0s autopkgtest [19:06:25]: starting date and time: 2024-06-13 19:06:25+0000 0s autopkgtest [19:06:25]: git checkout: 433ed4cb Merge branch 'skia/nova_flock' into 'ubuntu/5.34+prod' 0s autopkgtest [19:06:25]: host juju-7f2275-prod-proposed-migration-environment-2; command line: /home/ubuntu/autopkgtest/runner/autopkgtest --output-dir /tmp/autopkgtest-work.w7pyt5_3/out --timeout-copy=6000 --setup-commands /home/ubuntu/autopkgtest-cloud/worker-config-production/setup-canonical.sh --apt-pocket=proposed=src:systemd --apt-upgrade sssd --timeout-short=300 --timeout-copy=20000 --timeout-build=20000 --env=ADT_TEST_TRIGGERS=systemd/256-1ubuntu1 -- ssh -s /home/ubuntu/autopkgtest/ssh-setup/nova -- --flavor autopkgtest --security-groups autopkgtest-juju-7f2275-prod-proposed-migration-environment-2@bos02-ppc64el-19.secgroup --name adt-oracular-ppc64el-sssd-20240613-190625-juju-7f2275-prod-proposed-migration-environment-2-44e0a463-e47d-4770-9af7-c49ffc0b6e63 --image adt/ubuntu-oracular-ppc64el-server --keyname testbed-juju-7f2275-prod-proposed-migration-environment-2 --net-id=net_prod-proposed-migration -e TERM=linux -e ''"'"'http_proxy=http://squid.internal:3128'"'"'' -e ''"'"'https_proxy=http://squid.internal:3128'"'"'' -e ''"'"'no_proxy=127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,keyserver.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com'"'"'' --mirror=http://ftpmaster.internal/ubuntu/ 157s autopkgtest [19:09:02]: testbed dpkg architecture: ppc64el 157s autopkgtest [19:09:02]: testbed apt version: 2.9.3 157s autopkgtest [19:09:02]: @@@@@@@@@@@@@@@@@@@@ test bed setup 158s Get:1 http://ftpmaster.internal/ubuntu oracular-proposed InRelease [110 kB] 159s Get:2 http://ftpmaster.internal/ubuntu oracular-proposed/main Sources [38.7 kB] 159s Get:3 http://ftpmaster.internal/ubuntu oracular-proposed/universe Sources [363 kB] 159s Get:4 http://ftpmaster.internal/ubuntu oracular-proposed/multiverse Sources [2576 B] 159s Get:5 http://ftpmaster.internal/ubuntu oracular-proposed/restricted Sources [7052 B] 159s Get:6 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el Packages [58.3 kB] 159s Get:7 http://ftpmaster.internal/ubuntu oracular-proposed/restricted ppc64el Packages [1860 B] 159s Get:8 http://ftpmaster.internal/ubuntu oracular-proposed/universe ppc64el Packages [324 kB] 159s Get:9 http://ftpmaster.internal/ubuntu oracular-proposed/multiverse ppc64el Packages [2532 B] 159s Fetched 908 kB in 1s (1187 kB/s) 159s Reading package lists... 161s Reading package lists... 161s Building dependency tree... 161s Reading state information... 162s Calculating upgrade... 162s The following package was automatically installed and is no longer required: 162s systemd-dev 162s Use 'sudo apt autoremove' to remove it. 162s The following packages will be upgraded: 162s dhcpcd-base dracut-install gir1.2-glib-2.0 libglib2.0-0t64 libglib2.0-data 162s libnss-systemd libpam-systemd libsystemd-shared libsystemd0 libudev1 systemd 162s systemd-dev systemd-resolved systemd-sysv systemd-timesyncd udev 162s 16 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 162s Need to get 12.7 MB of archives. 162s After this operation, 1904 kB of additional disk space will be used. 162s Get:1 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el systemd-dev all 256-1ubuntu1 [111 kB] 162s Get:2 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el systemd-timesyncd ppc64el 256-1ubuntu1 [37.9 kB] 162s Get:3 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el systemd-resolved ppc64el 256-1ubuntu1 [363 kB] 162s Get:4 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el libsystemd-shared ppc64el 256-1ubuntu1 [2471 kB] 162s Get:5 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el libsystemd0 ppc64el 256-1ubuntu1 [547 kB] 162s Get:6 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el systemd-sysv ppc64el 256-1ubuntu1 [11.8 kB] 162s Get:7 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el libnss-systemd ppc64el 256-1ubuntu1 [210 kB] 162s Get:8 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el libpam-systemd ppc64el 256-1ubuntu1 [318 kB] 162s Get:9 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el systemd ppc64el 256-1ubuntu1 [3962 kB] 163s Get:10 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el udev ppc64el 256-1ubuntu1 [2110 kB] 163s Get:11 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el libudev1 ppc64el 256-1ubuntu1 [218 kB] 163s Get:12 http://ftpmaster.internal/ubuntu oracular/main ppc64el dhcpcd-base ppc64el 1:10.0.8-2 [277 kB] 163s Get:13 http://ftpmaster.internal/ubuntu oracular/main ppc64el gir1.2-glib-2.0 ppc64el 2.80.3-1ubuntu1 [182 kB] 163s Get:14 http://ftpmaster.internal/ubuntu oracular/main ppc64el libglib2.0-0t64 ppc64el 2.80.3-1ubuntu1 [1765 kB] 163s Get:15 http://ftpmaster.internal/ubuntu oracular/main ppc64el libglib2.0-data all 2.80.3-1ubuntu1 [49.3 kB] 163s Get:16 http://ftpmaster.internal/ubuntu oracular/main ppc64el dracut-install ppc64el 102-3ubuntu1 [35.7 kB] 163s Fetched 12.7 MB in 1s (12.6 MB/s) 163s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72665 files and directories currently installed.) 163s Preparing to unpack .../systemd-dev_256-1ubuntu1_all.deb ... 163s Unpacking systemd-dev (256-1ubuntu1) over (255.4-1ubuntu8) ... 163s Preparing to unpack .../systemd-timesyncd_256-1ubuntu1_ppc64el.deb ... 163s Unpacking systemd-timesyncd (256-1ubuntu1) over (255.4-1ubuntu8) ... 163s Preparing to unpack .../systemd-resolved_256-1ubuntu1_ppc64el.deb ... 163s Unpacking systemd-resolved (256-1ubuntu1) over (255.4-1ubuntu8) ... 163s Preparing to unpack .../libsystemd-shared_256-1ubuntu1_ppc64el.deb ... 163s Unpacking libsystemd-shared:ppc64el (256-1ubuntu1) over (255.4-1ubuntu8) ... 163s Preparing to unpack .../libsystemd0_256-1ubuntu1_ppc64el.deb ... 163s Unpacking libsystemd0:ppc64el (256-1ubuntu1) over (255.4-1ubuntu8) ... 163s Setting up libsystemd0:ppc64el (256-1ubuntu1) ... 163s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72667 files and directories currently installed.) 163s Preparing to unpack .../0-systemd-sysv_256-1ubuntu1_ppc64el.deb ... 163s Unpacking systemd-sysv (256-1ubuntu1) over (255.4-1ubuntu8) ... 163s Preparing to unpack .../1-libnss-systemd_256-1ubuntu1_ppc64el.deb ... 163s Unpacking libnss-systemd:ppc64el (256-1ubuntu1) over (255.4-1ubuntu8) ... 163s Preparing to unpack .../2-libpam-systemd_256-1ubuntu1_ppc64el.deb ... 163s Unpacking libpam-systemd:ppc64el (256-1ubuntu1) over (255.4-1ubuntu8) ... 163s Preparing to unpack .../3-systemd_256-1ubuntu1_ppc64el.deb ... 163s Unpacking systemd (256-1ubuntu1) over (255.4-1ubuntu8) ... 164s Preparing to unpack .../4-udev_256-1ubuntu1_ppc64el.deb ... 164s Unpacking udev (256-1ubuntu1) over (255.4-1ubuntu8) ... 164s Preparing to unpack .../5-libudev1_256-1ubuntu1_ppc64el.deb ... 164s Unpacking libudev1:ppc64el (256-1ubuntu1) over (255.4-1ubuntu8) ... 164s Setting up libudev1:ppc64el (256-1ubuntu1) ... 164s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72727 files and directories currently installed.) 164s Preparing to unpack .../dhcpcd-base_1%3a10.0.8-2_ppc64el.deb ... 164s Unpacking dhcpcd-base (1:10.0.8-2) over (1:10.0.8-1) ... 164s Preparing to unpack .../gir1.2-glib-2.0_2.80.3-1ubuntu1_ppc64el.deb ... 164s Unpacking gir1.2-glib-2.0:ppc64el (2.80.3-1ubuntu1) over (2.80.2-1ubuntu1) ... 164s Preparing to unpack .../libglib2.0-0t64_2.80.3-1ubuntu1_ppc64el.deb ... 164s Unpacking libglib2.0-0t64:ppc64el (2.80.3-1ubuntu1) over (2.80.2-1ubuntu1) ... 164s Preparing to unpack .../libglib2.0-data_2.80.3-1ubuntu1_all.deb ... 164s Unpacking libglib2.0-data (2.80.3-1ubuntu1) over (2.80.2-1ubuntu1) ... 164s Preparing to unpack .../dracut-install_102-3ubuntu1_ppc64el.deb ... 164s Unpacking dracut-install (102-3ubuntu1) over (060+5-8ubuntu2) ... 164s Setting up systemd-dev (256-1ubuntu1) ... 164s Setting up libglib2.0-0t64:ppc64el (2.80.3-1ubuntu1) ... 164s No schema files found: doing nothing. 164s Setting up libglib2.0-data (2.80.3-1ubuntu1) ... 164s Setting up libsystemd-shared:ppc64el (256-1ubuntu1) ... 164s Setting up dhcpcd-base (1:10.0.8-2) ... 164s Setting up gir1.2-glib-2.0:ppc64el (2.80.3-1ubuntu1) ... 164s Setting up dracut-install (102-3ubuntu1) ... 164s Setting up systemd (256-1ubuntu1) ... 164s Installing new version of config file /etc/systemd/journald.conf ... 164s Installing new version of config file /etc/systemd/logind.conf ... 164s Installing new version of config file /etc/systemd/networkd.conf ... 164s Installing new version of config file /etc/systemd/sleep.conf ... 164s Installing new version of config file /etc/systemd/system.conf ... 164s /usr/lib/tmpfiles.d/legacy.conf:13: Duplicate line for path "/run/lock", ignoring. 164s Created symlink '/run/systemd/system/tmp.mount' → '/dev/null'. 164s /usr/lib/tmpfiles.d/legacy.conf:13: Duplicate line for path "/run/lock", ignoring. 165s Setting up systemd-timesyncd (256-1ubuntu1) ... 166s Setting up udev (256-1ubuntu1) ... 167s Setting up systemd-resolved (256-1ubuntu1) ... 167s Installing new version of config file /etc/systemd/resolved.conf ... 167s Setting up systemd-sysv (256-1ubuntu1) ... 167s Setting up libnss-systemd:ppc64el (256-1ubuntu1) ... 167s Setting up libpam-systemd:ppc64el (256-1ubuntu1) ... 167s Processing triggers for libc-bin (2.39-0ubuntu8.1) ... 167s Processing triggers for man-db (2.12.1-2) ... 168s Processing triggers for dbus (1.14.10-4ubuntu4) ... 168s Processing triggers for shared-mime-info (2.4-5) ... 168s Warning: program compiled against libxml 212 using older 209 169s Processing triggers for initramfs-tools (0.142ubuntu28) ... 169s update-initramfs: Generating /boot/initrd.img-6.8.0-31-generic 169s W: No lz4 in /usr/bin:/sbin:/bin, using gzip 175s Reading package lists... 175s Building dependency tree... 175s Reading state information... 176s The following packages will be REMOVED: 176s systemd-dev* 176s 0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded. 176s After this operation, 760 kB disk space will be freed. 176s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72727 files and directories currently installed.) 176s Removing systemd-dev (256-1ubuntu1) ... 176s Hit:1 http://ftpmaster.internal/ubuntu oracular-proposed InRelease 177s Hit:2 http://ftpmaster.internal/ubuntu oracular InRelease 177s Hit:3 http://ftpmaster.internal/ubuntu oracular-updates InRelease 177s Hit:4 http://ftpmaster.internal/ubuntu oracular-security InRelease 178s Reading package lists... 178s Reading package lists... 178s Building dependency tree... 178s Reading state information... 178s Calculating upgrade... 179s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 179s Reading package lists... 179s Building dependency tree... 179s Reading state information... 179s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 179s autopkgtest [19:09:24]: rebooting testbed after setup commands that affected boot 183s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 216s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 221s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 228s autopkgtest [19:10:13]: testbed running kernel: Linux 6.8.0-31-generic #31-Ubuntu SMP Sat Apr 20 00:05:55 UTC 2024 231s autopkgtest [19:10:16]: @@@@@@@@@@@@@@@@@@@@ apt-source sssd 247s Get:1 http://ftpmaster.internal/ubuntu oracular/main sssd 2.9.4-1.1ubuntu6 (dsc) [5056 B] 247s Get:2 http://ftpmaster.internal/ubuntu oracular/main sssd 2.9.4-1.1ubuntu6 (tar) [7983 kB] 247s Get:3 http://ftpmaster.internal/ubuntu oracular/main sssd 2.9.4-1.1ubuntu6 (diff) [49.2 kB] 247s gpgv: Signature made Tue Apr 16 09:55:57 2024 UTC 247s gpgv: using RSA key 568BF22A66337CBFC9A6B9B72C83DBC8E9BD0E37 247s gpgv: Can't check signature: No public key 247s dpkg-source: warning: cannot verify inline signature for ./sssd_2.9.4-1.1ubuntu6.dsc: no acceptable signature found 247s autopkgtest [19:10:32]: testing package sssd version 2.9.4-1.1ubuntu6 248s autopkgtest [19:10:33]: build not needed 266s autopkgtest [19:10:51]: test ldap-user-group-ldap-auth: preparing testbed 267s Reading package lists... 267s Building dependency tree... 267s Reading state information... 267s Starting pkgProblemResolver with broken count: 0 267s Starting 2 pkgProblemResolver with broken count: 0 267s Done 268s The following additional packages will be installed: 268s expect ldap-utils libavahi-client3 libavahi-common-data libavahi-common3 268s libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 libdhash1t64 268s libevent-2.1-7t64 libini-config5t64 libipa-hbac-dev libipa-hbac0t64 libjose0 268s libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo libodbc2 268s libpam-pwquality libpam-sss libpath-utils1t64 libpwquality-common 268s libpwquality1 libref-array1t64 libsmbclient0 libsss-certmap-dev 268s libsss-certmap0 libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev 268s libsss-nss-idmap0 libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0t64 268s libverto-libevent1t64 libverto1t64 libwbclient0 python3-libipa-hbac 268s python3-libsss-nss-idmap python3-sss samba-libs slapd sssd sssd-ad 268s sssd-ad-common sssd-common sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 268s sssd-krb5-common sssd-ldap sssd-passkey sssd-proxy sssd-tools tcl-expect 268s tcl8.6 268s Suggested packages: 268s tk8.6 libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal 268s odbc-postgresql tdsodbc adcli libsasl2-modules-ldap tcl-tclreadline 268s Recommended packages: 268s cracklib-runtime libsasl2-modules-gssapi-mit 268s | libsasl2-modules-gssapi-heimdal 268s The following NEW packages will be installed: 268s autopkgtest-satdep expect ldap-utils libavahi-client3 libavahi-common-data 268s libavahi-common3 libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 268s libdhash1t64 libevent-2.1-7t64 libini-config5t64 libipa-hbac-dev 268s libipa-hbac0t64 libjose0 libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss 268s libnss-sudo libodbc2 libpam-pwquality libpam-sss libpath-utils1t64 268s libpwquality-common libpwquality1 libref-array1t64 libsmbclient0 268s libsss-certmap-dev libsss-certmap0 libsss-idmap-dev libsss-idmap0 268s libsss-nss-idmap-dev libsss-nss-idmap0 libsss-sudo libtalloc2 libtcl8.6 268s libtdb1 libtevent0t64 libverto-libevent1t64 libverto1t64 libwbclient0 268s python3-libipa-hbac python3-libsss-nss-idmap python3-sss samba-libs slapd 268s sssd sssd-ad sssd-ad-common sssd-common sssd-dbus sssd-idp sssd-ipa sssd-kcm 268s sssd-krb5 sssd-krb5-common sssd-ldap sssd-passkey sssd-proxy sssd-tools 268s tcl-expect tcl8.6 268s 0 upgraded, 65 newly installed, 0 to remove and 0 not upgraded. 268s Need to get 14.3 MB/14.3 MB of archives. 268s After this operation, 70.1 MB of additional disk space will be used. 268s Get:1 /tmp/autopkgtest.px9P1l/1-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [876 B] 268s Get:2 http://ftpmaster.internal/ubuntu oracular/main ppc64el libltdl7 ppc64el 2.4.7-7build1 [48.2 kB] 268s Get:3 http://ftpmaster.internal/ubuntu oracular/main ppc64el libodbc2 ppc64el 2.3.12-1ubuntu1 [187 kB] 268s Get:4 http://ftpmaster.internal/ubuntu oracular/main ppc64el slapd ppc64el 2.6.7+dfsg-1~exp1ubuntu8 [1768 kB] 268s Get:5 http://ftpmaster.internal/ubuntu oracular/main ppc64el libtcl8.6 ppc64el 8.6.14+dfsg-1build1 [1204 kB] 268s Get:6 http://ftpmaster.internal/ubuntu oracular/main ppc64el tcl8.6 ppc64el 8.6.14+dfsg-1build1 [14.8 kB] 268s Get:7 http://ftpmaster.internal/ubuntu oracular/universe ppc64el tcl-expect ppc64el 5.45.4-3 [122 kB] 268s Get:8 http://ftpmaster.internal/ubuntu oracular/universe ppc64el expect ppc64el 5.45.4-3 [137 kB] 268s Get:9 http://ftpmaster.internal/ubuntu oracular/main ppc64el ldap-utils ppc64el 2.6.7+dfsg-1~exp1ubuntu8 [154 kB] 268s Get:10 http://ftpmaster.internal/ubuntu oracular/main ppc64el libavahi-common-data ppc64el 0.8-13ubuntu6 [29.7 kB] 268s Get:11 http://ftpmaster.internal/ubuntu oracular/main ppc64el libavahi-common3 ppc64el 0.8-13ubuntu6 [26.3 kB] 268s Get:12 http://ftpmaster.internal/ubuntu oracular/main ppc64el libavahi-client3 ppc64el 0.8-13ubuntu6 [30.8 kB] 268s Get:13 http://ftpmaster.internal/ubuntu oracular/main ppc64el libbasicobjects0t64 ppc64el 0.6.2-2.1build1 [6138 B] 268s Get:14 http://ftpmaster.internal/ubuntu oracular/main ppc64el libcares2 ppc64el 1.27.0-1.0ubuntu1 [99.0 kB] 269s Get:15 http://ftpmaster.internal/ubuntu oracular/main ppc64el libcollection4t64 ppc64el 0.6.2-2.1build1 [36.4 kB] 269s Get:16 http://ftpmaster.internal/ubuntu oracular/main ppc64el libcrack2 ppc64el 2.9.6-5.1build2 [31.1 kB] 269s Get:17 http://ftpmaster.internal/ubuntu oracular/main ppc64el libdhash1t64 ppc64el 0.6.2-2.1build1 [10.4 kB] 269s Get:18 http://ftpmaster.internal/ubuntu oracular/main ppc64el libevent-2.1-7t64 ppc64el 2.1.12-stable-10 [172 kB] 269s Get:19 http://ftpmaster.internal/ubuntu oracular/main ppc64el libpath-utils1t64 ppc64el 0.6.2-2.1build1 [10.6 kB] 269s Get:20 http://ftpmaster.internal/ubuntu oracular/main ppc64el libref-array1t64 ppc64el 0.6.2-2.1build1 [8160 B] 269s Get:21 http://ftpmaster.internal/ubuntu oracular/main ppc64el libini-config5t64 ppc64el 0.6.2-2.1build1 [55.3 kB] 269s Get:22 http://ftpmaster.internal/ubuntu oracular/main ppc64el libipa-hbac0t64 ppc64el 2.9.4-1.1ubuntu6 [18.0 kB] 269s Get:23 http://ftpmaster.internal/ubuntu oracular/universe ppc64el libjose0 ppc64el 13-1 [51.9 kB] 269s Get:24 http://ftpmaster.internal/ubuntu oracular/main ppc64el libverto-libevent1t64 ppc64el 0.3.1-1.2ubuntu3 [6490 B] 269s Get:25 http://ftpmaster.internal/ubuntu oracular/main ppc64el libverto1t64 ppc64el 0.3.1-1.2ubuntu3 [12.1 kB] 269s Get:26 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el libkrad0 ppc64el 1.20.1-6ubuntu2 [24.8 kB] 269s Get:27 http://ftpmaster.internal/ubuntu oracular/main ppc64el libtalloc2 ppc64el 2.4.2-1build2 [36.7 kB] 269s Get:28 http://ftpmaster.internal/ubuntu oracular/main ppc64el libtdb1 ppc64el 1.4.10-1build1 [62.8 kB] 269s Get:29 http://ftpmaster.internal/ubuntu oracular/main ppc64el libtevent0t64 ppc64el 0.16.1-2build1 [51.2 kB] 269s Get:30 http://ftpmaster.internal/ubuntu oracular/main ppc64el libldb2 ppc64el 2:2.8.0+samba4.19.5+dfsg-4ubuntu9 [220 kB] 269s Get:31 http://ftpmaster.internal/ubuntu oracular/main ppc64el libnfsidmap1 ppc64el 1:2.6.4-4ubuntu1 [54.3 kB] 269s Get:32 http://ftpmaster.internal/ubuntu oracular/universe ppc64el libnss-sudo all 1.9.15p5-3ubuntu5 [15.2 kB] 269s Get:33 http://ftpmaster.internal/ubuntu oracular/main ppc64el libpwquality-common all 1.4.5-3build1 [7748 B] 269s Get:34 http://ftpmaster.internal/ubuntu oracular/main ppc64el libpwquality1 ppc64el 1.4.5-3build1 [17.0 kB] 269s Get:35 http://ftpmaster.internal/ubuntu oracular/main ppc64el libpam-pwquality ppc64el 1.4.5-3build1 [12.5 kB] 269s Get:36 http://ftpmaster.internal/ubuntu oracular/main ppc64el libwbclient0 ppc64el 2:4.19.5+dfsg-4ubuntu9 [77.3 kB] 269s Get:37 http://ftpmaster.internal/ubuntu oracular/main ppc64el samba-libs ppc64el 2:4.19.5+dfsg-4ubuntu9 [6674 kB] 269s Get:38 http://ftpmaster.internal/ubuntu oracular/main ppc64el libsmbclient0 ppc64el 2:4.19.5+dfsg-4ubuntu9 [70.3 kB] 269s Get:39 http://ftpmaster.internal/ubuntu oracular/main ppc64el libnss-sss ppc64el 2.9.4-1.1ubuntu6 [36.8 kB] 269s Get:40 http://ftpmaster.internal/ubuntu oracular/main ppc64el libpam-sss ppc64el 2.9.4-1.1ubuntu6 [56.8 kB] 269s Get:41 http://ftpmaster.internal/ubuntu oracular/main ppc64el python3-sss ppc64el 2.9.4-1.1ubuntu6 [48.4 kB] 269s Get:42 http://ftpmaster.internal/ubuntu oracular/main ppc64el libsss-certmap0 ppc64el 2.9.4-1.1ubuntu6 [54.0 kB] 269s Get:43 http://ftpmaster.internal/ubuntu oracular/main ppc64el libsss-idmap0 ppc64el 2.9.4-1.1ubuntu6 [25.1 kB] 269s Get:44 http://ftpmaster.internal/ubuntu oracular/main ppc64el libsss-nss-idmap0 ppc64el 2.9.4-1.1ubuntu6 [37.8 kB] 269s Get:45 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-common ppc64el 2.9.4-1.1ubuntu6 [1280 kB] 269s Get:46 http://ftpmaster.internal/ubuntu oracular/universe ppc64el sssd-idp ppc64el 2.9.4-1.1ubuntu6 [30.8 kB] 269s Get:47 http://ftpmaster.internal/ubuntu oracular/universe ppc64el sssd-passkey ppc64el 2.9.4-1.1ubuntu6 [35.4 kB] 269s Get:48 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-ad-common ppc64el 2.9.4-1.1ubuntu6 [88.6 kB] 269s Get:49 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-krb5-common ppc64el 2.9.4-1.1ubuntu6 [103 kB] 269s Get:50 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-ad ppc64el 2.9.4-1.1ubuntu6 [147 kB] 269s Get:51 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-ipa ppc64el 2.9.4-1.1ubuntu6 [240 kB] 269s Get:52 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-krb5 ppc64el 2.9.4-1.1ubuntu6 [14.4 kB] 269s Get:53 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-ldap ppc64el 2.9.4-1.1ubuntu6 [31.6 kB] 269s Get:54 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-proxy ppc64el 2.9.4-1.1ubuntu6 [47.9 kB] 269s Get:55 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd ppc64el 2.9.4-1.1ubuntu6 [4120 B] 269s Get:56 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-dbus ppc64el 2.9.4-1.1ubuntu6 [122 kB] 269s Get:57 http://ftpmaster.internal/ubuntu oracular/universe ppc64el sssd-kcm ppc64el 2.9.4-1.1ubuntu6 [160 kB] 269s Get:58 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-tools ppc64el 2.9.4-1.1ubuntu6 [108 kB] 269s Get:59 http://ftpmaster.internal/ubuntu oracular/main ppc64el libipa-hbac-dev ppc64el 2.9.4-1.1ubuntu6 [6670 B] 269s Get:60 http://ftpmaster.internal/ubuntu oracular/main ppc64el libsss-certmap-dev ppc64el 2.9.4-1.1ubuntu6 [5738 B] 269s Get:61 http://ftpmaster.internal/ubuntu oracular/main ppc64el libsss-idmap-dev ppc64el 2.9.4-1.1ubuntu6 [8386 B] 269s Get:62 http://ftpmaster.internal/ubuntu oracular/main ppc64el libsss-nss-idmap-dev ppc64el 2.9.4-1.1ubuntu6 [6712 B] 269s Get:63 http://ftpmaster.internal/ubuntu oracular/universe ppc64el libsss-sudo ppc64el 2.9.4-1.1ubuntu6 [22.8 kB] 269s Get:64 http://ftpmaster.internal/ubuntu oracular/universe ppc64el python3-libipa-hbac ppc64el 2.9.4-1.1ubuntu6 [19.2 kB] 269s Get:65 http://ftpmaster.internal/ubuntu oracular/universe ppc64el python3-libsss-nss-idmap ppc64el 2.9.4-1.1ubuntu6 [9538 B] 270s Preconfiguring packages ... 270s Fetched 14.3 MB in 2s (9232 kB/s) 270s Selecting previously unselected package libltdl7:ppc64el. 270s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72680 files and directories currently installed.) 270s Preparing to unpack .../00-libltdl7_2.4.7-7build1_ppc64el.deb ... 270s Unpacking libltdl7:ppc64el (2.4.7-7build1) ... 270s Selecting previously unselected package libodbc2:ppc64el. 270s Preparing to unpack .../01-libodbc2_2.3.12-1ubuntu1_ppc64el.deb ... 270s Unpacking libodbc2:ppc64el (2.3.12-1ubuntu1) ... 270s Selecting previously unselected package slapd. 270s Preparing to unpack .../02-slapd_2.6.7+dfsg-1~exp1ubuntu8_ppc64el.deb ... 270s Unpacking slapd (2.6.7+dfsg-1~exp1ubuntu8) ... 270s Selecting previously unselected package libtcl8.6:ppc64el. 270s Preparing to unpack .../03-libtcl8.6_8.6.14+dfsg-1build1_ppc64el.deb ... 270s Unpacking libtcl8.6:ppc64el (8.6.14+dfsg-1build1) ... 270s Selecting previously unselected package tcl8.6. 270s Preparing to unpack .../04-tcl8.6_8.6.14+dfsg-1build1_ppc64el.deb ... 270s Unpacking tcl8.6 (8.6.14+dfsg-1build1) ... 270s Selecting previously unselected package tcl-expect:ppc64el. 270s Preparing to unpack .../05-tcl-expect_5.45.4-3_ppc64el.deb ... 270s Unpacking tcl-expect:ppc64el (5.45.4-3) ... 270s Selecting previously unselected package expect. 270s Preparing to unpack .../06-expect_5.45.4-3_ppc64el.deb ... 270s Unpacking expect (5.45.4-3) ... 270s Selecting previously unselected package ldap-utils. 270s Preparing to unpack .../07-ldap-utils_2.6.7+dfsg-1~exp1ubuntu8_ppc64el.deb ... 270s Unpacking ldap-utils (2.6.7+dfsg-1~exp1ubuntu8) ... 270s Selecting previously unselected package libavahi-common-data:ppc64el. 270s Preparing to unpack .../08-libavahi-common-data_0.8-13ubuntu6_ppc64el.deb ... 270s Unpacking libavahi-common-data:ppc64el (0.8-13ubuntu6) ... 270s Selecting previously unselected package libavahi-common3:ppc64el. 270s Preparing to unpack .../09-libavahi-common3_0.8-13ubuntu6_ppc64el.deb ... 270s Unpacking libavahi-common3:ppc64el (0.8-13ubuntu6) ... 270s Selecting previously unselected package libavahi-client3:ppc64el. 270s Preparing to unpack .../10-libavahi-client3_0.8-13ubuntu6_ppc64el.deb ... 270s Unpacking libavahi-client3:ppc64el (0.8-13ubuntu6) ... 270s Selecting previously unselected package libbasicobjects0t64:ppc64el. 270s Preparing to unpack .../11-libbasicobjects0t64_0.6.2-2.1build1_ppc64el.deb ... 270s Unpacking libbasicobjects0t64:ppc64el (0.6.2-2.1build1) ... 270s Selecting previously unselected package libcares2:ppc64el. 270s Preparing to unpack .../12-libcares2_1.27.0-1.0ubuntu1_ppc64el.deb ... 270s Unpacking libcares2:ppc64el (1.27.0-1.0ubuntu1) ... 270s Selecting previously unselected package libcollection4t64:ppc64el. 270s Preparing to unpack .../13-libcollection4t64_0.6.2-2.1build1_ppc64el.deb ... 270s Unpacking libcollection4t64:ppc64el (0.6.2-2.1build1) ... 270s Selecting previously unselected package libcrack2:ppc64el. 270s Preparing to unpack .../14-libcrack2_2.9.6-5.1build2_ppc64el.deb ... 270s Unpacking libcrack2:ppc64el (2.9.6-5.1build2) ... 270s Selecting previously unselected package libdhash1t64:ppc64el. 270s Preparing to unpack .../15-libdhash1t64_0.6.2-2.1build1_ppc64el.deb ... 270s Unpacking libdhash1t64:ppc64el (0.6.2-2.1build1) ... 270s Selecting previously unselected package libevent-2.1-7t64:ppc64el. 270s Preparing to unpack .../16-libevent-2.1-7t64_2.1.12-stable-10_ppc64el.deb ... 270s Unpacking libevent-2.1-7t64:ppc64el (2.1.12-stable-10) ... 271s Selecting previously unselected package libpath-utils1t64:ppc64el. 271s Preparing to unpack .../17-libpath-utils1t64_0.6.2-2.1build1_ppc64el.deb ... 271s Unpacking libpath-utils1t64:ppc64el (0.6.2-2.1build1) ... 271s Selecting previously unselected package libref-array1t64:ppc64el. 271s Preparing to unpack .../18-libref-array1t64_0.6.2-2.1build1_ppc64el.deb ... 271s Unpacking libref-array1t64:ppc64el (0.6.2-2.1build1) ... 271s Selecting previously unselected package libini-config5t64:ppc64el. 271s Preparing to unpack .../19-libini-config5t64_0.6.2-2.1build1_ppc64el.deb ... 271s Unpacking libini-config5t64:ppc64el (0.6.2-2.1build1) ... 271s Selecting previously unselected package libipa-hbac0t64. 271s Preparing to unpack .../20-libipa-hbac0t64_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking libipa-hbac0t64 (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package libjose0:ppc64el. 271s Preparing to unpack .../21-libjose0_13-1_ppc64el.deb ... 271s Unpacking libjose0:ppc64el (13-1) ... 271s Selecting previously unselected package libverto-libevent1t64:ppc64el. 271s Preparing to unpack .../22-libverto-libevent1t64_0.3.1-1.2ubuntu3_ppc64el.deb ... 271s Unpacking libverto-libevent1t64:ppc64el (0.3.1-1.2ubuntu3) ... 271s Selecting previously unselected package libverto1t64:ppc64el. 271s Preparing to unpack .../23-libverto1t64_0.3.1-1.2ubuntu3_ppc64el.deb ... 271s Unpacking libverto1t64:ppc64el (0.3.1-1.2ubuntu3) ... 271s Selecting previously unselected package libkrad0:ppc64el. 271s Preparing to unpack .../24-libkrad0_1.20.1-6ubuntu2_ppc64el.deb ... 271s Unpacking libkrad0:ppc64el (1.20.1-6ubuntu2) ... 271s Selecting previously unselected package libtalloc2:ppc64el. 271s Preparing to unpack .../25-libtalloc2_2.4.2-1build2_ppc64el.deb ... 271s Unpacking libtalloc2:ppc64el (2.4.2-1build2) ... 271s Selecting previously unselected package libtdb1:ppc64el. 271s Preparing to unpack .../26-libtdb1_1.4.10-1build1_ppc64el.deb ... 271s Unpacking libtdb1:ppc64el (1.4.10-1build1) ... 271s Selecting previously unselected package libtevent0t64:ppc64el. 271s Preparing to unpack .../27-libtevent0t64_0.16.1-2build1_ppc64el.deb ... 271s Unpacking libtevent0t64:ppc64el (0.16.1-2build1) ... 271s Selecting previously unselected package libldb2:ppc64el. 271s Preparing to unpack .../28-libldb2_2%3a2.8.0+samba4.19.5+dfsg-4ubuntu9_ppc64el.deb ... 271s Unpacking libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 271s Selecting previously unselected package libnfsidmap1:ppc64el. 271s Preparing to unpack .../29-libnfsidmap1_1%3a2.6.4-4ubuntu1_ppc64el.deb ... 271s Unpacking libnfsidmap1:ppc64el (1:2.6.4-4ubuntu1) ... 271s Selecting previously unselected package libnss-sudo. 271s Preparing to unpack .../30-libnss-sudo_1.9.15p5-3ubuntu5_all.deb ... 271s Unpacking libnss-sudo (1.9.15p5-3ubuntu5) ... 271s Selecting previously unselected package libpwquality-common. 271s Preparing to unpack .../31-libpwquality-common_1.4.5-3build1_all.deb ... 271s Unpacking libpwquality-common (1.4.5-3build1) ... 271s Selecting previously unselected package libpwquality1:ppc64el. 271s Preparing to unpack .../32-libpwquality1_1.4.5-3build1_ppc64el.deb ... 271s Unpacking libpwquality1:ppc64el (1.4.5-3build1) ... 271s Selecting previously unselected package libpam-pwquality:ppc64el. 271s Preparing to unpack .../33-libpam-pwquality_1.4.5-3build1_ppc64el.deb ... 271s Unpacking libpam-pwquality:ppc64el (1.4.5-3build1) ... 271s Selecting previously unselected package libwbclient0:ppc64el. 271s Preparing to unpack .../34-libwbclient0_2%3a4.19.5+dfsg-4ubuntu9_ppc64el.deb ... 271s Unpacking libwbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 271s Selecting previously unselected package samba-libs:ppc64el. 271s Preparing to unpack .../35-samba-libs_2%3a4.19.5+dfsg-4ubuntu9_ppc64el.deb ... 271s Unpacking samba-libs:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 271s Selecting previously unselected package libsmbclient0:ppc64el. 271s Preparing to unpack .../36-libsmbclient0_2%3a4.19.5+dfsg-4ubuntu9_ppc64el.deb ... 271s Unpacking libsmbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 271s Selecting previously unselected package libnss-sss:ppc64el. 271s Preparing to unpack .../37-libnss-sss_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking libnss-sss:ppc64el (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package libpam-sss:ppc64el. 271s Preparing to unpack .../38-libpam-sss_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking libpam-sss:ppc64el (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package python3-sss. 271s Preparing to unpack .../39-python3-sss_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking python3-sss (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package libsss-certmap0. 271s Preparing to unpack .../40-libsss-certmap0_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking libsss-certmap0 (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package libsss-idmap0. 271s Preparing to unpack .../41-libsss-idmap0_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking libsss-idmap0 (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package libsss-nss-idmap0. 271s Preparing to unpack .../42-libsss-nss-idmap0_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking libsss-nss-idmap0 (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package sssd-common. 271s Preparing to unpack .../43-sssd-common_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking sssd-common (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package sssd-idp. 271s Preparing to unpack .../44-sssd-idp_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking sssd-idp (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package sssd-passkey. 271s Preparing to unpack .../45-sssd-passkey_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking sssd-passkey (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package sssd-ad-common. 271s Preparing to unpack .../46-sssd-ad-common_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking sssd-ad-common (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package sssd-krb5-common. 271s Preparing to unpack .../47-sssd-krb5-common_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking sssd-krb5-common (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package sssd-ad. 271s Preparing to unpack .../48-sssd-ad_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking sssd-ad (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package sssd-ipa. 271s Preparing to unpack .../49-sssd-ipa_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking sssd-ipa (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package sssd-krb5. 271s Preparing to unpack .../50-sssd-krb5_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking sssd-krb5 (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package sssd-ldap. 271s Preparing to unpack .../51-sssd-ldap_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking sssd-ldap (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package sssd-proxy. 271s Preparing to unpack .../52-sssd-proxy_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking sssd-proxy (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package sssd. 271s Preparing to unpack .../53-sssd_2.9.4-1.1ubuntu6_ppc64el.deb ... 271s Unpacking sssd (2.9.4-1.1ubuntu6) ... 271s Selecting previously unselected package sssd-dbus. 271s Preparing to unpack .../54-sssd-dbus_2.9.4-1.1ubuntu6_ppc64el.deb ... 272s Unpacking sssd-dbus (2.9.4-1.1ubuntu6) ... 272s Selecting previously unselected package sssd-kcm. 272s Preparing to unpack .../55-sssd-kcm_2.9.4-1.1ubuntu6_ppc64el.deb ... 272s Unpacking sssd-kcm (2.9.4-1.1ubuntu6) ... 272s Selecting previously unselected package sssd-tools. 272s Preparing to unpack .../56-sssd-tools_2.9.4-1.1ubuntu6_ppc64el.deb ... 272s Unpacking sssd-tools (2.9.4-1.1ubuntu6) ... 272s Selecting previously unselected package libipa-hbac-dev. 272s Preparing to unpack .../57-libipa-hbac-dev_2.9.4-1.1ubuntu6_ppc64el.deb ... 272s Unpacking libipa-hbac-dev (2.9.4-1.1ubuntu6) ... 272s Selecting previously unselected package libsss-certmap-dev. 272s Preparing to unpack .../58-libsss-certmap-dev_2.9.4-1.1ubuntu6_ppc64el.deb ... 272s Unpacking libsss-certmap-dev (2.9.4-1.1ubuntu6) ... 272s Selecting previously unselected package libsss-idmap-dev. 272s Preparing to unpack .../59-libsss-idmap-dev_2.9.4-1.1ubuntu6_ppc64el.deb ... 272s Unpacking libsss-idmap-dev (2.9.4-1.1ubuntu6) ... 272s Selecting previously unselected package libsss-nss-idmap-dev. 272s Preparing to unpack .../60-libsss-nss-idmap-dev_2.9.4-1.1ubuntu6_ppc64el.deb ... 272s Unpacking libsss-nss-idmap-dev (2.9.4-1.1ubuntu6) ... 272s Selecting previously unselected package libsss-sudo. 272s Preparing to unpack .../61-libsss-sudo_2.9.4-1.1ubuntu6_ppc64el.deb ... 272s Unpacking libsss-sudo (2.9.4-1.1ubuntu6) ... 272s Selecting previously unselected package python3-libipa-hbac. 272s Preparing to unpack .../62-python3-libipa-hbac_2.9.4-1.1ubuntu6_ppc64el.deb ... 272s Unpacking python3-libipa-hbac (2.9.4-1.1ubuntu6) ... 272s Selecting previously unselected package python3-libsss-nss-idmap. 272s Preparing to unpack .../63-python3-libsss-nss-idmap_2.9.4-1.1ubuntu6_ppc64el.deb ... 272s Unpacking python3-libsss-nss-idmap (2.9.4-1.1ubuntu6) ... 272s Selecting previously unselected package autopkgtest-satdep. 272s Preparing to unpack .../64-1-autopkgtest-satdep.deb ... 272s Unpacking autopkgtest-satdep (0) ... 272s Setting up libpwquality-common (1.4.5-3build1) ... 272s Setting up libnfsidmap1:ppc64el (1:2.6.4-4ubuntu1) ... 272s Setting up libsss-idmap0 (2.9.4-1.1ubuntu6) ... 272s Setting up libbasicobjects0t64:ppc64el (0.6.2-2.1build1) ... 272s Setting up libipa-hbac0t64 (2.9.4-1.1ubuntu6) ... 272s Setting up libsss-idmap-dev (2.9.4-1.1ubuntu6) ... 272s Setting up libref-array1t64:ppc64el (0.6.2-2.1build1) ... 272s Setting up libipa-hbac-dev (2.9.4-1.1ubuntu6) ... 272s Setting up libtdb1:ppc64el (1.4.10-1build1) ... 272s Setting up libcollection4t64:ppc64el (0.6.2-2.1build1) ... 272s Setting up libevent-2.1-7t64:ppc64el (2.1.12-stable-10) ... 272s Setting up ldap-utils (2.6.7+dfsg-1~exp1ubuntu8) ... 272s Setting up libjose0:ppc64el (13-1) ... 272s Setting up libwbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 272s Setting up libtalloc2:ppc64el (2.4.2-1build2) ... 272s Setting up libpath-utils1t64:ppc64el (0.6.2-2.1build1) ... 272s Setting up libavahi-common-data:ppc64el (0.8-13ubuntu6) ... 272s Setting up libcares2:ppc64el (1.27.0-1.0ubuntu1) ... 272s Setting up libdhash1t64:ppc64el (0.6.2-2.1build1) ... 272s Setting up libtcl8.6:ppc64el (8.6.14+dfsg-1build1) ... 272s Setting up libltdl7:ppc64el (2.4.7-7build1) ... 272s Setting up libcrack2:ppc64el (2.9.6-5.1build2) ... 272s Setting up libodbc2:ppc64el (2.3.12-1ubuntu1) ... 272s Setting up python3-libipa-hbac (2.9.4-1.1ubuntu6) ... 272s Setting up libnss-sudo (1.9.15p5-3ubuntu5) ... 272s Setting up libsss-nss-idmap0 (2.9.4-1.1ubuntu6) ... 272s Setting up libini-config5t64:ppc64el (0.6.2-2.1build1) ... 272s Setting up libtevent0t64:ppc64el (0.16.1-2build1) ... 272s Setting up libnss-sss:ppc64el (2.9.4-1.1ubuntu6) ... 272s Setting up slapd (2.6.7+dfsg-1~exp1ubuntu8) ... 272s Creating new user openldap... done. 272s Creating initial configuration... done. 272s Creating LDAP directory... done. 273s Setting up tcl8.6 (8.6.14+dfsg-1build1) ... 273s Setting up libsss-sudo (2.9.4-1.1ubuntu6) ... 273s Setting up libsss-nss-idmap-dev (2.9.4-1.1ubuntu6) ... 273s Setting up libavahi-common3:ppc64el (0.8-13ubuntu6) ... 273s Setting up tcl-expect:ppc64el (5.45.4-3) ... 273s Setting up libsss-certmap0 (2.9.4-1.1ubuntu6) ... 273s Setting up libpwquality1:ppc64el (1.4.5-3build1) ... 273s Setting up python3-libsss-nss-idmap (2.9.4-1.1ubuntu6) ... 273s Setting up libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 273s Setting up libavahi-client3:ppc64el (0.8-13ubuntu6) ... 273s Setting up expect (5.45.4-3) ... 273s Setting up libpam-pwquality:ppc64el (1.4.5-3build1) ... 273s Setting up samba-libs:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 273s Setting up libsss-certmap-dev (2.9.4-1.1ubuntu6) ... 273s Setting up python3-sss (2.9.4-1.1ubuntu6) ... 273s Setting up libsmbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 273s Setting up libpam-sss:ppc64el (2.9.4-1.1ubuntu6) ... 273s Setting up sssd-common (2.9.4-1.1ubuntu6) ... 273s Creating SSSD system user & group... 273s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 273s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 273s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 273s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 274s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-autofs.socket' → '/usr/lib/systemd/system/sssd-autofs.socket'. 274s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-nss.socket' → '/usr/lib/systemd/system/sssd-nss.socket'. 274s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket' → '/usr/lib/systemd/system/sssd-pam-priv.socket'. 275s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pam.socket' → '/usr/lib/systemd/system/sssd-pam.socket'. 275s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-ssh.socket' → '/usr/lib/systemd/system/sssd-ssh.socket'. 275s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-sudo.socket' → '/usr/lib/systemd/system/sssd-sudo.socket'. 275s Created symlink '/etc/systemd/system/multi-user.target.wants/sssd.service' → '/usr/lib/systemd/system/sssd.service'. 276s sssd-autofs.service is a disabled or a static unit, not starting it. 276s sssd-nss.service is a disabled or a static unit, not starting it. 276s sssd-pam.service is a disabled or a static unit, not starting it. 276s sssd-ssh.service is a disabled or a static unit, not starting it. 276s sssd-sudo.service is a disabled or a static unit, not starting it. 276s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 276s Setting up sssd-proxy (2.9.4-1.1ubuntu6) ... 276s Setting up sssd-kcm (2.9.4-1.1ubuntu6) ... 276s Created symlink '/etc/systemd/system/sockets.target.wants/sssd-kcm.socket' → '/usr/lib/systemd/system/sssd-kcm.socket'. 277s sssd-kcm.service is a disabled or a static unit, not starting it. 277s Setting up sssd-dbus (2.9.4-1.1ubuntu6) ... 