:44:9d:01:5f:fa: 377s 58:05:3d:75:64:75:08:ec:45:fd:be:91:c3:1d:2e:d8:81:18: 377s 96:03:07:a5:c1:4b:cf:45:3d:cc:f4:55:e4:5d:c1:47:19:da: 377s 45:dc:4a:f3:f9:20:19:0a:ac:9f:01:6c:0c:26:be:50:53:1e: 377s 40:15:cd:a6:d3:ef:e7:bb:1a:e3:0a:d1:0f:77:d5:13:00:1e: 377s 29:62 377s + openssl ca -passin pass:random-sub-intermediate-CA-password-19794 -config /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem 377s Using configuration from /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.config 377s Check that the request matches the signature 377s Signature ok 377s Certificate Details: 377s Serial Number: 5 (0x5) 377s Validity 377s Not Before: Nov 15 20:30:36 2024 GMT 377s Not After : Nov 15 20:30:36 2025 GMT 377s Subject: 377s organizationName = Test Organization 377s organizationalUnitName = Test Organization Unit 377s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 377s X509v3 extensions: 377s X509v3 Authority Key Identifier: 377s 29:D8:34:35:EE:58:0A:EA:30:D0:42:4D:C8:06:5A:25:21:3F:55:A2 377s X509v3 Basic Constraints: 377s CA:FALSE 377s Netscape Cert Type: 377s SSL Client, S/MIME 377s Netscape Comment: 377s Test Organization Sub Intermediate CA trusted Certificate 377s X509v3 Subject Key Identifier: 377s 96:0E:38:B3:EF:62:6F:99:76:90:29:B8:8A:44:CA:1F:78:6A:4F:67 377s X509v3 Key Usage: critical 377s Digital Signature, Non Repudiation, Key Encipherment 377s X509v3 Extended Key Usage: 377s TLS Web Client Authentication, E-mail Protection 377s X509v3 Subject Alternative Name: 377s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 377s Certificate is to be certified until Nov 15 20:30:36 2025 GMT (365 days) 377s 377s Write out database with 1 new entries 377s Database updated 377s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem 377s This certificate should not be trusted fully 377s + echo 'This certificate should not be trusted fully' 377s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem 377s + local cmd=openssl 377s + shift 377s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem 377s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 377s error 2 at 1 depth lookup: unable to get issuer certificate 377s error /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 377s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem 377s + local cmd=openssl 377s + shift 377s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem 377s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 377s error 20 at 0 depth lookup: unable to get local issuer certificate 377s error /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 377s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem 377s /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 377s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem 377s + local cmd=openssl 377s + shift 377s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem 377s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 377s error 20 at 0 depth lookup: unable to get local issuer certificate 377s error /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 377s Building a the full-chain CA file... 377s + echo 'Building a the full-chain CA file...' 377s + cat /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.pem 377s + cat /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem 377s + cat /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.pem 377s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-certs-4dU6lS/test-full-chain-CA.pem 377s + openssl pkcs7 -print_certs -noout 377s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 377s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 377s 377s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 377s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 377s 377s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 377s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 377s 377s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem 377s /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA.pem: OK 377s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001.pem 377s /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001.pem: OK 377s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001.pem 377s /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001.pem: OK 377s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-root-intermediate-chain-CA.pem 377s /tmp/sssd-softhsm2-certs-4dU6lS/test-root-intermediate-chain-CA.pem: OK 377s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-4dU6lS/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem 377s /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 377s Certificates generation completed! 377s + echo 'Certificates generation completed!' 377s + [[ -v NO_SSSD_TESTS ]] 377s + [[ -v GENERATE_SMART_CARDS ]] 377s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-3600 377s + local certificate=/tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001.pem 377s + local key_pass=pass:random-root-ca-trusted-cert-0001-3600 377s + local key_cn 377s + local key_name 377s + local tokens_dir 377s + local output_cert_file 377s + token_name= 377s ++ basename /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001.pem .pem 377s + key_name=test-root-CA-trusted-certificate-0001 377s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001.pem 377s ++ sed -n 's/ *commonName *= //p' 377s + key_cn='Test Organization Root Trusted Certificate 0001' 377s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 377s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-root-CA-trusted-certificate-0001.conf 377s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-root-CA-trusted-certificate-0001.conf 377s ++ basename /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 377s + tokens_dir=/tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-root-CA-trusted-certificate-0001 377s + token_name='Test Organization Root Tr Token' 377s + '[' '!' -e /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 377s + local key_file 377s + local decrypted_key 377s + mkdir -p /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-root-CA-trusted-certificate-0001 377s + key_file=/tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001-key.pem 377s + decrypted_key=/tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001-key-decrypted.pem 377s + cat 377s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 123456 --so-pin 123456 --free 377s Slot 0 has a free/uninitialized token. 377s The token has been initialized and is reassigned to slot 613143371 377s + softhsm2-util --show-slots 377s Available slots: 377s Slot 613143371 377s Slot info: 377s Description: SoftHSM slot ID 0x248bd34b 377s Manufacturer ID: SoftHSM project 377s Hardware version: 2.6 377s Firmware version: 2.6 377s Token present: yes 377s Token info: 377s Manufacturer ID: SoftHSM project 377s Model: SoftHSM v2 377s Hardware version: 2.6 377s Firmware version: 2.6 377s Serial number: c2114e0da48bd34b 377s Initialized: yes 377s User PIN init.: yes 377s Label: Test Organization Root Tr Token 377s Slot 1 377s Slot info: 377s Description: SoftHSM slot ID 0x1 377s Manufacturer ID: SoftHSM project 377s Hardware version: 2.6 377s Firmware version: 2.6 377s Token present: yes 377s Token info: 377s Manufacturer ID: SoftHSM project 377s Model: SoftHSM v2 377s Hardware version: 2.6 377s Firmware version: 2.6 377s Serial number: 377s Initialized: no 377s User PIN init.: no 377s Label: 377s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 377s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-3600 -in /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001-key-decrypted.pem 377s writing RSA key 377s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 377s + rm /tmp/sssd-softhsm2-certs-4dU6lS/test-root-CA-trusted-certificate-0001-key-decrypted.pem 377s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 377s Object 0: 377s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=c2114e0da48bd34b;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 377s Type: X.509 Certificate (RSA-1024) 377s Expires: Sat Nov 15 20:30:36 2025 377s Label: Test Organization Root Trusted Certificate 0001 377s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 377s 377s + echo 'Test Organization Root Tr Token' 377s Test Organization Root Tr Token 377s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32558 377s + local certificate=/tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001.pem 377s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32558 377s + local key_cn 377s + local key_name 377s + local tokens_dir 377s + local output_cert_file 377s + token_name= 377s ++ basename /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001.pem .pem 377s + key_name=test-intermediate-CA-trusted-certificate-0001 377s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001.pem 377s ++ sed -n 's/ *commonName *= //p' 377s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 377s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 377s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 377s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 377s ++ basename /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 377s + tokens_dir=/tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-intermediate-CA-trusted-certificate-0001 377s + token_name='Test Organization Interme Token' 377s + '[' '!' -e /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 377s + local key_file 377s + local decrypted_key 377s + mkdir -p /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-intermediate-CA-trusted-certificate-0001 377s + key_file=/tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001-key.pem 377s + decrypted_key=/tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 377s + cat 377s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 123456 --so-pin 123456 --free 377s Slot 0 has a free/uninitialized token. 