277s sssd-ifp.service is a disabled or a static unit, not starting it. 277s Setting up sssd-ad-common (2.9.4-1.1ubuntu6) ... 277s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pac.socket' → '/usr/lib/systemd/system/sssd-pac.socket'. 278s sssd-pac.service is a disabled or a static unit, not starting it. 278s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 278s Setting up sssd-krb5-common (2.9.4-1.1ubuntu6) ... 278s Setting up sssd-krb5 (2.9.4-1.1ubuntu6) ... 278s Setting up sssd-ldap (2.9.4-1.1ubuntu6) ... 278s Setting up sssd-ad (2.9.4-1.1ubuntu6) ... 278s Setting up sssd-tools (2.9.4-1.1ubuntu6) ... 278s Setting up sssd-ipa (2.9.4-1.1ubuntu6) ... 278s Setting up sssd (2.9.4-1.1ubuntu6) ... 278s Setting up libverto-libevent1t64:ppc64el (0.3.1-1.2ubuntu3) ... 278s Setting up libverto1t64:ppc64el (0.3.1-1.2ubuntu3) ... 278s Setting up libkrad0:ppc64el (1.20.1-6ubuntu2) ... 278s Setting up sssd-passkey (2.9.4-1.1ubuntu6) ... 278s Setting up sssd-idp (2.9.4-1.1ubuntu6) ... 278s Setting up autopkgtest-satdep (0) ... 278s Processing triggers for libc-bin (2.39-0ubuntu8.1) ... 278s Processing triggers for ufw (0.36.2-6) ... 278s Processing triggers for man-db (2.12.1-2) ... 279s Processing triggers for dbus (1.14.10-4ubuntu4) ... 288s (Reading database ... 73971 files and directories currently installed.) 288s Removing autopkgtest-satdep (0) ... 288s autopkgtest [19:11:13]: test ldap-user-group-ldap-auth: [----------------------- 288s + . debian/tests/util 288s + . debian/tests/common-tests 288s + mydomain=example.com 288s + myhostname=ldap.example.com 288s + mysuffix=dc=example,dc=com 288s + admin_dn=cn=admin,dc=example,dc=com 288s + admin_pw=secret 288s + ldap_user=testuser1 288s + ldap_user_pw=testuser1secret 288s + ldap_group=ldapusers 288s + adjust_hostname ldap.example.com 288s + local myhostname=ldap.example.com 288s + echo ldap.example.com 288s + hostname ldap.example.com 288s + grep -qE ldap.example.com /etc/hosts 288s + echo 127.0.1.10 ldap.example.com 288s + reconfigure_slapd 288s + debconf-set-selections 288s + rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb 288s + dpkg-reconfigure -fnoninteractive -pcritical slapd 289s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8... done. 289s Moving old database directory to /var/backups: 289s - directory unknown... done. 289s Creating initial configuration... done. 289s Creating LDAP directory... done. 289s + generate_certs ldap.example.com 289s + local cn=ldap.example.com 289s + local cert=/etc/ldap/server.pem 289s + local key=/etc/ldap/server.key 289s + local cnf=/etc/ldap/openssl.cnf 289s + cat 289s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 289s .........................................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 289s ..........++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 289s ----- 289s + chmod 0640 /etc/ldap/server.key 289s + chgrp openldap /etc/ldap/server.key 289s + [ ! -f /etc/ldap/server.pem ] 289s + [ ! -f /etc/ldap/server.key ] 289s + enable_ldap_ssl 289s + cat 289s + cat 289s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 289s + populate_ldap_rfc2307 289s + cat 289s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 289s + configure_sssd_ldap_rfc2307 289s + cat 289s + chmod 0600 /etc/sssd/sssd.conf 289s + systemctl restart sssd 289s modifying entry "cn=config" 289s 289s adding new entry "ou=People,dc=example,dc=com" 289s 289s adding new entry "ou=Group,dc=example,dc=com" 289s 289s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 289s 289s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 289s 289s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 289s 289s + enable_pam_mkhomedir 289s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 289s Assert local user databases do not have our LDAP test data 289s + echo session optional pam_mkhomedir.so 289s + run_common_tests 289s + echo Assert local user databases do not have our LDAP test data 289s + check_local_user testuser1 289s + local local_user=testuser1 289s + grep -q ^testuser1 /etc/passwd 289s + check_local_group testuser1 289s + local local_group=testuser1 289s + grep -q ^testuser1 /etc/group 289s + check_local_group ldapusers 289s + local local_group=ldapusers 289s + grep -q ^ldapusers /etc/group 289s + echo The LDAP user is known to the system via getent 289s + check_getent_user testuser1 289s + local getent_user=testuser1 289s + local output 289s The LDAP user is known to the system via getent 289s + getent passwd testuser1 289s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 289s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 289s + echo The LDAP user's private group is known to the system via getent 289s + check_getent_group testuser1 289s + local getent_group=testuser1 289s + local output 289s The LDAP user's private group is known to the system via getent 289s + getent group testuser1 289s + output=testuser1:*:10001:testuser1 289s + [ -z testuser1:*:10001:testuser1 ] 289s + echo The LDAP group ldapusers is known to the system via getent 289s The LDAP group ldapusers is known to the system via getent 289s + check_getent_group ldapusers 289s + local getent_group=ldapusers 289s + local output 289s + getent group ldapusers 289s + output=ldapusers:*:10100:testuser1 289s + [ -z ldapusers:*:10100:testuser1 ] 289s + echo The id(1) command can resolve the group membership of the LDAP user 289s + id -Gn testuser1 289s The id(1) command can resolve the group membership of the LDAP user 290s + output=testuser1 ldapusers 290s + [ testuser1 ldapusers != testuser1 ldapusers ] 290s + echo The LDAP user can login on a terminal 290s The LDAP user can login on a terminal 290s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1secret 290s spawn login 290s ldap.example.com login: testuser1 290s Password: 290s Welcome to Ubuntu Oracular Oriole (development branch) (GNU/Linux 6.8.0-31-generic ppc64le) 290s 290s * Documentation: https://help.ubuntu.com 290s * Management: https://landscape.canonical.com 290s * Support: https://ubuntu.com/pro 290s 290s 290s The programs included with the Ubuntu system are free software; 290s the exact distribution terms for each program are described in the 290s individual files in /usr/share/doc/*/copyright. 290s 290s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 290s applicable law. 290s 290s 290s The programs included with the Ubuntu system are free software; 290s the exact distribution terms for each program are described in the 290s individual files in /usr/share/doc/*/copyright. 290s 290s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 290s applicable law. 290s 290s Creating directory '/home/testuser1'. 290s [?2004htestuser1@ldap:~$ id -un 290s [?2004l testuser1 290s [?2004htestuser1@ldap:~$ autopkgtest [19:11:15]: test ldap-user-group-ldap-auth: -----------------------] 291s autopkgtest [19:11:16]: test ldap-user-group-ldap-auth: - - - - - - - - - - results - - - - - - - - - - 291s ldap-user-group-ldap-auth PASS 291s autopkgtest [19:11:16]: test ldap-user-group-krb5-auth: preparing testbed 292s Reading package lists... 292s Building dependency tree... 292s Reading state information... 292s Starting pkgProblemResolver with broken count: 0 293s Starting 2 pkgProblemResolver with broken count: 0 293s Done 293s The following additional packages will be installed: 293s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4t64 293s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10t64 293s Suggested packages: 293s krb5-kdc-ldap krb5-kpropd krb5-k5tls krb5-doc 293s The following NEW packages will be installed: 293s autopkgtest-satdep krb5-admin-server krb5-config krb5-kdc krb5-user 293s libgssrpc4t64 libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10t64 293s 0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded. 293s Need to get 678 kB/679 kB of archives. 293s After this operation, 3110 kB of additional disk space will be used. 293s Get:1 /tmp/autopkgtest.px9P1l/2-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [892 B] 293s Get:2 http://ftpmaster.internal/ubuntu oracular/main ppc64el krb5-config all 2.7 [22.0 kB] 293s Get:3 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el libgssrpc4t64 ppc64el 1.20.1-6ubuntu2 [65.9 kB] 293s Get:4 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el libkadm5clnt-mit12 ppc64el 1.20.1-6ubuntu2 [44.5 kB] 293s Get:5 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el libkdb5-10t64 ppc64el 1.20.1-6ubuntu2 [47.4 kB] 293s Get:6 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el libkadm5srv-mit12 ppc64el 1.20.1-6ubuntu2 [61.6 kB] 293s Get:7 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el krb5-user ppc64el 1.20.1-6ubuntu2 [118 kB] 293s Get:8 http://ftpmaster.internal/ubuntu oracular-proposed/universe ppc64el krb5-kdc ppc64el 1.20.1-6ubuntu2 [210 kB] 293s Get:9 http://ftpmaster.internal/ubuntu oracular-proposed/universe ppc64el krb5-admin-server ppc64el 1.20.1-6ubuntu2 [109 kB] 294s Preconfiguring packages ... 294s Fetched 678 kB in 1s (1228 kB/s) 294s Selecting previously unselected package krb5-config. 294s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 73971 files and directories currently installed.) 294s Preparing to unpack .../0-krb5-config_2.7_all.deb ... 294s Unpacking krb5-config (2.7) ... 294s Selecting previously unselected package libgssrpc4t64:ppc64el. 294s Preparing to unpack .../1-libgssrpc4t64_1.20.1-6ubuntu2_ppc64el.deb ... 294s Unpacking libgssrpc4t64:ppc64el (1.20.1-6ubuntu2) ... 294s Selecting previously unselected package libkadm5clnt-mit12:ppc64el. 294s Preparing to unpack .../2-libkadm5clnt-mit12_1.20.1-6ubuntu2_ppc64el.deb ... 294s Unpacking libkadm5clnt-mit12:ppc64el (1.20.1-6ubuntu2) ... 294s Selecting previously unselected package libkdb5-10t64:ppc64el. 294s Preparing to unpack .../3-libkdb5-10t64_1.20.1-6ubuntu2_ppc64el.deb ... 294s Unpacking libkdb5-10t64:ppc64el (1.20.1-6ubuntu2) ... 294s Selecting previously unselected package libkadm5srv-mit12:ppc64el. 294s Preparing to unpack .../4-libkadm5srv-mit12_1.20.1-6ubuntu2_ppc64el.deb ... 294s Unpacking libkadm5srv-mit12:ppc64el (1.20.1-6ubuntu2) ... 294s Selecting previously unselected package krb5-user. 294s Preparing to unpack .../5-krb5-user_1.20.1-6ubuntu2_ppc64el.deb ... 294s Unpacking krb5-user (1.20.1-6ubuntu2) ... 294s Selecting previously unselected package krb5-kdc. 294s Preparing to unpack .../6-krb5-kdc_1.20.1-6ubuntu2_ppc64el.deb ... 294s Unpacking krb5-kdc (1.20.1-6ubuntu2) ... 294s Selecting previously unselected package krb5-admin-server. 294s Preparing to unpack .../7-krb5-admin-server_1.20.1-6ubuntu2_ppc64el.deb ... 294s Unpacking krb5-admin-server (1.20.1-6ubuntu2) ... 294s Selecting previously unselected package autopkgtest-satdep. 294s Preparing to unpack .../8-2-autopkgtest-satdep.deb ... 294s Unpacking autopkgtest-satdep (0) ... 294s Setting up libgssrpc4t64:ppc64el (1.20.1-6ubuntu2) ... 294s Setting up krb5-config (2.7) ... 294s Setting up libkadm5clnt-mit12:ppc64el (1.20.1-6ubuntu2) ... 294s Setting up libkdb5-10t64:ppc64el (1.20.1-6ubuntu2) ... 294s Setting up libkadm5srv-mit12:ppc64el (1.20.1-6ubuntu2) ... 294s Setting up krb5-user (1.20.1-6ubuntu2) ... 294s update-alternatives: using /usr/bin/kinit.mit to provide /usr/bin/kinit (kinit) in auto mode 294s update-alternatives: using /usr/bin/klist.mit to provide /usr/bin/klist (klist) in auto mode 294s update-alternatives: using /usr/bin/kswitch.mit to provide /usr/bin/kswitch (kswitch) in auto mode 294s update-alternatives: using /usr/bin/ksu.mit to provide /usr/bin/ksu (ksu) in auto mode 294s update-alternatives: using /usr/bin/kpasswd.mit to provide /usr/bin/kpasswd (kpasswd) in auto mode 294s update-alternatives: using /usr/bin/kdestroy.mit to provide /usr/bin/kdestroy (kdestroy) in auto mode 294s update-alternatives: using /usr/bin/kadmin.mit to provide /usr/bin/kadmin (kadmin) in auto mode 294s update-alternatives: using /usr/bin/ktutil.mit to provide /usr/bin/ktutil (ktutil) in auto mode 294s Setting up krb5-kdc (1.20.1-6ubuntu2) ... 295s Created symlink '/etc/systemd/system/multi-user.target.wants/krb5-kdc.service' → '/usr/lib/systemd/system/krb5-kdc.service'. 295s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 295s Setting up krb5-admin-server (1.20.1-6ubuntu2) ... 296s Created symlink '/etc/systemd/system/multi-user.target.wants/krb5-admin-server.service' → '/usr/lib/systemd/system/krb5-admin-server.service'. 296s Setting up autopkgtest-satdep (0) ... 296s Processing triggers for man-db (2.12.1-2) ... 297s Processing triggers for libc-bin (2.39-0ubuntu8.1) ... 304s (Reading database ... 74066 files and directories currently installed.) 304s Removing autopkgtest-satdep (0) ... 305s autopkgtest [19:11:30]: test ldap-user-group-krb5-auth: [----------------------- 305s + . debian/tests/util 305s + . debian/tests/common-tests 305s + mydomain=example.com 305s + myhostname=ldap.example.com 305s + mysuffix=dc=example,dc=com 305s + myrealm=EXAMPLE.COM 305s + admin_dn=cn=admin,dc=example,dc=com 305s + admin_pw=secret 305s + ldap_user=testuser1 305s + ldap_user_pw=testuser1secret 305s + kerberos_principal_pw=testuser1kerberos 305s + ldap_group=ldapusers 305s + adjust_hostname ldap.example.com 305s + local myhostname=ldap.example.com 305s + echo ldap.example.com 305s + hostname ldap.example.com 305s + grep -qE ldap.example.com /etc/hosts 305s + reconfigure_slapd 305s + debconf-set-selections 305s + rm -rf /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8 /var/backups/unknown-2.6.7+dfsg-1~exp1ubuntu8-20240613-191114.ldapdb 305s + dpkg-reconfigure -fnoninteractive -pcritical slapd 305s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8... done. 305s Moving old database directory to /var/backups: 305s - directory unknown... done. 306s Creating initial configuration... done. 306s Creating LDAP directory... done. 306s + generate_certs ldap.example.com 306s + local cn=ldap.example.com 306s + local cert=/etc/ldap/server.pem 306s + local key=/etc/ldap/server.key 306s + local cnf=/etc/ldap/openssl.cnf 306s + cat 306s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 306s ..........................................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 306s ........................................++++++++++++modifying entry "cn=config" 306s 306s adding new entry "ou=People,dc=example,dc=com" 306s 306s adding new entry "ou=Group,dc=example,dc=com" 306s 306s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 306s 306s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 306s 306s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 306s 306s ++++++++++++++++++++++++++++++++++++++++++++++++++++ 306s ----- 306s + chmod 0640 /etc/ldap/server.key 306s + chgrp openldap /etc/ldap/server.key 306s + [ ! -f /etc/ldap/server.pem ] 306s + [ ! -f /etc/ldap/server.key ] 306s + enable_ldap_ssl 306s + cat 306s + cat 306s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 306s + populate_ldap_rfc2307 306s + cat 306s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 306s + create_realm EXAMPLE.COM ldap.example.com 306s + local realm_name=EXAMPLE.COM 306s + local kerberos_server=ldap.example.com 306s + rm -rf /var/lib/krb5kdc/* 306s + rm -rf /etc/krb5kdc/kdc.conf 306s + rm -f /etc/krb5.keytab 306s + cat 306s + cat 306s + echo # */admin * 306s + kdb5_util create -s -P secretpassword 306s + systemctl restart krb5-kdc.service krb5-admin-server.service 306s Initializing database '/var/lib/krb5kdc/principal' for realm 'EXAMPLE.COM', 306s master key name 'K/M@EXAMPLE.COM' 306s + create_krb_principal testuser1 testuser1kerberos 306s + local principal=testuser1 306s + local password=testuser1kerberos 306s + kadmin.local -q addprinc -pw testuser1kerberos testuser1 306s No policy specified for testuser1@EXAMPLE.COM; defaulting to no policy 306s Authenticating as principal root/admin@EXAMPLE.COM with password. 306s Principal "testuser1@EXAMPLE.COM" created. 306s + configure_sssd_ldap_rfc2307_krb5_auth 306s + cat 306s + chmod 0600 /etc/sssd/sssd.conf 306s + systemctl restart sssd 306s + enable_pam_mkhomedir 306s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 306s Assert local user databases do not have our LDAP test data 306s + run_common_tests 306s + echo Assert local user databases do not have our LDAP test data 306s + check_local_user testuser1 306s + local local_user=testuser1 306s + grep -q ^testuser1 /etc/passwd 306s + check_local_group testuser1 306s + local local_group=testuser1 306s + grep -q ^testuser1 /etc/group 306s + check_local_group ldapusers 306s + local local_group=ldapusers 306s + grep -q ^ldapusers /etc/group 306s The LDAP user is known to the system via getent 306s + echo The LDAP user is known to the system via getent 306s + check_getent_user testuser1 306s + local getent_user=testuser1 306s + local output 306s + getent passwd testuser1 306s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 306s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 306s + echo The LDAP user's private group is known to the system via getentThe LDAP user's private group is known to the system via getent 306s 306s + check_getent_group testuser1 306s + local getent_group=testuser1 306s + local output 306s + getent group testuser1 306s + output=testuser1:*:10001:testuser1 306s + [ -z testuser1:*:10001:testuser1 ] 306s + echo The LDAP group ldapusers is known to the system via getent 306s The LDAP group ldapusers is known to the system via getent 306s + check_getent_group ldapusers 306s + local getent_group=ldapusers 306s + local output 306s + getent group ldapusers 306s The id(1) command can resolve the group membership of the LDAP user 306s + output=ldapusers:*:10100:testuser1 306s + [ -zThe Kerberos principal can login on a terminal 306s spawn login 306s ldapusers:*:10100:testuser1 ] 306s + echo The id(1) command can resolve the group membership of the LDAP user 306s + id -Gn testuser1 306s + output=testuser1 ldapusers 306s + [ testuser1 ldapusers != testuser1 ldapusers ] 306s + echo The Kerberos principal can login on a terminal 306s + kdestroy 306s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1kerberos testuser1@EXAMPLE.COM 306s ldap.example.com login: testuser1 306s Password: 307s Welcome to Ubuntu Oracular Oriole (development branch) (GNU/Linux 6.8.0-31-generic ppc64le) 307s 307s * Documentation: https://help.ubuntu.com 307s * Management: https://landscape.canonical.com 307s * Support: https://ubuntu.com/pro 307s 307s 307s The programs included with the Ubuntu system are free software; 307s the exact distribution terms for each program are described in the 307s individual files in /usr/share/doc/*/copyright. 307s 307s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 307s applicable law. 307s 307s [?2004htestuser1@ldap:~$ id -un 307s [?2004l testuser1 307s [?2004htestuser1@ldap:~$ klist 307s [?2004l Ticket cache: FILE:/tmp/krb5cc_10001_pVKOBs 307s Default principal: testuser1@EXAMPLE.COMautopkgtest [19:11:32]: test ldap-user-group-krb5-auth: -----------------------] 308s autopkgtest [19:11:33]: test ldap-user-group-krb5-auth: - - - - - - - - - - results - - - - - - - - - - 308s ldap-user-group-krb5-auth PASS 308s autopkgtest [19:11:33]: test sssd-softhism2-certificates-tests.sh: preparing testbed 426s autopkgtest [19:13:31]: testbed dpkg architecture: ppc64el 426s autopkgtest [19:13:31]: testbed apt version: 2.9.3 426s autopkgtest [19:13:31]: @@@@@@@@@@@@@@@@@@@@ test bed setup 427s Get:1 http://ftpmaster.internal/ubuntu oracular-proposed InRelease [110 kB] 428s Get:2 http://ftpmaster.internal/ubuntu oracular-proposed/universe Sources [363 kB] 428s Get:3 http://ftpmaster.internal/ubuntu oracular-proposed/multiverse Sources [2576 B] 428s Get:4 http://ftpmaster.internal/ubuntu oracular-proposed/restricted Sources [7052 B] 428s Get:5 http://ftpmaster.internal/ubuntu oracular-proposed/main Sources [38.7 kB] 428s Get:6 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el Packages [58.3 kB] 428s Get:7 http://ftpmaster.internal/ubuntu oracular-proposed/restricted ppc64el Packages [1860 B] 428s Get:8 http://ftpmaster.internal/ubuntu oracular-proposed/universe ppc64el Packages [324 kB] 428s Get:9 http://ftpmaster.internal/ubuntu oracular-proposed/multiverse ppc64el Packages [2532 B] 428s Fetched 908 kB in 1s (1080 kB/s) 428s Reading package lists... 430s Reading package lists... 430s Building dependency tree... 430s Reading state information... 431s Calculating upgrade... 431s The following package was automatically installed and is no longer required: 431s systemd-dev 431s Use 'sudo apt autoremove' to remove it. 431s The following packages will be upgraded: 431s dhcpcd-base dracut-install gir1.2-glib-2.0 libglib2.0-0t64 libglib2.0-data 431s libnss-systemd libpam-systemd libsystemd-shared libsystemd0 libudev1 systemd 431s systemd-dev systemd-resolved systemd-sysv systemd-timesyncd udev 431s 16 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 431s Need to get 12.7 MB of archives. 431s After this operation, 1904 kB of additional disk space will be used. 431s Get:1 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el systemd-dev all 256-1ubuntu1 [111 kB] 431s Get:2 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el systemd-timesyncd ppc64el 256-1ubuntu1 [37.9 kB] 431s Get:3 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el systemd-resolved ppc64el 256-1ubuntu1 [363 kB] 431s Get:4 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el libsystemd-shared ppc64el 256-1ubuntu1 [2471 kB] 431s Get:5 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el libsystemd0 ppc64el 256-1ubuntu1 [547 kB] 431s Get:6 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el systemd-sysv ppc64el 256-1ubuntu1 [11.8 kB] 431s Get:7 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el libnss-systemd ppc64el 256-1ubuntu1 [210 kB] 431s Get:8 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el libpam-systemd ppc64el 256-1ubuntu1 [318 kB] 431s Get:9 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el systemd ppc64el 256-1ubuntu1 [3962 kB] 432s Get:10 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el udev ppc64el 256-1ubuntu1 [2110 kB] 432s Get:11 http://ftpmaster.internal/ubuntu oracular-proposed/main ppc64el libudev1 ppc64el 256-1ubuntu1 [218 kB] 432s Get:12 http://ftpmaster.internal/ubuntu oracular/main ppc64el dhcpcd-base ppc64el 1:10.0.8-2 [277 kB] 432s Get:13 http://ftpmaster.internal/ubuntu oracular/main ppc64el gir1.2-glib-2.0 ppc64el 2.80.3-1ubuntu1 [182 kB] 432s Get:14 http://ftpmaster.internal/ubuntu oracular/main ppc64el libglib2.0-0t64 ppc64el 2.80.3-1ubuntu1 [1765 kB] 432s Get:15 http://ftpmaster.internal/ubuntu oracular/main ppc64el libglib2.0-data all 2.80.3-1ubuntu1 [49.3 kB] 432s Get:16 http://ftpmaster.internal/ubuntu oracular/main ppc64el dracut-install ppc64el 102-3ubuntu1 [35.7 kB] 432s Fetched 12.7 MB in 1s (11.4 MB/s) 432s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72665 files and directories currently installed.) 432s Preparing to unpack .../systemd-dev_256-1ubuntu1_all.deb ... 432s Unpacking systemd-dev (256-1ubuntu1) over (255.4-1ubuntu8) ... 432s Preparing to unpack .../systemd-timesyncd_256-1ubuntu1_ppc64el.deb ... 432s Unpacking systemd-timesyncd (256-1ubuntu1) over (255.4-1ubuntu8) ... 432s Preparing to unpack .../systemd-resolved_256-1ubuntu1_ppc64el.deb ... 432s Unpacking systemd-resolved (256-1ubuntu1) over (255.4-1ubuntu8) ... 432s Preparing to unpack .../libsystemd-shared_256-1ubuntu1_ppc64el.deb ... 432s Unpacking libsystemd-shared:ppc64el (256-1ubuntu1) over (255.4-1ubuntu8) ... 432s Preparing to unpack .../libsystemd0_256-1ubuntu1_ppc64el.deb ... 432s Unpacking libsystemd0:ppc64el (256-1ubuntu1) over (255.4-1ubuntu8) ... 432s Setting up libsystemd0:ppc64el (256-1ubuntu1) ... 433s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72667 files and directories currently installed.) 433s Preparing to unpack .../0-systemd-sysv_256-1ubuntu1_ppc64el.deb ... 433s Unpacking systemd-sysv (256-1ubuntu1) over (255.4-1ubuntu8) ... 433s Preparing to unpack .../1-libnss-systemd_256-1ubuntu1_ppc64el.deb ... 433s Unpacking libnss-systemd:ppc64el (256-1ubuntu1) over (255.4-1ubuntu8) ... 433s Preparing to unpack .../2-libpam-systemd_256-1ubuntu1_ppc64el.deb ... 433s Unpacking libpam-systemd:ppc64el (256-1ubuntu1) over (255.4-1ubuntu8) ... 433s Preparing to unpack .../3-systemd_256-1ubuntu1_ppc64el.deb ... 433s Unpacking systemd (256-1ubuntu1) over (255.4-1ubuntu8) ... 433s Preparing to unpack .../4-udev_256-1ubuntu1_ppc64el.deb ... 433s Unpacking udev (256-1ubuntu1) over (255.4-1ubuntu8) ... 433s Preparing to unpack .../5-libudev1_256-1ubuntu1_ppc64el.deb ... 433s Unpacking libudev1:ppc64el (256-1ubuntu1) over (255.4-1ubuntu8) ... 433s Setting up libudev1:ppc64el (256-1ubuntu1) ... 433s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72727 files and directories currently installed.) 433s Preparing to unpack .../dhcpcd-base_1%3a10.0.8-2_ppc64el.deb ... 433s Unpacking dhcpcd-base (1:10.0.8-2) over (1:10.0.8-1) ... 433s Preparing to unpack .../gir1.2-glib-2.0_2.80.3-1ubuntu1_ppc64el.deb ... 433s Unpacking gir1.2-glib-2.0:ppc64el (2.80.3-1ubuntu1) over (2.80.2-1ubuntu1) ... 433s Preparing to unpack .../libglib2.0-0t64_2.80.3-1ubuntu1_ppc64el.deb ... 433s Unpacking libglib2.0-0t64:ppc64el (2.80.3-1ubuntu1) over (2.80.2-1ubuntu1) ... 433s Preparing to unpack .../libglib2.0-data_2.80.3-1ubuntu1_all.deb ... 433s Unpacking libglib2.0-data (2.80.3-1ubuntu1) over (2.80.2-1ubuntu1) ... 433s Preparing to unpack .../dracut-install_102-3ubuntu1_ppc64el.deb ... 433s Unpacking dracut-install (102-3ubuntu1) over (060+5-8ubuntu2) ... 433s Setting up systemd-dev (256-1ubuntu1) ... 433s Setting up libglib2.0-0t64:ppc64el (2.80.3-1ubuntu1) ... 433s No schema files found: doing nothing. 433s Setting up libglib2.0-data (2.80.3-1ubuntu1) ... 433s Setting up libsystemd-shared:ppc64el (256-1ubuntu1) ... 433s Setting up dhcpcd-base (1:10.0.8-2) ... 433s Setting up gir1.2-glib-2.0:ppc64el (2.80.3-1ubuntu1) ... 433s Setting up dracut-install (102-3ubuntu1) ... 433s Setting up systemd (256-1ubuntu1) ... 433s Installing new version of config file /etc/systemd/journald.conf ... 433s Installing new version of config file /etc/systemd/logind.conf ... 433s Installing new version of config file /etc/systemd/networkd.conf ... 433s Installing new version of config file /etc/systemd/sleep.conf ... 433s Installing new version of config file /etc/systemd/system.conf ... 433s /usr/lib/tmpfiles.d/legacy.conf:13: Duplicate line for path "/run/lock", ignoring. 433s Created symlink '/run/systemd/system/tmp.mount' → '/dev/null'. 438s /usr/lib/tmpfiles.d/legacy.conf:13: Duplicate line for path "/run/lock", ignoring. 438s Setting up systemd-timesyncd (256-1ubuntu1) ... 439s Setting up udev (256-1ubuntu1) ... 440s Setting up systemd-resolved (256-1ubuntu1) ... 440s Installing new version of config file /etc/systemd/resolved.conf ... 441s Setting up systemd-sysv (256-1ubuntu1) ... 441s Setting up libnss-systemd:ppc64el (256-1ubuntu1) ... 441s Setting up libpam-systemd:ppc64el (256-1ubuntu1) ... 441s Processing triggers for libc-bin (2.39-0ubuntu8.1) ... 441s Processing triggers for man-db (2.12.1-2) ... 442s Processing triggers for dbus (1.14.10-4ubuntu4) ... 442s Processing triggers for shared-mime-info (2.4-5) ... 442s Warning: program compiled against libxml 212 using older 209 442s Processing triggers for initramfs-tools (0.142ubuntu28) ... 443s update-initramfs: Generating /boot/initrd.img-6.8.0-31-generic 443s W: No lz4 in /usr/bin:/sbin:/bin, using gzip 450s Reading package lists... 450s Building dependency tree... 450s Reading state information... 450s The following packages will be REMOVED: 450s systemd-dev* 450s 0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded. 450s After this operation, 760 kB disk space will be freed. 450s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72727 files and directories currently installed.) 450s Removing systemd-dev (256-1ubuntu1) ... 451s Hit:1 http://ftpmaster.internal/ubuntu oracular-proposed InRelease 451s Hit:2 http://ftpmaster.internal/ubuntu oracular InRelease 451s Hit:3 http://ftpmaster.internal/ubuntu oracular-updates InRelease 451s Hit:4 http://ftpmaster.internal/ubuntu oracular-security InRelease 452s Reading package lists... 452s Reading package lists... 452s Building dependency tree... 452s Reading state information... 453s Calculating upgrade... 453s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 453s Reading package lists... 453s Building dependency tree... 453s Reading state information... 453s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 454s autopkgtest [19:13:59]: rebooting testbed after setup commands that affected boot 487s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 499s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 510s Reading package lists... 510s Building dependency tree... 510s Reading state information... 510s Starting pkgProblemResolver with broken count: 0 510s Starting 2 pkgProblemResolver with broken count: 0 510s Done 510s The following additional packages will be installed: 510s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 510s libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 libdhash1t64 510s libevent-2.1-7t64 libgnutls-dane0t64 libini-config5t64 libipa-hbac0t64 510s libldb2 libnfsidmap1 libnss-sss libpam-pwquality libpam-sss 510s libpath-utils1t64 libpwquality-common libpwquality1 libref-array1t64 510s libsmbclient0 libsofthsm2 libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 510s libtalloc2 libtdb1 libtevent0t64 libunbound8 libwbclient0 python3-sss 510s samba-libs softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common 510s sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy 510s Suggested packages: 510s dns-root-data adcli libsss-sudo sssd-tools libsasl2-modules-ldap 510s Recommended packages: 510s cracklib-runtime libsasl2-modules-gssapi-mit 510s | libsasl2-modules-gssapi-heimdal ldap-utils 510s The following NEW packages will be installed: 510s autopkgtest-satdep gnutls-bin libavahi-client3 libavahi-common-data 510s libavahi-common3 libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 510s libdhash1t64 libevent-2.1-7t64 libgnutls-dane0t64 libini-config5t64 510s libipa-hbac0t64 libldb2 libnfsidmap1 libnss-sss libpam-pwquality libpam-sss 510s libpath-utils1t64 libpwquality-common libpwquality1 libref-array1t64 510s libsmbclient0 libsofthsm2 libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 510s libtalloc2 libtdb1 libtevent0t64 libunbound8 libwbclient0 python3-sss 510s samba-libs softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common 510s sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy 510s 0 upgraded, 46 newly installed, 0 to remove and 0 not upgraded. 510s Need to get 11.4 MB/11.4 MB of archives. 510s After this operation, 57.0 MB of additional disk space will be used. 510s Get:1 /tmp/autopkgtest.px9P1l/3-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [748 B] 510s Get:2 http://ftpmaster.internal/ubuntu oracular/main ppc64el libevent-2.1-7t64 ppc64el 2.1.12-stable-10 [172 kB] 511s Get:3 http://ftpmaster.internal/ubuntu oracular/main ppc64el libunbound8 ppc64el 1.19.2-1ubuntu3 [537 kB] 511s Get:4 http://ftpmaster.internal/ubuntu oracular/main ppc64el libgnutls-dane0t64 ppc64el 3.8.5-4ubuntu1 [24.8 kB] 511s Get:5 http://ftpmaster.internal/ubuntu oracular/universe ppc64el gnutls-bin ppc64el 3.8.5-4ubuntu1 [291 kB] 511s Get:6 http://ftpmaster.internal/ubuntu oracular/main ppc64el libavahi-common-data ppc64el 0.8-13ubuntu6 [29.7 kB] 511s Get:7 http://ftpmaster.internal/ubuntu oracular/main ppc64el libavahi-common3 ppc64el 0.8-13ubuntu6 [26.3 kB] 511s Get:8 http://ftpmaster.internal/ubuntu oracular/main ppc64el libavahi-client3 ppc64el 0.8-13ubuntu6 [30.8 kB] 511s Get:9 http://ftpmaster.internal/ubuntu oracular/main ppc64el libbasicobjects0t64 ppc64el 0.6.2-2.1build1 [6138 B] 511s Get:10 http://ftpmaster.internal/ubuntu oracular/main ppc64el libcares2 ppc64el 1.27.0-1.0ubuntu1 [99.0 kB] 511s Get:11 http://ftpmaster.internal/ubuntu oracular/main ppc64el libcollection4t64 ppc64el 0.6.2-2.1build1 [36.4 kB] 511s Get:12 http://ftpmaster.internal/ubuntu oracular/main ppc64el libcrack2 ppc64el 2.9.6-5.1build2 [31.1 kB] 511s Get:13 http://ftpmaster.internal/ubuntu oracular/main ppc64el libdhash1t64 ppc64el 0.6.2-2.1build1 [10.4 kB] 511s Get:14 http://ftpmaster.internal/ubuntu oracular/main ppc64el libpath-utils1t64 ppc64el 0.6.2-2.1build1 [10.6 kB] 511s Get:15 http://ftpmaster.internal/ubuntu oracular/main ppc64el libref-array1t64 ppc64el 0.6.2-2.1build1 [8160 B] 511s Get:16 http://ftpmaster.internal/ubuntu oracular/main ppc64el libini-config5t64 ppc64el 0.6.2-2.1build1 [55.3 kB] 511s Get:17 http://ftpmaster.internal/ubuntu oracular/main ppc64el libipa-hbac0t64 ppc64el 2.9.4-1.1ubuntu6 [18.0 kB] 511s Get:18 http://ftpmaster.internal/ubuntu oracular/main ppc64el libtalloc2 ppc64el 2.4.2-1build2 [36.7 kB] 511s Get:19 http://ftpmaster.internal/ubuntu oracular/main ppc64el libtdb1 ppc64el 1.4.10-1build1 [62.8 kB] 511s Get:20 http://ftpmaster.internal/ubuntu oracular/main ppc64el libtevent0t64 ppc64el 0.16.1-2build1 [51.2 kB] 511s Get:21 http://ftpmaster.internal/ubuntu oracular/main ppc64el libldb2 ppc64el 2:2.8.0+samba4.19.5+dfsg-4ubuntu9 [220 kB] 511s Get:22 http://ftpmaster.internal/ubuntu oracular/main ppc64el libnfsidmap1 ppc64el 1:2.6.4-4ubuntu1 [54.3 kB] 511s Get:23 http://ftpmaster.internal/ubuntu oracular/main ppc64el libpwquality-common all 1.4.5-3build1 [7748 B] 511s Get:24 http://ftpmaster.internal/ubuntu oracular/main ppc64el libpwquality1 ppc64el 1.4.5-3build1 [17.0 kB] 511s Get:25 http://ftpmaster.internal/ubuntu oracular/main ppc64el libpam-pwquality ppc64el 1.4.5-3build1 [12.5 kB] 511s Get:26 http://ftpmaster.internal/ubuntu oracular/main ppc64el libwbclient0 ppc64el 2:4.19.5+dfsg-4ubuntu9 [77.3 kB] 511s Get:27 http://ftpmaster.internal/ubuntu oracular/main ppc64el samba-libs ppc64el 2:4.19.5+dfsg-4ubuntu9 [6674 kB] 511s Get:28 http://ftpmaster.internal/ubuntu oracular/main ppc64el libsmbclient0 ppc64el 2:4.19.5+dfsg-4ubuntu9 [70.3 kB] 511s Get:29 http://ftpmaster.internal/ubuntu oracular/universe ppc64el softhsm2-common ppc64el 2.6.1-2.2ubuntu3 [6198 B] 511s Get:30 http://ftpmaster.internal/ubuntu oracular/universe ppc64el libsofthsm2 ppc64el 2.6.1-2.2ubuntu3 [296 kB] 511s Get:31 http://ftpmaster.internal/ubuntu oracular/universe ppc64el softhsm2 ppc64el 2.6.1-2.2ubuntu3 [200 kB] 511s Get:32 http://ftpmaster.internal/ubuntu oracular/main ppc64el python3-sss ppc64el 2.9.4-1.1ubuntu6 [48.4 kB] 511s Get:33 http://ftpmaster.internal/ubuntu oracular/main ppc64el libsss-idmap0 ppc64el 2.9.4-1.1ubuntu6 [25.1 kB] 511s Get:34 http://ftpmaster.internal/ubuntu oracular/main ppc64el libnss-sss ppc64el 2.9.4-1.1ubuntu6 [36.8 kB] 511s Get:35 http://ftpmaster.internal/ubuntu oracular/main ppc64el libpam-sss ppc64el 2.9.4-1.1ubuntu6 [56.8 kB] 511s Get:36 http://ftpmaster.internal/ubuntu oracular/main ppc64el libsss-certmap0 ppc64el 2.9.4-1.1ubuntu6 [54.0 kB] 511s Get:37 http://ftpmaster.internal/ubuntu oracular/main ppc64el libsss-nss-idmap0 ppc64el 2.9.4-1.1ubuntu6 [37.8 kB] 511s Get:38 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-common ppc64el 2.9.4-1.1ubuntu6 [1280 kB] 511s Get:39 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-ad-common ppc64el 2.9.4-1.1ubuntu6 [88.6 kB] 511s Get:40 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-krb5-common ppc64el 2.9.4-1.1ubuntu6 [103 kB] 511s Get:41 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-ad ppc64el 2.9.4-1.1ubuntu6 [147 kB] 512s Get:42 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-ipa ppc64el 2.9.4-1.1ubuntu6 [240 kB] 512s Get:43 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-krb5 ppc64el 2.9.4-1.1ubuntu6 [14.4 kB] 512s Get:44 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-ldap ppc64el 2.9.4-1.1ubuntu6 [31.6 kB] 512s Get:45 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd-proxy ppc64el 2.9.4-1.1ubuntu6 [47.9 kB] 512s Get:46 http://ftpmaster.internal/ubuntu oracular/main ppc64el sssd ppc64el 2.9.4-1.1ubuntu6 [4120 B] 512s Fetched 11.4 MB in 1s (8810 kB/s) 512s Selecting previously unselected package libevent-2.1-7t64:ppc64el. 512s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 72680 files and directories currently installed.) 512s Preparing to unpack .../00-libevent-2.1-7t64_2.1.12-stable-10_ppc64el.deb ... 512s Unpacking libevent-2.1-7t64:ppc64el (2.1.12-stable-10) ... 512s Selecting previously unselected package libunbound8:ppc64el. 512s Preparing to unpack .../01-libunbound8_1.19.2-1ubuntu3_ppc64el.deb ... 512s Unpacking libunbound8:ppc64el (1.19.2-1ubuntu3) ... 512s Selecting previously unselected package libgnutls-dane0t64:ppc64el. 512s Preparing to unpack .../02-libgnutls-dane0t64_3.8.5-4ubuntu1_ppc64el.deb ... 512s Unpacking libgnutls-dane0t64:ppc64el (3.8.5-4ubuntu1) ... 512s Selecting previously unselected package gnutls-bin. 512s Preparing to unpack .../03-gnutls-bin_3.8.5-4ubuntu1_ppc64el.deb ... 512s Unpacking gnutls-bin (3.8.5-4ubuntu1) ... 512s Selecting previously unselected package libavahi-common-data:ppc64el. 512s Preparing to unpack .../04-libavahi-common-data_0.8-13ubuntu6_ppc64el.deb ... 512s Unpacking libavahi-common-data:ppc64el (0.8-13ubuntu6) ... 512s Selecting previously unselected package libavahi-common3:ppc64el. 512s Preparing to unpack .../05-libavahi-common3_0.8-13ubuntu6_ppc64el.deb ... 512s Unpacking libavahi-common3:ppc64el (0.8-13ubuntu6) ... 512s Selecting previously unselected package libavahi-client3:ppc64el. 512s Preparing to unpack .../06-libavahi-client3_0.8-13ubuntu6_ppc64el.deb ... 512s Unpacking libavahi-client3:ppc64el (0.8-13ubuntu6) ... 512s Selecting previously unselected package libbasicobjects0t64:ppc64el. 512s Preparing to unpack .../07-libbasicobjects0t64_0.6.2-2.1build1_ppc64el.deb ... 512s Unpacking libbasicobjects0t64:ppc64el (0.6.2-2.1build1) ... 512s Selecting previously unselected package libcares2:ppc64el. 512s Preparing to unpack .../08-libcares2_1.27.0-1.0ubuntu1_ppc64el.deb ... 512s Unpacking libcares2:ppc64el (1.27.0-1.0ubuntu1) ... 512s Selecting previously unselected package libcollection4t64:ppc64el. 512s Preparing to unpack .../09-libcollection4t64_0.6.2-2.1build1_ppc64el.deb ... 512s Unpacking libcollection4t64:ppc64el (0.6.2-2.1build1) ... 512s Selecting previously unselected package libcrack2:ppc64el. 512s Preparing to unpack .../10-libcrack2_2.9.6-5.1build2_ppc64el.deb ... 512s Unpacking libcrack2:ppc64el (2.9.6-5.1build2) ... 512s Selecting previously unselected package libdhash1t64:ppc64el. 512s Preparing to unpack .../11-libdhash1t64_0.6.2-2.1build1_ppc64el.deb ... 512s Unpacking libdhash1t64:ppc64el (0.6.2-2.1build1) ... 512s Selecting previously unselected package libpath-utils1t64:ppc64el. 512s Preparing to unpack .../12-libpath-utils1t64_0.6.2-2.1build1_ppc64el.deb ... 512s Unpacking libpath-utils1t64:ppc64el (0.6.2-2.1build1) ... 512s Selecting previously unselected package libref-array1t64:ppc64el. 512s Preparing to unpack .../13-libref-array1t64_0.6.2-2.1build1_ppc64el.deb ... 512s Unpacking libref-array1t64:ppc64el (0.6.2-2.1build1) ... 512s Selecting previously unselected package libini-config5t64:ppc64el. 512s Preparing to unpack .../14-libini-config5t64_0.6.2-2.1build1_ppc64el.deb ... 512s Unpacking libini-config5t64:ppc64el (0.6.2-2.1build1) ... 512s Selecting previously unselected package libipa-hbac0t64. 512s Preparing to unpack .../15-libipa-hbac0t64_2.9.4-1.1ubuntu6_ppc64el.deb ... 512s Unpacking libipa-hbac0t64 (2.9.4-1.1ubuntu6) ... 512s Selecting previously unselected package libtalloc2:ppc64el. 512s Preparing to unpack .../16-libtalloc2_2.4.2-1build2_ppc64el.deb ... 512s Unpacking libtalloc2:ppc64el (2.4.2-1build2) ... 512s Selecting previously unselected package libtdb1:ppc64el. 512s Preparing to unpack .../17-libtdb1_1.4.10-1build1_ppc64el.deb ... 512s Unpacking libtdb1:ppc64el (1.4.10-1build1) ... 