377s The token has been initialized and is reassigned to slot 1687080340 377s + softhsm2-util --show-slots 377s Available slots: 377s Slot 1687080340 377s Slot info: 377s Description: SoftHSM slot ID 0x648ecd94 377s Manufacturer ID: SoftHSM project 377s Hardware version: 2.6 377s Firmware version: 2.6 377s Token present: yes 377s Token info: 377s Manufacturer ID: SoftHSM project 377s Model: SoftHSM v2 377s Hardware version: 2.6 377s Firmware version: 2.6 377s Serial number: a2723467648ecd94 377s Initialized: yes 377s User PIN init.: yes 377s Label: Test Organization Interme Token 377s Slot 1 377s Slot info: 377s Description: SoftHSM slot ID 0x1 377s Manufacturer ID: SoftHSM project 377s Hardware version: 2.6 377s Firmware version: 2.6 377s Token present: yes 377s Token info: 377s Manufacturer ID: SoftHSM project 377s Model: SoftHSM v2 377s Hardware version: 2.6 377s Firmware version: 2.6 377s Serial number: 377s Initialized: no 377s User PIN init.: no 377s Label: 377s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 377s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-32558 -in /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 377s writing RSA key 377s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 377s + rm /tmp/sssd-softhsm2-certs-4dU6lS/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 377s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 377s Object 0: 377s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=a2723467648ecd94;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 377s Type: X.509 Certificate (RSA-1024) 377s Expires: Sat Nov 15 20:30:36 2025 377s Label: Test Organization Intermediate Trusted Certificate 0001 377s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 377s 377s Test Organization Interme Token 377s + echo 'Test Organization Interme Token' 377s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-2972 377s + local certificate=/tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem 377s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-2972 377s + local key_cn 377s + local key_name 377s + local tokens_dir 377s + local output_cert_file 377s + token_name= 377s ++ basename /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 377s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 377s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem 377s ++ sed -n 's/ *commonName *= //p' 377s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 377s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 377s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 377s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 377s ++ basename /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 377s + tokens_dir=/tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 377s + token_name='Test Organization Sub Int Token' 377s + '[' '!' -e /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 377s + local key_file 377s + local decrypted_key 377s + mkdir -p /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 377s + key_file=/tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 377s + decrypted_key=/tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 377s + cat 377s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 123456 --so-pin 123456 --free 377s Slot 0 has a free/uninitialized token. 377s The token has been initialized and is reassigned to slot 1177453993 377s + softhsm2-util --show-slots 377s Available slots: 377s Slot 1177453993 377s Slot info: 377s Description: SoftHSM slot ID 0x462e85a9 377s Manufacturer ID: SoftHSM project 377s Hardware version: 2.6 377s Firmware version: 2.6 377s Token present: yes 377s Token info: 377s Manufacturer ID: SoftHSM project 377s Model: SoftHSM v2 377s Hardware version: 2.6 377s Firmware version: 2.6 377s Serial number: 5881278c462e85a9 377s Initialized: yes 377s User PIN init.: yes 377s Label: Test Organization Sub Int Token 377s Slot 1 377s Slot info: 377s Description: SoftHSM slot ID 0x1 377s Manufacturer ID: SoftHSM project 377s Hardware version: 2.6 377s Firmware version: 2.6 377s Token present: yes 377s Token info: 377s Manufacturer ID: SoftHSM project 377s Model: SoftHSM v2 377s Hardware version: 2.6 377s Firmware version: 2.6 377s Serial number: 377s Initialized: no 377s User PIN init.: no 377s Label: 377s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 377s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-2972 -in /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 377s writing RSA key 377s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 377s + rm /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 377s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 377s Object 0: 377s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5881278c462e85a9;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 377s Type: X.509 Certificate (RSA-1024) 377s Expires: Sat Nov 15 20:30:36 2025 377s Label: Test Organization Sub Intermediate Trusted Certificate 0001 377s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 377s 377s Test Organization Sub Int Token 377s Certificates generation completed! 377s + echo 'Test Organization Sub Int Token' 377s + echo 'Certificates generation completed!' 377s + exit 0 377s + find /tmp/sssd-softhsm2-certs-4dU6lS -type d -exec chmod 777 '{}' ';' 377s + find /tmp/sssd-softhsm2-certs-4dU6lS -type f -exec chmod 666 '{}' ';' 377s + backup_file /etc/sssd/sssd.conf 377s + '[' -z '' ']' 377s ++ mktemp -d -t sssd-softhsm2-backups-XXXXXX 377s + backupsdir=/tmp/sssd-softhsm2-backups-tEuSqg 377s + '[' -e /etc/sssd/sssd.conf ']' 377s + delete_paths+=("$1") 377s + rm -f /etc/sssd/sssd.conf 377s ++ runuser -u ubuntu -- sh -c 'echo ~' 377s + user_home=/home/ubuntu 377s + mkdir -p /home/ubuntu 377s + chown ubuntu:ubuntu /home/ubuntu 377s ++ runuser -u ubuntu -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}' 377s + user_config=/home/ubuntu/.config 377s + system_config=/etc 377s + softhsm2_conf_paths=("${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf" "root:$system_config/softhsm/softhsm2.conf") 377s + for path_pair in "${softhsm2_conf_paths[@]}" 377s + IFS=: 377s + read -r -a path 377s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 377s + backup_file /home/ubuntu/.config/softhsm2/softhsm2.conf 377s + '[' -z /tmp/sssd-softhsm2-backups-tEuSqg ']' 377s + '[' -e /home/ubuntu/.config/softhsm2/softhsm2.conf ']' 377s + delete_paths+=("$1") 377s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 377s + for path_pair in "${softhsm2_conf_paths[@]}" 377s + IFS=: 377s + read -r -a path 377s + path=/etc/softhsm/softhsm2.conf 377s + backup_file /etc/softhsm/softhsm2.conf 377s + '[' -z /tmp/sssd-softhsm2-backups-tEuSqg ']' 377s + '[' -e /etc/softhsm/softhsm2.conf ']' 377s ++ dirname /etc/softhsm/softhsm2.conf 377s + local back_dir=/tmp/sssd-softhsm2-backups-tEuSqg//etc/softhsm 377s ++ basename /etc/softhsm/softhsm2.conf 377s + local back_path=/tmp/sssd-softhsm2-backups-tEuSqg//etc/softhsm/softhsm2.conf 377s + '[' '!' -e /tmp/sssd-softhsm2-backups-tEuSqg//etc/softhsm/softhsm2.conf ']' 377s + mkdir -p /tmp/sssd-softhsm2-backups-tEuSqg//etc/softhsm 377s + cp -a /etc/softhsm/softhsm2.conf /tmp/sssd-softhsm2-backups-tEuSqg//etc/softhsm/softhsm2.conf 377s + restore_paths+=("$back_path") 377s + rm -f /etc/softhsm/softhsm2.conf 377s + test_authentication login /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-root-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-4dU6lS/test-full-chain-CA.pem 377s + pam_service=login 377s + certificate_config=/tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-root-CA-trusted-certificate-0001.conf 377s + ca_db=/tmp/sssd-softhsm2-certs-4dU6lS/test-full-chain-CA.pem 377s + verification_options= 377s + mkdir -p -m 700 /etc/sssd 377s Using CA DB '/tmp/sssd-softhsm2-certs-4dU6lS/test-full-chain-CA.pem' with verification options: '' 377s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-4dU6lS/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 377s + cat 377s + chmod 600 /etc/sssd/sssd.conf 377s + for path_pair in "${softhsm2_conf_paths[@]}" 377s + IFS=: 377s + read -r -a path 377s + user=ubuntu 377s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 377s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 377s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 377s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-root-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 377s + runuser -u ubuntu -- softhsm2-util --show-slots 377s + grep 'Test Organization' 377s Label: Test Organization Root Tr Token 377s + for path_pair in "${softhsm2_conf_paths[@]}" 377s + IFS=: 377s + read -r -a path 377s + user=root 377s + path=/etc/softhsm/softhsm2.conf 377s ++ dirname /etc/softhsm/softhsm2.conf 377s + runuser -u root -- mkdir -p /etc/softhsm 377s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-root-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 377s + runuser -u root -- softhsm2-util --show-slots 377s + grep 'Test Organization' 377s Label: Test Organization Root Tr Token 377s + systemctl restart sssd 377s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 377s + for alternative in "${alternative_pam_configs[@]}" 377s + pam-auth-update --enable sss-smart-card-optional 378s # 378s # /etc/pam.d/common-auth - authentication settings common to all services 378s # 378s # This file is included from other service-specific PAM config files, 378s # and should contain a list of the authentication modules that define 378s # the central authentication scheme for use on the system 378s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 378s # traditional Unix authentication mechanisms. 378s # 378s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 378s # To take advantage of this, it is recommended that you configure any 378s # local modules either before or after the default block, and use 378s # pam-auth-update to manage selection of other modules. See 378s # pam-auth-update(8) for details. 378s 378s # here are the per-package modules (the "Primary" block) 378s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 378s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 378s auth [success=1 default=ignore] pam_sss.so use_first_pass 378s # here's the fallback if no module succeeds 378s auth requisite pam_deny.so 378s # prime the stack with a positive return value if there isn't one already; 378s # this avoids us returning an error just because nothing sets a success code 378s # since the modules above will each just jump around 378s auth required pam_permit.so 378s # and here are more per-package modules (the "Additional" block) 378s auth optional pam_cap.so 378s # end of pam-auth-update config 378s + cat /etc/pam.d/common-auth 378s + echo -n -e 123456 378s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 378s pamtester: invoking pam_start(login, ubuntu, ...) 378s pamtester: performing operation - authenticate 378s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 378s + echo -n -e 123456 378s + runuser -u ubuntu -- pamtester -v login '' authenticate 378s pamtester: invoking pam_start(login, , ...) 378s pamtester: performing operation - authenticate 378s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 378s + echo -n -e wrong123456 378s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 378s pamtester: invoking pam_start(login, ubuntu, ...) 378s pamtester: performing operation - authenticate 381s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 381s + echo -n -e wrong123456 381s + runuser -u ubuntu -- pamtester -v login '' authenticate 381s pamtester: invoking pam_start(login, , ...) 381s pamtester: performing operation - authenticate 384s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 384s + echo -n -e 123456 384s + pamtester -v login root authenticate 384s pamtester: invoking pam_start(login, root, ...) 384s pamtester: performing operation - authenticate 388s Password: PAM configuration 388s ----------------- 388s 388s Incompatible PAM profiles selected. 388s 388s The following PAM profiles cannot be used together: 388s 388s SSS required smart card authentication, SSS optional smart card 388s authentication 388s 388s Please select a different set of modules to enable. 388s 388s # 388s # /etc/pam.d/common-auth - authentication settings common to all services 388s # 388s # This file is included from other service-specific PAM config files, 388s # and should contain a list of the authentication modules that define 388s # the central authentication scheme for use on the system 388s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 388s # traditional Unix authentication mechanisms. 388s # 388s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 388s # To take advantage of this, it is recommended that you configure any 388s # local modules either before or after the default block, and use 388s # pam-auth-update to manage selection of other modules. See 388s # pam-auth-update(8) for details. 388s 388s # here are the per-package modules (the "Primary" block) 388s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 388s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 388s auth [success=1 default=ignore] pam_sss.so use_first_pass 388s # here's the fallback if no module succeeds 388s auth requisite pam_deny.so 388s # prime the stack with a positive return value if there isn't one already; 388s # this avoids us returning an error just because nothing sets a success code 388s # since the modules above will each just jump around 388s auth required pam_permit.so 388s # and here are more per-package modules (the "Additional" block) 388s auth optional pam_cap.so 388s # end of pam-auth-update config 388s pamtester: Authentication failure 388s + for alternative in "${alternative_pam_configs[@]}" 388s + pam-auth-update --enable sss-smart-card-required 388s + cat /etc/pam.d/common-auth 388s + echo -n -e 123456 388s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 388s pamtester: invoking pam_start(login, ubuntu, ...) 388s pamtester: performing operation - authenticate 388s PIN for Test Organization Root Tr Token: + echo -n -e 123456 388s + runuser -u ubuntu -- pamtester -v login '' authenticate 388s pamtester: invoking pam_start(login, , ...) 388s pamtester: performing operation - authenticate 388s PIN for Test Organization Root Tr Token: + echo -n -e wrong123456 388s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 388s pamtester: invoking pam_start(login, ubuntu, ...) 388s pamtester: performing operation - authenticate 388s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 388s pamtester: successfully authenticated 392s pamtester: Authentication failure 392s + echo -n -e wrong123456 392s + runuser -u ubuntu -- pamtester -v login '' authenticate 392s pamtester: invoking pam_start(login, , ...) 392s pamtester: performing operation - authenticate 394s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 394s + echo -n -e 123456 395s + pamtester -v login root authenticate 395s pamtester: invoking pam_start(login, root, ...) 395s pamtester: performing operation - authenticate 398s pamtester: Authentication service cannot retrieve authentication info 398s + test_authentication login /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-4dU6lS/test-full-chain-CA.pem 398s + pam_service=login 398s + certificate_config=/tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 398s + ca_db=/tmp/sssd-softhsm2-certs-4dU6lS/test-full-chain-CA.pem 398s + verification_options= 398s + mkdir -p -m 700 /etc/sssd 398s Using CA DB '/tmp/sssd-softhsm2-certs-4dU6lS/test-full-chain-CA.pem' with verification options: '' 398s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-4dU6lS/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 398s + cat 398s + chmod 600 /etc/sssd/sssd.conf 398s + for path_pair in "${softhsm2_conf_paths[@]}" 398s + IFS=: 398s + read -r -a path 398s + user=ubuntu 398s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 398s Label: Test Organization Sub Int Token 398s Label: Test Organization Sub Int Token 398s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 398s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 398s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 398s + runuser -u ubuntu -- softhsm2-util --show-slots 398s + grep 'Test Organization' 398s + for path_pair in "${softhsm2_conf_paths[@]}" 398s + IFS=: 398s + read -r -a path 398s + user=root 398s + path=/etc/softhsm/softhsm2.conf 398s ++ dirname /etc/softhsm/softhsm2.conf 398s + runuser -u root -- mkdir -p /etc/softhsm 398s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 398s + runuser -u root -- softhsm2-util --show-slots 398s + grep 'Test Organization' 398s + systemctl restart sssd 398s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 398s + for alternative in "${alternative_pam_configs[@]}" 398s + pam-auth-update --enable sss-smart-card-optional 398s + cat /etc/pam.d/common-auth 398s # 398s # /etc/pam.d/common-auth - authentication settings common to all services 398s # 398s # This file is included from other service-specific PAM config files, 398s # and should contain a list of the authentication modules that define 398s # the central authentication scheme for use on the system 398s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 398s # traditional Unix authentication mechanisms. 