512s Selecting previously unselected package libtevent0t64:ppc64el. 512s Preparing to unpack .../18-libtevent0t64_0.16.1-2build1_ppc64el.deb ... 512s Unpacking libtevent0t64:ppc64el (0.16.1-2build1) ... 512s Selecting previously unselected package libldb2:ppc64el. 512s Preparing to unpack .../19-libldb2_2%3a2.8.0+samba4.19.5+dfsg-4ubuntu9_ppc64el.deb ... 512s Unpacking libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 512s Selecting previously unselected package libnfsidmap1:ppc64el. 512s Preparing to unpack .../20-libnfsidmap1_1%3a2.6.4-4ubuntu1_ppc64el.deb ... 512s Unpacking libnfsidmap1:ppc64el (1:2.6.4-4ubuntu1) ... 512s Selecting previously unselected package libpwquality-common. 512s Preparing to unpack .../21-libpwquality-common_1.4.5-3build1_all.deb ... 512s Unpacking libpwquality-common (1.4.5-3build1) ... 512s Selecting previously unselected package libpwquality1:ppc64el. 512s Preparing to unpack .../22-libpwquality1_1.4.5-3build1_ppc64el.deb ... 512s Unpacking libpwquality1:ppc64el (1.4.5-3build1) ... 512s Selecting previously unselected package libpam-pwquality:ppc64el. 512s Preparing to unpack .../23-libpam-pwquality_1.4.5-3build1_ppc64el.deb ... 512s Unpacking libpam-pwquality:ppc64el (1.4.5-3build1) ... 512s Selecting previously unselected package libwbclient0:ppc64el. 512s Preparing to unpack .../24-libwbclient0_2%3a4.19.5+dfsg-4ubuntu9_ppc64el.deb ... 512s Unpacking libwbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 512s Selecting previously unselected package samba-libs:ppc64el. 512s Preparing to unpack .../25-samba-libs_2%3a4.19.5+dfsg-4ubuntu9_ppc64el.deb ... 512s Unpacking samba-libs:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 513s Selecting previously unselected package libsmbclient0:ppc64el. 513s Preparing to unpack .../26-libsmbclient0_2%3a4.19.5+dfsg-4ubuntu9_ppc64el.deb ... 513s Unpacking libsmbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 513s Selecting previously unselected package softhsm2-common. 513s Preparing to unpack .../27-softhsm2-common_2.6.1-2.2ubuntu3_ppc64el.deb ... 513s Unpacking softhsm2-common (2.6.1-2.2ubuntu3) ... 513s Selecting previously unselected package libsofthsm2. 513s Preparing to unpack .../28-libsofthsm2_2.6.1-2.2ubuntu3_ppc64el.deb ... 513s Unpacking libsofthsm2 (2.6.1-2.2ubuntu3) ... 513s Selecting previously unselected package softhsm2. 513s Preparing to unpack .../29-softhsm2_2.6.1-2.2ubuntu3_ppc64el.deb ... 513s Unpacking softhsm2 (2.6.1-2.2ubuntu3) ... 513s Selecting previously unselected package python3-sss. 513s Preparing to unpack .../30-python3-sss_2.9.4-1.1ubuntu6_ppc64el.deb ... 513s Unpacking python3-sss (2.9.4-1.1ubuntu6) ... 513s Selecting previously unselected package libsss-idmap0. 513s Preparing to unpack .../31-libsss-idmap0_2.9.4-1.1ubuntu6_ppc64el.deb ... 513s Unpacking libsss-idmap0 (2.9.4-1.1ubuntu6) ... 513s Selecting previously unselected package libnss-sss:ppc64el. 513s Preparing to unpack .../32-libnss-sss_2.9.4-1.1ubuntu6_ppc64el.deb ... 513s Unpacking libnss-sss:ppc64el (2.9.4-1.1ubuntu6) ... 513s Selecting previously unselected package libpam-sss:ppc64el. 513s Preparing to unpack .../33-libpam-sss_2.9.4-1.1ubuntu6_ppc64el.deb ... 513s Unpacking libpam-sss:ppc64el (2.9.4-1.1ubuntu6) ... 513s Selecting previously unselected package libsss-certmap0. 513s Preparing to unpack .../34-libsss-certmap0_2.9.4-1.1ubuntu6_ppc64el.deb ... 513s Unpacking libsss-certmap0 (2.9.4-1.1ubuntu6) ... 513s Selecting previously unselected package libsss-nss-idmap0. 513s Preparing to unpack .../35-libsss-nss-idmap0_2.9.4-1.1ubuntu6_ppc64el.deb ... 513s Unpacking libsss-nss-idmap0 (2.9.4-1.1ubuntu6) ... 513s Selecting previously unselected package sssd-common. 513s Preparing to unpack .../36-sssd-common_2.9.4-1.1ubuntu6_ppc64el.deb ... 513s Unpacking sssd-common (2.9.4-1.1ubuntu6) ... 513s Selecting previously unselected package sssd-ad-common. 513s Preparing to unpack .../37-sssd-ad-common_2.9.4-1.1ubuntu6_ppc64el.deb ... 513s Unpacking sssd-ad-common (2.9.4-1.1ubuntu6) ... 513s Selecting previously unselected package sssd-krb5-common. 513s Preparing to unpack .../38-sssd-krb5-common_2.9.4-1.1ubuntu6_ppc64el.deb ... 513s Unpacking sssd-krb5-common (2.9.4-1.1ubuntu6) ... 513s Selecting previously unselected package sssd-ad. 513s Preparing to unpack .../39-sssd-ad_2.9.4-1.1ubuntu6_ppc64el.deb ... 513s Unpacking sssd-ad (2.9.4-1.1ubuntu6) ... 513s Selecting previously unselected package sssd-ipa. 513s Preparing to unpack .../40-sssd-ipa_2.9.4-1.1ubuntu6_ppc64el.deb ... 513s Unpacking sssd-ipa (2.9.4-1.1ubuntu6) ... 513s Selecting previously unselected package sssd-krb5. 513s Preparing to unpack .../41-sssd-krb5_2.9.4-1.1ubuntu6_ppc64el.deb ... 513s Unpacking sssd-krb5 (2.9.4-1.1ubuntu6) ... 513s Selecting previously unselected package sssd-ldap. 513s Preparing to unpack .../42-sssd-ldap_2.9.4-1.1ubuntu6_ppc64el.deb ... 513s Unpacking sssd-ldap (2.9.4-1.1ubuntu6) ... 513s Selecting previously unselected package sssd-proxy. 513s Preparing to unpack .../43-sssd-proxy_2.9.4-1.1ubuntu6_ppc64el.deb ... 513s Unpacking sssd-proxy (2.9.4-1.1ubuntu6) ... 513s Selecting previously unselected package sssd. 513s Preparing to unpack .../44-sssd_2.9.4-1.1ubuntu6_ppc64el.deb ... 513s Unpacking sssd (2.9.4-1.1ubuntu6) ... 513s Selecting previously unselected package autopkgtest-satdep. 513s Preparing to unpack .../45-3-autopkgtest-satdep.deb ... 513s Unpacking autopkgtest-satdep (0) ... 513s Setting up libpwquality-common (1.4.5-3build1) ... 513s Setting up softhsm2-common (2.6.1-2.2ubuntu3) ... 513s 513s Creating config file /etc/softhsm/softhsm2.conf with new version 513s Setting up libnfsidmap1:ppc64el (1:2.6.4-4ubuntu1) ... 513s Setting up libsss-idmap0 (2.9.4-1.1ubuntu6) ... 513s Setting up libbasicobjects0t64:ppc64el (0.6.2-2.1build1) ... 513s Setting up libipa-hbac0t64 (2.9.4-1.1ubuntu6) ... 513s Setting up libref-array1t64:ppc64el (0.6.2-2.1build1) ... 513s Setting up libtdb1:ppc64el (1.4.10-1build1) ... 513s Setting up libcollection4t64:ppc64el (0.6.2-2.1build1) ... 513s Setting up libevent-2.1-7t64:ppc64el (2.1.12-stable-10) ... 513s Setting up libwbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 513s Setting up libtalloc2:ppc64el (2.4.2-1build2) ... 513s Setting up libpath-utils1t64:ppc64el (0.6.2-2.1build1) ... 513s Setting up libunbound8:ppc64el (1.19.2-1ubuntu3) ... 513s Setting up libgnutls-dane0t64:ppc64el (3.8.5-4ubuntu1) ... 513s Setting up libavahi-common-data:ppc64el (0.8-13ubuntu6) ... 513s Setting up libcares2:ppc64el (1.27.0-1.0ubuntu1) ... 513s Setting up libdhash1t64:ppc64el (0.6.2-2.1build1) ... 513s Setting up libcrack2:ppc64el (2.9.6-5.1build2) ... 513s Setting up libsss-nss-idmap0 (2.9.4-1.1ubuntu6) ... 513s Setting up libini-config5t64:ppc64el (0.6.2-2.1build1) ... 513s Setting up libtevent0t64:ppc64el (0.16.1-2build1) ... 513s Setting up libnss-sss:ppc64el (2.9.4-1.1ubuntu6) ... 513s Setting up gnutls-bin (3.8.5-4ubuntu1) ... 513s Setting up libsofthsm2 (2.6.1-2.2ubuntu3) ... 513s Setting up softhsm2 (2.6.1-2.2ubuntu3) ... 513s Setting up libavahi-common3:ppc64el (0.8-13ubuntu6) ... 513s Setting up libsss-certmap0 (2.9.4-1.1ubuntu6) ... 513s Setting up libpwquality1:ppc64el (1.4.5-3build1) ... 513s Setting up libldb2:ppc64el (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 513s Setting up libavahi-client3:ppc64el (0.8-13ubuntu6) ... 513s Setting up libpam-pwquality:ppc64el (1.4.5-3build1) ... 514s Setting up samba-libs:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 514s Setting up python3-sss (2.9.4-1.1ubuntu6) ... 514s Setting up libsmbclient0:ppc64el (2:4.19.5+dfsg-4ubuntu9) ... 514s Setting up libpam-sss:ppc64el (2.9.4-1.1ubuntu6) ... 514s Setting up sssd-common (2.9.4-1.1ubuntu6) ... 514s Creating SSSD system user & group... 514s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 514s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 514s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 514s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 515s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-autofs.socket' → '/usr/lib/systemd/system/sssd-autofs.socket'. 515s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-nss.socket' → '/usr/lib/systemd/system/sssd-nss.socket'. 515s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket' → '/usr/lib/systemd/system/sssd-pam-priv.socket'. 515s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pam.socket' → '/usr/lib/systemd/system/sssd-pam.socket'. 516s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-ssh.socket' → '/usr/lib/systemd/system/sssd-ssh.socket'. 516s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-sudo.socket' → '/usr/lib/systemd/system/sssd-sudo.socket'. 516s Created symlink '/etc/systemd/system/multi-user.target.wants/sssd.service' → '/usr/lib/systemd/system/sssd.service'. 517s sssd-autofs.service is a disabled or a static unit, not starting it. 517s sssd-nss.service is a disabled or a static unit, not starting it. 517s sssd-pam.service is a disabled or a static unit, not starting it. 517s sssd-ssh.service is a disabled or a static unit, not starting it. 517s sssd-sudo.service is a disabled or a static unit, not starting it. 517s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 517s Setting up sssd-proxy (2.9.4-1.1ubuntu6) ... 517s Setting up sssd-ad-common (2.9.4-1.1ubuntu6) ... 517s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pac.socket' → '/usr/lib/systemd/system/sssd-pac.socket'. 517s sssd-pac.service is a disabled or a static unit, not starting it. 518s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 518s Setting up sssd-krb5-common (2.9.4-1.1ubuntu6) ... 518s Setting up sssd-krb5 (2.9.4-1.1ubuntu6) ... 518s Setting up sssd-ldap (2.9.4-1.1ubuntu6) ... 518s Setting up sssd-ad (2.9.4-1.1ubuntu6) ... 518s Setting up sssd-ipa (2.9.4-1.1ubuntu6) ... 518s Setting up sssd (2.9.4-1.1ubuntu6) ... 518s Setting up autopkgtest-satdep (0) ... 518s Processing triggers for man-db (2.12.1-2) ... 519s Processing triggers for libc-bin (2.39-0ubuntu8.1) ... 521s (Reading database ... 73276 files and directories currently installed.) 521s Removing autopkgtest-satdep (0) ... 527s autopkgtest [19:15:12]: test sssd-softhism2-certificates-tests.sh: [----------------------- 527s + '[' -z ubuntu ']' 527s + required_tools=(p11tool openssl softhsm2-util) 527s + for cmd in "${required_tools[@]}" 527s + command -v p11tool 527s + for cmd in "${required_tools[@]}" 527s + command -v openssl 527s + for cmd in "${required_tools[@]}" 527s + command -v softhsm2-util 527s + PIN=053350 527s +++ find /usr/lib/softhsm/libsofthsm2.so 527s +++ head -n 1 527s ++ realpath /usr/lib/softhsm/libsofthsm2.so 527s + SOFTHSM2_MODULE=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 527s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 527s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 527s + '[' '!' -v NO_SSSD_TESTS ']' 527s + '[' '!' -x /usr/libexec/sssd/p11_child ']' 527s + ca_db_arg=ca_db 527s ++ /usr/libexec/sssd/p11_child --help 527s + p11_child_help='Usage: p11_child [OPTION...] 527s -d, --debug-level=INT Debug level 527s --debug-timestamps=INT Add debug timestamps 527s --debug-microseconds=INT Show timestamps with microseconds 527s --dumpable=INT Allow core dumps 527s --debug-fd=INT An open file descriptor for the debug 527s logs 527s --logger=stderr|files|journald Set logger 527s --auth Run in auth mode 527s --pre Run in pre-auth mode 527s --wait_for_card Wait until card is available 527s --verification Run in verification mode 527s --pin Expect PIN on stdin 527s --keypad Expect PIN on keypad 527s --verify=STRING Tune validation 527s --ca_db=STRING CA DB to use 527s --module_name=STRING Module name for authentication 527s --token_name=STRING Token name for authentication 527s --key_id=STRING Key ID for authentication 527s --label=STRING Label for authentication 527s --certificate=STRING certificate to verify, base64 encoded 527s --uri=STRING PKCS#11 URI to restrict selection 527s --chain-id=LONG Tevent chain ID used for logging 527s purposes 527s 527s Help options: 527s -?, --help Show this help message 527s --usage Display brief usage message' 527s + echo 'Usage: p11_child [OPTION...] 527s -d, --debug-level=INT Debug level 527s --debug-timestamps=INT Add debug timestamps 527s --debug-microseconds=INT Show timestamps with microseconds 527s --dumpable=INT Allow core dumps 527s --debug-fd=INT An open file descriptor for the debug 527s logs 527s --logger=stderr|files|journald Set logger 527s --auth Run in auth mode 527s --pre Run in pre-auth mode 527s --wait_for_card Wait until card is available 527s --verification Run in verification mode 527s --pin Expect PIN on stdin 527s --keypad Expect PIN on keypad 527s --verify=STRING Tune validation 527s --ca_db=STRING CA DB to use 527s --module_name=STRING Module name for authentication 527s --token_name=STRING Token name for authentication 527s --key_id=STRING Key ID for authentication 527s --label=STRING Label for authentication 527s --certificate=STRING certificate to verify, base64 encoded 527s --uri=STRING PKCS#11 URI to restrict selection 527s --chain-id=LONG Tevent chain ID used for logging 527s purposes 527s 527s Help options: 527s -?, --help Show this help message 527s --usage Display brief usage message' 527s + grep nssdb -qs 527s + echo 'Usage: p11_child [OPTION...] 527s -d, --debug-level=INT Debug level 527s + grep -qs -- --ca_db 527s --debug-timestamps=INT Add debug timestamps 527s --debug-microseconds=INT Show timestamps with microseconds 527s --dumpable=INT Allow core dumps 527s --debug-fd=INT An open file descriptor for the debug 527s logs 527s --logger=stderr|files|journald Set logger 527s --auth Run in auth mode 527s --pre Run in pre-auth mode 527s --wait_for_card Wait until card is available 527s --verification Run in verification mode 527s --pin Expect PIN on stdin 527s --keypad Expect PIN on keypad 527s --verify=STRING Tune validation 527s --ca_db=STRING CA DB to use 527s --module_name=STRING Module name for authentication 527s --token_name=STRING Token name for authentication 527s --key_id=STRING Key ID for authentication 527s --label=STRING Label for authentication 527s --certificate=STRING certificate to verify, base64 encoded 527s --uri=STRING PKCS#11 URI to restrict selection 527s --chain-id=LONG Tevent chain ID used for logging 527s purposes 527s 527s Help options: 527s -?, --help Show this help message 527s --usage Display brief usage message' 527s + '[' '!' -e /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so ']' 527s ++ mktemp -d -t sssd-softhsm2-XXXXXX 527s + tmpdir=/tmp/sssd-softhsm2-YOPqCY 527s + keys_size=1024 527s + [[ ! -v KEEP_TEMPORARY_FILES ]] 527s + trap 'rm -rf "$tmpdir"' EXIT 527s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 527s + echo -n 01 528s + touch /tmp/sssd-softhsm2-YOPqCY/index.txt 528s + mkdir -p /tmp/sssd-softhsm2-YOPqCY/new_certs 528s + cat 528s + root_ca_key_pass=pass:random-root-CA-password-12014 528s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-YOPqCY/test-root-CA-key.pem -passout pass:random-root-CA-password-12014 1024 528s + openssl req -passin pass:random-root-CA-password-12014 -batch -config /tmp/sssd-softhsm2-YOPqCY/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-YOPqCY/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 528s + openssl x509 -noout -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 528s + cat 528s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-12592 528s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-12592 1024 528s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-12592 -config /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.config -key /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-12014 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-certificate-request.pem 528s + openssl req -text -noout -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-certificate-request.pem 528s Certificate Request: 528s Data: 528s Version: 1 (0x0) 528s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 528s Subject Public Key Info: 528s Public Key Algorithm: rsaEncryption 528s Public-Key: (1024 bit) 528s Modulus: 528s 00:c1:26:c0:00:4a:c7:51:96:fd:64:18:d6:12:f4: 528s fe:64:ef:99:33:d0:6c:77:7a:44:3e:36:56:92:ce: 528s c7:24:6e:85:1a:38:4c:b9:9b:62:b6:e6:2f:82:9d: 528s 4d:d1:1b:13:0d:24:77:87:a8:00:48:b4:6b:cb:fb: 528s 95:cc:90:eb:e2:3d:67:6f:a5:92:a2:12:80:0b:1a: 528s 49:ac:bc:b0:69:a4:87:51:29:66:86:c5:b6:72:47: 528s cb:c0:bb:8b:d9:e3:af:a1:41:01:89:7d:02:6b:04: 528s 36:9d:d6:05:05:7e:8c:b3:26:b6:36:86:93:a8:e4: 528s 36:cd:5f:57:c6:d0:e9:35:93 528s Exponent: 65537 (0x10001) 528s Attributes: 528s (none) 528s Requested Extensions: 528s Signature Algorithm: sha256WithRSAEncryption 528s Signature Value: 528s 24:27:c6:e0:79:bb:a6:e2:1d:e5:47:32:84:3d:64:58:a2:7a: 528s 80:13:8b:d2:ae:3f:59:e7:4e:4e:81:5c:e9:67:8a:8c:18:c7: 528s 0e:0a:65:87:1e:de:5b:0d:c9:e2:1e:2d:38:f6:8d:da:14:9e: 528s bf:95:6b:39:6d:74:f0:72:75:96:f8:b4:98:6f:da:fb:8d:79: 528s c1:11:9a:e1:30:6d:bc:d1:64:1f:0c:db:88:d2:9b:66:b0:c4: 528s a1:02:e8:bf:c4:78:cb:f4:a3:16:b0:a3:e0:34:a5:f7:f9:21: 528s 5d:0a:eb:49:23:c4:49:33:1f:79:9a:fd:df:4b:32:bf:be:b1: 528s 6c:4c 528s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-YOPqCY/test-root-CA.config -passin pass:random-root-CA-password-12014 -keyfile /tmp/sssd-softhsm2-YOPqCY/test-root-CA-key.pem -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem 528s Using configuration from /tmp/sssd-softhsm2-YOPqCY/test-root-CA.config 528s Check that the request matches the signature 528s Signature ok 528s Certificate Details: 528s Serial Number: 1 (0x1) 528s Validity 528s Not Before: Jun 13 19:15:13 2024 GMT 528s Not After : Jun 13 19:15:13 2025 GMT 528s Subject: 528s organizationName = Test Organization 528s organizationalUnitName = Test Organization Unit 528s commonName = Test Organization Intermediate CA 528s X509v3 extensions: 528s X509v3 Subject Key Identifier: 528s C1:D3:CB:81:C3:53:C9:AC:62:3F:8C:BF:AB:1D:B4:DC:B4:73:85:A7 528s X509v3 Authority Key Identifier: 528s keyid:ED:85:BB:26:78:8C:C1:F7:7C:BF:DA:83:56:AB:FD:DE:BF:8C:CE:DF 528s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 528s serial:00 528s X509v3 Basic Constraints: 528s CA:TRUE 528s X509v3 Key Usage: critical 528s Digital Signature, Certificate Sign, CRL Sign 528s Certificate is to be certified until Jun 13 19:15:13 2025 GMT (365 days) 528s 528s Write out database with 1 new entries 528s Database updated 528s + openssl x509 -noout -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem 528s + openssl verify -CAfile /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem 528s /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem: OK 528s + cat 528s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-22978 528s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-22978 1024 528s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-22978 -config /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-12592 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-certificate-request.pem 528s + openssl req -text -noout -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-certificate-request.pem 528s Certificate Request: 528s Data: 528s Version: 1 (0x0) 528s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 528s Subject Public Key Info: 528s Public Key Algorithm: rsaEncryption 528s Public-Key: (1024 bit) 528s Modulus: 528s 00:f8:86:8d:1a:e1:22:3f:ac:19:de:1e:cf:24:92: 528s e1:51:23:dc:06:75:90:9d:2a:6e:3c:2a:de:6f:b9: 528s 3b:6f:d4:be:da:23:b1:f0:71:4a:97:de:ec:06:5a: 528s 97:0c:48:d5:6f:0c:10:15:f3:25:c9:98:08:cc:bb: 528s 8e:ed:57:cd:e0:cf:9c:ab:a9:b3:d7:11:f8:51:66: 528s 68:b3:75:c7:fb:dc:81:7b:09:5b:87:9b:0a:00:d8: 528s 37:71:09:54:b1:c4:73:ec:f9:85:1b:db:86:ce:32: 528s 93:4c:d7:a3:60:91:dc:7d:8c:e3:16:3a:6b:03:2e: 528s e2:22:f5:72:76:c1:d2:86:cf 528s Exponent: 65537 (0x10001) 528s Attributes: 528s (none) 528s Requested Extensions: 528s Signature Algorithm: sha256WithRSAEncryption 528s Signature Value: 528s 44:39:5c:ad:d7:9b:48:9c:24:2a:29:40:df:7b:c4:36:22:23: 528s 1c:20:04:71:7d:e7:87:e5:5a:24:bb:da:99:5d:e4:19:2e:a0: 528s 07:5c:0f:29:4a:54:6f:02:60:0f:46:5c:56:02:55:b2:25:52: 528s f9:2b:39:87:54:c4:b5:3e:53:aa:10:93:97:e8:6a:42:13:6f: 528s 57:4f:cf:8d:b6:fc:0c:9c:53:9c:e8:2e:b9:10:a5:74:03:10: 528s 75:69:73:a4:e5:d8:21:97:d5:65:79:ba:88:a5:b4:13:31:c2: 528s a8:4b:47:14:15:cb:5b:a4:d7:e6:8e:1c:e3:bd:7d:c2:50:50: 528s fe:64 528s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-12592 -keyfile /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem 528s Using configuration from /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.config 528s Check that the request matches the signature 528s Signature ok 528s Certificate Details: 528s Serial Number: 2 (0x2) 528s Validity 528s Not Before: Jun 13 19:15:13 2024 GMT 528s Not After : Jun 13 19:15:13 2025 GMT 528s Subject: 528s organizationName = Test Organization 528s organizationalUnitName = Test Organization Unit 528s commonName = Test Organization Sub Intermediate CA 528s X509v3 extensions: 528s X509v3 Subject Key Identifier: 528s FD:69:91:67:A7:48:E2:06:B7:17:53:47:2D:21:51:DC:69:33:3B:00 528s X509v3 Authority Key Identifier: 528s keyid:C1:D3:CB:81:C3:53:C9:AC:62:3F:8C:BF:AB:1D:B4:DC:B4:73:85:A7 528s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 528s serial:01 528s X509v3 Basic Constraints: 528s CA:TRUE 528s X509v3 Key Usage: critical 528s Digital Signature, Certificate Sign, CRL Sign 528s Certificate is to be certified until Jun 13 19:15:13 2025 GMT (365 days) 528s 528s Write out database with 1 new entries 528s Database updated 528s + openssl x509 -noout -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem 528s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem 528s /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem: OK 528s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem 528s + local cmd=openssl 528s + shift 528s + openssl verify -CAfile /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem 528s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 528s error 20 at 0 depth lookup: unable to get local issuer certificate 528s error /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem: verification failed 528s + cat 528s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-6826 528s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-6826 1024 528s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-6826 -key /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001-request.pem 528s + openssl req -text -noout -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001-request.pem 528s Certificate Request: 528s Data: 528s Version: 1 (0x0) 528s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 528s Subject Public Key Info: 528s Public Key Algorithm: rsaEncryption 528s Public-Key: (1024 bit) 528s Modulus: 528s 00:ad:89:12:70:ba:74:e8:bd:01:17:10:47:1c:20: 528s e5:6d:fd:64:ed:9c:1d:77:b5:35:a2:b2:8a:44:a2: 528s bb:66:91:e4:c4:59:4c:54:5f:10:d5:60:77:02:21: 528s 26:0e:46:f1:80:3f:0d:cc:2a:65:13:be:6c:3d:a8: 528s 0b:52:cf:6b:d9:e1:69:e2:59:ee:86:33:04:5c:fd: 528s e1:be:63:e9:cb:3c:59:7b:dc:93:43:cb:54:62:b2: 528s 4f:c1:e9:70:1d:f9:b3:d4:1a:05:23:2d:be:77:8e: 528s 71:db:6e:48:b7:c8:96:9a:80:ec:e9:f1:75:be:0b: 528s 9e:14:69:d7:48:f7:71:f3:97 528s Exponent: 65537 (0x10001) 528s Attributes: 528s Requested Extensions: 528s X509v3 Basic Constraints: 528s CA:FALSE 528s Netscape Cert Type: 528s SSL Client, S/MIME 528s Netscape Comment: 528s Test Organization Root CA trusted Certificate 528s X509v3 Subject Key Identifier: 528s 3B:8D:1E:A5:B2:A1:43:44:B2:D8:84:CA:27:ED:EC:0C:E5:5D:27:79 528s X509v3 Key Usage: critical 528s Digital Signature, Non Repudiation, Key Encipherment 528s X509v3 Extended Key Usage: 528s TLS Web Client Authentication, E-mail Protection 528s X509v3 Subject Alternative Name: 528s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 528s Signature Algorithm: sha256WithRSAEncryption 528s Signature Value: 528s 00:e2:4d:90:fa:63:51:87:a1:c2:f1:10:ac:14:da:55:cc:51: 528s d7:33:9b:dc:e0:51:b4:57:1a:e9:df:35:81:6b:a6:4b:3e:89: 528s c0:b1:d1:45:d9:7f:13:b1:23:8f:ea:96:36:7e:38:80:22:0f: 528s 86:67:05:50:a1:d5:2b:c2:95:78:a3:5e:77:fa:97:23:09:34: 528s 5b:e5:31:ca:fc:bf:31:f6:e5:73:06:40:ea:4c:9a:16:7d:9d: 528s d1:cb:45:8f:08:c6:a1:1c:f9:b0:cf:2e:b5:30:a0:6c:e3:55: 528s a9:9d:e1:99:66:14:90:2f:bd:01:a4:7b:43:87:bb:11:ae:ce: 528s e1:b2 528s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-YOPqCY/test-root-CA.config -passin pass:random-root-CA-password-12014 -keyfile /tmp/sssd-softhsm2-YOPqCY/test-root-CA-key.pem -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 528s Using configuration from /tmp/sssd-softhsm2-YOPqCY/test-root-CA.config 528s Check that the request matches the signature 528s Signature ok 528s Certificate Details: 528s Serial Number: 3 (0x3) 528s Validity 528s Not Before: Jun 13 19:15:13 2024 GMT 528s Not After : Jun 13 19:15:13 2025 GMT 528s Subject: 528s organizationName = Test Organization 528s organizationalUnitName = Test Organization Unit 528s commonName = Test Organization Root Trusted Certificate 0001 528s X509v3 extensions: 528s X509v3 Authority Key Identifier: 528s ED:85:BB:26:78:8C:C1:F7:7C:BF:DA:83:56:AB:FD:DE:BF:8C:CE:DF 528s X509v3 Basic Constraints: 528s CA:FALSE 528s Netscape Cert Type: 528s SSL Client, S/MIME 528s Netscape Comment: 528s Test Organization Root CA trusted Certificate 528s X509v3 Subject Key Identifier: 528s 3B:8D:1E:A5:B2:A1:43:44:B2:D8:84:CA:27:ED:EC:0C:E5:5D:27:79 528s X509v3 Key Usage: critical 528s Digital Signature, Non Repudiation, Key Encipherment 528s X509v3 Extended Key Usage: 528s TLS Web Client Authentication, E-mail Protection 528s X509v3 Subject Alternative Name: 528s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 528s Certificate is to be certified until Jun 13 19:15:13 2025 GMT (365 days) 528s 528s Write out database with 1 new entries 528s Database updated 528s + openssl x509 -noout -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 528s + openssl verify -CAfile /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 528s /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem: OK 528s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 528s + local cmd=openssl 528s + shift 528s + openssl verify -CAfile /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 528s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 528s error 20 at 0 depth lookup: unable to get local issuer certificate 528s error /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem: verification failed 528s + cat 528s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-17272 528s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-17272 1024 528s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-17272 -key /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001-request.pem 528s + openssl req -text -noout -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001-request.pem 528s Certificate Request: 528s Data: 528s Version: 1 (0x0) 528s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 528s Subject Public Key Info: 528s Public Key Algorithm: rsaEncryption 528s Public-Key: (1024 bit) 528s Modulus: 528s 00:da:91:b2:69:2c:07:41:fe:ef:cd:17:69:96:f3: 528s 7d:b6:d9:5c:8a:55:08:b4:5f:ae:eb:73:b1:9b:88: 528s fa:59:16:da:2b:2d:d9:16:fe:87:4d:d2:6d:3c:9c: 528s 8e:af:ca:36:07:48:b1:98:63:28:f0:17:b4:c4:ae: 528s c2:1e:48:3d:de:ff:63:8f:08:1b:93:b1:a7:b0:27: 528s e4:81:9a:70:91:dd:ac:41:c7:92:f4:b4:8f:ec:ee: 528s 23:75:2f:aa:3d:76:bc:64:67:a6:a7:1c:a0:f4:e6: 528s ab:93:60:cd:93:2d:ef:d7:90:1f:35:3b:87:49:d0: 528s f7:56:63:06:7f:92:2a:88:5d 528s Exponent: 65537 (0x10001) 528s Attributes: 528s Requested Extensions: 528s X509v3 Basic Constraints: 528s CA:FALSE 528s Netscape Cert Type: 528s SSL Client, S/MIME 528s Netscape Comment: 528s Test Organization Intermediate CA trusted Certificate 528s X509v3 Subject Key Identifier: 528s 91:13:E6:9C:47:A0:C2:9D:8A:BE:B5:12:88:41:40:C5:9A:82:F8:2C 528s X509v3 Key Usage: critical 528s Digital Signature, Non Repudiation, Key Encipherment 528s X509v3 Extended Key Usage: 528s TLS Web Client Authentication, E-mail Protection 528s X509v3 Subject Alternative Name: 528s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 528s Signature Algorithm: sha256WithRSAEncryption 528s Signature Value: 528s 92:60:58:f8:f7:c4:e1:89:9f:2a:77:34:00:41:0a:26:fd:ce: 528s 97:b9:14:17:ce:34:0b:d0:33:a6:6c:7a:81:e2:ce:b9:6d:47: 528s 6a:8b:90:33:7a:51:3c:f6:82:4d:95:78:f9:92:58:40:68:c0: 528s 9f:ea:70:e5:9c:a6:5b:50:9b:02:06:a9:5a:63:60:73:68:37: 528s 95:1d:f2:a9:29:9a:11:bf:90:12:59:75:2b:77:5a:cb:89:eb: 528s ef:ea:31:ea:2e:40:ed:5b:6d:d1:5e:c1:39:84:ef:b3:5f:c5: 528s 0f:e1:98:4d:59:39:be:2e:a0:70:dc:e3:c8:e7:c8:77:c3:e2: 528s d3:9c 528s + openssl ca -passin pass:random-intermediate-CA-password-12592 -config /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 528s Using configuration from /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.config 528s Check that the request matches the signature 528s Signature ok 528s Certificate Details: 528s Serial Number: 4 (0x4) 528s Validity 528s Not Before: Jun 13 19:15:13 2024 GMT 528s Not After : Jun 13 19:15:13 2025 GMT 528s Subject: 528s organizationName = Test Organization 528s organizationalUnitName = Test Organization Unit 528s commonName = Test Organization Intermediate Trusted Certificate 0001 528s X509v3 extensions: 528s X509v3 Authority Key Identifier: 528s C1:D3:CB:81:C3:53:C9:AC:62:3F:8C:BF:AB:1D:B4:DC:B4:73:85:A7 528s X509v3 Basic Constraints: 528s CA:FALSE 528s Netscape Cert Type: 528s SSL Client, S/MIME 528s Netscape Comment: 528s Test Organization Intermediate CA trusted Certificate 528s X509v3 Subject Key Identifier: 528s 91:13:E6:9C:47:A0:C2:9D:8A:BE:B5:12:88:41:40:C5:9A:82:F8:2C 528s X509v3 Key Usage: critical 528s Digital Signature, Non Repudiation, Key Encipherment 528s X509v3 Extended Key Usage: 528s TLS Web Client Authentication, E-mail Protection 528s X509v3 Subject Alternative Name: 528s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 528s Certificate is to be certified until Jun 13 19:15:13 2025 GMT (365 days) 528s 528s Write out database with 1 new entries 528s Database updated 528s + openssl x509 -noout -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 528s This certificate should not be trusted fully 528s + echo 'This certificate should not be trusted fully' 528s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 528s + local cmd=openssl 528s + shift 528s + openssl verify -CAfile /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 528s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 528s error 2 at 1 depth lookup: unable to get issuer certificate 528s error /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 528s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 528s /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem: OK 528s + cat 528s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-123 528s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-123 1024 528s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-123 -key /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 528s + openssl req -text -noout -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 528s Certificate Request: 528s Data: 528s Version: 1 (0x0) 528s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 528s Subject Public Key Info: 528s Public Key Algorithm: rsaEncryption 528s Public-Key: (1024 bit) 528s Modulus: 528s 00:c4:59:76:10:f0:4a:e5:bd:12:0b:89:2f:31:97: 528s df:2d:88:b0:66:9d:06:9f:65:c5:2f:17:ae:ed:fa: 528s f8:a1:cf:6b:70:11:ae:f8:da:69:0f:6b:02:8e:6a: 528s 60:47:eb:3b:ef:bf:b1:c6:ff:ba:84:d8:57:b7:c0: 528s 6e:95:0c:16:68:7d:df:9f:48:ae:d2:a9:5d:4c:43: 528s 42:42:e4:e4:8f:ff:f7:8f:07:86:e6:c9:e9:43:f7: 528s 70:79:77:1a:2d:a1:35:97:07:06:47:6d:f0:fd:11: 528s d6:51:e6:02:0a:1b:7a:b6:ba:5f:38:9e:27:d1:f3: 528s d1:d7:28:cb:28:60:64:70:6f 528s Exponent: 65537 (0x10001) 528s Attributes: 528s Requested Extensions: 528s X509v3 Basic Constraints: 528s CA:FALSE 528s Netscape Cert Type: 528s SSL Client, S/MIME 528s Netscape Comment: 528s Test Organization Sub Intermediate CA trusted Certificate 528s X509v3 Subject Key Identifier: 528s 19:15:CF:25:AE:21:FC:19:0C:0A:9D:1E:E7:88:97:9D:0B:9A:C1:0B 528s X509v3 Key Usage: critical 528s Digital Signature, Non Repudiation, Key Encipherment 528s X509v3 Extended Key Usage: 528s TLS Web Client Authentication, E-mail Protection 528s X509v3 Subject Alternative Name: 528s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 528s Signature Algorithm: sha256WithRSAEncryption 528s Signature Value: 528s b8:75:f5:b3:1b:5b:fb:d3:c0:94:f6:d5:c0:13:78:00:cd:dd: 528s 4a:55:75:b3:d5:4a:8e:7a:c2:4a:fe:a9:bf:ed:24:9e:b3:3c: 528s c6:f5:5a:2d:3d:7a:b1:b5:67:1c:e8:3d:11:0e:b2:d4:e1:fc: 528s b5:c7:a2:01:a0:f2:0a:1f:04:4f:5f:47:18:9e:41:a6:a9:bd: 528s 2e:07:cc:cd:e9:64:08:5d:b6:2c:9c:7e:ea:f0:99:56:f6:e4: 528s 94:6e:e7:bd:23:82:ae:84:08:6d:30:b4:59:6e:24:a0:98:a2: 528s b5:2d:73:58:b4:4d:17:b9:e9:b5:cb:bb:81:83:68:2d:58:7f: 528s 8d:c2 528s + openssl ca -passin pass:random-sub-intermediate-CA-password-22978 -config /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 528s Using configuration from /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.config 528s Check that the request matches the signature 528s Signature ok 528s Certificate Details: 528s Serial Number: 5 (0x5) 528s Validity 528s Not Before: Jun 13 19:15:13 2024 GMT 528s Not After : Jun 13 19:15:13 2025 GMT 528s Subject: 528s organizationName = Test Organization 528s organizationalUnitName = Test Organization Unit 528s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 528s X509v3 extensions: 528s X509v3 Authority Key Identifier: 528s FD:69:91:67:A7:48:E2:06:B7:17:53:47:2D:21:51:DC:69:33:3B:00 528s X509v3 Basic Constraints: 528s CA:FALSE 528s Netscape Cert Type: 528s SSL Client, S/MIME 528s Netscape Comment: 528s Test Organization Sub Intermediate CA trusted Certificate 528s X509v3 Subject Key Identifier: 528s 19:15:CF:25:AE:21:FC:19:0C:0A:9D:1E:E7:88:97:9D:0B:9A:C1:0B 528s X509v3 Key Usage: critical 528s Digital Signature, Non Repudiation, Key Encipherment 528s X509v3 Extended Key Usage: 528s TLS Web Client Authentication, E-mail Protection 528s X509v3 Subject Alternative Name: 528s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 528s Certificate is to be certified until Jun 13 19:15:13 2025 GMT (365 days) 528s 528s Write out database with 1 new entries 528s Database updated 528s + openssl x509 -noout -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 528s + echo 'This certificate should not be trusted fully' 528s This certificate should not be trusted fully 528s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 528s + local cmd=openssl 528s + shift 528s + openssl verify -CAfile /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 528s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 528s error 2 at 1 depth lookup: unable to get issuer certificate 528s error /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 528s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 528s + local cmd=openssl 528s + shift 528s + openssl verify -CAfile /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 528s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 528s error 20 at 0 depth lookup: unable to get local issuer certificate 528s error /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 528s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 528s /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 528s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 528s + local cmd=openssl 528s + shift 528s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 528s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 528s error 20 at 0 depth lookup: unable to get local issuer certificate 528s error /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 528s Building a the full-chain CA file... 528s + echo 'Building a the full-chain CA file...' 528s + cat /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem 528s + cat /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem 528s + cat /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem 528s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 528s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 528s 528s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 528s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 528s 528s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 528s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 528s 528s /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem: OK 528s /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem: OK 528s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 528s + openssl pkcs7 -print_certs -noout 528s + openssl verify -CAfile /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem 528s + openssl verify -CAfile /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 528s + openssl verify -CAfile /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 528s + openssl verify -CAfile /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-root-intermediate-chain-CA.pem 528s + openssl verify -CAfile /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 528s + echo 'Certificates generation completed!' 528s + [[ -v NO_SSSD_TESTS ]] 528s + invalid_certificate /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 /dev/null 528s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 /dev/null 528s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 528s + local key_pass=pass:random-root-ca-trusted-cert-0001-6826 528s + local key_ring=/dev/null 528s + local verify_option= 528s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 528s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 528s + local key_pass=pass:random-root-ca-trusted-cert-0001-6826 528s + local key_cn 528s + local key_name 528s + local tokens_dir 528s + local output_cert_file 528s + token_name= 528s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem .pem 528s /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem: OK 528s /tmp/sssd-softhsm2-YOPqCY/test-root-intermediate-chain-CA.pem: OK 528s /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 528s Certificates generation completed! 528s + key_name=test-root-CA-trusted-certificate-0001 528s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 528s ++ sed -n 's/ *commonName *= //p' 528s + key_cn='Test Organization Root Trusted Certificate 0001' 528s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 528s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf 528s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf 528s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 528s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001 528s + token_name='Test Organization Root Tr Token' 528s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 528s + local key_file 528s + local decrypted_key 528s + mkdir -p /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001 528s + key_file=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001-key.pem 528s + decrypted_key=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001-key-decrypted.pem 528s + cat 528s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 053350 --so-pin 053350 --free 528s Slot 0 has a free/uninitialized token. 