398s # 398s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 398s # To take advantage of this, it is recommended that you configure any 398s # local modules either before or after the default block, and use 398s # pam-auth-update to manage selection of other modules. See 398s # pam-auth-update(8) for details. 398s 398s # here are the per-package modules (the "Primary" block) 398s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 398s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 398s auth [success=1 default=ignore] pam_sss.so use_first_pass 398s # here's the fallback if no module succeeds 398s auth requisite pam_deny.so 398s # prime the stack with a positive return value if there isn't one already; 398s # this avoids us returning an error just because nothing sets a success code 398s # since the modules above will each just jump around 398s auth required pam_permit.so 398s # and here are more per-package modules (the "Additional" block) 398s auth optional pam_cap.so 398s # end of pam-auth-update config 398s + echo -n -e 123456 398s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 398s pamtester: invoking pam_start(login, ubuntu, ...) 398s pamtester: performing operation - authenticate 398s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 398s + echo -n -e 123456 398s + runuser -u ubuntu -- pamtester -v login '' authenticate 398s pamtester: invoking pam_start(login, , ...) 398s pamtester: performing operation - authenticate 398s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 398s + echo -n -e wrong123456 398s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 398s pamtester: invoking pam_start(login, ubuntu, ...) 398s pamtester: performing operation - authenticate 402s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 402s + echo -n -e wrong123456 402s + runuser -u ubuntu -- pamtester -v login '' authenticate 402s pamtester: invoking pam_start(login, , ...) 402s pamtester: performing operation - authenticate 406s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 406s + echo -n -e 123456 406s + pamtester -v login root authenticate 406s pamtester: invoking pam_start(login, root, ...) 406s pamtester: performing operation - authenticate 408s Password: pamtester: Authentication failure 408s + for alternative in "${alternative_pam_configs[@]}" 408s + pam-auth-update --enable sss-smart-card-required 409s PAM configuration 409s ----------------- 409s 409s Incompatible PAM profiles selected. 409s 409s The following PAM profiles cannot be used together: 409s 409s SSS required smart card authentication, SSS optional smart card 409s authentication 409s 409s Please select a different set of modules to enable. 409s 409s + cat /etc/pam.d/common-auth 409s # 409s # /etc/pam.d/common-auth - authentication settings common to all services 409s # 409s # This file is included from other service-specific PAM config files, 409s # and should contain a list of the authentication modules that define 409s # the central authentication scheme for use on the system 409s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 409s # traditional Unix authentication mechanisms. 409s # 409s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 409s # To take advantage of this, it is recommended that you configure any 409s # local modules either before or after the default block, and use 409s # pam-auth-update to manage selection of other modules. See 409s # pam-auth-update(8) for details. 409s 409s # here are the per-package modules (the "Primary" block) 409s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 409s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 409s auth [success=1 default=ignore] pam_sss.so use_first_pass 409s # here's the fallback if no module succeeds 409s auth requisite pam_deny.so 409s # prime the stack with a positive return value if there isn't one already; 409s # this avoids us returning an error just because nothing sets a success code 409s # since the modules above will each just jump around 409s auth required pam_permit.so 409s # and here are more per-package modules (the "Additional" block) 409s auth optional pam_cap.so 409s # end of pam-auth-update config 409s + echo -n -e 123456 409s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 409s pamtester: invoking pam_start(login, ubuntu, ...) 409s pamtester: performing operation - authenticate 409s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 409s + echo -n -e 123456 409s + runuser -u ubuntu -- pamtester -v login '' authenticate 409s pamtester: invoking pam_start(login, , ...) 409s pamtester: performing operation - authenticate 409s PIN for Test Organization Sub Int Token: + echo -n -e wrong123456 409s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 409s pamtester: invoking pam_start(login, ubuntu, ...) 409s pamtester: performing operation - authenticate 409s pamtester: successfully authenticated 411s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 411s + echo -n -e wrong123456 411s + runuser -u ubuntu -- pamtester -v login '' authenticate 411s pamtester: invoking pam_start(login, , ...) 411s pamtester: performing operation - authenticate 414s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 414s + echo -n -e 123456 414s + pamtester -v login root authenticate 414s pamtester: invoking pam_start(login, root, ...) 414s pamtester: performing operation - authenticate 418s Using CA DB '/tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.pem' with verification options: 'partial_chain' 418s pamtester: Authentication service cannot retrieve authentication info 418s + test_authentication login /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.pem partial_chain 418s + pam_service=login 418s + certificate_config=/tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 418s + ca_db=/tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.pem 418s + verification_options=partial_chain 418s + mkdir -p -m 700 /etc/sssd 418s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-4dU6lS/test-sub-intermediate-CA.pem'\'' with verification options: '\''partial_chain'\''' 418s + cat 418s + chmod 600 /etc/sssd/sssd.conf 418s + for path_pair in "${softhsm2_conf_paths[@]}" 418s + IFS=: 418s + read -r -a path 418s + user=ubuntu 418s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 418s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 418s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 418s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 418s + runuser -u ubuntu -- softhsm2-util --show-slots 418s + grep 'Test Organization' 418s Label: Test Organization Sub Int Token 418s Label: Test Organization Sub Int Token 418s + for path_pair in "${softhsm2_conf_paths[@]}" 418s + IFS=: 418s + read -r -a path 418s + user=root 418s + path=/etc/softhsm/softhsm2.conf 418s ++ dirname /etc/softhsm/softhsm2.conf 418s + runuser -u root -- mkdir -p /etc/softhsm 418s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-4dU6lS/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 418s + runuser -u root -- softhsm2-util --show-slots 418s + grep 'Test Organization' 418s + systemctl restart sssd 418s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 419s + for alternative in "${alternative_pam_configs[@]}" 419s + pam-auth-update --enable sss-smart-card-optional 419s + cat /etc/pam.d/common-auth 419s # 419s # /etc/pam.d/common-auth - authentication settings common to all services 419s # 419s # This file is included from other service-specific PAM config files, 419s # and should contain a list of the authentication modules that define 419s # the central authentication scheme for use on the system 419s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 419s # traditional Unix authentication mechanisms. 419s # 419s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 419s # To take advantage of this, it is recommended that you configure any 419s # local modules either before or after the default block, and use 419s # pam-auth-update to manage selection of other modules. See 419s # pam-auth-update(8) for details. 419s 419s # here are the per-package modules (the "Primary" block) 419s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 419s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 419s auth [success=1 default=ignore] pam_sss.so use_first_pass 419s # here's the fallback if no module succeeds 419s auth requisite pam_deny.so 419s # prime the stack with a positive return value if there isn't one already; 419s # this avoids us returning an error just because nothing sets a success code 419s # since the modules above will each just jump around 419s auth required pam_permit.so 419s # and here are more per-package modules (the "Additional" block) 419s auth optional pam_cap.so 419s # end of pam-auth-update config 419s + echo -n -e 123456 419s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 419s pamtester: invoking pam_start(login, ubuntu, ...) 419s pamtester: performing operation - authenticate 419s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 419s + echo -n -e 123456 419s + runuser -u ubuntu -- pamtester -v login '' authenticate 419s pamtester: invoking pam_start(login, , ...) 419s pamtester: performing operation - authenticate 419s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 419s + echo -n -e wrong123456 419s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 419s pamtester: invoking pam_start(login, ubuntu, ...) 419s pamtester: performing operation - authenticate 423s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 423s + echo -n -e wrong123456 423s + runuser -u ubuntu -- pamtester -v login '' authenticate 423s pamtester: invoking pam_start(login, , ...) 423s pamtester: performing operation - authenticate 426s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 426s + echo -n -e 123456 426s + pamtester -v login root authenticate 426s pamtester: invoking pam_start(login, root, ...) 