528s The token has been initialized and is reassigned to slot 2123647526 528s + softhsm2-util --show-slots 528s Available slots: 528s Slot 2123647526 528s Slot info: 528s Description: SoftHSM slot ID 0x7e944a26 528s Manufacturer ID: SoftHSM project 528s Hardware version: 2.6 528s Firmware version: 2.6 528s Token present: yes 528s Token info: 528s Manufacturer ID: SoftHSM project 528s Model: SoftHSM v2 528s Hardware version: 2.6 528s Firmware version: 2.6 528s Serial number: f8160eba7e944a26 528s Initialized: yes 528s User PIN init.: yes 528s Label: Test Organization Root Tr Token 528s Slot 1 528s Slot info: 528s Description: SoftHSM slot ID 0x1 528s Manufacturer ID: SoftHSM project 528s Hardware version: 2.6 528s Firmware version: 2.6 528s Token present: yes 528s Token info: 528s Manufacturer ID: SoftHSM project 528s Model: SoftHSM v2 528s Hardware version: 2.6 528s Firmware version: 2.6 528s Serial number: 528s Initialized: no 528s User PIN init.: no 528s Label: 528s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 528s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-6826 -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001-key-decrypted.pem 528s writing RSA key 528s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 528s + rm /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001-key-decrypted.pem 528s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 528s Object 0: 528s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f8160eba7e944a26;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 528s Type: X.509 Certificate (RSA-1024) 528s Expires: Fri Jun 13 19:15:13 2025 528s Label: Test Organization Root Trusted Certificate 0001 528s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 528s 528s Test Organization Root Tr Token 528s + echo 'Test Organization Root Tr Token' 528s + '[' -n '' ']' 528s + local output_base_name=SSSD-child-11368 528s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-11368.output 528s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-11368.pem 528s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 528s [p11_child[2301]] [main] (0x0400): p11_child started. 528s [p11_child[2301]] [main] (0x2000): Running in [pre-auth] mode. 528s [p11_child[2301]] [main] (0x2000): Running with effective IDs: [0][0]. 528s [p11_child[2301]] [main] (0x2000): Running with real IDs [0][0]. 528s [p11_child[2301]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 528s [p11_child[2301]] [do_work] (0x0040): init_verification failed. 528s [p11_child[2301]] [main] (0x0020): p11_child failed (5) 528s + return 2 528s + valid_certificate /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 /dev/null no_verification 528s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 /dev/null no_verification 528s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 528s + local key_pass=pass:random-root-ca-trusted-cert-0001-6826 528s + local key_ring=/dev/null 528s + local verify_option=no_verification 528s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 528s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 528s + local key_pass=pass:random-root-ca-trusted-cert-0001-6826 528s + local key_cn 528s + local key_name 528s + local tokens_dir 528s + local output_cert_file 528s + token_name= 528s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem .pem 528s + key_name=test-root-CA-trusted-certificate-0001 528s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 528s ++ sed -n 's/ *commonName *= //p' 528s + key_cn='Test Organization Root Trusted Certificate 0001' 528s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 528s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf 528s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf 528s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 528s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001 528s + token_name='Test Organization Root Tr Token' 528s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 528s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001 ']' 528s + echo 'Test Organization Root Tr Token' 528s + '[' -n no_verification ']' 528s + local verify_arg=--verify=no_verification 528s + local output_base_name=SSSD-child-24461 528s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-24461.output 528s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-24461.pem 528s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 528s [p11_child[2307]] [main] (0x0400): p11_child started. 528s [p11_child[2307]] [main] (0x2000): Running in [pre-auth] mode. 528s [p11_child[2307]] [main] (0x2000): Running with effective IDs: [0][0]. 528s Test Organization Root Tr Token 528s [p11_child[2307]] [main] (0x2000): Running with real IDs [0][0]. 528s [p11_child[2307]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 528s [p11_child[2307]] [do_card] (0x4000): Module List: 528s [p11_child[2307]] [do_card] (0x4000): common name: [softhsm2]. 528s [p11_child[2307]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 528s [p11_child[2307]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7e944a26] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 528s [p11_child[2307]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 528s [p11_child[2307]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7e944a26][2123647526] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 528s [p11_child[2307]] [do_card] (0x4000): Login NOT required. 528s [p11_child[2307]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 528s [p11_child[2307]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 528s [p11_child[2307]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7e944a26;slot-manufacturer=SoftHSM%20project;slot-id=2123647526;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f8160eba7e944a26;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 528s [p11_child[2307]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 528s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24461.output 528s + echo '-----BEGIN CERTIFICATE-----' 528s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24461.output 528s + echo '-----END CERTIFICATE-----' 528s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24461.pem 528s Certificate: 528s Data: 528s Version: 3 (0x2) 528s Serial Number: 3 (0x3) 528s Signature Algorithm: sha256WithRSAEncryption 528s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 528s Validity 528s Not Before: Jun 13 19:15:13 2024 GMT 528s Not After : Jun 13 19:15:13 2025 GMT 528s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 528s Subject Public Key Info: 528s Public Key Algorithm: rsaEncryption 528s Public-Key: (1024 bit) 528s Modulus: 528s 00:ad:89:12:70:ba:74:e8:bd:01:17:10:47:1c:20: 528s e5:6d:fd:64:ed:9c:1d:77:b5:35:a2:b2:8a:44:a2: 528s bb:66:91:e4:c4:59:4c:54:5f:10:d5:60:77:02:21: 528s 26:0e:46:f1:80:3f:0d:cc:2a:65:13:be:6c:3d:a8: 528s 0b:52:cf:6b:d9:e1:69:e2:59:ee:86:33:04:5c:fd: 528s e1:be:63:e9:cb:3c:59:7b:dc:93:43:cb:54:62:b2: 528s 4f:c1:e9:70:1d:f9:b3:d4:1a:05:23:2d:be:77:8e: 528s 71:db:6e:48:b7:c8:96:9a:80:ec:e9:f1:75:be:0b: 528s 9e:14:69:d7:48:f7:71:f3:97 528s Exponent: 65537 (0x10001) 528s X509v3 extensions: 528s X509v3 Authority Key Identifier: 528s ED:85:BB:26:78:8C:C1:F7:7C:BF:DA:83:56:AB:FD:DE:BF:8C:CE:DF 528s X509v3 Basic Constraints: 528s CA:FALSE 528s Netscape Cert Type: 528s SSL Client, S/MIME 528s Netscape Comment: 528s Test Organization Root CA trusted Certificate 528s X509v3 Subject Key Identifier: 528s 3B:8D:1E:A5:B2:A1:43:44:B2:D8:84:CA:27:ED:EC:0C:E5:5D:27:79 528s X509v3 Key Usage: critical 528s Digital Signature, Non Repudiation, Key Encipherment 528s X509v3 Extended Key Usage: 528s TLS Web Client Authentication, E-mail Protection 528s X509v3 Subject Alternative Name: 528s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 528s Signature Algorithm: sha256WithRSAEncryption 528s Signature Value: 528s 42:37:e9:8d:18:7b:73:65:db:bd:ff:83:88:91:47:b2:36:04: 528s 7d:ea:f8:9c:79:68:18:d0:cd:7e:af:c1:6b:d1:8d:29:32:d5: 528s 60:89:35:4e:f7:75:c3:a6:76:2d:fc:a7:22:d8:46:aa:8c:5a: 528s 87:1b:8f:56:e3:48:c1:02:c6:25:5d:10:c7:cd:25:03:f5:d5: 528s 02:66:c5:ab:21:c0:4d:ee:fe:cf:5e:b3:ad:68:62:60:72:56: 528s c3:6d:2c:ba:ce:ea:e2:3d:a4:98:c9:30:14:b2:31:c8:10:f6: 528s 64:70:a8:e7:78:71:ad:94:b3:02:cc:35:06:b8:99:d5:8c:ad: 528s 1e:f4 528s + local found_md5 expected_md5 528s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 529s + expected_md5=Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 529s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24461.pem 529s + found_md5=Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 529s + '[' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 '!=' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 ']' 529s + output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-24461-auth.output 529s ++ basename /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24461-auth.output .output 529s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-24461-auth.pem 529s + echo -n 053350 529s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 529s [p11_child[2318]] [main] (0x0400): p11_child started. 529s [p11_child[2318]] [main] (0x2000): Running in [auth] mode. 529s [p11_child[2318]] [main] (0x2000): Running with effective IDs: [0][0]. 529s [p11_child[2318]] [main] (0x2000): Running with real IDs [0][0]. 529s [p11_child[2318]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 529s [p11_child[2318]] [do_card] (0x4000): Module List: 529s [p11_child[2318]] [do_card] (0x4000): common name: [softhsm2]. 529s [p11_child[2318]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 529s [p11_child[2318]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7e944a26] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 529s [p11_child[2318]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 529s [p11_child[2318]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7e944a26][2123647526] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 529s [p11_child[2318]] [do_card] (0x4000): Login required. 529s [p11_child[2318]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 529s [p11_child[2318]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 529s [p11_child[2318]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7e944a26;slot-manufacturer=SoftHSM%20project;slot-id=2123647526;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f8160eba7e944a26;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 529s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 529s [p11_child[2318]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 529s [p11_child[2318]] [do_card] (0x4000): Certificate verified and validated. 529s [p11_child[2318]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 529s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24461-auth.output 529s + echo '-----BEGIN CERTIFICATE-----' 529s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24461-auth.output 529s + echo '-----END CERTIFICATE-----' 529s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24461-auth.pem 529s Certificate: 529s Data: 529s Version: 3 (0x2) 529s Serial Number: 3 (0x3) 529s Signature Algorithm: sha256WithRSAEncryption 529s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 529s Validity 529s Not Before: Jun 13 19:15:13 2024 GMT 529s Not After : Jun 13 19:15:13 2025 GMT 529s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 529s Subject Public Key Info: 529s Public Key Algorithm: rsaEncryption 529s Public-Key: (1024 bit) 529s Modulus: 529s 00:ad:89:12:70:ba:74:e8:bd:01:17:10:47:1c:20: 529s e5:6d:fd:64:ed:9c:1d:77:b5:35:a2:b2:8a:44:a2: 529s bb:66:91:e4:c4:59:4c:54:5f:10:d5:60:77:02:21: 529s 26:0e:46:f1:80:3f:0d:cc:2a:65:13:be:6c:3d:a8: 529s 0b:52:cf:6b:d9:e1:69:e2:59:ee:86:33:04:5c:fd: 529s e1:be:63:e9:cb:3c:59:7b:dc:93:43:cb:54:62:b2: 529s 4f:c1:e9:70:1d:f9:b3:d4:1a:05:23:2d:be:77:8e: 529s 71:db:6e:48:b7:c8:96:9a:80:ec:e9:f1:75:be:0b: 529s 9e:14:69:d7:48:f7:71:f3:97 529s Exponent: 65537 (0x10001) 529s X509v3 extensions: 529s X509v3 Authority Key Identifier: 529s ED:85:BB:26:78:8C:C1:F7:7C:BF:DA:83:56:AB:FD:DE:BF:8C:CE:DF 529s X509v3 Basic Constraints: 529s CA:FALSE 529s Netscape Cert Type: 529s SSL Client, S/MIME 529s Netscape Comment: 529s Test Organization Root CA trusted Certificate 529s X509v3 Subject Key Identifier: 529s 3B:8D:1E:A5:B2:A1:43:44:B2:D8:84:CA:27:ED:EC:0C:E5:5D:27:79 529s X509v3 Key Usage: critical 529s Digital Signature, Non Repudiation, Key Encipherment 529s X509v3 Extended Key Usage: 529s TLS Web Client Authentication, E-mail Protection 529s X509v3 Subject Alternative Name: 529s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 529s Signature Algorithm: sha256WithRSAEncryption 529s Signature Value: 529s 42:37:e9:8d:18:7b:73:65:db:bd:ff:83:88:91:47:b2:36:04: 529s 7d:ea:f8:9c:79:68:18:d0:cd:7e:af:c1:6b:d1:8d:29:32:d5: 529s 60:89:35:4e:f7:75:c3:a6:76:2d:fc:a7:22:d8:46:aa:8c:5a: 529s 87:1b:8f:56:e3:48:c1:02:c6:25:5d:10:c7:cd:25:03:f5:d5: 529s 02:66:c5:ab:21:c0:4d:ee:fe:cf:5e:b3:ad:68:62:60:72:56: 529s c3:6d:2c:ba:ce:ea:e2:3d:a4:98:c9:30:14:b2:31:c8:10:f6: 529s 64:70:a8:e7:78:71:ad:94:b3:02:cc:35:06:b8:99:d5:8c:ad: 529s 1e:f4 529s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24461-auth.pem 529s + found_md5=Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 529s + '[' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 '!=' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 ']' 529s + valid_certificate /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 529s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 529s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 529s + local key_pass=pass:random-root-ca-trusted-cert-0001-6826 529s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 529s + local verify_option= 529s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 529s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 529s + local key_pass=pass:random-root-ca-trusted-cert-0001-6826 529s + local key_cn 529s + local key_name 529s + local tokens_dir 529s + local output_cert_file 529s + token_name= 529s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem .pem 529s + key_name=test-root-CA-trusted-certificate-0001 529s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 529s ++ sed -n 's/ *commonName *= //p' 529s + key_cn='Test Organization Root Trusted Certificate 0001' 529s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 529s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf 529s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf 529s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 529s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001 529s + token_name='Test Organization Root Tr Token' 529s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 529s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001 ']' 529s + echo 'Test Organization Root Tr Token' 529s + '[' -n '' ']' 529s + local output_base_name=SSSD-child-32561 529s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-32561.output 529s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-32561.pem 529s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 529s [p11_child[2328]] [main] (0x0400): p11_child started. 529s [p11_child[2328]] [main] (0x2000): Running in [pre-auth] mode. 529s [p11_child[2328]] [main] (0x2000): Running with effective IDs: [0][0]. 529s [p11_child[2328]] [main] (0x2000): Running with real IDs [0][0]. 529s Test Organization Root Tr Token 529s [p11_child[2328]] [do_card] (0x4000): Module List: 529s [p11_child[2328]] [do_card] (0x4000): common name: [softhsm2]. 529s [p11_child[2328]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 529s [p11_child[2328]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7e944a26] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 529s [p11_child[2328]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 529s [p11_child[2328]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7e944a26][2123647526] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 529s [p11_child[2328]] [do_card] (0x4000): Login NOT required. 529s [p11_child[2328]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 529s [p11_child[2328]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 529s [p11_child[2328]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 529s [p11_child[2328]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7e944a26;slot-manufacturer=SoftHSM%20project;slot-id=2123647526;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f8160eba7e944a26;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 529s [p11_child[2328]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 529s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-32561.output 529s + echo '-----BEGIN CERTIFICATE-----' 529s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-32561.output 529s + echo '-----END CERTIFICATE-----' 529s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-32561.pem 529s Certificate: 529s Data: 529s Version: 3 (0x2) 529s Serial Number: 3 (0x3) 529s Signature Algorithm: sha256WithRSAEncryption 529s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 529s Validity 529s Not Before: Jun 13 19:15:13 2024 GMT 529s Not After : Jun 13 19:15:13 2025 GMT 529s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 529s Subject Public Key Info: 529s Public Key Algorithm: rsaEncryption 529s Public-Key: (1024 bit) 529s Modulus: 529s 00:ad:89:12:70:ba:74:e8:bd:01:17:10:47:1c:20: 529s e5:6d:fd:64:ed:9c:1d:77:b5:35:a2:b2:8a:44:a2: 529s bb:66:91:e4:c4:59:4c:54:5f:10:d5:60:77:02:21: 529s 26:0e:46:f1:80:3f:0d:cc:2a:65:13:be:6c:3d:a8: 529s 0b:52:cf:6b:d9:e1:69:e2:59:ee:86:33:04:5c:fd: 529s e1:be:63:e9:cb:3c:59:7b:dc:93:43:cb:54:62:b2: 529s 4f:c1:e9:70:1d:f9:b3:d4:1a:05:23:2d:be:77:8e: 529s 71:db:6e:48:b7:c8:96:9a:80:ec:e9:f1:75:be:0b: 529s 9e:14:69:d7:48:f7:71:f3:97 529s Exponent: 65537 (0x10001) 529s X509v3 extensions: 529s X509v3 Authority Key Identifier: 529s ED:85:BB:26:78:8C:C1:F7:7C:BF:DA:83:56:AB:FD:DE:BF:8C:CE:DF 529s X509v3 Basic Constraints: 529s CA:FALSE 529s Netscape Cert Type: 529s SSL Client, S/MIME 529s Netscape Comment: 529s Test Organization Root CA trusted Certificate 529s X509v3 Subject Key Identifier: 529s 3B:8D:1E:A5:B2:A1:43:44:B2:D8:84:CA:27:ED:EC:0C:E5:5D:27:79 529s X509v3 Key Usage: critical 529s Digital Signature, Non Repudiation, Key Encipherment 529s X509v3 Extended Key Usage: 529s TLS Web Client Authentication, E-mail Protection 529s X509v3 Subject Alternative Name: 529s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 529s Signature Algorithm: sha256WithRSAEncryption 529s Signature Value: 529s 42:37:e9:8d:18:7b:73:65:db:bd:ff:83:88:91:47:b2:36:04: 529s 7d:ea:f8:9c:79:68:18:d0:cd:7e:af:c1:6b:d1:8d:29:32:d5: 529s 60:89:35:4e:f7:75:c3:a6:76:2d:fc:a7:22:d8:46:aa:8c:5a: 529s 87:1b:8f:56:e3:48:c1:02:c6:25:5d:10:c7:cd:25:03:f5:d5: 529s 02:66:c5:ab:21:c0:4d:ee:fe:cf:5e:b3:ad:68:62:60:72:56: 529s c3:6d:2c:ba:ce:ea:e2:3d:a4:98:c9:30:14:b2:31:c8:10:f6: 529s 64:70:a8:e7:78:71:ad:94:b3:02:cc:35:06:b8:99:d5:8c:ad: 529s 1e:f4 529s + local found_md5 expected_md5 529s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 529s + expected_md5=Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 529s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-32561.pem 529s + found_md5=Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 529s + '[' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 '!=' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 ']' 529s + output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-32561-auth.output 529s ++ basename /tmp/sssd-softhsm2-YOPqCY/SSSD-child-32561-auth.output .output 529s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-32561-auth.pem 529s + echo -n 053350 529s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 529s [p11_child[2336]] [main] (0x0400): p11_child started. 529s [p11_child[2336]] [main] (0x2000): Running in [auth] mode. 529s [p11_child[2336]] [main] (0x2000): Running with effective IDs: [0][0]. 529s [p11_child[2336]] [main] (0x2000): Running with real IDs [0][0]. 529s [p11_child[2336]] [do_card] (0x4000): Module List: 529s [p11_child[2336]] [do_card] (0x4000): common name: [softhsm2]. 529s [p11_child[2336]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 529s [p11_child[2336]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7e944a26] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 529s [p11_child[2336]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 529s [p11_child[2336]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7e944a26][2123647526] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 529s [p11_child[2336]] [do_card] (0x4000): Login required. 529s [p11_child[2336]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 529s [p11_child[2336]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 529s [p11_child[2336]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 529s [p11_child[2336]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7e944a26;slot-manufacturer=SoftHSM%20project;slot-id=2123647526;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f8160eba7e944a26;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 529s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 529s [p11_child[2336]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 529s [p11_child[2336]] [do_card] (0x4000): Certificate verified and validated. 529s [p11_child[2336]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 529s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-32561-auth.output 529s + echo '-----BEGIN CERTIFICATE-----' 529s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-32561-auth.output 529s + echo '-----END CERTIFICATE-----' 529s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-32561-auth.pem 529s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-32561-auth.pem 529s Certificate: 529s Data: 529s Version: 3 (0x2) 529s Serial Number: 3 (0x3) 529s Signature Algorithm: sha256WithRSAEncryption 529s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 529s Validity 529s Not Before: Jun 13 19:15:13 2024 GMT 529s Not After : Jun 13 19:15:13 2025 GMT 529s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 529s Subject Public Key Info: 529s Public Key Algorithm: rsaEncryption 529s Public-Key: (1024 bit) 529s Modulus: 529s 00:ad:89:12:70:ba:74:e8:bd:01:17:10:47:1c:20: 529s e5:6d:fd:64:ed:9c:1d:77:b5:35:a2:b2:8a:44:a2: 529s bb:66:91:e4:c4:59:4c:54:5f:10:d5:60:77:02:21: 529s 26:0e:46:f1:80:3f:0d:cc:2a:65:13:be:6c:3d:a8: 529s 0b:52:cf:6b:d9:e1:69:e2:59:ee:86:33:04:5c:fd: 529s e1:be:63:e9:cb:3c:59:7b:dc:93:43:cb:54:62:b2: 529s 4f:c1:e9:70:1d:f9:b3:d4:1a:05:23:2d:be:77:8e: 529s 71:db:6e:48:b7:c8:96:9a:80:ec:e9:f1:75:be:0b: 529s 9e:14:69:d7:48:f7:71:f3:97 529s Exponent: 65537 (0x10001) 529s X509v3 extensions: 529s X509v3 Authority Key Identifier: 529s ED:85:BB:26:78:8C:C1:F7:7C:BF:DA:83:56:AB:FD:DE:BF:8C:CE:DF 529s X509v3 Basic Constraints: 529s CA:FALSE 529s Netscape Cert Type: 529s SSL Client, S/MIME 529s Netscape Comment: 529s Test Organization Root CA trusted Certificate 529s X509v3 Subject Key Identifier: 529s 3B:8D:1E:A5:B2:A1:43:44:B2:D8:84:CA:27:ED:EC:0C:E5:5D:27:79 529s X509v3 Key Usage: critical 529s Digital Signature, Non Repudiation, Key Encipherment 529s X509v3 Extended Key Usage: 529s TLS Web Client Authentication, E-mail Protection 529s X509v3 Subject Alternative Name: 529s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 529s Signature Algorithm: sha256WithRSAEncryption 529s Signature Value: 529s 42:37:e9:8d:18:7b:73:65:db:bd:ff:83:88:91:47:b2:36:04: 529s 7d:ea:f8:9c:79:68:18:d0:cd:7e:af:c1:6b:d1:8d:29:32:d5: 529s 60:89:35:4e:f7:75:c3:a6:76:2d:fc:a7:22:d8:46:aa:8c:5a: 529s 87:1b:8f:56:e3:48:c1:02:c6:25:5d:10:c7:cd:25:03:f5:d5: 529s 02:66:c5:ab:21:c0:4d:ee:fe:cf:5e:b3:ad:68:62:60:72:56: 529s c3:6d:2c:ba:ce:ea:e2:3d:a4:98:c9:30:14:b2:31:c8:10:f6: 529s 64:70:a8:e7:78:71:ad:94:b3:02:cc:35:06:b8:99:d5:8c:ad: 529s 1e:f4 529s + found_md5=Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 529s + '[' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 '!=' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 ']' 529s + valid_certificate /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem partial_chain 529s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem partial_chain 529s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 529s + local key_pass=pass:random-root-ca-trusted-cert-0001-6826 529s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 529s + local verify_option=partial_chain 529s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 529s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 529s + local key_pass=pass:random-root-ca-trusted-cert-0001-6826 529s + local key_cn 529s + local key_name 529s + local tokens_dir 529s + local output_cert_file 529s + token_name= 529s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem .pem 529s + key_name=test-root-CA-trusted-certificate-0001 529s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 529s ++ sed -n 's/ *commonName *= //p' 529s + key_cn='Test Organization Root Trusted Certificate 0001' 529s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 529s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf 529s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf 529s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 529s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001 529s + token_name='Test Organization Root Tr Token' 529s Test Organization Root Tr Token 529s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 529s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001 ']' 529s + echo 'Test Organization Root Tr Token' 529s + '[' -n partial_chain ']' 529s + local verify_arg=--verify=partial_chain 529s + local output_base_name=SSSD-child-28487 529s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-28487.output 529s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-28487.pem 529s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 529s [p11_child[2346]] [main] (0x0400): p11_child started. 529s [p11_child[2346]] [main] (0x2000): Running in [pre-auth] mode. 529s [p11_child[2346]] [main] (0x2000): Running with effective IDs: [0][0]. 529s [p11_child[2346]] [main] (0x2000): Running with real IDs [0][0]. 529s [p11_child[2346]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 529s [p11_child[2346]] [do_card] (0x4000): Module List: 529s [p11_child[2346]] [do_card] (0x4000): common name: [softhsm2]. 529s [p11_child[2346]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 529s [p11_child[2346]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7e944a26] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 529s [p11_child[2346]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 529s [p11_child[2346]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7e944a26][2123647526] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 529s [p11_child[2346]] [do_card] (0x4000): Login NOT required. 529s [p11_child[2346]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 529s [p11_child[2346]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 529s [p11_child[2346]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 529s [p11_child[2346]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7e944a26;slot-manufacturer=SoftHSM%20project;slot-id=2123647526;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f8160eba7e944a26;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 529s [p11_child[2346]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 529s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-28487.output 529s + echo '-----BEGIN CERTIFICATE-----' 529s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-28487.output 529s + echo '-----END CERTIFICATE-----' 529s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-28487.pem 529s + local found_md5 expected_md5 529s Certificate: 529s Data: 529s Version: 3 (0x2) 529s Serial Number: 3 (0x3) 529s Signature Algorithm: sha256WithRSAEncryption 529s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 529s Validity 529s Not Before: Jun 13 19:15:13 2024 GMT 529s Not After : Jun 13 19:15:13 2025 GMT 529s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 529s Subject Public Key Info: 529s Public Key Algorithm: rsaEncryption 529s Public-Key: (1024 bit) 529s Modulus: 529s 00:ad:89:12:70:ba:74:e8:bd:01:17:10:47:1c:20: 529s e5:6d:fd:64:ed:9c:1d:77:b5:35:a2:b2:8a:44:a2: 529s bb:66:91:e4:c4:59:4c:54:5f:10:d5:60:77:02:21: 529s 26:0e:46:f1:80:3f:0d:cc:2a:65:13:be:6c:3d:a8: 529s 0b:52:cf:6b:d9:e1:69:e2:59:ee:86:33:04:5c:fd: 529s e1:be:63:e9:cb:3c:59:7b:dc:93:43:cb:54:62:b2: 529s 4f:c1:e9:70:1d:f9:b3:d4:1a:05:23:2d:be:77:8e: 529s 71:db:6e:48:b7:c8:96:9a:80:ec:e9:f1:75:be:0b: 529s 9e:14:69:d7:48:f7:71:f3:97 529s Exponent: 65537 (0x10001) 529s X509v3 extensions: 529s X509v3 Authority Key Identifier: 529s ED:85:BB:26:78:8C:C1:F7:7C:BF:DA:83:56:AB:FD:DE:BF:8C:CE:DF 529s X509v3 Basic Constraints: 529s CA:FALSE 529s Netscape Cert Type: 529s SSL Client, S/MIME 529s Netscape Comment: 529s Test Organization Root CA trusted Certificate 529s X509v3 Subject Key Identifier: 529s 3B:8D:1E:A5:B2:A1:43:44:B2:D8:84:CA:27:ED:EC:0C:E5:5D:27:79 529s X509v3 Key Usage: critical 529s Digital Signature, Non Repudiation, Key Encipherment 529s X509v3 Extended Key Usage: 529s TLS Web Client Authentication, E-mail Protection 529s X509v3 Subject Alternative Name: 529s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 529s Signature Algorithm: sha256WithRSAEncryption 529s Signature Value: 529s 42:37:e9:8d:18:7b:73:65:db:bd:ff:83:88:91:47:b2:36:04: 529s 7d:ea:f8:9c:79:68:18:d0:cd:7e:af:c1:6b:d1:8d:29:32:d5: 529s 60:89:35:4e:f7:75:c3:a6:76:2d:fc:a7:22:d8:46:aa:8c:5a: 529s 87:1b:8f:56:e3:48:c1:02:c6:25:5d:10:c7:cd:25:03:f5:d5: 529s 02:66:c5:ab:21:c0:4d:ee:fe:cf:5e:b3:ad:68:62:60:72:56: 529s c3:6d:2c:ba:ce:ea:e2:3d:a4:98:c9:30:14:b2:31:c8:10:f6: 529s 64:70:a8:e7:78:71:ad:94:b3:02:cc:35:06:b8:99:d5:8c:ad: 529s 1e:f4 529s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 529s + expected_md5=Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 529s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-28487.pem 529s + found_md5=Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 529s + '[' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 '!=' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 ']' 529s + output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-28487-auth.output 529s ++ basename /tmp/sssd-softhsm2-YOPqCY/SSSD-child-28487-auth.output .output 529s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-28487-auth.pem 529s + echo -n 053350 529s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 529s [p11_child[2354]] [main] (0x0400): p11_child started. 529s [p11_child[2354]] [main] (0x2000): Running in [auth] mode. 529s [p11_child[2354]] [main] (0x2000): Running with effective IDs: [0][0]. 529s [p11_child[2354]] [main] (0x2000): Running with real IDs [0][0]. 529s [p11_child[2354]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 529s [p11_child[2354]] [do_card] (0x4000): Module List: 529s [p11_child[2354]] [do_card] (0x4000): common name: [softhsm2]. 529s [p11_child[2354]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 529s [p11_child[2354]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7e944a26] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 529s [p11_child[2354]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 529s [p11_child[2354]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7e944a26][2123647526] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 529s [p11_child[2354]] [do_card] (0x4000): Login required. 529s [p11_child[2354]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 529s [p11_child[2354]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 529s [p11_child[2354]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 529s [p11_child[2354]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7e944a26;slot-manufacturer=SoftHSM%20project;slot-id=2123647526;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f8160eba7e944a26;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 529s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 529s [p11_child[2354]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 529s [p11_child[2354]] [do_card] (0x4000): Certificate verified and validated. 529s [p11_child[2354]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 529s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-28487-auth.output 529s + echo '-----BEGIN CERTIFICATE-----' 529s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-28487-auth.output 529s + echo '-----END CERTIFICATE-----' 529s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-28487-auth.pem 529s Certificate: 529s Data: 529s Version: 3 (0x2) 529s Serial Number: 3 (0x3) 529s Signature Algorithm: sha256WithRSAEncryption 529s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 529s Validity 529s Not Before: Jun 13 19:15:13 2024 GMT 529s Not After : Jun 13 19:15:13 2025 GMT 529s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 529s Subject Public Key Info: 529s Public Key Algorithm: rsaEncryption 529s Public-Key: (1024 bit) 529s Modulus: 529s 00:ad:89:12:70:ba:74:e8:bd:01:17:10:47:1c:20: 529s e5:6d:fd:64:ed:9c:1d:77:b5:35:a2:b2:8a:44:a2: 529s bb:66:91:e4:c4:59:4c:54:5f:10:d5:60:77:02:21: 529s 26:0e:46:f1:80:3f:0d:cc:2a:65:13:be:6c:3d:a8: 529s 0b:52:cf:6b:d9:e1:69:e2:59:ee:86:33:04:5c:fd: 529s e1:be:63:e9:cb:3c:59:7b:dc:93:43:cb:54:62:b2: 529s 4f:c1:e9:70:1d:f9:b3:d4:1a:05:23:2d:be:77:8e: 529s 71:db:6e:48:b7:c8:96:9a:80:ec:e9:f1:75:be:0b: 529s 9e:14:69:d7:48:f7:71:f3:97 529s Exponent: 65537 (0x10001) 529s X509v3 extensions: 529s X509v3 Authority Key Identifier: 529s ED:85:BB:26:78:8C:C1:F7:7C:BF:DA:83:56:AB:FD:DE:BF:8C:CE:DF 529s X509v3 Basic Constraints: 529s CA:FALSE 529s Netscape Cert Type: 529s SSL Client, S/MIME 529s Netscape Comment: 529s Test Organization Root CA trusted Certificate 529s X509v3 Subject Key Identifier: 529s 3B:8D:1E:A5:B2:A1:43:44:B2:D8:84:CA:27:ED:EC:0C:E5:5D:27:79 529s X509v3 Key Usage: critical 529s Digital Signature, Non Repudiation, Key Encipherment 529s X509v3 Extended Key Usage: 529s TLS Web Client Authentication, E-mail Protection 529s X509v3 Subject Alternative Name: 529s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 529s Signature Algorithm: sha256WithRSAEncryption 529s Signature Value: 529s 42:37:e9:8d:18:7b:73:65:db:bd:ff:83:88:91:47:b2:36:04: 529s 7d:ea:f8:9c:79:68:18:d0:cd:7e:af:c1:6b:d1:8d:29:32:d5: 529s 60:89:35:4e:f7:75:c3:a6:76:2d:fc:a7:22:d8:46:aa:8c:5a: 529s 87:1b:8f:56:e3:48:c1:02:c6:25:5d:10:c7:cd:25:03:f5:d5: 529s 02:66:c5:ab:21:c0:4d:ee:fe:cf:5e:b3:ad:68:62:60:72:56: 529s c3:6d:2c:ba:ce:ea:e2:3d:a4:98:c9:30:14:b2:31:c8:10:f6: 529s 64:70:a8:e7:78:71:ad:94:b3:02:cc:35:06:b8:99:d5:8c:ad: 529s 1e:f4 529s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-28487-auth.pem 529s + found_md5=Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 529s + '[' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 '!=' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 ']' 529s + valid_certificate /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 529s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 529s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 529s + local key_pass=pass:random-root-ca-trusted-cert-0001-6826 529s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 529s + local verify_option= 529s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 529s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 529s + local key_pass=pass:random-root-ca-trusted-cert-0001-6826 529s + local key_cn 529s + local key_name 529s + local tokens_dir 529s + local output_cert_file 529s + token_name= 529s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem .pem 529s + key_name=test-root-CA-trusted-certificate-0001 529s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 529s ++ sed -n 's/ *commonName *= //p' 529s + key_cn='Test Organization Root Trusted Certificate 0001' 529s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 529s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf 529s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf 529s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 529s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001 529s + token_name='Test Organization Root Tr Token' 529s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 529s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001 ']' 529s + echo 'Test Organization Root Tr Token' 529s Test Organization Root Tr Token 529s + '[' -n '' ']' 529s + local output_base_name=SSSD-child-12104 529s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-12104.output 529s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-12104.pem 529s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 529s [p11_child[2364]] [main] (0x0400): p11_child started. 529s [p11_child[2364]] [main] (0x2000): Running in [pre-auth] mode. 529s [p11_child[2364]] [main] (0x2000): Running with effective IDs: [0][0]. 529s [p11_child[2364]] [main] (0x2000): Running with real IDs [0][0]. 529s [p11_child[2364]] [do_card] (0x4000): Module List: 529s [p11_child[2364]] [do_card] (0x4000): common name: [softhsm2]. 529s [p11_child[2364]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 529s [p11_child[2364]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7e944a26] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 529s [p11_child[2364]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 529s [p11_child[2364]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7e944a26][2123647526] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 529s [p11_child[2364]] [do_card] (0x4000): Login NOT required. 529s [p11_child[2364]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 529s [p11_child[2364]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 529s [p11_child[2364]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 529s [p11_child[2364]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7e944a26;slot-manufacturer=SoftHSM%20project;slot-id=2123647526;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f8160eba7e944a26;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 529s [p11_child[2364]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 529s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-12104.output 529s + echo '-----BEGIN CERTIFICATE-----' 529s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-12104.output 529s + echo '-----END CERTIFICATE-----' 529s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-12104.pem 530s Certificate: 530s Data: 530s Version: 3 (0x2) 530s Serial Number: 3 (0x3) 530s Signature Algorithm: sha256WithRSAEncryption 530s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 530s Validity 530s Not Before: Jun 13 19:15:13 2024 GMT 530s Not After : Jun 13 19:15:13 2025 GMT 530s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 530s Subject Public Key Info: 530s Public Key Algorithm: rsaEncryption 530s Public-Key: (1024 bit) 530s Modulus: 530s 00:ad:89:12:70:ba:74:e8:bd:01:17:10:47:1c:20: 530s e5:6d:fd:64:ed:9c:1d:77:b5:35:a2:b2:8a:44:a2: 530s bb:66:91:e4:c4:59:4c:54:5f:10:d5:60:77:02:21: 530s 26:0e:46:f1:80:3f:0d:cc:2a:65:13:be:6c:3d:a8: 530s 0b:52:cf:6b:d9:e1:69:e2:59:ee:86:33:04:5c:fd: 530s e1:be:63:e9:cb:3c:59:7b:dc:93:43:cb:54:62:b2: 530s 4f:c1:e9:70:1d:f9:b3:d4:1a:05:23:2d:be:77:8e: 530s 71:db:6e:48:b7:c8:96:9a:80:ec:e9:f1:75:be:0b: 530s 9e:14:69:d7:48:f7:71:f3:97 530s Exponent: 65537 (0x10001) 530s X509v3 extensions: 530s X509v3 Authority Key Identifier: 530s ED:85:BB:26:78:8C:C1:F7:7C:BF:DA:83:56:AB:FD:DE:BF:8C:CE:DF 530s X509v3 Basic Constraints: 530s CA:FALSE 530s Netscape Cert Type: 530s SSL Client, S/MIME 530s Netscape Comment: 530s Test Organization Root CA trusted Certificate 530s X509v3 Subject Key Identifier: 530s 3B:8D:1E:A5:B2:A1:43:44:B2:D8:84:CA:27:ED:EC:0C:E5:5D:27:79 530s X509v3 Key Usage: critical 530s Digital Signature, Non Repudiation, Key Encipherment 530s X509v3 Extended Key Usage: 530s TLS Web Client Authentication, E-mail Protection 530s X509v3 Subject Alternative Name: 530s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 530s Signature Algorithm: sha256WithRSAEncryption 530s Signature Value: 530s 42:37:e9:8d:18:7b:73:65:db:bd:ff:83:88:91:47:b2:36:04: 530s 7d:ea:f8:9c:79:68:18:d0:cd:7e:af:c1:6b:d1:8d:29:32:d5: 530s 60:89:35:4e:f7:75:c3:a6:76:2d:fc:a7:22:d8:46:aa:8c:5a: 530s 87:1b:8f:56:e3:48:c1:02:c6:25:5d:10:c7:cd:25:03:f5:d5: 530s 02:66:c5:ab:21:c0:4d:ee:fe:cf:5e:b3:ad:68:62:60:72:56: 530s c3:6d:2c:ba:ce:ea:e2:3d:a4:98:c9:30:14:b2:31:c8:10:f6: 530s 64:70:a8:e7:78:71:ad:94:b3:02:cc:35:06:b8:99:d5:8c:ad: 530s 1e:f4 530s + local found_md5 expected_md5 530s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 530s + expected_md5=Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 530s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-12104.pem 530s + found_md5=Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 530s + '[' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 '!=' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 ']' 530s + output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-12104-auth.output 530s ++ basename /tmp/sssd-softhsm2-YOPqCY/SSSD-child-12104-auth.output .output 530s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-12104-auth.pem 530s + echo -n 053350 530s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 530s [p11_child[2372]] [main] (0x0400): p11_child started. 530s [p11_child[2372]] [main] (0x2000): Running in [auth] mode. 530s [p11_child[2372]] [main] (0x2000): Running with effective IDs: [0][0]. 530s [p11_child[2372]] [main] (0x2000): Running with real IDs [0][0]. 530s [p11_child[2372]] [do_card] (0x4000): Module List: 530s [p11_child[2372]] [do_card] (0x4000): common name: [softhsm2]. 530s [p11_child[2372]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 530s [p11_child[2372]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7e944a26] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 530s [p11_child[2372]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 530s [p11_child[2372]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7e944a26][2123647526] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 530s [p11_child[2372]] [do_card] (0x4000): Login required. 530s [p11_child[2372]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 530s [p11_child[2372]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 530s [p11_child[2372]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 530s [p11_child[2372]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7e944a26;slot-manufacturer=SoftHSM%20project;slot-id=2123647526;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f8160eba7e944a26;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 530s [p11_child[2372]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 530s [p11_child[2372]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 530s [p11_child[2372]] [do_card] (0x4000): Certificate verified and validated. 530s [p11_child[2372]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 530s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-12104-auth.output 530s + echo '-----BEGIN CERTIFICATE-----' 530s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-12104-auth.output 530s + echo '-----END CERTIFICATE-----' 530s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-12104-auth.pem 530s Certificate: 530s Data: 530s Version: 3 (0x2) 530s Serial Number: 3 (0x3) 530s Signature Algorithm: sha256WithRSAEncryption 530s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 530s Validity 530s Not Before: Jun 13 19:15:13 2024 GMT 530s Not After : Jun 13 19:15:13 2025 GMT 530s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 530s Subject Public Key Info: 530s Public Key Algorithm: rsaEncryption 530s Public-Key: (1024 bit) 530s Modulus: 530s 00:ad:89:12:70:ba:74:e8:bd:01:17:10:47:1c:20: 530s e5:6d:fd:64:ed:9c:1d:77:b5:35:a2:b2:8a:44:a2: 530s bb:66:91:e4:c4:59:4c:54:5f:10:d5:60:77:02:21: 530s 26:0e:46:f1:80:3f:0d:cc:2a:65:13:be:6c:3d:a8: 530s 0b:52:cf:6b:d9:e1:69:e2:59:ee:86:33:04:5c:fd: 530s e1:be:63:e9:cb:3c:59:7b:dc:93:43:cb:54:62:b2: 530s 4f:c1:e9:70:1d:f9:b3:d4:1a:05:23:2d:be:77:8e: 530s 71:db:6e:48:b7:c8:96:9a:80:ec:e9:f1:75:be:0b: 530s 9e:14:69:d7:48:f7:71:f3:97 530s Exponent: 65537 (0x10001) 530s X509v3 extensions: 530s X509v3 Authority Key Identifier: 530s ED:85:BB:26:78:8C:C1:F7:7C:BF:DA:83:56:AB:FD:DE:BF:8C:CE:DF 530s X509v3 Basic Constraints: 530s CA:FALSE 530s Netscape Cert Type: 530s SSL Client, S/MIME 530s Netscape Comment: 530s Test Organization Root CA trusted Certificate 530s X509v3 Subject Key Identifier: 530s 3B:8D:1E:A5:B2:A1:43:44:B2:D8:84:CA:27:ED:EC:0C:E5:5D:27:79 530s X509v3 Key Usage: critical 530s Digital Signature, Non Repudiation, Key Encipherment 530s X509v3 Extended Key Usage: 530s TLS Web Client Authentication, E-mail Protection 530s X509v3 Subject Alternative Name: 530s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 530s Signature Algorithm: sha256WithRSAEncryption 530s Signature Value: 530s 42:37:e9:8d:18:7b:73:65:db:bd:ff:83:88:91:47:b2:36:04: 530s 7d:ea:f8:9c:79:68:18:d0:cd:7e:af:c1:6b:d1:8d:29:32:d5: 530s 60:89:35:4e:f7:75:c3:a6:76:2d:fc:a7:22:d8:46:aa:8c:5a: 530s 87:1b:8f:56:e3:48:c1:02:c6:25:5d:10:c7:cd:25:03:f5:d5: 530s 02:66:c5:ab:21:c0:4d:ee:fe:cf:5e:b3:ad:68:62:60:72:56: 530s c3:6d:2c:ba:ce:ea:e2:3d:a4:98:c9:30:14:b2:31:c8:10:f6: 530s 64:70:a8:e7:78:71:ad:94:b3:02:cc:35:06:b8:99:d5:8c:ad: 530s 1e:f4 530s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-12104-auth.pem 530s + found_md5=Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 530s + '[' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 '!=' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 ']' 530s + valid_certificate /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem partial_chain 530s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem partial_chain 530s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 530s + local key_pass=pass:random-root-ca-trusted-cert-0001-6826 530s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 530s + local verify_option=partial_chain 530s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 530s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 530s + local key_pass=pass:random-root-ca-trusted-cert-0001-6826 530s + local key_cn 530s + local key_name 530s + local tokens_dir 530s + local output_cert_file 530s + token_name= 530s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem .pem 530s + key_name=test-root-CA-trusted-certificate-0001 530s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 530s ++ sed -n 's/ *commonName *= //p' 530s + key_cn='Test Organization Root Trusted Certificate 0001' 530s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 530s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf 530s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf 530s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 530s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001 530s + token_name='Test Organization Root Tr Token' 530s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 530s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001 ']' 530s + echo 'Test Organization Root Tr Token' 530s Test Organization Root Tr Token 530s + '[' -n partial_chain ']' 530s + local verify_arg=--verify=partial_chain 530s + local output_base_name=SSSD-child-3196 530s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-3196.output 530s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-3196.pem 530s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 530s [p11_child[2382]] [main] (0x0400): p11_child started. 530s [p11_child[2382]] [main] (0x2000): Running in [pre-auth] mode. 530s [p11_child[2382]] [main] (0x2000): Running with effective IDs: [0][0]. 530s [p11_child[2382]] [main] (0x2000): Running with real IDs [0][0]. 530s [p11_child[2382]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 530s [p11_child[2382]] [do_card] (0x4000): Module List: 530s [p11_child[2382]] [do_card] (0x4000): common name: [softhsm2]. 530s [p11_child[2382]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 530s [p11_child[2382]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7e944a26] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 530s [p11_child[2382]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 530s [p11_child[2382]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7e944a26][2123647526] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 530s [p11_child[2382]] [do_card] (0x4000): Login NOT required. 530s [p11_child[2382]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 530s [p11_child[2382]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 530s [p11_child[2382]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 530s [p11_child[2382]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7e944a26;slot-manufacturer=SoftHSM%20project;slot-id=2123647526;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f8160eba7e944a26;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 530s [p11_child[2382]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 530s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-3196.output 530s + echo '-----BEGIN CERTIFICATE-----' 530s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-3196.output 530s + echo '-----END CERTIFICATE-----' 530s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-3196.pem 530s Certificate: 530s Data: 530s Version: 3 (0x2) 530s Serial Number: 3 (0x3) 530s Signature Algorithm: sha256WithRSAEncryption 530s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 530s Validity 530s Not Before: Jun 13 19:15:13 2024 GMT 530s Not After : Jun 13 19:15:13 2025 GMT 530s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 530s Subject Public Key Info: 530s Public Key Algorithm: rsaEncryption 530s Public-Key: (1024 bit) 530s Modulus: 530s 00:ad:89:12:70:ba:74:e8:bd:01:17:10:47:1c:20: 530s e5:6d:fd:64:ed:9c:1d:77:b5:35:a2:b2:8a:44:a2: 530s bb:66:91:e4:c4:59:4c:54:5f:10:d5:60:77:02:21: 530s 26:0e:46:f1:80:3f:0d:cc:2a:65:13:be:6c:3d:a8: 530s 0b:52:cf:6b:d9:e1:69:e2:59:ee:86:33:04:5c:fd: 530s e1:be:63:e9:cb:3c:59:7b:dc:93:43:cb:54:62:b2: 530s 4f:c1:e9:70:1d:f9:b3:d4:1a:05:23:2d:be:77:8e: 530s 71:db:6e:48:b7:c8:96:9a:80:ec:e9:f1:75:be:0b: 530s 9e:14:69:d7:48:f7:71:f3:97 530s Exponent: 65537 (0x10001) 530s X509v3 extensions: 530s X509v3 Authority Key Identifier: 530s ED:85:BB:26:78:8C:C1:F7:7C:BF:DA:83:56:AB:FD:DE:BF:8C:CE:DF 530s X509v3 Basic Constraints: 530s CA:FALSE 530s Netscape Cert Type: 530s SSL Client, S/MIME 530s Netscape Comment: 530s Test Organization Root CA trusted Certificate 530s X509v3 Subject Key Identifier: 530s 3B:8D:1E:A5:B2:A1:43:44:B2:D8:84:CA:27:ED:EC:0C:E5:5D:27:79 530s X509v3 Key Usage: critical 530s Digital Signature, Non Repudiation, Key Encipherment 530s X509v3 Extended Key Usage: 530s TLS Web Client Authentication, E-mail Protection 530s X509v3 Subject Alternative Name: 530s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 530s Signature Algorithm: sha256WithRSAEncryption 530s Signature Value: 530s 42:37:e9:8d:18:7b:73:65:db:bd:ff:83:88:91:47:b2:36:04: 530s 7d:ea:f8:9c:79:68:18:d0:cd:7e:af:c1:6b:d1:8d:29:32:d5: 530s 60:89:35:4e:f7:75:c3:a6:76:2d:fc:a7:22:d8:46:aa:8c:5a: 530s 87:1b:8f:56:e3:48:c1:02:c6:25:5d:10:c7:cd:25:03:f5:d5: 530s 02:66:c5:ab:21:c0:4d:ee:fe:cf:5e:b3:ad:68:62:60:72:56: 530s c3:6d:2c:ba:ce:ea:e2:3d:a4:98:c9:30:14:b2:31:c8:10:f6: 530s 64:70:a8:e7:78:71:ad:94:b3:02:cc:35:06:b8:99:d5:8c:ad: 530s 1e:f4 530s + local found_md5 expected_md5 530s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 530s + expected_md5=Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 530s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-3196.pem 530s + found_md5=Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 530s + '[' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 '!=' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 ']' 530s + output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-3196-auth.output 530s ++ basename /tmp/sssd-softhsm2-YOPqCY/SSSD-child-3196-auth.output .output 530s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-3196-auth.pem 530s + echo -n 053350 530s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 530s [p11_child[2390]] [main] (0x0400): p11_child started. 530s [p11_child[2390]] [main] (0x2000): Running in [auth] mode. 530s [p11_child[2390]] [main] (0x2000): Running with effective IDs: [0][0]. 530s [p11_child[2390]] [main] (0x2000): Running with real IDs [0][0]. 530s [p11_child[2390]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 530s [p11_child[2390]] [do_card] (0x4000): Module List: 530s [p11_child[2390]] [do_card] (0x4000): common name: [softhsm2]. 530s [p11_child[2390]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 530s [p11_child[2390]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7e944a26] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 530s [p11_child[2390]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 530s [p11_child[2390]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7e944a26][2123647526] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 530s [p11_child[2390]] [do_card] (0x4000): Login required. 530s [p11_child[2390]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 530s [p11_child[2390]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 530s [p11_child[2390]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 530s [p11_child[2390]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7e944a26;slot-manufacturer=SoftHSM%20project;slot-id=2123647526;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=f8160eba7e944a26;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 530s [p11_child[2390]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 530s [p11_child[2390]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 530s [p11_child[2390]] [do_card] (0x4000): Certificate verified and validated. 530s [p11_child[2390]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 530s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-3196-auth.output 530s + echo '-----BEGIN CERTIFICATE-----' 530s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-3196-auth.output 530s + echo '-----END CERTIFICATE-----' 530s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-3196-auth.pem 530s Certificate: 530s Data: 530s Version: 3 (0x2) 530s Serial Number: 3 (0x3) 530s Signature Algorithm: sha256WithRSAEncryption 530s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 530s Validity 530s Not Before: Jun 13 19:15:13 2024 GMT 530s Not After : Jun 13 19:15:13 2025 GMT 530s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 530s Subject Public Key Info: 530s Public Key Algorithm: rsaEncryption 530s Public-Key: (1024 bit) 530s Modulus: 530s 00:ad:89:12:70:ba:74:e8:bd:01:17:10:47:1c:20: 530s e5:6d:fd:64:ed:9c:1d:77:b5:35:a2:b2:8a:44:a2: 530s bb:66:91:e4:c4:59:4c:54:5f:10:d5:60:77:02:21: 530s 26:0e:46:f1:80:3f:0d:cc:2a:65:13:be:6c:3d:a8: 530s 0b:52:cf:6b:d9:e1:69:e2:59:ee:86:33:04:5c:fd: 530s e1:be:63:e9:cb:3c:59:7b:dc:93:43:cb:54:62:b2: 530s 4f:c1:e9:70:1d:f9:b3:d4:1a:05:23:2d:be:77:8e: 530s 71:db:6e:48:b7:c8:96:9a:80:ec:e9:f1:75:be:0b: 530s 9e:14:69:d7:48:f7:71:f3:97 530s Exponent: 65537 (0x10001) 530s X509v3 extensions: 530s X509v3 Authority Key Identifier: 530s ED:85:BB:26:78:8C:C1:F7:7C:BF:DA:83:56:AB:FD:DE:BF:8C:CE:DF 530s X509v3 Basic Constraints: 530s CA:FALSE 530s Netscape Cert Type: 530s SSL Client, S/MIME 530s Netscape Comment: 530s Test Organization Root CA trusted Certificate 530s X509v3 Subject Key Identifier: 530s 3B:8D:1E:A5:B2:A1:43:44:B2:D8:84:CA:27:ED:EC:0C:E5:5D:27:79 530s X509v3 Key Usage: critical 530s Digital Signature, Non Repudiation, Key Encipherment 530s X509v3 Extended Key Usage: 530s TLS Web Client Authentication, E-mail Protection 530s X509v3 Subject Alternative Name: 530s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 530s Signature Algorithm: sha256WithRSAEncryption 530s Signature Value: 530s 42:37:e9:8d:18:7b:73:65:db:bd:ff:83:88:91:47:b2:36:04: 530s 7d:ea:f8:9c:79:68:18:d0:cd:7e:af:c1:6b:d1:8d:29:32:d5: 530s 60:89:35:4e:f7:75:c3:a6:76:2d:fc:a7:22:d8:46:aa:8c:5a: 530s 87:1b:8f:56:e3:48:c1:02:c6:25:5d:10:c7:cd:25:03:f5:d5: 530s 02:66:c5:ab:21:c0:4d:ee:fe:cf:5e:b3:ad:68:62:60:72:56: 530s c3:6d:2c:ba:ce:ea:e2:3d:a4:98:c9:30:14:b2:31:c8:10:f6: 530s 64:70:a8:e7:78:71:ad:94:b3:02:cc:35:06:b8:99:d5:8c:ad: 530s 1e:f4 530s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-3196-auth.pem 530s + found_md5=Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 530s + '[' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 '!=' Modulus=AD891270BA74E8BD011710471C20E56DFD64ED9C1D77B535A2B28A44A2BB6691E4C4594C545F10D560770221260E46F1803F0DCC2A6513BE6C3DA80B52CF6BD9E169E259EE8633045CFDE1BE63E9CB3C597BDC9343CB5462B24FC1E9701DF9B3D41A05232DBE778E71DB6E48B7C8969A80ECE9F175BE0B9E1469D748F771F397 ']' 530s + invalid_certificate /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem 530s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem 530s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 530s + local key_pass=pass:random-root-ca-trusted-cert-0001-6826 530s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem 530s + local verify_option= 530s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 530s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 530s + local key_pass=pass:random-root-ca-trusted-cert-0001-6826 530s + local key_cn 530s + local key_name 530s + local tokens_dir 530s + local output_cert_file 530s + token_name= 530s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem .pem 530s + key_name=test-root-CA-trusted-certificate-0001 530s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 530s ++ sed -n 's/ *commonName *= //p' 530s + key_cn='Test Organization Root Trusted Certificate 0001' 530s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 530s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf 530s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf 530s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 530s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001 530s + token_name='Test Organization Root Tr Token' 530s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 530s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001 ']' 530s Test Organization Root Tr Token 530s + echo 'Test Organization Root Tr Token' 530s + '[' -n '' ']' 530s + local output_base_name=SSSD-child-16584 530s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-16584.output 530s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-16584.pem 530s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem 530s [p11_child[2400]] [main] (0x0400): p11_child started. 530s [p11_child[2400]] [main] (0x2000): Running in [pre-auth] mode. 530s [p11_child[2400]] [main] (0x2000): Running with effective IDs: [0][0]. 530s [p11_child[2400]] [main] (0x2000): Running with real IDs [0][0]. 530s [p11_child[2400]] [do_card] (0x4000): Module List: 530s [p11_child[2400]] [do_card] (0x4000): common name: [softhsm2]. 530s [p11_child[2400]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 530s [p11_child[2400]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7e944a26] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 530s [p11_child[2400]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 530s [p11_child[2400]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7e944a26][2123647526] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 530s [p11_child[2400]] [do_card] (0x4000): Login NOT required. 530s [p11_child[2400]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 530s [p11_child[2400]] [do_verification] (0x0040): X509_verify_cert failed [0]. 530s [p11_child[2400]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 530s [p11_child[2400]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 530s [p11_child[2400]] [do_card] (0x4000): No certificate found. 530s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-16584.output 530s + return 2 530s + invalid_certificate /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem partial_chain 530s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem partial_chain 530s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 530s + local key_pass=pass:random-root-ca-trusted-cert-0001-6826 530s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem 530s + local verify_option=partial_chain 530s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-6826 530s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 530s + local key_pass=pass:random-root-ca-trusted-cert-0001-6826 530s + local key_cn 530s + local key_name 530s + local tokens_dir 530s + local output_cert_file 530s + token_name= 530s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem .pem 530s + key_name=test-root-CA-trusted-certificate-0001 530s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-root-CA-trusted-certificate-0001.pem 530s ++ sed -n 's/ *commonName *= //p' 530s + key_cn='Test Organization Root Trusted Certificate 0001' 530s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 530s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf 530s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf 530s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 530s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001 530s + token_name='Test Organization Root Tr Token' 530s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 530s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-root-CA-trusted-certificate-0001 ']' 530s + echo 'Test Organization Root Tr Token' 530s + '[' -n partial_chain ']' 530s + local verify_arg=--verify=partial_chain 530s + local output_base_name=SSSD-child-12075 530s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-12075.output 530s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-12075.pem 530s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem 530s Test Organization Root Tr Token 530s [p11_child[2407]] [main] (0x0400): p11_child started. 530s [p11_child[2407]] [main] (0x2000): Running in [pre-auth] mode. 530s [p11_child[2407]] [main] (0x2000): Running with effective IDs: [0][0]. 530s [p11_child[2407]] [main] (0x2000): Running with real IDs [0][0]. 530s [p11_child[2407]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 530s [p11_child[2407]] [do_card] (0x4000): Module List: 530s [p11_child[2407]] [do_card] (0x4000): common name: [softhsm2]. 530s [p11_child[2407]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 530s [p11_child[2407]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7e944a26] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 530s [p11_child[2407]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 530s [p11_child[2407]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x7e944a26][2123647526] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 530s [p11_child[2407]] [do_card] (0x4000): Login NOT required. 530s [p11_child[2407]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 530s [p11_child[2407]] [do_verification] (0x0040): X509_verify_cert failed [0]. 530s [p11_child[2407]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 530s [p11_child[2407]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 530s [p11_child[2407]] [do_card] (0x4000): No certificate found. 530s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-12075.output 530s + return 2 530s + invalid_certificate /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 /dev/null 530s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 /dev/null 530s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 530s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-17272 530s + local key_ring=/dev/null 530s + local verify_option= 530s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 530s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 530s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-17272 530s + local key_cn 530s + local key_name 530s + local tokens_dir 530s + local output_cert_file 530s + token_name= 530s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem .pem 530s + key_name=test-intermediate-CA-trusted-certificate-0001 530s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 530s ++ sed -n 's/ *commonName *= //p' 530s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 530s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 530s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 530s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 530s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 530s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001 530s + token_name='Test Organization Interme Token' 530s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 530s + local key_file 530s + local decrypted_key 530s + mkdir -p /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001 530s + key_file=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001-key.pem 530s + decrypted_key=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 530s + cat 530s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 053350 --so-pin 053350 --free 530s Slot 0 has a free/uninitialized token. 530s The token has been initialized and is reassigned to slot 1525598221 530s + softhsm2-util --show-slots 530s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 530s Available slots: 530s Slot 1525598221 530s Slot info: 530s Description: SoftHSM slot ID 0x5aeec80d 530s Manufacturer ID: SoftHSM project 530s Hardware version: 2.6 530s Firmware version: 2.6 530s Token present: yes 530s Token info: 530s Manufacturer ID: SoftHSM project 530s Model: SoftHSM v2 530s Hardware version: 2.6 530s Firmware version: 2.6 530s Serial number: 3e0c2f9bdaeec80d 530s Initialized: yes 530s User PIN init.: yes 530s Label: Test Organization Interme Token 530s Slot 1 530s Slot info: 530s Description: SoftHSM slot ID 0x1 530s Manufacturer ID: SoftHSM project 530s Hardware version: 2.6 530s Firmware version: 2.6 530s Token present: yes 530s Token info: 530s Manufacturer ID: SoftHSM project 530s Model: SoftHSM v2 530s Hardware version: 2.6 530s Firmware version: 2.6 530s Serial number: 530s Initialized: no 530s User PIN init.: no 530s Label: 530s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-17272 -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 530s writing RSA key 530s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 530s + rm /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 530s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 530s Object 0: 530s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e0c2f9bdaeec80d;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 530s Type: X.509 Certificate (RSA-1024) 530s Expires: Fri Jun 13 19:15:13 2025 530s Label: Test Organization Intermediate Trusted Certificate 0001 530s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 530s 530s + echo 'Test Organization Interme Token' 530s Test Organization Interme Token 530s + '[' -n '' ']' 530s + local output_base_name=SSSD-child-32701 530s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-32701.output 530s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-32701.pem 530s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 530s [p11_child[2423]] [main] (0x0400): p11_child started. 530s [p11_child[2423]] [main] (0x2000): Running in [pre-auth] mode. 530s [p11_child[2423]] [main] (0x2000): Running with effective IDs: [0][0]. 530s [p11_child[2423]] [main] (0x2000): Running with real IDs [0][0]. 530s [p11_child[2423]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 530s [p11_child[2423]] [do_work] (0x0040): init_verification failed. 530s [p11_child[2423]] [main] (0x0020): p11_child failed (5) 530s + return 2 530s + valid_certificate /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 /dev/null no_verification 530s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 /dev/null no_verification 530s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 530s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-17272 530s + local key_ring=/dev/null 530s + local verify_option=no_verification 530s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 530s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 530s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-17272 530s + local key_cn 530s + local key_name 530s + local tokens_dir 530s + local output_cert_file 530s + token_name= 530s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem .pem 530s + key_name=test-intermediate-CA-trusted-certificate-0001 530s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 530s ++ sed -n 's/ *commonName *= //p' 530s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 530s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 530s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 530s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 530s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 530s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001 530s + token_name='Test Organization Interme Token' 530s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 530s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 530s + echo 'Test Organization Interme Token' 530s + '[' -n no_verification ']' 530s + local verify_arg=--verify=no_verification 530s Test Organization Interme Token 530s + local output_base_name=SSSD-child-31349 530s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-31349.output 530s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-31349.pem 530s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 530s [p11_child[2429]] [main] (0x0400): p11_child started. 530s [p11_child[2429]] [main] (0x2000): Running in [pre-auth] mode. 530s [p11_child[2429]] [main] (0x2000): Running with effective IDs: [0][0]. 530s [p11_child[2429]] [main] (0x2000): Running with real IDs [0][0]. 530s [p11_child[2429]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 530s [p11_child[2429]] [do_card] (0x4000): Module List: 530s [p11_child[2429]] [do_card] (0x4000): common name: [softhsm2]. 530s [p11_child[2429]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 530s [p11_child[2429]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5aeec80d] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 530s [p11_child[2429]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 530s [p11_child[2429]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5aeec80d][1525598221] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 530s [p11_child[2429]] [do_card] (0x4000): Login NOT required. 530s [p11_child[2429]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 530s [p11_child[2429]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 530s [p11_child[2429]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5aeec80d;slot-manufacturer=SoftHSM%20project;slot-id=1525598221;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e0c2f9bdaeec80d;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 530s [p11_child[2429]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 530s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-31349.output 530s + echo '-----BEGIN CERTIFICATE-----' 530s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-31349.output 530s + echo '-----END CERTIFICATE-----' 530s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-31349.pem 531s Certificate: 531s Data: 531s Version: 3 (0x2) 531s Serial Number: 4 (0x4) 531s Signature Algorithm: sha256WithRSAEncryption 531s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 531s Validity 531s Not Before: Jun 13 19:15:13 2024 GMT 531s Not After : Jun 13 19:15:13 2025 GMT 531s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 531s Subject Public Key Info: 531s Public Key Algorithm: rsaEncryption 531s Public-Key: (1024 bit) 531s Modulus: 531s 00:da:91:b2:69:2c:07:41:fe:ef:cd:17:69:96:f3: 531s 7d:b6:d9:5c:8a:55:08:b4:5f:ae:eb:73:b1:9b:88: 531s fa:59:16:da:2b:2d:d9:16:fe:87:4d:d2:6d:3c:9c: 531s 8e:af:ca:36:07:48:b1:98:63:28:f0:17:b4:c4:ae: 531s c2:1e:48:3d:de:ff:63:8f:08:1b:93:b1:a7:b0:27: 531s e4:81:9a:70:91:dd:ac:41:c7:92:f4:b4:8f:ec:ee: 531s 23:75:2f:aa:3d:76:bc:64:67:a6:a7:1c:a0:f4:e6: 531s ab:93:60:cd:93:2d:ef:d7:90:1f:35:3b:87:49:d0: 531s f7:56:63:06:7f:92:2a:88:5d 531s Exponent: 65537 (0x10001) 531s X509v3 extensions: 531s X509v3 Authority Key Identifier: 531s C1:D3:CB:81:C3:53:C9:AC:62:3F:8C:BF:AB:1D:B4:DC:B4:73:85:A7 531s X509v3 Basic Constraints: 531s CA:FALSE 531s Netscape Cert Type: 531s SSL Client, S/MIME 531s Netscape Comment: 531s Test Organization Intermediate CA trusted Certificate 531s X509v3 Subject Key Identifier: 531s 91:13:E6:9C:47:A0:C2:9D:8A:BE:B5:12:88:41:40:C5:9A:82:F8:2C 531s X509v3 Key Usage: critical 531s Digital Signature, Non Repudiation, Key Encipherment 531s X509v3 Extended Key Usage: 531s TLS Web Client Authentication, E-mail Protection 531s X509v3 Subject Alternative Name: 531s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 531s Signature Algorithm: sha256WithRSAEncryption 531s Signature Value: 531s 86:43:f1:e6:f5:c1:0c:2b:18:dd:1e:10:46:a8:59:5d:ee:91: 531s 8a:ab:b3:d2:8e:f3:d5:67:2d:ab:58:fe:17:91:25:fa:26:1a: 531s 45:13:1c:29:0f:d1:0f:fa:e3:fa:9c:21:71:ad:8b:db:8b:dd: 531s ec:12:26:d9:60:53:1d:91:81:94:77:37:2a:bb:89:33:93:2d: 531s 1c:e9:4a:64:5a:d6:1c:31:c7:bd:33:cf:d3:67:6d:e3:f5:0a: 531s ac:aa:12:37:92:80:8d:58:db:a9:56:6f:3a:3f:3c:cb:95:61: 531s 53:4f:36:79:f4:a7:29:81:e9:93:3a:f8:73:68:91:a3:e9:7e: 531s 8b:5e 531s + local found_md5 expected_md5 531s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 531s + expected_md5=Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D 531s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-31349.pem 531s + found_md5=Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D 531s + '[' Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D '!=' Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D ']' 531s + output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-31349-auth.output 531s ++ basename /tmp/sssd-softhsm2-YOPqCY/SSSD-child-31349-auth.output .output 531s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-31349-auth.pem 531s + echo -n 053350 531s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 531s [p11_child[2437]] [main] (0x0400): p11_child started. 531s [p11_child[2437]] [main] (0x2000): Running in [auth] mode. 531s [p11_child[2437]] [main] (0x2000): Running with effective IDs: [0][0]. 531s [p11_child[2437]] [main] (0x2000): Running with real IDs [0][0]. 531s [p11_child[2437]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 531s [p11_child[2437]] [do_card] (0x4000): Module List: 531s [p11_child[2437]] [do_card] (0x4000): common name: [softhsm2]. 531s [p11_child[2437]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 531s [p11_child[2437]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5aeec80d] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 531s [p11_child[2437]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 531s [p11_child[2437]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5aeec80d][1525598221] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 531s [p11_child[2437]] [do_card] (0x4000): Login required. 531s [p11_child[2437]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 531s [p11_child[2437]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 531s [p11_child[2437]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5aeec80d;slot-manufacturer=SoftHSM%20project;slot-id=1525598221;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e0c2f9bdaeec80d;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 531s [p11_child[2437]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 531s [p11_child[2437]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 531s [p11_child[2437]] [do_card] (0x4000): Certificate verified and validated. 531s [p11_child[2437]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 531s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-31349-auth.output 531s + echo '-----BEGIN CERTIFICATE-----' 531s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-31349-auth.output 531s + echo '-----END CERTIFICATE-----' 531s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-31349-auth.pem 531s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-31349-auth.pem 531s Certificate: 531s Data: 531s Version: 3 (0x2) 531s Serial Number: 4 (0x4) 531s Signature Algorithm: sha256WithRSAEncryption 531s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 531s Validity 531s Not Before: Jun 13 19:15:13 2024 GMT 531s Not After : Jun 13 19:15:13 2025 GMT 531s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 531s Subject Public Key Info: 531s Public Key Algorithm: rsaEncryption 531s Public-Key: (1024 bit) 531s Modulus: 531s 00:da:91:b2:69:2c:07:41:fe:ef:cd:17:69:96:f3: 531s 7d:b6:d9:5c:8a:55:08:b4:5f:ae:eb:73:b1:9b:88: 531s fa:59:16:da:2b:2d:d9:16:fe:87:4d:d2:6d:3c:9c: 531s 8e:af:ca:36:07:48:b1:98:63:28:f0:17:b4:c4:ae: 531s c2:1e:48:3d:de:ff:63:8f:08:1b:93:b1:a7:b0:27: 531s e4:81:9a:70:91:dd:ac:41:c7:92:f4:b4:8f:ec:ee: 531s 23:75:2f:aa:3d:76:bc:64:67:a6:a7:1c:a0:f4:e6: 531s ab:93:60:cd:93:2d:ef:d7:90:1f:35:3b:87:49:d0: 531s f7:56:63:06:7f:92:2a:88:5d 531s Exponent: 65537 (0x10001) 531s X509v3 extensions: 531s X509v3 Authority Key Identifier: 531s C1:D3:CB:81:C3:53:C9:AC:62:3F:8C:BF:AB:1D:B4:DC:B4:73:85:A7 531s X509v3 Basic Constraints: 531s CA:FALSE 531s Netscape Cert Type: 531s SSL Client, S/MIME 531s Netscape Comment: 531s Test Organization Intermediate CA trusted Certificate 531s X509v3 Subject Key Identifier: 531s 91:13:E6:9C:47:A0:C2:9D:8A:BE:B5:12:88:41:40:C5:9A:82:F8:2C 531s X509v3 Key Usage: critical 531s Digital Signature, Non Repudiation, Key Encipherment 531s X509v3 Extended Key Usage: 531s TLS Web Client Authentication, E-mail Protection 531s X509v3 Subject Alternative Name: 531s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 531s Signature Algorithm: sha256WithRSAEncryption 531s Signature Value: 531s 86:43:f1:e6:f5:c1:0c:2b:18:dd:1e:10:46:a8:59:5d:ee:91: 531s 8a:ab:b3:d2:8e:f3:d5:67:2d:ab:58:fe:17:91:25:fa:26:1a: 531s 45:13:1c:29:0f:d1:0f:fa:e3:fa:9c:21:71:ad:8b:db:8b:dd: 531s ec:12:26:d9:60:53:1d:91:81:94:77:37:2a:bb:89:33:93:2d: 531s 1c:e9:4a:64:5a:d6:1c:31:c7:bd:33:cf:d3:67:6d:e3:f5:0a: 531s ac:aa:12:37:92:80:8d:58:db:a9:56:6f:3a:3f:3c:cb:95:61: 531s 53:4f:36:79:f4:a7:29:81:e9:93:3a:f8:73:68:91:a3:e9:7e: 531s 8b:5e 531s + found_md5=Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D 531s + '[' Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D '!=' Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D ']' 531s + invalid_certificate /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 531s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 531s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 531s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-17272 531s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 531s + local verify_option= 531s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 531s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 531s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-17272 531s + local key_cn 531s + local key_name 531s + local tokens_dir 531s + local output_cert_file 531s + token_name= 531s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem .pem 531s + key_name=test-intermediate-CA-trusted-certificate-0001 531s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 531s ++ sed -n 's/ *commonName *= //p' 531s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 531s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 531s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 531s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 531s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 531s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001 531s + token_name='Test Organization Interme Token' 531s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 531s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 531s + echo 'Test Organization Interme Token' 531s Test Organization Interme Token 531s + '[' -n '' ']' 531s + local output_base_name=SSSD-child-6470 531s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-6470.output 531s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-6470.pem 531s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 531s [p11_child[2447]] [main] (0x0400): p11_child started. 531s [p11_child[2447]] [main] (0x2000): Running in [pre-auth] mode. 531s [p11_child[2447]] [main] (0x2000): Running with effective IDs: [0][0]. 531s [p11_child[2447]] [main] (0x2000): Running with real IDs [0][0]. 531s [p11_child[2447]] [do_card] (0x4000): Module List: 531s [p11_child[2447]] [do_card] (0x4000): common name: [softhsm2]. 