426s pamtester: performing operation - authenticate 429s Password: pamtester: Authentication failure 429s + for alternative in "${alternative_pam_configs[@]}" 429s + pam-auth-update --enable sss-smart-card-required 430s PAM configuration 430s ----------------- 430s 430s Incompatible PAM profiles selected. 430s 430s The following PAM profiles cannot be used together: 430s 430s SSS required smart card authentication, SSS optional smart card 430s authentication 430s 430s Please select a different set of modules to enable. 430s 430s + cat /etc/pam.d/common-auth 430s # 430s # /etc/pam.d/common-auth - authentication settings common to all services 430s # 430s # This file is included from other service-specific PAM config files, 430s # and should contain a list of the authentication modules that define 430s # the central authentication scheme for use on the system 430s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 430s # traditional Unix authentication mechanisms. 430s # 430s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 430s # To take advantage of this, it is recommended that you configure any 430s # local modules either before or after the default block, and use 430s # pam-auth-update to manage selection of other modules. See 430s # pam-auth-update(8) for details. 430s 430s # here are the per-package modules (the "Primary" block) 430s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 430s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 430s auth [success=1 default=ignore] pam_sss.so use_first_pass 430s # here's the fallback if no module succeeds 430s auth requisite pam_deny.so 430s # prime the stack with a positive return value if there isn't one already; 430s # this avoids us returning an error just because nothing sets a success code 430s # since the modules above will each just jump around 430s auth required pam_permit.so 430s # and here are more per-package modules (the "Additional" block) 430s auth optional pam_cap.so 430s # end of pam-auth-update config 430s + echo -n -e 123456 430s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 430s pamtester: invoking pam_start(login, ubuntu, ...) 430s pamtester: performing operation - authenticate 430s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 430s pamtester: successfully authenticated 430s + echo -n -e 123456 430s + runuser -u ubuntu -- pamtester -v login '' authenticate 430s pamtester: invoking pam_start(login, , ...) 430s pamtester: performing operation - authenticate 430s PIN for Test Organization Sub Int Token: + echo -n -e wrong123456 430s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 430s pamtester: invoking pam_start(login, ubuntu, ...) 430s pamtester: performing operation - authenticate 433s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 433s + runuser -u ubuntu -- pamtester -v login '' authenticate 433s + echo -n -e wrong123456 433s pamtester: invoking pam_start(login, , ...) 433s pamtester: performing operation - authenticate 436s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 436s + echo -n -e 123456 436s + pamtester -v login root authenticate 436s pamtester: invoking pam_start(login, root, ...) 436s pamtester: performing operation - authenticate 439s pamtester: Authentication service cannot retrieve authentication info 439s + handle_exit 439s + exit_code=0 439s + restore_changes 439s + for path in "${restore_paths[@]}" 439s + local original_path 439s ++ realpath --strip --relative-base=/tmp/sssd-softhsm2-backups-tEuSqg /tmp/sssd-softhsm2-backups-tEuSqg//etc/softhsm/softhsm2.conf 439s + original_path=/etc/softhsm/softhsm2.conf 439s + rm /etc/softhsm/softhsm2.conf 439s + mv /tmp/sssd-softhsm2-backups-tEuSqg//etc/softhsm/softhsm2.conf /etc/softhsm/softhsm2.conf 439s + for path in "${delete_paths[@]}" 439s + rm -f /etc/sssd/sssd.conf 439s + for path in "${delete_paths[@]}" 439s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 439s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 439s + '[' -e /etc/sssd/sssd.conf ']' 439s + systemctl stop sssd 439s + '[' -e /etc/softhsm/softhsm2.conf ']' 439s + chmod 600 /etc/softhsm/softhsm2.conf 439s + rm -rf /tmp/sssd-softhsm2-certs-4dU6lS 439s + '[' 0 = 0 ']' 439s + rm -rf /tmp/sssd-softhsm2-backups-tEuSqg 439s Script completed successfully! 439s + set +x 440s autopkgtest [20:31:39]: test sssd-smart-card-pam-auth-configs: -----------------------] 440s autopkgtest [20:31:39]: test sssd-smart-card-pam-auth-configs: - - - - - - - - - - results - - - - - - - - - - 440s sssd-smart-card-pam-auth-configs PASS 441s autopkgtest [20:31:40]: @@@@@@@@@@@@@@@@@@@@ summary 441s ldap-user-group-ldap-auth PASS 441s ldap-user-group-krb5-auth PASS 441s sssd-softhism2-certificates-tests.sh PASS 441s sssd-smart-card-pam-auth-configs PASS 453s nova [W] Using flock in prodstack6-s390x 453s flock: timeout while waiting to get lock 453s Creating nova instance adt-noble-s390x-sssd-20241115-202419-juju-7f2275-prod-proposed-migration-environment-15-7c918832-6026-4bbd-8ddb-30b1e105869d from image adt/ubuntu-noble-s390x-server-20241115.img (UUID ae729d8e-93f9-4b68-9c29-a5b86e9b2750)... 453s nova [W] Using flock in prodstack6-s390x 453s flock: timeout while waiting to get lock 453s Creating nova instance adt-noble-s390x-sssd-20241115-202419-juju-7f2275-prod-proposed-migration-environment-15-7c918832-6026-4bbd-8ddb-30b1e105869d from image adt/ubuntu-noble-s390x-server-20241115.img (UUID ae729d8e-93f9-4b68-9c29-a5b86e9b2750)...