531s [p11_child[2447]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 531s [p11_child[2447]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5aeec80d] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 531s [p11_child[2447]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 531s [p11_child[2447]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5aeec80d][1525598221] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 531s [p11_child[2447]] [do_card] (0x4000): Login NOT required. 531s [p11_child[2447]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 531s [p11_child[2447]] [do_verification] (0x0040): X509_verify_cert failed [0]. 531s [p11_child[2447]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 531s [p11_child[2447]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 531s [p11_child[2447]] [do_card] (0x4000): No certificate found. 531s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-6470.output 531s + return 2 531s + invalid_certificate /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem partial_chain 531s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem partial_chain 531s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 531s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-17272 531s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 531s + local verify_option=partial_chain 531s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 531s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 531s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-17272 531s + local key_cn 531s + local key_name 531s + local tokens_dir 531s + local output_cert_file 531s + token_name= 531s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem .pem 531s + key_name=test-intermediate-CA-trusted-certificate-0001 531s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 531s ++ sed -n 's/ *commonName *= //p' 531s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 531s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 531s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 531s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 531s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 531s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001 531s + token_name='Test Organization Interme Token' 531s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 531s Test Organization Interme Token 531s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 531s + echo 'Test Organization Interme Token' 531s + '[' -n partial_chain ']' 531s + local verify_arg=--verify=partial_chain 531s + local output_base_name=SSSD-child-11669 531s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-11669.output 531s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-11669.pem 531s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 531s [p11_child[2454]] [main] (0x0400): p11_child started. 531s [p11_child[2454]] [main] (0x2000): Running in [pre-auth] mode. 531s [p11_child[2454]] [main] (0x2000): Running with effective IDs: [0][0]. 531s [p11_child[2454]] [main] (0x2000): Running with real IDs [0][0]. 531s [p11_child[2454]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 531s [p11_child[2454]] [do_card] (0x4000): Module List: 531s [p11_child[2454]] [do_card] (0x4000): common name: [softhsm2]. 531s [p11_child[2454]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 531s [p11_child[2454]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5aeec80d] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 531s [p11_child[2454]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 531s [p11_child[2454]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5aeec80d][1525598221] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 531s [p11_child[2454]] [do_card] (0x4000): Login NOT required. 531s [p11_child[2454]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 531s [p11_child[2454]] [do_verification] (0x0040): X509_verify_cert failed [0]. 531s [p11_child[2454]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 531s [p11_child[2454]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 531s [p11_child[2454]] [do_card] (0x4000): No certificate found. 531s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-11669.output 531s + return 2 531s + valid_certificate /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 531s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 531s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 531s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-17272 531s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 531s + local verify_option= 531s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 531s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 531s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-17272 531s + local key_cn 531s + local key_name 531s + local tokens_dir 531s + local output_cert_file 531s + token_name= 531s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem .pem 531s + key_name=test-intermediate-CA-trusted-certificate-0001 531s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 531s ++ sed -n 's/ *commonName *= //p' 531s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 531s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 531s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 531s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 531s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 531s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001 531s + token_name='Test Organization Interme Token' 531s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 531s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 531s + echo 'Test Organization Interme Token' 531s Test Organization Interme Token 531s + '[' -n '' ']' 531s + local output_base_name=SSSD-child-19985 531s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-19985.output 531s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-19985.pem 531s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 531s [p11_child[2461]] [main] (0x0400): p11_child started. 531s [p11_child[2461]] [main] (0x2000): Running in [pre-auth] mode. 531s [p11_child[2461]] [main] (0x2000): Running with effective IDs: [0][0]. 531s [p11_child[2461]] [main] (0x2000): Running with real IDs [0][0]. 531s [p11_child[2461]] [do_card] (0x4000): Module List: 531s [p11_child[2461]] [do_card] (0x4000): common name: [softhsm2]. 531s [p11_child[2461]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 531s [p11_child[2461]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5aeec80d] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 531s [p11_child[2461]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 531s [p11_child[2461]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5aeec80d][1525598221] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 531s [p11_child[2461]] [do_card] (0x4000): Login NOT required. 531s [p11_child[2461]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 531s [p11_child[2461]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 531s [p11_child[2461]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 531s [p11_child[2461]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5aeec80d;slot-manufacturer=SoftHSM%20project;slot-id=1525598221;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e0c2f9bdaeec80d;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 531s [p11_child[2461]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 531s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-19985.output 531s + echo '-----BEGIN CERTIFICATE-----' 531s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-19985.output 531s + echo '-----END CERTIFICATE-----' 531s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-19985.pem 531s Certificate: 531s Data: 531s Version: 3 (0x2) 531s Serial Number: 4 (0x4) 531s Signature Algorithm: sha256WithRSAEncryption 531s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 531s Validity 531s Not Before: Jun 13 19:15:13 2024 GMT 531s Not After : Jun 13 19:15:13 2025 GMT 531s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 531s Subject Public Key Info: 531s Public Key Algorithm: rsaEncryption 531s Public-Key: (1024 bit) 531s Modulus: 531s 00:da:91:b2:69:2c:07:41:fe:ef:cd:17:69:96:f3: 531s 7d:b6:d9:5c:8a:55:08:b4:5f:ae:eb:73:b1:9b:88: 531s fa:59:16:da:2b:2d:d9:16:fe:87:4d:d2:6d:3c:9c: 531s 8e:af:ca:36:07:48:b1:98:63:28:f0:17:b4:c4:ae: 531s c2:1e:48:3d:de:ff:63:8f:08:1b:93:b1:a7:b0:27: 531s e4:81:9a:70:91:dd:ac:41:c7:92:f4:b4:8f:ec:ee: 531s 23:75:2f:aa:3d:76:bc:64:67:a6:a7:1c:a0:f4:e6: 531s ab:93:60:cd:93:2d:ef:d7:90:1f:35:3b:87:49:d0: 531s f7:56:63:06:7f:92:2a:88:5d 531s Exponent: 65537 (0x10001) 531s X509v3 extensions: 531s X509v3 Authority Key Identifier: 531s C1:D3:CB:81:C3:53:C9:AC:62:3F:8C:BF:AB:1D:B4:DC:B4:73:85:A7 531s X509v3 Basic Constraints: 531s CA:FALSE 531s Netscape Cert Type: 531s SSL Client, S/MIME 531s Netscape Comment: 531s Test Organization Intermediate CA trusted Certificate 531s X509v3 Subject Key Identifier: 531s 91:13:E6:9C:47:A0:C2:9D:8A:BE:B5:12:88:41:40:C5:9A:82:F8:2C 531s X509v3 Key Usage: critical 531s Digital Signature, Non Repudiation, Key Encipherment 531s X509v3 Extended Key Usage: 531s TLS Web Client Authentication, E-mail Protection 531s X509v3 Subject Alternative Name: 531s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 531s Signature Algorithm: sha256WithRSAEncryption 531s Signature Value: 531s 86:43:f1:e6:f5:c1:0c:2b:18:dd:1e:10:46:a8:59:5d:ee:91: 531s 8a:ab:b3:d2:8e:f3:d5:67:2d:ab:58:fe:17:91:25:fa:26:1a: 531s 45:13:1c:29:0f:d1:0f:fa:e3:fa:9c:21:71:ad:8b:db:8b:dd: 531s ec:12:26:d9:60:53:1d:91:81:94:77:37:2a:bb:89:33:93:2d: 531s 1c:e9:4a:64:5a:d6:1c:31:c7:bd:33:cf:d3:67:6d:e3:f5:0a: 531s ac:aa:12:37:92:80:8d:58:db:a9:56:6f:3a:3f:3c:cb:95:61: 531s 53:4f:36:79:f4:a7:29:81:e9:93:3a:f8:73:68:91:a3:e9:7e: 531s 8b:5e 531s + local found_md5 expected_md5 531s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 531s + expected_md5=Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D 531s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-19985.pem 531s + found_md5=Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D 531s + '[' Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D '!=' Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D ']' 531s + output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-19985-auth.output 531s ++ basename /tmp/sssd-softhsm2-YOPqCY/SSSD-child-19985-auth.output .output 531s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-19985-auth.pem 531s + echo -n 053350 531s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 531s [p11_child[2469]] [main] (0x0400): p11_child started. 531s [p11_child[2469]] [main] (0x2000): Running in [auth] mode. 531s [p11_child[2469]] [main] (0x2000): Running with effective IDs: [0][0]. 531s [p11_child[2469]] [main] (0x2000): Running with real IDs [0][0]. 531s [p11_child[2469]] [do_card] (0x4000): Module List: 531s [p11_child[2469]] [do_card] (0x4000): common name: [softhsm2]. 531s [p11_child[2469]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 531s [p11_child[2469]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5aeec80d] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 531s [p11_child[2469]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 531s [p11_child[2469]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5aeec80d][1525598221] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 531s [p11_child[2469]] [do_card] (0x4000): Login required. 531s [p11_child[2469]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 531s [p11_child[2469]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 531s [p11_child[2469]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 531s [p11_child[2469]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5aeec80d;slot-manufacturer=SoftHSM%20project;slot-id=1525598221;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e0c2f9bdaeec80d;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 531s [p11_child[2469]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 531s [p11_child[2469]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 531s [p11_child[2469]] [do_card] (0x4000): Certificate verified and validated. 531s [p11_child[2469]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 531s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-19985-auth.output 531s + echo '-----BEGIN CERTIFICATE-----' 531s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-19985-auth.output 531s + echo '-----END CERTIFICATE-----' 531s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-19985-auth.pem 531s Certificate: 531s Data: 531s Version: 3 (0x2) 531s Serial Number: 4 (0x4) 531s Signature Algorithm: sha256WithRSAEncryption 531s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 531s Validity 531s Not Before: Jun 13 19:15:13 2024 GMT 531s Not After : Jun 13 19:15:13 2025 GMT 531s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 531s Subject Public Key Info: 531s Public Key Algorithm: rsaEncryption 531s Public-Key: (1024 bit) 531s Modulus: 531s 00:da:91:b2:69:2c:07:41:fe:ef:cd:17:69:96:f3: 531s 7d:b6:d9:5c:8a:55:08:b4:5f:ae:eb:73:b1:9b:88: 531s fa:59:16:da:2b:2d:d9:16:fe:87:4d:d2:6d:3c:9c: 531s 8e:af:ca:36:07:48:b1:98:63:28:f0:17:b4:c4:ae: 531s c2:1e:48:3d:de:ff:63:8f:08:1b:93:b1:a7:b0:27: 531s e4:81:9a:70:91:dd:ac:41:c7:92:f4:b4:8f:ec:ee: 531s 23:75:2f:aa:3d:76:bc:64:67:a6:a7:1c:a0:f4:e6: 531s ab:93:60:cd:93:2d:ef:d7:90:1f:35:3b:87:49:d0: 531s f7:56:63:06:7f:92:2a:88:5d 531s Exponent: 65537 (0x10001) 531s X509v3 extensions: 531s X509v3 Authority Key Identifier: 531s C1:D3:CB:81:C3:53:C9:AC:62:3F:8C:BF:AB:1D:B4:DC:B4:73:85:A7 531s X509v3 Basic Constraints: 531s CA:FALSE 531s Netscape Cert Type: 531s SSL Client, S/MIME 531s Netscape Comment: 531s Test Organization Intermediate CA trusted Certificate 531s X509v3 Subject Key Identifier: 531s 91:13:E6:9C:47:A0:C2:9D:8A:BE:B5:12:88:41:40:C5:9A:82:F8:2C 531s X509v3 Key Usage: critical 531s Digital Signature, Non Repudiation, Key Encipherment 531s X509v3 Extended Key Usage: 531s TLS Web Client Authentication, E-mail Protection 531s X509v3 Subject Alternative Name: 531s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 531s Signature Algorithm: sha256WithRSAEncryption 531s Signature Value: 531s 86:43:f1:e6:f5:c1:0c:2b:18:dd:1e:10:46:a8:59:5d:ee:91: 531s 8a:ab:b3:d2:8e:f3:d5:67:2d:ab:58:fe:17:91:25:fa:26:1a: 531s 45:13:1c:29:0f:d1:0f:fa:e3:fa:9c:21:71:ad:8b:db:8b:dd: 531s ec:12:26:d9:60:53:1d:91:81:94:77:37:2a:bb:89:33:93:2d: 531s 1c:e9:4a:64:5a:d6:1c:31:c7:bd:33:cf:d3:67:6d:e3:f5:0a: 531s ac:aa:12:37:92:80:8d:58:db:a9:56:6f:3a:3f:3c:cb:95:61: 531s 53:4f:36:79:f4:a7:29:81:e9:93:3a:f8:73:68:91:a3:e9:7e: 531s 8b:5e 531s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-19985-auth.pem 531s + found_md5=Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D 531s + '[' Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D '!=' Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D ']' 531s + valid_certificate /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem partial_chain 531s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem partial_chain 531s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 531s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-17272 531s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 531s + local verify_option=partial_chain 531s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 531s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 531s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-17272 531s + local key_cn 531s + local key_name 531s + local tokens_dir 531s + local output_cert_file 531s + token_name= 531s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem .pem 531s + key_name=test-intermediate-CA-trusted-certificate-0001 531s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 531s ++ sed -n 's/ *commonName *= //p' 531s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 531s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 531s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 531s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 531s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 531s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001 531s + token_name='Test Organization Interme Token' 531s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 531s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 531s + echo 'Test Organization Interme Token' 531s + '[' -n partial_chain ']' 531s + local verify_arg=--verify=partial_chain 531s + local output_base_name=SSSD-child-7259 531s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-7259.output 531s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-7259.pem 531s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 531s [p11_child[2479]] [main] (0x0400): p11_child started. 531s [p11_child[2479]] [main] (0x2000): Running in [pre-auth] mode. 531s [p11_child[2479]] [main] (0x2000): Running with effective IDs: [0][0]. 531s [p11_child[2479]] [main] (0x2000): Running with real IDs [0][0]. 531s [p11_child[2479]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 531s Test Organization Interme Token 531s [p11_child[2479]] [do_card] (0x4000): Module List: 531s [p11_child[2479]] [do_card] (0x4000): common name: [softhsm2]. 531s [p11_child[2479]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 531s [p11_child[2479]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5aeec80d] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 531s [p11_child[2479]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 531s [p11_child[2479]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5aeec80d][1525598221] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 531s [p11_child[2479]] [do_card] (0x4000): Login NOT required. 531s [p11_child[2479]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 531s [p11_child[2479]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 531s [p11_child[2479]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 531s [p11_child[2479]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5aeec80d;slot-manufacturer=SoftHSM%20project;slot-id=1525598221;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e0c2f9bdaeec80d;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 531s [p11_child[2479]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 531s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-7259.output 531s + echo '-----BEGIN CERTIFICATE-----' 531s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-7259.output 531s + echo '-----END CERTIFICATE-----' 531s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-7259.pem 531s Certificate: 531s Data: 531s Version: 3 (0x2) 531s Serial Number: 4 (0x4) 531s Signature Algorithm: sha256WithRSAEncryption 531s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 531s Validity 531s Not Before: Jun 13 19:15:13 2024 GMT 531s Not After : Jun 13 19:15:13 2025 GMT 531s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 531s Subject Public Key Info: 531s Public Key Algorithm: rsaEncryption 531s Public-Key: (1024 bit) 531s Modulus: 531s 00:da:91:b2:69:2c:07:41:fe:ef:cd:17:69:96:f3: 531s 7d:b6:d9:5c:8a:55:08:b4:5f:ae:eb:73:b1:9b:88: 531s fa:59:16:da:2b:2d:d9:16:fe:87:4d:d2:6d:3c:9c: 531s 8e:af:ca:36:07:48:b1:98:63:28:f0:17:b4:c4:ae: 531s c2:1e:48:3d:de:ff:63:8f:08:1b:93:b1:a7:b0:27: 531s e4:81:9a:70:91:dd:ac:41:c7:92:f4:b4:8f:ec:ee: 531s 23:75:2f:aa:3d:76:bc:64:67:a6:a7:1c:a0:f4:e6: 531s ab:93:60:cd:93:2d:ef:d7:90:1f:35:3b:87:49:d0: 531s f7:56:63:06:7f:92:2a:88:5d 531s Exponent: 65537 (0x10001) 531s X509v3 extensions: 531s X509v3 Authority Key Identifier: 531s C1:D3:CB:81:C3:53:C9:AC:62:3F:8C:BF:AB:1D:B4:DC:B4:73:85:A7 531s X509v3 Basic Constraints: 531s CA:FALSE 531s Netscape Cert Type: 531s SSL Client, S/MIME 531s Netscape Comment: 531s Test Organization Intermediate CA trusted Certificate 531s X509v3 Subject Key Identifier: 531s 91:13:E6:9C:47:A0:C2:9D:8A:BE:B5:12:88:41:40:C5:9A:82:F8:2C 531s X509v3 Key Usage: critical 531s Digital Signature, Non Repudiation, Key Encipherment 531s X509v3 Extended Key Usage: 531s TLS Web Client Authentication, E-mail Protection 531s X509v3 Subject Alternative Name: 531s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 531s Signature Algorithm: sha256WithRSAEncryption 531s Signature Value: 531s 86:43:f1:e6:f5:c1:0c:2b:18:dd:1e:10:46:a8:59:5d:ee:91: 531s 8a:ab:b3:d2:8e:f3:d5:67:2d:ab:58:fe:17:91:25:fa:26:1a: 531s 45:13:1c:29:0f:d1:0f:fa:e3:fa:9c:21:71:ad:8b:db:8b:dd: 531s ec:12:26:d9:60:53:1d:91:81:94:77:37:2a:bb:89:33:93:2d: 531s 1c:e9:4a:64:5a:d6:1c:31:c7:bd:33:cf:d3:67:6d:e3:f5:0a: 531s ac:aa:12:37:92:80:8d:58:db:a9:56:6f:3a:3f:3c:cb:95:61: 531s 53:4f:36:79:f4:a7:29:81:e9:93:3a:f8:73:68:91:a3:e9:7e: 531s 8b:5e 531s + local found_md5 expected_md5 531s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 531s + expected_md5=Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D 531s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-7259.pem 532s + found_md5=Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D 532s + '[' Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D '!=' Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D ']' 532s + output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-7259-auth.output 532s ++ basename /tmp/sssd-softhsm2-YOPqCY/SSSD-child-7259-auth.output .output 532s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-7259-auth.pem 532s + echo -n 053350 532s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 532s [p11_child[2487]] [main] (0x0400): p11_child started. 532s [p11_child[2487]] [main] (0x2000): Running in [auth] mode. 532s [p11_child[2487]] [main] (0x2000): Running with effective IDs: [0][0]. 532s [p11_child[2487]] [main] (0x2000): Running with real IDs [0][0]. 532s [p11_child[2487]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 532s [p11_child[2487]] [do_card] (0x4000): Module List: 532s [p11_child[2487]] [do_card] (0x4000): common name: [softhsm2]. 532s [p11_child[2487]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 532s [p11_child[2487]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5aeec80d] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 532s [p11_child[2487]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 532s [p11_child[2487]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5aeec80d][1525598221] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 532s [p11_child[2487]] [do_card] (0x4000): Login required. 532s [p11_child[2487]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 532s [p11_child[2487]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 532s [p11_child[2487]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 532s [p11_child[2487]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5aeec80d;slot-manufacturer=SoftHSM%20project;slot-id=1525598221;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e0c2f9bdaeec80d;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 532s [p11_child[2487]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 532s [p11_child[2487]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 532s [p11_child[2487]] [do_card] (0x4000): Certificate verified and validated. 532s [p11_child[2487]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 532s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-7259-auth.output 532s + echo '-----BEGIN CERTIFICATE-----' 532s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-7259-auth.output 532s + echo '-----END CERTIFICATE-----' 532s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-7259-auth.pem 532s Certificate: 532s Data: 532s Version: 3 (0x2) 532s Serial Number: 4 (0x4) 532s Signature Algorithm: sha256WithRSAEncryption 532s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 532s Validity 532s Not Before: Jun 13 19:15:13 2024 GMT 532s Not After : Jun 13 19:15:13 2025 GMT 532s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 532s Subject Public Key Info: 532s Public Key Algorithm: rsaEncryption 532s Public-Key: (1024 bit) 532s Modulus: 532s 00:da:91:b2:69:2c:07:41:fe:ef:cd:17:69:96:f3: 532s 7d:b6:d9:5c:8a:55:08:b4:5f:ae:eb:73:b1:9b:88: 532s fa:59:16:da:2b:2d:d9:16:fe:87:4d:d2:6d:3c:9c: 532s 8e:af:ca:36:07:48:b1:98:63:28:f0:17:b4:c4:ae: 532s c2:1e:48:3d:de:ff:63:8f:08:1b:93:b1:a7:b0:27: 532s e4:81:9a:70:91:dd:ac:41:c7:92:f4:b4:8f:ec:ee: 532s 23:75:2f:aa:3d:76:bc:64:67:a6:a7:1c:a0:f4:e6: 532s ab:93:60:cd:93:2d:ef:d7:90:1f:35:3b:87:49:d0: 532s f7:56:63:06:7f:92:2a:88:5d 532s Exponent: 65537 (0x10001) 532s X509v3 extensions: 532s X509v3 Authority Key Identifier: 532s C1:D3:CB:81:C3:53:C9:AC:62:3F:8C:BF:AB:1D:B4:DC:B4:73:85:A7 532s X509v3 Basic Constraints: 532s CA:FALSE 532s Netscape Cert Type: 532s SSL Client, S/MIME 532s Netscape Comment: 532s Test Organization Intermediate CA trusted Certificate 532s X509v3 Subject Key Identifier: 532s 91:13:E6:9C:47:A0:C2:9D:8A:BE:B5:12:88:41:40:C5:9A:82:F8:2C 532s X509v3 Key Usage: critical 532s Digital Signature, Non Repudiation, Key Encipherment 532s X509v3 Extended Key Usage: 532s TLS Web Client Authentication, E-mail Protection 532s X509v3 Subject Alternative Name: 532s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 532s Signature Algorithm: sha256WithRSAEncryption 532s Signature Value: 532s 86:43:f1:e6:f5:c1:0c:2b:18:dd:1e:10:46:a8:59:5d:ee:91: 532s 8a:ab:b3:d2:8e:f3:d5:67:2d:ab:58:fe:17:91:25:fa:26:1a: 532s 45:13:1c:29:0f:d1:0f:fa:e3:fa:9c:21:71:ad:8b:db:8b:dd: 532s ec:12:26:d9:60:53:1d:91:81:94:77:37:2a:bb:89:33:93:2d: 532s 1c:e9:4a:64:5a:d6:1c:31:c7:bd:33:cf:d3:67:6d:e3:f5:0a: 532s ac:aa:12:37:92:80:8d:58:db:a9:56:6f:3a:3f:3c:cb:95:61: 532s 53:4f:36:79:f4:a7:29:81:e9:93:3a:f8:73:68:91:a3:e9:7e: 532s 8b:5e 532s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-7259-auth.pem 532s + found_md5=Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D 532s + '[' Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D '!=' Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D ']' 532s + invalid_certificate /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem 532s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem 532s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 532s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-17272 532s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem 532s + local verify_option= 532s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 532s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 532s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-17272 532s + local key_cn 532s + local key_name 532s + local tokens_dir 532s + local output_cert_file 532s + token_name= 532s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem .pem 532s + key_name=test-intermediate-CA-trusted-certificate-0001 532s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 532s ++ sed -n 's/ *commonName *= //p' 532s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 532s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 532s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 532s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 532s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 532s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001 532s + token_name='Test Organization Interme Token' 532s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 532s Test Organization Interme Token 532s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 532s + echo 'Test Organization Interme Token' 532s + '[' -n '' ']' 532s + local output_base_name=SSSD-child-8553 532s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-8553.output 532s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-8553.pem 532s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem 532s [p11_child[2497]] [main] (0x0400): p11_child started. 532s [p11_child[2497]] [main] (0x2000): Running in [pre-auth] mode. 532s [p11_child[2497]] [main] (0x2000): Running with effective IDs: [0][0]. 532s [p11_child[2497]] [main] (0x2000): Running with real IDs [0][0]. 532s [p11_child[2497]] [do_card] (0x4000): Module List: 532s [p11_child[2497]] [do_card] (0x4000): common name: [softhsm2]. 532s [p11_child[2497]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 532s [p11_child[2497]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5aeec80d] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 532s [p11_child[2497]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 532s [p11_child[2497]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5aeec80d][1525598221] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 532s [p11_child[2497]] [do_card] (0x4000): Login NOT required. 532s [p11_child[2497]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 532s [p11_child[2497]] [do_verification] (0x0040): X509_verify_cert failed [0]. 532s [p11_child[2497]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 532s [p11_child[2497]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 532s [p11_child[2497]] [do_card] (0x4000): No certificate found. 532s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-8553.output 532s + return 2 532s + valid_certificate /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem partial_chain 532s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem partial_chain 532s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 532s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-17272 532s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem 532s + local verify_option=partial_chain 532s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-17272 532s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 532s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-17272 532s + local key_cn 532s + local key_name 532s + local tokens_dir 532s + local output_cert_file 532s + token_name= 532s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem .pem 532s + key_name=test-intermediate-CA-trusted-certificate-0001 532s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 532s ++ sed -n 's/ *commonName *= //p' 532s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 532s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 532s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 532s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 532s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 532s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001 532s + token_name='Test Organization Interme Token' 532s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 532s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 532s + echo 'Test Organization Interme Token' 532s + '[' -n partial_chain ']' 532s + local verify_arg=--verify=partial_chain 532s + local output_base_name=SSSD-child-8163 532s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-8163.output 532s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-8163.pem 532s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem 532s Test Organization Interme Token 532s [p11_child[2504]] [main] (0x0400): p11_child started. 532s [p11_child[2504]] [main] (0x2000): Running in [pre-auth] mode. 532s [p11_child[2504]] [main] (0x2000): Running with effective IDs: [0][0]. 532s [p11_child[2504]] [main] (0x2000): Running with real IDs [0][0]. 532s [p11_child[2504]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 532s [p11_child[2504]] [do_card] (0x4000): Module List: 532s [p11_child[2504]] [do_card] (0x4000): common name: [softhsm2]. 532s [p11_child[2504]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 532s [p11_child[2504]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5aeec80d] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 532s [p11_child[2504]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 532s [p11_child[2504]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5aeec80d][1525598221] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 532s [p11_child[2504]] [do_card] (0x4000): Login NOT required. 532s [p11_child[2504]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 532s [p11_child[2504]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 532s [p11_child[2504]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 532s [p11_child[2504]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5aeec80d;slot-manufacturer=SoftHSM%20project;slot-id=1525598221;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e0c2f9bdaeec80d;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 532s [p11_child[2504]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 532s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-8163.output 532s + echo '-----BEGIN CERTIFICATE-----' 532s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-8163.output 532s + echo '-----END CERTIFICATE-----' 532s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-8163.pem 532s Certificate: 532s Data: 532s Version: 3 (0x2) 532s Serial Number: 4 (0x4) 532s Signature Algorithm: sha256WithRSAEncryption 532s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 532s Validity 532s Not Before: Jun 13 19:15:13 2024 GMT 532s Not After : Jun 13 19:15:13 2025 GMT 532s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 532s Subject Public Key Info: 532s Public Key Algorithm: rsaEncryption 532s Public-Key: (1024 bit) 532s Modulus: 532s 00:da:91:b2:69:2c:07:41:fe:ef:cd:17:69:96:f3: 532s 7d:b6:d9:5c:8a:55:08:b4:5f:ae:eb:73:b1:9b:88: 532s fa:59:16:da:2b:2d:d9:16:fe:87:4d:d2:6d:3c:9c: 532s 8e:af:ca:36:07:48:b1:98:63:28:f0:17:b4:c4:ae: 532s c2:1e:48:3d:de:ff:63:8f:08:1b:93:b1:a7:b0:27: 532s e4:81:9a:70:91:dd:ac:41:c7:92:f4:b4:8f:ec:ee: 532s 23:75:2f:aa:3d:76:bc:64:67:a6:a7:1c:a0:f4:e6: 532s ab:93:60:cd:93:2d:ef:d7:90:1f:35:3b:87:49:d0: 532s f7:56:63:06:7f:92:2a:88:5d 532s Exponent: 65537 (0x10001) 532s X509v3 extensions: 532s X509v3 Authority Key Identifier: 532s C1:D3:CB:81:C3:53:C9:AC:62:3F:8C:BF:AB:1D:B4:DC:B4:73:85:A7 532s X509v3 Basic Constraints: 532s CA:FALSE 532s Netscape Cert Type: 532s SSL Client, S/MIME 532s Netscape Comment: 532s Test Organization Intermediate CA trusted Certificate 532s X509v3 Subject Key Identifier: 532s 91:13:E6:9C:47:A0:C2:9D:8A:BE:B5:12:88:41:40:C5:9A:82:F8:2C 532s X509v3 Key Usage: critical 532s Digital Signature, Non Repudiation, Key Encipherment 532s X509v3 Extended Key Usage: 532s TLS Web Client Authentication, E-mail Protection 532s X509v3 Subject Alternative Name: 532s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 532s Signature Algorithm: sha256WithRSAEncryption 532s Signature Value: 532s 86:43:f1:e6:f5:c1:0c:2b:18:dd:1e:10:46:a8:59:5d:ee:91: 532s 8a:ab:b3:d2:8e:f3:d5:67:2d:ab:58:fe:17:91:25:fa:26:1a: 532s 45:13:1c:29:0f:d1:0f:fa:e3:fa:9c:21:71:ad:8b:db:8b:dd: 532s ec:12:26:d9:60:53:1d:91:81:94:77:37:2a:bb:89:33:93:2d: 532s 1c:e9:4a:64:5a:d6:1c:31:c7:bd:33:cf:d3:67:6d:e3:f5:0a: 532s ac:aa:12:37:92:80:8d:58:db:a9:56:6f:3a:3f:3c:cb:95:61: 532s 53:4f:36:79:f4:a7:29:81:e9:93:3a:f8:73:68:91:a3:e9:7e: 532s 8b:5e 532s + local found_md5 expected_md5 532s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA-trusted-certificate-0001.pem 532s + expected_md5=Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D 532s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-8163.pem 532s + found_md5=Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D 532s + '[' Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D '!=' Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D ']' 532s + output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-8163-auth.output 532s ++ basename /tmp/sssd-softhsm2-YOPqCY/SSSD-child-8163-auth.output .output 532s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-8163-auth.pem 532s + echo -n 053350 532s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 532s [p11_child[2512]] [main] (0x0400): p11_child started. 532s [p11_child[2512]] [main] (0x2000): Running in [auth] mode. 532s [p11_child[2512]] [main] (0x2000): Running with effective IDs: [0][0]. 532s [p11_child[2512]] [main] (0x2000): Running with real IDs [0][0]. 532s [p11_child[2512]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 532s [p11_child[2512]] [do_card] (0x4000): Module List: 532s [p11_child[2512]] [do_card] (0x4000): common name: [softhsm2]. 532s [p11_child[2512]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 532s [p11_child[2512]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5aeec80d] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 532s [p11_child[2512]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 532s [p11_child[2512]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5aeec80d][1525598221] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 532s [p11_child[2512]] [do_card] (0x4000): Login required. 532s [p11_child[2512]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 532s [p11_child[2512]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 532s [p11_child[2512]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 532s [p11_child[2512]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5aeec80d;slot-manufacturer=SoftHSM%20project;slot-id=1525598221;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=3e0c2f9bdaeec80d;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 532s [p11_child[2512]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 532s [p11_child[2512]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 532s [p11_child[2512]] [do_card] (0x4000): Certificate verified and validated. 532s [p11_child[2512]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 532s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-8163-auth.output 532s + echo '-----BEGIN CERTIFICATE-----' 532s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-8163-auth.output 532s + echo '-----END CERTIFICATE-----' 532s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-8163-auth.pem 532s Certificate: 532s Data: 532s Version: 3 (0x2) 532s Serial Number: 4 (0x4) 532s Signature Algorithm: sha256WithRSAEncryption 532s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 532s Validity 532s Not Before: Jun 13 19:15:13 2024 GMT 532s Not After : Jun 13 19:15:13 2025 GMT 532s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 532s Subject Public Key Info: 532s Public Key Algorithm: rsaEncryption 532s Public-Key: (1024 bit) 532s Modulus: 532s 00:da:91:b2:69:2c:07:41:fe:ef:cd:17:69:96:f3: 532s 7d:b6:d9:5c:8a:55:08:b4:5f:ae:eb:73:b1:9b:88: 532s fa:59:16:da:2b:2d:d9:16:fe:87:4d:d2:6d:3c:9c: 532s 8e:af:ca:36:07:48:b1:98:63:28:f0:17:b4:c4:ae: 532s c2:1e:48:3d:de:ff:63:8f:08:1b:93:b1:a7:b0:27: 532s e4:81:9a:70:91:dd:ac:41:c7:92:f4:b4:8f:ec:ee: 532s 23:75:2f:aa:3d:76:bc:64:67:a6:a7:1c:a0:f4:e6: 532s ab:93:60:cd:93:2d:ef:d7:90:1f:35:3b:87:49:d0: 532s f7:56:63:06:7f:92:2a:88:5d 532s Exponent: 65537 (0x10001) 532s X509v3 extensions: 532s X509v3 Authority Key Identifier: 532s C1:D3:CB:81:C3:53:C9:AC:62:3F:8C:BF:AB:1D:B4:DC:B4:73:85:A7 532s X509v3 Basic Constraints: 532s CA:FALSE 532s Netscape Cert Type: 532s SSL Client, S/MIME 532s Netscape Comment: 532s Test Organization Intermediate CA trusted Certificate 532s X509v3 Subject Key Identifier: 532s 91:13:E6:9C:47:A0:C2:9D:8A:BE:B5:12:88:41:40:C5:9A:82:F8:2C 532s X509v3 Key Usage: critical 532s Digital Signature, Non Repudiation, Key Encipherment 532s X509v3 Extended Key Usage: 532s TLS Web Client Authentication, E-mail Protection 532s X509v3 Subject Alternative Name: 532s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 532s Signature Algorithm: sha256WithRSAEncryption 532s Signature Value: 532s 86:43:f1:e6:f5:c1:0c:2b:18:dd:1e:10:46:a8:59:5d:ee:91: 532s 8a:ab:b3:d2:8e:f3:d5:67:2d:ab:58:fe:17:91:25:fa:26:1a: 532s 45:13:1c:29:0f:d1:0f:fa:e3:fa:9c:21:71:ad:8b:db:8b:dd: 532s ec:12:26:d9:60:53:1d:91:81:94:77:37:2a:bb:89:33:93:2d: 532s 1c:e9:4a:64:5a:d6:1c:31:c7:bd:33:cf:d3:67:6d:e3:f5:0a: 532s ac:aa:12:37:92:80:8d:58:db:a9:56:6f:3a:3f:3c:cb:95:61: 532s 53:4f:36:79:f4:a7:29:81:e9:93:3a:f8:73:68:91:a3:e9:7e: 532s 8b:5e 532s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-8163-auth.pem 532s + found_md5=Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D 532s + '[' Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D '!=' Modulus=DA91B2692C0741FEEFCD176996F37DB6D95C8A5508B45FAEEB73B19B88FA5916DA2B2DD916FE874DD26D3C9C8EAFCA360748B1986328F017B4C4AEC21E483DDEFF638F081B93B1A7B027E4819A7091DDAC41C792F4B48FECEE23752FAA3D76BC6467A6A71CA0F4E6AB9360CD932DEFD7901F353B8749D0F75663067F922A885D ']' 532s + invalid_certificate /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 532s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 532s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 532s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-123 532s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 532s + local verify_option= 532s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 532s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 532s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-123 532s + local key_cn 532s + local key_name 532s + local tokens_dir 532s + local output_cert_file 532s + token_name= 532s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 532s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 532s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 532s ++ sed -n 's/ *commonName *= //p' 532s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 532s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 532s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 532s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 532s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 532s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 532s + token_name='Test Organization Sub Int Token' 532s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 532s + local key_file 532s + local decrypted_key 532s + mkdir -p /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 532s + key_file=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 532s + decrypted_key=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 532s + cat 532s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 053350 --so-pin 053350 --free 532s Slot 0 has a free/uninitialized token. 532s The token has been initialized and is reassigned to slot 149600421 532s + softhsm2-util --show-slots 532s Available slots: 532s Slot 149600421 532s Slot info: 532s Description: SoftHSM slot ID 0x8eab8a5 532s Manufacturer ID: SoftHSM project 532s Hardware version: 2.6 532s Firmware version: 2.6 532s Token present: yes 532s Token info: 532s Manufacturer ID: SoftHSM project 532s Model: SoftHSM v2 532s Hardware version: 2.6 532s Firmware version: 2.6 532s Serial number: 408bdbbf88eab8a5 532s Initialized: yes 532s User PIN init.: yes 532s Label: Test Organization Sub Int Token 532s Slot 1 532s Slot info: 532s Description: SoftHSM slot ID 0x1 532s Manufacturer ID: SoftHSM project 532s Hardware version: 2.6 532s Firmware version: 2.6 532s Token present: yes 532s Token info: 532s Manufacturer ID: SoftHSM project 532s Model: SoftHSM v2 532s Hardware version: 2.6 532s Firmware version: 2.6 532s Serial number: 532s Initialized: no 532s User PIN init.: no 532s Label: 532s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 532s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-123 -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 532s writing RSA key 532s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 532s + rm /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 532s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 532s Object 0: 532s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=408bdbbf88eab8a5;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 532s Type: X.509 Certificate (RSA-1024) 532s Expires: Fri Jun 13 19:15:13 2025 532s Label: Test Organization Sub Intermediate Trusted Certificate 0001 532s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 532s 532s Test Organization Sub Int Token 532s + echo 'Test Organization Sub Int Token' 532s + '[' -n '' ']' 532s + local output_base_name=SSSD-child-1694 532s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-1694.output 532s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-1694.pem 532s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 532s [p11_child[2531]] [main] (0x0400): p11_child started. 532s [p11_child[2531]] [main] (0x2000): Running in [pre-auth] mode. 532s [p11_child[2531]] [main] (0x2000): Running with effective IDs: [0][0]. 532s [p11_child[2531]] [main] (0x2000): Running with real IDs [0][0]. 532s [p11_child[2531]] [do_card] (0x4000): Module List: 532s [p11_child[2531]] [do_card] (0x4000): common name: [softhsm2]. 532s [p11_child[2531]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 532s [p11_child[2531]] [do_card] (0x4000): Description [SoftHSM slot ID 0x8eab8a5] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 532s [p11_child[2531]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 532s [p11_child[2531]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x8eab8a5][149600421] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 532s [p11_child[2531]] [do_card] (0x4000): Login NOT required. 532s [p11_child[2531]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 532s [p11_child[2531]] [do_verification] (0x0040): X509_verify_cert failed [0]. 532s [p11_child[2531]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 532s [p11_child[2531]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 532s [p11_child[2531]] [do_card] (0x4000): No certificate found. 532s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-1694.output 532s + return 2 532s + invalid_certificate /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem partial_chain 532s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 /tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem partial_chain 532s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 532s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-123 532s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 532s + local verify_option=partial_chain 532s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 532s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 532s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-123 532s + local key_cn 532s + local key_name 532s + local tokens_dir 532s + local output_cert_file 532s + token_name= 532s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 532s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 532s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 532s ++ sed -n 's/ *commonName *= //p' 532s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 532s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 532s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 532s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 532s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 532s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 532s + token_name='Test Organization Sub Int Token' 532s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 532s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 532s + echo 'Test Organization Sub Int Token' 532s Test Organization Sub Int Token 532s + '[' -n partial_chain ']' 532s + local verify_arg=--verify=partial_chain 532s + local output_base_name=SSSD-child-4198 532s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-4198.output 532s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-4198.pem 532s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-root-CA.pem 532s [p11_child[2538]] [main] (0x0400): p11_child started. 532s [p11_child[2538]] [main] (0x2000): Running in [pre-auth] mode. 532s [p11_child[2538]] [main] (0x2000): Running with effective IDs: [0][0]. 532s [p11_child[2538]] [main] (0x2000): Running with real IDs [0][0]. 532s [p11_child[2538]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 532s [p11_child[2538]] [do_card] (0x4000): Module List: 532s [p11_child[2538]] [do_card] (0x4000): common name: [softhsm2]. 532s [p11_child[2538]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 532s [p11_child[2538]] [do_card] (0x4000): Description [SoftHSM slot ID 0x8eab8a5] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 532s [p11_child[2538]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 532s [p11_child[2538]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x8eab8a5][149600421] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 532s [p11_child[2538]] [do_card] (0x4000): Login NOT required. 532s [p11_child[2538]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 532s [p11_child[2538]] [do_verification] (0x0040): X509_verify_cert failed [0]. 532s [p11_child[2538]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 532s [p11_child[2538]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 532s [p11_child[2538]] [do_card] (0x4000): No certificate found. 532s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-4198.output 532s + return 2 532s + valid_certificate /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 532s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 532s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 532s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-123 532s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 532s + local verify_option= 532s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 532s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 532s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-123 532s + local key_cn 532s + local key_name 532s + local tokens_dir 532s + local output_cert_file 532s + token_name= 532s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 532s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 532s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 532s ++ sed -n 's/ *commonName *= //p' 532s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 532s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 532s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 532s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 532s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 532s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 532s + token_name='Test Organization Sub Int Token' 532s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 532s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 532s + echo 'Test Organization Sub Int Token' 532s + '[' -n '' ']' 532s Test Organization Sub Int Token 532s + local output_base_name=SSSD-child-27580 532s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-27580.output 532s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-27580.pem 532s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 532s [p11_child[2545]] [main] (0x0400): p11_child started. 532s [p11_child[2545]] [main] (0x2000): Running in [pre-auth] mode. 532s [p11_child[2545]] [main] (0x2000): Running with effective IDs: [0][0]. 532s [p11_child[2545]] [main] (0x2000): Running with real IDs [0][0]. 532s [p11_child[2545]] [do_card] (0x4000): Module List: 532s [p11_child[2545]] [do_card] (0x4000): common name: [softhsm2]. 532s [p11_child[2545]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 532s [p11_child[2545]] [do_card] (0x4000): Description [SoftHSM slot ID 0x8eab8a5] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 532s [p11_child[2545]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 532s [p11_child[2545]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x8eab8a5][149600421] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 532s [p11_child[2545]] [do_card] (0x4000): Login NOT required. 532s [p11_child[2545]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 532s [p11_child[2545]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 532s [p11_child[2545]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 532s [p11_child[2545]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x8eab8a5;slot-manufacturer=SoftHSM%20project;slot-id=149600421;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=408bdbbf88eab8a5;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 532s [p11_child[2545]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 532s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-27580.output 532s + echo '-----BEGIN CERTIFICATE-----' 532s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-27580.output 532s + echo '-----END CERTIFICATE-----' 532s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-27580.pem 532s Certificate: 532s Data: 532s Version: 3 (0x2) 532s Serial Number: 5 (0x5) 532s Signature Algorithm: sha256WithRSAEncryption 532s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 532s Validity 532s Not Before: Jun 13 19:15:13 2024 GMT 532s Not After : Jun 13 19:15:13 2025 GMT 532s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 532s Subject Public Key Info: 532s Public Key Algorithm: rsaEncryption 532s Public-Key: (1024 bit) 532s Modulus: 532s 00:c4:59:76:10:f0:4a:e5:bd:12:0b:89:2f:31:97: 532s df:2d:88:b0:66:9d:06:9f:65:c5:2f:17:ae:ed:fa: 532s f8:a1:cf:6b:70:11:ae:f8:da:69:0f:6b:02:8e:6a: 532s 60:47:eb:3b:ef:bf:b1:c6:ff:ba:84:d8:57:b7:c0: 532s 6e:95:0c:16:68:7d:df:9f:48:ae:d2:a9:5d:4c:43: 532s 42:42:e4:e4:8f:ff:f7:8f:07:86:e6:c9:e9:43:f7: 532s 70:79:77:1a:2d:a1:35:97:07:06:47:6d:f0:fd:11: 532s d6:51:e6:02:0a:1b:7a:b6:ba:5f:38:9e:27:d1:f3: 532s d1:d7:28:cb:28:60:64:70:6f 532s Exponent: 65537 (0x10001) 532s X509v3 extensions: 532s X509v3 Authority Key Identifier: 532s FD:69:91:67:A7:48:E2:06:B7:17:53:47:2D:21:51:DC:69:33:3B:00 532s X509v3 Basic Constraints: 532s CA:FALSE 532s Netscape Cert Type: 532s SSL Client, S/MIME 532s Netscape Comment: 532s Test Organization Sub Intermediate CA trusted Certificate 532s X509v3 Subject Key Identifier: 532s 19:15:CF:25:AE:21:FC:19:0C:0A:9D:1E:E7:88:97:9D:0B:9A:C1:0B 532s X509v3 Key Usage: critical 532s Digital Signature, Non Repudiation, Key Encipherment 532s X509v3 Extended Key Usage: 532s TLS Web Client Authentication, E-mail Protection 532s X509v3 Subject Alternative Name: 532s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 532s Signature Algorithm: sha256WithRSAEncryption 532s Signature Value: 532s 69:92:fb:b3:fe:84:d2:c5:bd:5a:91:44:82:ed:7d:86:e1:16: 532s 07:d7:e3:07:09:48:9e:5b:be:40:58:b5:e0:d0:a7:be:04:16: 532s 25:e0:9d:e1:02:d3:59:cd:c1:82:8a:bb:55:a3:86:0a:5d:db: 532s 29:1f:91:c2:58:15:8d:48:e0:d3:cc:16:6d:e7:a0:21:4e:74: 532s 48:4f:b8:95:8f:36:c3:f2:ba:8d:bb:cf:0d:b3:06:2b:27:28: 532s 29:5f:d7:f1:1b:4a:ab:70:6f:46:70:7e:93:cb:91:36:d8:d5: 532s 26:cd:37:5b:e5:7a:8e:cd:93:7e:d7:38:26:61:09:14:fc:8a: 532s 11:50 532s + local found_md5 expected_md5 532s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 532s + expected_md5=Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F 532s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-27580.pem 532s + found_md5=Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F 532s + '[' Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F '!=' Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F ']' 532s + output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-27580-auth.output 532s ++ basename /tmp/sssd-softhsm2-YOPqCY/SSSD-child-27580-auth.output .output 532s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-27580-auth.pem 532s + echo -n 053350 532s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 532s [p11_child[2553]] [main] (0x0400): p11_child started. 532s [p11_child[2553]] [main] (0x2000): Running in [auth] mode. 532s [p11_child[2553]] [main] (0x2000): Running with effective IDs: [0][0]. 532s [p11_child[2553]] [main] (0x2000): Running with real IDs [0][0]. 532s [p11_child[2553]] [do_card] (0x4000): Module List: 532s [p11_child[2553]] [do_card] (0x4000): common name: [softhsm2]. 532s [p11_child[2553]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 532s [p11_child[2553]] [do_card] (0x4000): Description [SoftHSM slot ID 0x8eab8a5] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 532s [p11_child[2553]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 532s [p11_child[2553]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x8eab8a5][149600421] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 532s [p11_child[2553]] [do_card] (0x4000): Login required. 532s [p11_child[2553]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 532s [p11_child[2553]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 532s [p11_child[2553]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 532s [p11_child[2553]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x8eab8a5;slot-manufacturer=SoftHSM%20project;slot-id=149600421;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=408bdbbf88eab8a5;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 532s [p11_child[2553]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 532s [p11_child[2553]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 532s [p11_child[2553]] [do_card] (0x4000): Certificate verified and validated. 532s [p11_child[2553]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 532s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-27580-auth.output 532s + echo '-----BEGIN CERTIFICATE-----' 533s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-27580-auth.output 533s + echo '-----END CERTIFICATE-----' 533s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-27580-auth.pem 533s Certificate: 533s Data: 533s Version: 3 (0x2) 533s Serial Number: 5 (0x5) 533s Signature Algorithm: sha256WithRSAEncryption 533s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 533s Validity 533s Not Before: Jun 13 19:15:13 2024 GMT 533s Not After : Jun 13 19:15:13 2025 GMT 533s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 533s Subject Public Key Info: 533s Public Key Algorithm: rsaEncryption 533s Public-Key: (1024 bit) 533s Modulus: 533s 00:c4:59:76:10:f0:4a:e5:bd:12:0b:89:2f:31:97: 533s df:2d:88:b0:66:9d:06:9f:65:c5:2f:17:ae:ed:fa: 533s f8:a1:cf:6b:70:11:ae:f8:da:69:0f:6b:02:8e:6a: 533s 60:47:eb:3b:ef:bf:b1:c6:ff:ba:84:d8:57:b7:c0: 533s 6e:95:0c:16:68:7d:df:9f:48:ae:d2:a9:5d:4c:43: 533s 42:42:e4:e4:8f:ff:f7:8f:07:86:e6:c9:e9:43:f7: 533s 70:79:77:1a:2d:a1:35:97:07:06:47:6d:f0:fd:11: 533s d6:51:e6:02:0a:1b:7a:b6:ba:5f:38:9e:27:d1:f3: 533s d1:d7:28:cb:28:60:64:70:6f 533s Exponent: 65537 (0x10001) 533s X509v3 extensions: 533s X509v3 Authority Key Identifier: 533s FD:69:91:67:A7:48:E2:06:B7:17:53:47:2D:21:51:DC:69:33:3B:00 533s X509v3 Basic Constraints: 533s CA:FALSE 533s Netscape Cert Type: 533s SSL Client, S/MIME 533s Netscape Comment: 533s Test Organization Sub Intermediate CA trusted Certificate 533s X509v3 Subject Key Identifier: 533s 19:15:CF:25:AE:21:FC:19:0C:0A:9D:1E:E7:88:97:9D:0B:9A:C1:0B 533s X509v3 Key Usage: critical 533s Digital Signature, Non Repudiation, Key Encipherment 533s X509v3 Extended Key Usage: 533s TLS Web Client Authentication, E-mail Protection 533s X509v3 Subject Alternative Name: 533s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 533s Signature Algorithm: sha256WithRSAEncryption 533s Signature Value: 533s 69:92:fb:b3:fe:84:d2:c5:bd:5a:91:44:82:ed:7d:86:e1:16: 533s 07:d7:e3:07:09:48:9e:5b:be:40:58:b5:e0:d0:a7:be:04:16: 533s 25:e0:9d:e1:02:d3:59:cd:c1:82:8a:bb:55:a3:86:0a:5d:db: 533s 29:1f:91:c2:58:15:8d:48:e0:d3:cc:16:6d:e7:a0:21:4e:74: 533s 48:4f:b8:95:8f:36:c3:f2:ba:8d:bb:cf:0d:b3:06:2b:27:28: 533s 29:5f:d7:f1:1b:4a:ab:70:6f:46:70:7e:93:cb:91:36:d8:d5: 533s 26:cd:37:5b:e5:7a:8e:cd:93:7e:d7:38:26:61:09:14:fc:8a: 533s 11:50 533s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-27580-auth.pem 533s + found_md5=Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F 533s + '[' Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F '!=' Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F ']' 533s + valid_certificate /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem partial_chain 533s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 /tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem partial_chain 533s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 533s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-123 533s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 533s + local verify_option=partial_chain 533s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 533s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 533s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-123 533s + local key_cn 533s + local key_name 533s + local tokens_dir 533s + local output_cert_file 533s + token_name= 533s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 533s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 533s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 533s ++ sed -n 's/ *commonName *= //p' 533s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 533s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 533s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 533s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 533s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 533s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 533s + token_name='Test Organization Sub Int Token' 533s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 533s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 533s + echo 'Test Organization Sub Int Token' 533s + '[' -n partial_chain ']' 533s + local verify_arg=--verify=partial_chain 533s + local output_base_name=SSSD-child-10679 533s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-10679.output 533s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-10679.pem 533s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem 533s Test Organization Sub Int Token 533s [p11_child[2563]] [main] (0x0400): p11_child started. 533s [p11_child[2563]] [main] (0x2000): Running in [pre-auth] mode. 533s [p11_child[2563]] [main] (0x2000): Running with effective IDs: [0][0]. 533s [p11_child[2563]] [main] (0x2000): Running with real IDs [0][0]. 533s [p11_child[2563]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 533s [p11_child[2563]] [do_card] (0x4000): Module List: 533s [p11_child[2563]] [do_card] (0x4000): common name: [softhsm2]. 533s [p11_child[2563]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 533s [p11_child[2563]] [do_card] (0x4000): Description [SoftHSM slot ID 0x8eab8a5] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 533s [p11_child[2563]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 533s [p11_child[2563]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x8eab8a5][149600421] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 533s [p11_child[2563]] [do_card] (0x4000): Login NOT required. 533s [p11_child[2563]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 533s [p11_child[2563]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 533s [p11_child[2563]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 533s [p11_child[2563]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x8eab8a5;slot-manufacturer=SoftHSM%20project;slot-id=149600421;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=408bdbbf88eab8a5;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 533s [p11_child[2563]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 533s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-10679.output 533s + echo '-----BEGIN CERTIFICATE-----' 533s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-10679.output 533s + echo '-----END CERTIFICATE-----' 533s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-10679.pem 533s Certificate: 533s Data: 533s Version: 3 (0x2) 533s Serial Number: 5 (0x5) 533s Signature Algorithm: sha256WithRSAEncryption 533s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 533s Validity 533s Not Before: Jun 13 19:15:13 2024 GMT 533s Not After : Jun 13 19:15:13 2025 GMT 533s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 533s Subject Public Key Info: 533s Public Key Algorithm: rsaEncryption 533s Public-Key: (1024 bit) 533s Modulus: 533s 00:c4:59:76:10:f0:4a:e5:bd:12:0b:89:2f:31:97: 533s df:2d:88:b0:66:9d:06:9f:65:c5:2f:17:ae:ed:fa: 533s f8:a1:cf:6b:70:11:ae:f8:da:69:0f:6b:02:8e:6a: 533s 60:47:eb:3b:ef:bf:b1:c6:ff:ba:84:d8:57:b7:c0: 533s 6e:95:0c:16:68:7d:df:9f:48:ae:d2:a9:5d:4c:43: 533s 42:42:e4:e4:8f:ff:f7:8f:07:86:e6:c9:e9:43:f7: 533s 70:79:77:1a:2d:a1:35:97:07:06:47:6d:f0:fd:11: 533s d6:51:e6:02:0a:1b:7a:b6:ba:5f:38:9e:27:d1:f3: 533s d1:d7:28:cb:28:60:64:70:6f 533s Exponent: 65537 (0x10001) 533s X509v3 extensions: 533s X509v3 Authority Key Identifier: 533s FD:69:91:67:A7:48:E2:06:B7:17:53:47:2D:21:51:DC:69:33:3B:00 533s X509v3 Basic Constraints: 533s CA:FALSE 533s Netscape Cert Type: 533s SSL Client, S/MIME 533s Netscape Comment: 533s Test Organization Sub Intermediate CA trusted Certificate 533s X509v3 Subject Key Identifier: 533s 19:15:CF:25:AE:21:FC:19:0C:0A:9D:1E:E7:88:97:9D:0B:9A:C1:0B 533s X509v3 Key Usage: critical 533s Digital Signature, Non Repudiation, Key Encipherment 533s X509v3 Extended Key Usage: 533s TLS Web Client Authentication, E-mail Protection 533s X509v3 Subject Alternative Name: 533s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 533s Signature Algorithm: sha256WithRSAEncryption 533s Signature Value: 533s 69:92:fb:b3:fe:84:d2:c5:bd:5a:91:44:82:ed:7d:86:e1:16: 533s 07:d7:e3:07:09:48:9e:5b:be:40:58:b5:e0:d0:a7:be:04:16: 533s 25:e0:9d:e1:02:d3:59:cd:c1:82:8a:bb:55:a3:86:0a:5d:db: 533s 29:1f:91:c2:58:15:8d:48:e0:d3:cc:16:6d:e7:a0:21:4e:74: 533s 48:4f:b8:95:8f:36:c3:f2:ba:8d:bb:cf:0d:b3:06:2b:27:28: 533s 29:5f:d7:f1:1b:4a:ab:70:6f:46:70:7e:93:cb:91:36:d8:d5: 533s 26:cd:37:5b:e5:7a:8e:cd:93:7e:d7:38:26:61:09:14:fc:8a: 533s 11:50 533s + local found_md5 expected_md5 533s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 533s + expected_md5=Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F 533s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-10679.pem 533s + found_md5=Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F 533s + '[' Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F '!=' Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F ']' 533s + output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-10679-auth.output 533s ++ basename /tmp/sssd-softhsm2-YOPqCY/SSSD-child-10679-auth.output .output 533s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-10679-auth.pem 533s + echo -n 053350 533s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 533s [p11_child[2571]] [main] (0x0400): p11_child started. 533s [p11_child[2571]] [main] (0x2000): Running in [auth] mode. 533s [p11_child[2571]] [main] (0x2000): Running with effective IDs: [0][0]. 533s [p11_child[2571]] [main] (0x2000): Running with real IDs [0][0]. 533s [p11_child[2571]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 533s [p11_child[2571]] [do_card] (0x4000): Module List: 533s [p11_child[2571]] [do_card] (0x4000): common name: [softhsm2]. 533s [p11_child[2571]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 533s [p11_child[2571]] [do_card] (0x4000): Description [SoftHSM slot ID 0x8eab8a5] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 533s [p11_child[2571]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 533s [p11_child[2571]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x8eab8a5][149600421] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 533s [p11_child[2571]] [do_card] (0x4000): Login required. 533s [p11_child[2571]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 533s [p11_child[2571]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 533s [p11_child[2571]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 533s [p11_child[2571]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x8eab8a5;slot-manufacturer=SoftHSM%20project;slot-id=149600421;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=408bdbbf88eab8a5;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 533s [p11_child[2571]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 533s [p11_child[2571]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 533s [p11_child[2571]] [do_card] (0x4000): Certificate verified and validated. 533s [p11_child[2571]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 533s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-10679-auth.output 533s + echo '-----BEGIN CERTIFICATE-----' 533s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-10679-auth.output 533s + echo '-----END CERTIFICATE-----' 533s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-10679-auth.pem 533s Certificate: 533s Data: 533s Version: 3 (0x2) 533s Serial Number: 5 (0x5) 533s Signature Algorithm: sha256WithRSAEncryption 533s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 533s Validity 533s Not Before: Jun 13 19:15:13 2024 GMT 533s Not After : Jun 13 19:15:13 2025 GMT 533s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 533s Subject Public Key Info: 533s Public Key Algorithm: rsaEncryption 533s Public-Key: (1024 bit) 533s Modulus: 533s 00:c4:59:76:10:f0:4a:e5:bd:12:0b:89:2f:31:97: 533s df:2d:88:b0:66:9d:06:9f:65:c5:2f:17:ae:ed:fa: 533s f8:a1:cf:6b:70:11:ae:f8:da:69:0f:6b:02:8e:6a: 533s 60:47:eb:3b:ef:bf:b1:c6:ff:ba:84:d8:57:b7:c0: 533s 6e:95:0c:16:68:7d:df:9f:48:ae:d2:a9:5d:4c:43: 533s 42:42:e4:e4:8f:ff:f7:8f:07:86:e6:c9:e9:43:f7: 533s 70:79:77:1a:2d:a1:35:97:07:06:47:6d:f0:fd:11: 533s d6:51:e6:02:0a:1b:7a:b6:ba:5f:38:9e:27:d1:f3: 533s d1:d7:28:cb:28:60:64:70:6f 533s Exponent: 65537 (0x10001) 533s X509v3 extensions: 533s X509v3 Authority Key Identifier: 533s FD:69:91:67:A7:48:E2:06:B7:17:53:47:2D:21:51:DC:69:33:3B:00 533s X509v3 Basic Constraints: 533s CA:FALSE 533s Netscape Cert Type: 533s SSL Client, S/MIME 533s Netscape Comment: 533s Test Organization Sub Intermediate CA trusted Certificate 533s X509v3 Subject Key Identifier: 533s 19:15:CF:25:AE:21:FC:19:0C:0A:9D:1E:E7:88:97:9D:0B:9A:C1:0B 533s X509v3 Key Usage: critical 533s Digital Signature, Non Repudiation, Key Encipherment 533s X509v3 Extended Key Usage: 533s TLS Web Client Authentication, E-mail Protection 533s X509v3 Subject Alternative Name: 533s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 533s Signature Algorithm: sha256WithRSAEncryption 533s Signature Value: 533s 69:92:fb:b3:fe:84:d2:c5:bd:5a:91:44:82:ed:7d:86:e1:16: 533s 07:d7:e3:07:09:48:9e:5b:be:40:58:b5:e0:d0:a7:be:04:16: 533s 25:e0:9d:e1:02:d3:59:cd:c1:82:8a:bb:55:a3:86:0a:5d:db: 533s 29:1f:91:c2:58:15:8d:48:e0:d3:cc:16:6d:e7:a0:21:4e:74: 533s 48:4f:b8:95:8f:36:c3:f2:ba:8d:bb:cf:0d:b3:06:2b:27:28: 533s 29:5f:d7:f1:1b:4a:ab:70:6f:46:70:7e:93:cb:91:36:d8:d5: 533s 26:cd:37:5b:e5:7a:8e:cd:93:7e:d7:38:26:61:09:14:fc:8a: 533s 11:50 533s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-10679-auth.pem 533s + found_md5=Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F 533s + '[' Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F '!=' Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F ']' 533s + invalid_certificate /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem 533s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem 533s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 533s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-123 533s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem 533s + local verify_option= 533s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 533s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 533s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-123 533s + local key_cn 533s + local key_name 533s + local tokens_dir 533s + local output_cert_file 533s + token_name= 533s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 533s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 533s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 533s ++ sed -n 's/ *commonName *= //p' 533s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 533s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 533s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 533s Test Organization Sub Int Token 533s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 533s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 533s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 533s + token_name='Test Organization Sub Int Token' 533s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 533s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 533s + echo 'Test Organization Sub Int Token' 533s + '[' -n '' ']' 533s + local output_base_name=SSSD-child-2037 533s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-2037.output 533s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-2037.pem 533s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem 533s [p11_child[2581]] [main] (0x0400): p11_child started. 533s [p11_child[2581]] [main] (0x2000): Running in [pre-auth] mode. 533s [p11_child[2581]] [main] (0x2000): Running with effective IDs: [0][0]. 533s [p11_child[2581]] [main] (0x2000): Running with real IDs [0][0]. 533s [p11_child[2581]] [do_card] (0x4000): Module List: 533s [p11_child[2581]] [do_card] (0x4000): common name: [softhsm2]. 533s [p11_child[2581]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 533s [p11_child[2581]] [do_card] (0x4000): Description [SoftHSM slot ID 0x8eab8a5] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 533s [p11_child[2581]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 533s [p11_child[2581]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x8eab8a5][149600421] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 533s [p11_child[2581]] [do_card] (0x4000): Login NOT required. 533s [p11_child[2581]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 533s [p11_child[2581]] [do_verification] (0x0040): X509_verify_cert failed [0]. 533s [p11_child[2581]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 533s [p11_child[2581]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 533s [p11_child[2581]] [do_card] (0x4000): No certificate found. 533s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-2037.output 533s + return 2 533s + invalid_certificate /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 /tmp/sssd-softhsm2-YOPqCY/test-root-intermediate-chain-CA.pem partial_chain 533s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 /tmp/sssd-softhsm2-YOPqCY/test-root-intermediate-chain-CA.pem partial_chain 533s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 533s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-123 533s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-root-intermediate-chain-CA.pem 533s + local verify_option=partial_chain 533s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 533s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 533s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-123 533s + local key_cn 533s + local key_name 533s + local tokens_dir 533s + local output_cert_file 533s + token_name= 533s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 533s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 533s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 533s ++ sed -n 's/ *commonName *= //p' 533s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 533s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 533s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 533s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 533s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 533s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 533s + token_name='Test Organization Sub Int Token' 533s Test Organization Sub Int Token 533s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 533s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 533s + echo 'Test Organization Sub Int Token' 533s + '[' -n partial_chain ']' 533s + local verify_arg=--verify=partial_chain 533s + local output_base_name=SSSD-child-10699 533s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-10699.output 533s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-10699.pem 533s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-root-intermediate-chain-CA.pem 533s [p11_child[2588]] [main] (0x0400): p11_child started. 533s [p11_child[2588]] [main] (0x2000): Running in [pre-auth] mode. 533s [p11_child[2588]] [main] (0x2000): Running with effective IDs: [0][0]. 533s [p11_child[2588]] [main] (0x2000): Running with real IDs [0][0]. 533s [p11_child[2588]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 533s [p11_child[2588]] [do_card] (0x4000): Module List: 533s [p11_child[2588]] [do_card] (0x4000): common name: [softhsm2]. 533s [p11_child[2588]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 533s [p11_child[2588]] [do_card] (0x4000): Description [SoftHSM slot ID 0x8eab8a5] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 533s [p11_child[2588]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 533s [p11_child[2588]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x8eab8a5][149600421] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 533s [p11_child[2588]] [do_card] (0x4000): Login NOT required. 533s [p11_child[2588]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 533s [p11_child[2588]] [do_verification] (0x0040): X509_verify_cert failed [0]. 533s [p11_child[2588]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 533s [p11_child[2588]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 533s [p11_child[2588]] [do_card] (0x4000): No certificate found. 533s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-10699.output 533s + return 2 533s + valid_certificate /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem partial_chain 533s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem partial_chain 533s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 533s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-123 533s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem 533s + local verify_option=partial_chain 533s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 533s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 533s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-123 533s + local key_cn 533s + local key_name 533s + local tokens_dir 533s + local output_cert_file 533s + token_name= 533s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 533s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 533s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 533s ++ sed -n 's/ *commonName *= //p' 533s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 533s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 533s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 533s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 533s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 533s Test Organization Sub Int Token 533s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 533s + token_name='Test Organization Sub Int Token' 533s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 533s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 533s + echo 'Test Organization Sub Int Token' 533s + '[' -n partial_chain ']' 533s + local verify_arg=--verify=partial_chain 533s + local output_base_name=SSSD-child-24235 533s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-24235.output 533s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-24235.pem 533s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem 533s [p11_child[2595]] [main] (0x0400): p11_child started. 533s [p11_child[2595]] [main] (0x2000): Running in [pre-auth] mode. 533s [p11_child[2595]] [main] (0x2000): Running with effective IDs: [0][0]. 533s [p11_child[2595]] [main] (0x2000): Running with real IDs [0][0]. 533s [p11_child[2595]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 533s [p11_child[2595]] [do_card] (0x4000): Module List: 533s [p11_child[2595]] [do_card] (0x4000): common name: [softhsm2]. 533s [p11_child[2595]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 533s [p11_child[2595]] [do_card] (0x4000): Description [SoftHSM slot ID 0x8eab8a5] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 533s [p11_child[2595]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 533s [p11_child[2595]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x8eab8a5][149600421] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 533s [p11_child[2595]] [do_card] (0x4000): Login NOT required. 533s [p11_child[2595]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 533s [p11_child[2595]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 533s [p11_child[2595]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 533s [p11_child[2595]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x8eab8a5;slot-manufacturer=SoftHSM%20project;slot-id=149600421;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=408bdbbf88eab8a5;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 533s [p11_child[2595]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 533s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24235.output 533s + echo '-----BEGIN CERTIFICATE-----' 533s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24235.output 533s + echo '-----END CERTIFICATE-----' 533s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24235.pem 533s + local found_md5 expected_md5 533s Certificate: 533s Data: 533s Version: 3 (0x2) 533s Serial Number: 5 (0x5) 533s Signature Algorithm: sha256WithRSAEncryption 533s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 533s Validity 533s Not Before: Jun 13 19:15:13 2024 GMT 533s Not After : Jun 13 19:15:13 2025 GMT 533s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 533s Subject Public Key Info: 533s Public Key Algorithm: rsaEncryption 533s Public-Key: (1024 bit) 533s Modulus: 533s 00:c4:59:76:10:f0:4a:e5:bd:12:0b:89:2f:31:97: 533s df:2d:88:b0:66:9d:06:9f:65:c5:2f:17:ae:ed:fa: 533s f8:a1:cf:6b:70:11:ae:f8:da:69:0f:6b:02:8e:6a: 533s 60:47:eb:3b:ef:bf:b1:c6:ff:ba:84:d8:57:b7:c0: 533s 6e:95:0c:16:68:7d:df:9f:48:ae:d2:a9:5d:4c:43: 533s 42:42:e4:e4:8f:ff:f7:8f:07:86:e6:c9:e9:43:f7: 533s 70:79:77:1a:2d:a1:35:97:07:06:47:6d:f0:fd:11: 533s d6:51:e6:02:0a:1b:7a:b6:ba:5f:38:9e:27:d1:f3: 533s d1:d7:28:cb:28:60:64:70:6f 533s Exponent: 65537 (0x10001) 533s X509v3 extensions: 533s X509v3 Authority Key Identifier: 533s FD:69:91:67:A7:48:E2:06:B7:17:53:47:2D:21:51:DC:69:33:3B:00 533s X509v3 Basic Constraints: 533s CA:FALSE 533s Netscape Cert Type: 533s SSL Client, S/MIME 533s Netscape Comment: 533s Test Organization Sub Intermediate CA trusted Certificate 533s X509v3 Subject Key Identifier: 533s 19:15:CF:25:AE:21:FC:19:0C:0A:9D:1E:E7:88:97:9D:0B:9A:C1:0B 533s X509v3 Key Usage: critical 533s Digital Signature, Non Repudiation, Key Encipherment 533s X509v3 Extended Key Usage: 533s TLS Web Client Authentication, E-mail Protection 533s X509v3 Subject Alternative Name: 533s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 533s Signature Algorithm: sha256WithRSAEncryption 533s Signature Value: 533s 69:92:fb:b3:fe:84:d2:c5:bd:5a:91:44:82:ed:7d:86:e1:16: 533s 07:d7:e3:07:09:48:9e:5b:be:40:58:b5:e0:d0:a7:be:04:16: 533s 25:e0:9d:e1:02:d3:59:cd:c1:82:8a:bb:55:a3:86:0a:5d:db: 533s 29:1f:91:c2:58:15:8d:48:e0:d3:cc:16:6d:e7:a0:21:4e:74: 533s 48:4f:b8:95:8f:36:c3:f2:ba:8d:bb:cf:0d:b3:06:2b:27:28: 533s 29:5f:d7:f1:1b:4a:ab:70:6f:46:70:7e:93:cb:91:36:d8:d5: 533s 26:cd:37:5b:e5:7a:8e:cd:93:7e:d7:38:26:61:09:14:fc:8a: 533s 11:50 533s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 533s + expected_md5=Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F 533s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24235.pem 533s + found_md5=Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F 533s + '[' Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F '!=' Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F ']' 533s + output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-24235-auth.output 533s ++ basename /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24235-auth.output .output 533s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-24235-auth.pem 533s + echo -n 053350 533s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 533s [p11_child[2603]] [main] (0x0400): p11_child started. 533s [p11_child[2603]] [main] (0x2000): Running in [auth] mode. 533s [p11_child[2603]] [main] (0x2000): Running with effective IDs: [0][0]. 533s [p11_child[2603]] [main] (0x2000): Running with real IDs [0][0]. 533s [p11_child[2603]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 533s [p11_child[2603]] [do_card] (0x4000): Module List: 533s [p11_child[2603]] [do_card] (0x4000): common name: [softhsm2]. 533s [p11_child[2603]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 533s [p11_child[2603]] [do_card] (0x4000): Description [SoftHSM slot ID 0x8eab8a5] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 533s [p11_child[2603]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 533s [p11_child[2603]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x8eab8a5][149600421] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 533s [p11_child[2603]] [do_card] (0x4000): Login required. 533s [p11_child[2603]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 533s [p11_child[2603]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 533s [p11_child[2603]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 533s [p11_child[2603]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x8eab8a5;slot-manufacturer=SoftHSM%20project;slot-id=149600421;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=408bdbbf88eab8a5;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 533s [p11_child[2603]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 533s [p11_child[2603]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 533s [p11_child[2603]] [do_card] (0x4000): Certificate verified and validated. 533s [p11_child[2603]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 533s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24235-auth.output 533s + echo '-----BEGIN CERTIFICATE-----' 533s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24235-auth.output 533s + echo '-----END CERTIFICATE-----' 533s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24235-auth.pem 533s Certificate: 533s Data: 533s Version: 3 (0x2) 533s Serial Number: 5 (0x5) 533s Signature Algorithm: sha256WithRSAEncryption 533s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 533s Validity 533s Not Before: Jun 13 19:15:13 2024 GMT 533s Not After : Jun 13 19:15:13 2025 GMT 533s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 533s Subject Public Key Info: 533s Public Key Algorithm: rsaEncryption 533s Public-Key: (1024 bit) 533s Modulus: 533s 00:c4:59:76:10:f0:4a:e5:bd:12:0b:89:2f:31:97: 533s df:2d:88:b0:66:9d:06:9f:65:c5:2f:17:ae:ed:fa: 533s f8:a1:cf:6b:70:11:ae:f8:da:69:0f:6b:02:8e:6a: 533s 60:47:eb:3b:ef:bf:b1:c6:ff:ba:84:d8:57:b7:c0: 533s 6e:95:0c:16:68:7d:df:9f:48:ae:d2:a9:5d:4c:43: 533s 42:42:e4:e4:8f:ff:f7:8f:07:86:e6:c9:e9:43:f7: 533s 70:79:77:1a:2d:a1:35:97:07:06:47:6d:f0:fd:11: 533s d6:51:e6:02:0a:1b:7a:b6:ba:5f:38:9e:27:d1:f3: 533s d1:d7:28:cb:28:60:64:70:6f 533s Exponent: 65537 (0x10001) 533s X509v3 extensions: 533s X509v3 Authority Key Identifier: 533s FD:69:91:67:A7:48:E2:06:B7:17:53:47:2D:21:51:DC:69:33:3B:00 533s X509v3 Basic Constraints: 533s CA:FALSE 533s Netscape Cert Type: 533s SSL Client, S/MIME 533s Netscape Comment: 533s Test Organization Sub Intermediate CA trusted Certificate 533s X509v3 Subject Key Identifier: 533s 19:15:CF:25:AE:21:FC:19:0C:0A:9D:1E:E7:88:97:9D:0B:9A:C1:0B 533s X509v3 Key Usage: critical 533s Digital Signature, Non Repudiation, Key Encipherment 533s X509v3 Extended Key Usage: 533s TLS Web Client Authentication, E-mail Protection 533s X509v3 Subject Alternative Name: 533s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 533s Signature Algorithm: sha256WithRSAEncryption 533s Signature Value: 533s 69:92:fb:b3:fe:84:d2:c5:bd:5a:91:44:82:ed:7d:86:e1:16: 533s 07:d7:e3:07:09:48:9e:5b:be:40:58:b5:e0:d0:a7:be:04:16: 533s 25:e0:9d:e1:02:d3:59:cd:c1:82:8a:bb:55:a3:86:0a:5d:db: 533s 29:1f:91:c2:58:15:8d:48:e0:d3:cc:16:6d:e7:a0:21:4e:74: 533s 48:4f:b8:95:8f:36:c3:f2:ba:8d:bb:cf:0d:b3:06:2b:27:28: 533s 29:5f:d7:f1:1b:4a:ab:70:6f:46:70:7e:93:cb:91:36:d8:d5: 533s 26:cd:37:5b:e5:7a:8e:cd:93:7e:d7:38:26:61:09:14:fc:8a: 533s 11:50 533s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-24235-auth.pem 533s + found_md5=Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F 533s + '[' Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F '!=' Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F ']' 533s + valid_certificate /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 /tmp/sssd-softhsm2-YOPqCY/test-intermediate-sub-chain-CA.pem partial_chain 533s + check_certificate /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 /tmp/sssd-softhsm2-YOPqCY/test-intermediate-sub-chain-CA.pem partial_chain 533s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 533s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-123 533s + local key_ring=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-sub-chain-CA.pem 533s + local verify_option=partial_chain 533s + prepare_softhsm2_card /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-123 533s + local certificate=/tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 533s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-123 533s + local key_cn 533s + local key_name 533s + local tokens_dir 533s + local output_cert_file 533s + token_name= 533s ++ basename /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 533s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 533s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 533s ++ sed -n 's/ *commonName *= //p' 534s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 534s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 534s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 534s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 534s ++ basename /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 534s + tokens_dir=/tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 534s + token_name='Test Organization Sub Int Token' 534s + '[' '!' -e /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 534s + '[' '!' -d /tmp/sssd-softhsm2-YOPqCY/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 534s + echo 'Test Organization Sub Int Token' 534s Test Organization Sub Int Token 534s + '[' -n partial_chain ']' 534s + local verify_arg=--verify=partial_chain 534s + local output_base_name=SSSD-child-9598 534s + local output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-9598.output 534s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-9598.pem 534s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-sub-chain-CA.pem 534s [p11_child[2613]] [main] (0x0400): p11_child started. 534s [p11_child[2613]] [main] (0x2000): Running in [pre-auth] mode. 534s [p11_child[2613]] [main] (0x2000): Running with effective IDs: [0][0]. 534s [p11_child[2613]] [main] (0x2000): Running with real IDs [0][0]. 534s [p11_child[2613]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 534s [p11_child[2613]] [do_card] (0x4000): Module List: 534s [p11_child[2613]] [do_card] (0x4000): common name: [softhsm2]. 534s [p11_child[2613]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 534s [p11_child[2613]] [do_card] (0x4000): Description [SoftHSM slot ID 0x8eab8a5] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 534s [p11_child[2613]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 534s [p11_child[2613]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x8eab8a5][149600421] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 534s [p11_child[2613]] [do_card] (0x4000): Login NOT required. 534s [p11_child[2613]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 534s [p11_child[2613]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 534s [p11_child[2613]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 534s [p11_child[2613]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x8eab8a5;slot-manufacturer=SoftHSM%20project;slot-id=149600421;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=408bdbbf88eab8a5;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 534s [p11_child[2613]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 534s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-9598.output 534s + echo '-----BEGIN CERTIFICATE-----' 534s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-9598.output 534s + echo '-----END CERTIFICATE-----' 534s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-9598.pem 534s Certificate: 534s Data: 534s Version: 3 (0x2) 534s Serial Number: 5 (0x5) 534s Signature Algorithm: sha256WithRSAEncryption 534s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 534s Validity 534s Not Before: Jun 13 19:15:13 2024 GMT 534s Not After : Jun 13 19:15:13 2025 GMT 534s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 534s Subject Public Key Info: 534s Public Key Algorithm: rsaEncryption 534s Public-Key: (1024 bit) 534s Modulus: 534s 00:c4:59:76:10:f0:4a:e5:bd:12:0b:89:2f:31:97: 534s df:2d:88:b0:66:9d:06:9f:65:c5:2f:17:ae:ed:fa: 534s f8:a1:cf:6b:70:11:ae:f8:da:69:0f:6b:02:8e:6a: 534s 60:47:eb:3b:ef:bf:b1:c6:ff:ba:84:d8:57:b7:c0: 534s 6e:95:0c:16:68:7d:df:9f:48:ae:d2:a9:5d:4c:43: 534s 42:42:e4:e4:8f:ff:f7:8f:07:86:e6:c9:e9:43:f7: 534s 70:79:77:1a:2d:a1:35:97:07:06:47:6d:f0:fd:11: 534s d6:51:e6:02:0a:1b:7a:b6:ba:5f:38:9e:27:d1:f3: 534s d1:d7:28:cb:28:60:64:70:6f 534s Exponent: 65537 (0x10001) 534s X509v3 extensions: 534s X509v3 Authority Key Identifier: 534s FD:69:91:67:A7:48:E2:06:B7:17:53:47:2D:21:51:DC:69:33:3B:00 534s X509v3 Basic Constraints: 534s CA:FALSE 534s Netscape Cert Type: 534s SSL Client, S/MIME 534s Netscape Comment: 534s Test Organization Sub Intermediate CA trusted Certificate 534s X509v3 Subject Key Identifier: 534s 19:15:CF:25:AE:21:FC:19:0C:0A:9D:1E:E7:88:97:9D:0B:9A:C1:0B 534s X509v3 Key Usage: critical 534s Digital Signature, Non Repudiation, Key Encipherment 534s X509v3 Extended Key Usage: 534s TLS Web Client Authentication, E-mail Protection 534s X509v3 Subject Alternative Name: 534s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 534s Signature Algorithm: sha256WithRSAEncryption 534s Signature Value: 534s 69:92:fb:b3:fe:84:d2:c5:bd:5a:91:44:82:ed:7d:86:e1:16: 534s 07:d7:e3:07:09:48:9e:5b:be:40:58:b5:e0:d0:a7:be:04:16: 534s 25:e0:9d:e1:02:d3:59:cd:c1:82:8a:bb:55:a3:86:0a:5d:db: 534s 29:1f:91:c2:58:15:8d:48:e0:d3:cc:16:6d:e7:a0:21:4e:74: 534s 48:4f:b8:95:8f:36:c3:f2:ba:8d:bb:cf:0d:b3:06:2b:27:28: 534s 29:5f:d7:f1:1b:4a:ab:70:6f:46:70:7e:93:cb:91:36:d8:d5: 534s 26:cd:37:5b:e5:7a:8e:cd:93:7e:d7:38:26:61:09:14:fc:8a: 534s 11:50 534s + local found_md5 expected_md5 534s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/test-sub-intermediate-CA-trusted-certificate-0001.pem 534s + expected_md5=Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F 534s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-9598.pem 534s + found_md5=Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F 534s + '[' Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F '!=' Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F ']' 534s + output_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-9598-auth.output 534s ++ basename /tmp/sssd-softhsm2-YOPqCY/SSSD-child-9598-auth.output .output 534s + output_cert_file=/tmp/sssd-softhsm2-YOPqCY/SSSD-child-9598-auth.pem 534s + echo -n 053350 534s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-YOPqCY/test-intermediate-sub-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 534s [p11_child[2621]] [main] (0x0400): p11_child started. 534s [p11_child[2621]] [main] (0x2000): Running in [auth] mode. 534s [p11_child[2621]] [main] (0x2000): Running with effective IDs: [0][0]. 534s [p11_child[2621]] [main] (0x2000): Running with real IDs [0][0]. 534s [p11_child[2621]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 534s [p11_child[2621]] [do_card] (0x4000): Module List: 534s [p11_child[2621]] [do_card] (0x4000): common name: [softhsm2]. 534s [p11_child[2621]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 534s [p11_child[2621]] [do_card] (0x4000): Description [SoftHSM slot ID 0x8eab8a5] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 534s [p11_child[2621]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 534s [p11_child[2621]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x8eab8a5][149600421] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 534s [p11_child[2621]] [do_card] (0x4000): Login required. 534s [p11_child[2621]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 534s [p11_child[2621]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 534s [p11_child[2621]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 534s [p11_child[2621]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x8eab8a5;slot-manufacturer=SoftHSM%20project;slot-id=149600421;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=408bdbbf88eab8a5;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 534s [p11_child[2621]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 534s [p11_child[2621]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 534s [p11_child[2621]] [do_card] (0x4000): Certificate verified and validated. 534s [p11_child[2621]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 534s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-9598-auth.output 534s + echo '-----BEGIN CERTIFICATE-----' 534s + tail -n1 /tmp/sssd-softhsm2-YOPqCY/SSSD-child-9598-auth.output 534s + echo '-----END CERTIFICATE-----' 534s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-9598-auth.pem 534s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-YOPqCY/SSSD-child-9598-auth.pem 534s Certificate: 534s Data: 534s Version: 3 (0x2) 534s Serial Number: 5 (0x5) 534s Signature Algorithm: sha256WithRSAEncryption 534s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 534s Validity 534s Not Before: Jun 13 19:15:13 2024 GMT 534s Not After : Jun 13 19:15:13 2025 GMT 534s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 534s Subject Public Key Info: 534s Public Key Algorithm: rsaEncryption 534s Public-Key: (1024 bit) 534s Modulus: 534s 00:c4:59:76:10:f0:4a:e5:bd:12:0b:89:2f:31:97: 534s df:2d:88:b0:66:9d:06:9f:65:c5:2f:17:ae:ed:fa: 534s f8:a1:cf:6b:70:11:ae:f8:da:69:0f:6b:02:8e:6a: 534s 60:47:eb:3b:ef:bf:b1:c6:ff:ba:84:d8:57:b7:c0: 534s 6e:95:0c:16:68:7d:df:9f:48:ae:d2:a9:5d:4c:43: 534s 42:42:e4:e4:8f:ff:f7:8f:07:86:e6:c9:e9:43:f7: 534s 70:79:77:1a:2d:a1:35:97:07:06:47:6d:f0:fd:11: 534s d6:51:e6:02:0a:1b:7a:b6:ba:5f:38:9e:27:d1:f3: 534s d1:d7:28:cb:28:60:64:70:6f 534s Exponent: 65537 (0x10001) 534s X509v3 extensions: 534s X509v3 Authority Key Identifier: 534s FD:69:91:67:A7:48:E2:06:B7:17:53:47:2D:21:51:DC:69:33:3B:00 534s X509v3 Basic Constraints: 534s CA:FALSE 534s Netscape Cert Type: 534s SSL Client, S/MIME 534s Netscape Comment: 534s Test Organization Sub Intermediate CA trusted Certificate 534s X509v3 Subject Key Identifier: 534s 19:15:CF:25:AE:21:FC:19:0C:0A:9D:1E:E7:88:97:9D:0B:9A:C1:0B 534s X509v3 Key Usage: critical 534s Digital Signature, Non Repudiation, Key Encipherment 534s X509v3 Extended Key Usage: 534s TLS Web Client Authentication, E-mail Protection 534s X509v3 Subject Alternative Name: 534s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 534s Signature Algorithm: sha256WithRSAEncryption 534s Signature Value: 534s 69:92:fb:b3:fe:84:d2:c5:bd:5a:91:44:82:ed:7d:86:e1:16: 534s 07:d7:e3:07:09:48:9e:5b:be:40:58:b5:e0:d0:a7:be:04:16: 534s 25:e0:9d:e1:02:d3:59:cd:c1:82:8a:bb:55:a3:86:0a:5d:db: 534s 29:1f:91:c2:58:15:8d:48:e0:d3:cc:16:6d:e7:a0:21:4e:74: 534s 48:4f:b8:95:8f:36:c3:f2:ba:8d:bb:cf:0d:b3:06:2b:27:28: 534s 29:5f:d7:f1:1b:4a:ab:70:6f:46:70:7e:93:cb:91:36:d8:d5: 534s 26:cd:37:5b:e5:7a:8e:cd:93:7e:d7:38:26:61:09:14:fc:8a: 534s 11:50 534s + found_md5=Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F 534s + '[' Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F '!=' Modulus=C4597610F04AE5BD120B892F3197DF2D88B0669D069F65C52F17AEEDFAF8A1CF6B7011AEF8DA690F6B028E6A6047EB3BEFBFB1C6FFBA84D857B7C06E950C16687DDF9F48AED2A95D4C434242E4E48FFFF78F0786E6C9E943F77079771A2DA135970706476DF0FD11D651E6020A1B7AB6BA5F389E27D1F3D1D728CB286064706F ']' 534s + set +x 534s 534s Test completed, Root CA and intermediate issued certificates verified! 534s autopkgtest [19:15:19]: test sssd-softhism2-certificates-tests.sh: -----------------------] 535s autopkgtest [19:15:20]: test sssd-softhism2-certificates-tests.sh: - - - - - - - - - - results - - - - - - - - - - 535s sssd-softhism2-certificates-tests.sh PASS 535s autopkgtest [19:15:20]: test sssd-smart-card-pam-auth-configs: preparing testbed 536s Reading package lists... 537s Building dependency tree... 537s Reading state information... 537s Starting pkgProblemResolver with broken count: 0 537s Starting 2 pkgProblemResolver with broken count: 0 537s Done 537s The following additional packages will be installed: 537s pamtester 537s The following NEW packages will be installed: 537s autopkgtest-satdep pamtester 537s 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. 537s Need to get 14.6 kB/15.4 kB of archives. 537s After this operation, 86.0 kB of additional disk space will be used. 537s Get:1 /tmp/autopkgtest.px9P1l/4-autopkgtest-satdep.deb autopkgtest-satdep ppc64el 0 [764 B] 537s Get:2 http://ftpmaster.internal/ubuntu oracular/universe ppc64el pamtester ppc64el 0.1.2-4 [14.6 kB] 538s Fetched 14.6 kB in 0s (66.9 kB/s) 538s Selecting previously unselected package pamtester. 538s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 73277 files and directories currently installed.) 538s Preparing to unpack .../pamtester_0.1.2-4_ppc64el.deb ... 538s Unpacking pamtester (0.1.2-4) ... 538s Selecting previously unselected package autopkgtest-satdep. 538s Preparing to unpack .../4-autopkgtest-satdep.deb ... 538s Unpacking autopkgtest-satdep (0) ... 538s Setting up pamtester (0.1.2-4) ... 538s Setting up autopkgtest-satdep (0) ... 538s Processing triggers for man-db (2.12.1-2) ... 540s (Reading database ... 73283 files and directories currently installed.) 540s Removing autopkgtest-satdep (0) ... 541s autopkgtest [19:15:26]: test sssd-smart-card-pam-auth-configs: env OFFLINE_MODE=1 bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 541s autopkgtest [19:15:26]: test sssd-smart-card-pam-auth-configs: [----------------------- 541s + '[' -z ubuntu ']' 541s + export DEBIAN_FRONTEND=noninteractive 541s + DEBIAN_FRONTEND=noninteractive 541s + required_tools=(pamtester softhsm2-util sssd) 541s + [[ ! -v OFFLINE_MODE ]] 541s + for cmd in "${required_tools[@]}" 541s + command -v pamtester 541s + for cmd in "${required_tools[@]}" 541s + command -v softhsm2-util 541s + for cmd in "${required_tools[@]}" 541s + command -v sssd 541s + PIN=123456 541s ++ mktemp -d -t sssd-softhsm2-certs-XXXXXX 541s + tmpdir=/tmp/sssd-softhsm2-certs-WmIy2G 541s + backupsdir= 541s + alternative_pam_configs=(sss-smart-card-optional sss-smart-card-required) 541s + declare -a restore_paths 541s + declare -a delete_paths 541s + trap handle_exit EXIT 541s ++ dirname debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 541s + tester=debian/tests/sssd-softhism2-certificates-tests.sh 541s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 541s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 541s + export PIN TEST_TMPDIR=/tmp/sssd-softhsm2-certs-WmIy2G GENERATE_SMART_CARDS=1 KEEP_TEMPORARY_FILES=1 NO_SSSD_TESTS=1 541s + TEST_TMPDIR=/tmp/sssd-softhsm2-certs-WmIy2G 541s + GENERATE_SMART_CARDS=1 541s + KEEP_TEMPORARY_FILES=1 541s + NO_SSSD_TESTS=1 541s + bash debian/tests/sssd-softhism2-certificates-tests.sh 541s + '[' -z ubuntu ']' 541s + required_tools=(p11tool openssl softhsm2-util) 541s + for cmd in "${required_tools[@]}" 541s + command -v p11tool 541s + for cmd in "${required_tools[@]}" 541s + command -v openssl 541s + for cmd in "${required_tools[@]}" 541s + command -v softhsm2-util 541s + PIN=123456 541s +++ find /usr/lib/softhsm/libsofthsm2.so 541s +++ head -n 1 541s ++ realpath /usr/lib/softhsm/libsofthsm2.so 541s + SOFTHSM2_MODULE=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 541s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 541s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 541s + '[' '!' -v NO_SSSD_TESTS ']' 541s + '[' '!' -e /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so ']' 541s + tmpdir=/tmp/sssd-softhsm2-certs-WmIy2G 541s + keys_size=1024 541s + [[ ! -v KEEP_TEMPORARY_FILES ]] 541s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 541s + echo -n 01 541s + touch /tmp/sssd-softhsm2-certs-WmIy2G/index.txt 541s + mkdir -p /tmp/sssd-softhsm2-certs-WmIy2G/new_certs 541s + cat 541s + root_ca_key_pass=pass:random-root-CA-password-3556 541s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-key.pem -passout pass:random-root-CA-password-3556 1024 541s + openssl req -passin pass:random-root-CA-password-3556 -batch -config /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA.pem 541s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA.pem 541s + cat 541s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-11711 541s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-11711 1024 541s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-11711 -config /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-3556 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-certificate-request.pem 541s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-certificate-request.pem 541s Certificate Request: 541s Data: 541s Version: 1 (0x0) 541s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 541s Subject Public Key Info: 541s Public Key Algorithm: rsaEncryption 541s Public-Key: (1024 bit) 541s Modulus: 541s 00:b8:ea:12:1c:09:44:d2:cd:5d:2e:2e:b1:70:2a: 541s 2d:6e:60:bf:5e:69:3f:2a:43:bb:46:a0:64:5d:a5: 541s 27:32:d5:d7:ca:29:61:a5:5a:3d:2a:6c:31:e9:67: 541s d5:4f:61:c3:5c:ad:2a:99:33:5d:d3:10:63:5c:49: 541s 48:a5:3b:05:7f:5c:08:55:3c:3a:5b:1c:98:24:cc: 541s d1:47:16:e1:c8:ad:38:22:d2:47:12:59:e2:77:77: 541s d1:a5:9d:9a:31:f8:5b:12:4f:f6:b7:82:9b:3c:89: 541s 9a:de:32:25:66:08:1b:6e:66:ab:a5:4c:4f:e2:47: 541s 97:b7:0d:63:42:6e:b7:40:e1 541s Exponent: 65537 (0x10001) 541s Attributes: 541s (none) 541s Requested Extensions: 541s Signature Algorithm: sha256WithRSAEncryption 541s Signature Value: 541s 52:03:75:f1:e1:06:e7:d1:01:21:f3:dd:71:86:ff:35:23:db: 541s 2b:da:b2:49:0e:be:ec:07:30:a8:d5:5e:63:cd:7a:d0:d5:13: 541s 99:d7:ad:dd:94:66:af:7d:a5:d4:b2:f8:5e:68:16:3b:8e:67: 541s d1:16:12:7f:8b:6c:a0:29:6f:13:cb:50:77:75:c4:eb:be:81: 541s 88:56:b3:5f:90:07:c2:cb:46:8d:b1:08:de:85:61:8c:43:e8: 541s bb:6f:1a:fb:59:97:9b:05:22:8c:6f:49:64:65:7c:4c:75:ad: 541s 47:03:52:04:fb:fc:c0:76:c0:b6:e7:9d:4a:22:4d:f6:bb:74: 541s b2:d3 541s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA.config -passin pass:random-root-CA-password-3556 -keyfile /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem 541s Using configuration from /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA.config 541s Check that the request matches the signature 541s Signature ok 541s Certificate Details: 541s Serial Number: 1 (0x1) 541s Validity 541s Not Before: Jun 13 19:15:26 2024 GMT 541s Not After : Jun 13 19:15:26 2025 GMT 541s Subject: 541s organizationName = Test Organization 541s organizationalUnitName = Test Organization Unit 541s commonName = Test Organization Intermediate CA 541s X509v3 extensions: 541s X509v3 Subject Key Identifier: 541s 0E:71:78:38:72:E6:7A:7A:4C:31:F8:E1:54:84:16:D7:D3:09:81:C3 541s X509v3 Authority Key Identifier: 541s keyid:70:16:D9:07:A2:B5:90:EB:F1:EE:76:A0:7E:5D:30:B9:DC:17:7A:D6 541s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 541s serial:00 541s X509v3 Basic Constraints: 541s CA:TRUE 541s X509v3 Key Usage: critical 541s Digital Signature, Certificate Sign, CRL Sign 541s Certificate is to be certified until Jun 13 19:15:26 2025 GMT (365 days) 541s 541s Write out database with 1 new entries 541s Database updated 541s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem 541s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem 541s /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem: OK 541s + cat 541s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-17395 541s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-17395 1024 541s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-17395 -config /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-11711 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-certificate-request.pem 541s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-certificate-request.pem 541s Certificate Request: 541s Data: 541s Version: 1 (0x0) 541s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 541s Subject Public Key Info: 541s Public Key Algorithm: rsaEncryption 541s Public-Key: (1024 bit) 541s Modulus: 541s 00:cf:49:08:7b:fb:28:96:4b:21:55:f4:09:11:c6: 541s 0f:94:91:5d:08:e5:b7:a3:0c:0e:2d:1d:ee:d1:cb: 541s b5:f1:02:be:a3:00:b0:dd:be:72:f0:bd:34:4f:f2: 541s 91:9c:1d:dd:83:3f:90:59:6f:38:4a:79:b9:43:1d: 541s a2:a0:b6:0e:0c:0b:62:c9:64:69:cc:69:36:49:67: 541s 8b:25:96:6c:0b:dd:91:0e:aa:6e:b7:b7:4d:98:17: 541s a4:5c:ad:3c:bd:9b:2b:9b:5e:a5:fe:81:dd:86:67: 541s ff:83:b0:bf:4d:79:29:35:15:38:f6:0d:95:8c:c5: 541s 24:83:a4:67:3c:5b:34:6b:41 541s Exponent: 65537 (0x10001) 541s Attributes: 541s (none) 541s Requested Extensions: 541s Signature Algorithm: sha256WithRSAEncryption 541s Signature Value: 541s 47:96:fb:e1:0e:37:af:ea:be:7f:56:78:04:e3:e5:be:19:b9: 541s f5:c3:93:36:d9:21:c6:86:1f:e3:5b:31:1c:ae:a0:9a:28:3b: 541s 4c:9e:bf:b9:87:8d:32:f7:cb:f9:e8:9a:0b:0c:bd:16:8e:87: 541s 50:a8:35:40:5c:3d:50:0d:be:65:31:d3:d9:d4:0d:8f:8d:fd: 541s 38:2d:a4:16:e7:65:0a:ab:02:9d:3b:49:1b:14:55:5b:c1:fe: 541s 1a:1b:b9:cb:5a:35:7e:02:d1:38:5b:3e:6e:bd:f8:f8:b3:8c: 541s 7e:d1:76:5b:63:91:fe:81:c8:c6:b9:9b:d1:fe:7f:0c:6f:6e: 541s 51:cb 541s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-11711 -keyfile /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.pem 541s Using configuration from /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.config 541s Check that the request matches the signature 541s Signature ok 541s Certificate Details: 541s Serial Number: 2 (0x2) 541s Validity 541s Not Before: Jun 13 19:15:26 2024 GMT 541s Not After : Jun 13 19:15:26 2025 GMT 541s Subject: 541s organizationName = Test Organization 541s organizationalUnitName = Test Organization Unit 541s commonName = Test Organization Sub Intermediate CA 541s X509v3 extensions: 541s X509v3 Subject Key Identifier: 541s D6:BF:01:96:C6:1D:3D:2B:AF:40:2D:B8:A0:C8:01:54:AF:E5:5C:6D 541s X509v3 Authority Key Identifier: 541s keyid:0E:71:78:38:72:E6:7A:7A:4C:31:F8:E1:54:84:16:D7:D3:09:81:C3 541s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 541s serial:01 541s X509v3 Basic Constraints: 541s CA:TRUE 541s X509v3 Key Usage: critical 541s Digital Signature, Certificate Sign, CRL Sign 541s Certificate is to be certified until Jun 13 19:15:26 2025 GMT (365 days) 541s 541s Write out database with 1 new entries 541s Database updated 541s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.pem 541s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.pem 541s /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.pem: OK 541s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.pem 541s + local cmd=openssl 541s + shift 541s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.pem 541s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 541s error 20 at 0 depth lookup: unable to get local issuer certificate 541s error /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.pem: verification failed 541s + cat 541s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-16309 541s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-16309 1024 541s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-16309 -key /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001-request.pem 541s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001-request.pem 541s Certificate Request: 541s Data: 541s Version: 1 (0x0) 541s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 541s Subject Public Key Info: 541s Public Key Algorithm: rsaEncryption 541s Public-Key: (1024 bit) 541s Modulus: 541s 00:cf:c2:7a:fe:58:ec:12:1b:a2:da:b1:a9:8e:5f: 541s 7e:f3:e8:17:c5:08:ea:6d:56:07:41:02:78:a6:c1: 541s 10:04:50:dc:fb:d4:6f:bd:66:a7:79:ad:a7:e0:0c: 541s 5b:1e:8d:02:03:f9:0b:a4:a1:6a:ed:7f:d1:38:55: 541s b9:e6:78:e7:fb:b7:4e:48:76:8a:63:b1:71:7b:90: 541s 4c:59:82:77:4e:66:bc:9d:9f:16:1f:3a:ad:0b:f5: 541s ec:91:4d:bb:f2:5b:4d:46:9e:d8:74:ab:d8:38:d4: 541s 52:b9:68:3f:71:16:f3:f6:8c:8b:cb:9c:73:93:8e: 541s e3:30:56:9e:84:70:ca:bc:cd 541s Exponent: 65537 (0x10001) 541s Attributes: 541s Requested Extensions: 541s X509v3 Basic Constraints: 541s CA:FALSE 541s Netscape Cert Type: 541s SSL Client, S/MIME 541s Netscape Comment: 541s Test Organization Root CA trusted Certificate 541s X509v3 Subject Key Identifier: 541s 9B:45:74:6F:36:28:E5:D0:C9:9D:50:97:3D:DA:BC:D1:98:33:41:CD 541s X509v3 Key Usage: critical 541s Digital Signature, Non Repudiation, Key Encipherment 541s X509v3 Extended Key Usage: 541s TLS Web Client Authentication, E-mail Protection 541s X509v3 Subject Alternative Name: 541s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 541s Signature Algorithm: sha256WithRSAEncryption 541s Signature Value: 541s 57:74:e1:77:53:ae:ea:5a:9b:7d:7d:b1:4a:65:8d:63:78:bc: 541s bf:95:02:d5:66:30:6f:4b:61:77:e7:f0:42:41:31:0b:68:b0: 541s f1:ba:6f:88:c6:d6:0a:1a:3c:a4:7c:33:94:27:8d:a1:71:5e: 541s 0b:2c:9a:e5:a3:1f:7d:d4:15:67:72:9d:9b:79:73:8b:72:fc: 541s bf:c4:24:a3:93:bc:83:3b:a7:35:31:e6:bd:dc:ad:36:b3:10: 541s 24:0e:da:b8:86:0a:08:e1:50:e5:5a:e7:db:04:d0:25:05:57: 541s 78:e1:a5:11:f7:14:3e:e4:09:24:f0:ac:f5:44:bc:4b:29:78: 541s f7:58 541s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA.config -passin pass:random-root-CA-password-3556 -keyfile /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001.pem 541s Using configuration from /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA.config 541s Check that the request matches the signature 541s Signature ok 541s Certificate Details: 541s Serial Number: 3 (0x3) 541s Validity 541s Not Before: Jun 13 19:15:26 2024 GMT 541s Not After : Jun 13 19:15:26 2025 GMT 541s Subject: 541s organizationName = Test Organization 541s organizationalUnitName = Test Organization Unit 541s commonName = Test Organization Root Trusted Certificate 0001 541s X509v3 extensions: 541s X509v3 Authority Key Identifier: 541s 70:16:D9:07:A2:B5:90:EB:F1:EE:76:A0:7E:5D:30:B9:DC:17:7A:D6 541s X509v3 Basic Constraints: 541s CA:FALSE 541s Netscape Cert Type: 541s SSL Client, S/MIME 541s Netscape Comment: 541s Test Organization Root CA trusted Certificate 541s X509v3 Subject Key Identifier: 541s 9B:45:74:6F:36:28:E5:D0:C9:9D:50:97:3D:DA:BC:D1:98:33:41:CD 541s X509v3 Key Usage: critical 541s Digital Signature, Non Repudiation, Key Encipherment 541s X509v3 Extended Key Usage: 541s TLS Web Client Authentication, E-mail Protection 541s X509v3 Subject Alternative Name: 541s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 541s Certificate is to be certified until Jun 13 19:15:26 2025 GMT (365 days) 541s 541s Write out database with 1 new entries 541s Database updated 541s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001.pem 541s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001.pem 541s /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001.pem: OK 541s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001.pem 541s + local cmd=openssl 541s + shift 541s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001.pem 541s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 541s error 20 at 0 depth lookup: unable to get local issuer certificate 541s error /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001.pem: verification failed 541s + cat 541s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-27349 541s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-27349 1024 541s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-27349 -key /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001-request.pem 541s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001-request.pem 541s Certificate Request: 541s Data: 541s Version: 1 (0x0) 541s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 541s Subject Public Key Info: 542s Public Key Algorithm: rsaEncryption 542s Public-Key: (1024 bit) 542s Modulus: 542s 00:b9:ad:2e:12:98:24:53:9c:cf:ea:50:c7:ab:ac: 542s db:58:ae:e9:76:72:d7:93:c4:fd:24:1b:4a:33:df: 542s ee:dd:ec:86:cc:9c:3c:59:6f:d2:d5:49:4a:af:96: 542s 4e:b0:0f:86:0b:d3:e1:8c:3e:cc:79:19:ec:32:85: 542s 0f:06:49:7c:84:b9:fc:15:6e:43:eb:9f:77:ed:59: 542s 37:e3:88:4e:72:01:fb:bc:8f:ac:d6:07:e2:f5:f0: 542s 16:c3:6f:7a:a9:ca:5d:ef:72:75:64:48:e4:28:38: 542s 78:58:da:29:a8:1a:56:84:50:a1:db:0f:46:9b:03: 542s 4c:03:c8:98:b2:8e:84:fc:c7 542s Exponent: 65537 (0x10001) 542s Attributes: 542s Requested Extensions: 542s X509v3 Basic Constraints: 542s CA:FALSE 542s Netscape Cert Type: 542s SSL Client, S/MIME 542s Netscape Comment: 542s Test Organization Intermediate CA trusted Certificate 542s X509v3 Subject Key Identifier: 542s 7D:48:69:78:EF:22:F3:0C:7D:EC:D0:FD:37:CA:A1:31:E3:1C:9A:53 542s X509v3 Key Usage: critical 542s Digital Signature, Non Repudiation, Key Encipherment 542s X509v3 Extended Key Usage: 542s TLS Web Client Authentication, E-mail Protection 542s X509v3 Subject Alternative Name: 542s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 542s Signature Algorithm: sha256WithRSAEncryption 542s Signature Value: 542s a7:05:0b:5c:78:ac:5d:d7:b4:44:f5:08:68:9c:91:bc:27:5f: 542s 70:d6:be:46:5b:cd:e4:7e:af:20:80:ff:de:2f:5d:99:d6:7f: 542s 57:42:3a:06:4b:8c:31:fe:5b:5e:8a:0b:4f:49:be:49:0b:8a: 542s 84:36:91:89:46:31:11:e1:7c:5c:b5:e1:e7:50:66:70:c0:6f: 542s 8a:5e:f5:53:40:f2:3c:2c:a4:35:5e:c9:6d:a5:38:54:c1:a7: 542s 84:ba:bd:a0:71:24:ad:58:c2:e4:d6:0f:31:af:19:0a:95:dc: 542s 48:87:e5:64:0b:dd:35:bf:63:88:11:ae:2b:c9:a8:dd:ad:30: 542s 00:d0 542s + openssl ca -passin pass:random-intermediate-CA-password-11711 -config /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001.pem 542s Using configuration from /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.config 542s Check that the request matches the signature 542s Signature ok 542s Certificate Details: 542s Serial Number: 4 (0x4) 542s Validity 542s Not Before: Jun 13 19:15:26 2024 GMT 542s Not After : Jun 13 19:15:26 2025 GMT 542s Subject: 542s organizationName = Test Organization 542s organizationalUnitName = Test Organization Unit 542s commonName = Test Organization Intermediate Trusted Certificate 0001 542s X509v3 extensions: 542s X509v3 Authority Key Identifier: 542s 0E:71:78:38:72:E6:7A:7A:4C:31:F8:E1:54:84:16:D7:D3:09:81:C3 542s X509v3 Basic Constraints: 542s CA:FALSE 542s Netscape Cert Type: 542s SSL Client, S/MIME 542s Netscape Comment: 542s Test Organization Intermediate CA trusted Certificate 542s X509v3 Subject Key Identifier: 542s 7D:48:69:78:EF:22:F3:0C:7D:EC:D0:FD:37:CA:A1:31:E3:1C:9A:53 542s X509v3 Key Usage: critical 542s Digital Signature, Non Repudiation, Key Encipherment 542s X509v3 Extended Key Usage: 542s TLS Web Client Authentication, E-mail Protection 542s X509v3 Subject Alternative Name: 542s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 542s Certificate is to be certified until Jun 13 19:15:26 2025 GMT (365 days) 542s 542s Write out database with 1 new entries 542s Database updated 542s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001.pem 542s + echo 'This certificate should not be trusted fully' 542s This certificate should not be trusted fully 542s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001.pem 542s + local cmd=openssl 542s + shift 542s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001.pem 542s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 542s error 2 at 1 depth lookup: unable to get issuer certificate 542s error /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 542s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001.pem 542s + cat 542s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-4325 542s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-4325 1024 542s /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001.pem: OK 542s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-4325 -key /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 542s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 542s Certificate Request: 542s Data: 542s Version: 1 (0x0) 542s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 542s Subject Public Key Info: 542s Public Key Algorithm: rsaEncryption 542s Public-Key: (1024 bit) 542s Modulus: 542s 00:b2:63:6d:ab:73:30:b1:ba:94:38:7b:d1:45:53: 542s af:30:75:47:1b:e7:b5:59:62:25:55:67:44:15:e5: 542s b0:f9:65:7d:1a:f8:52:4b:3d:9f:10:d8:e0:37:b9: 542s 50:eb:5c:93:f4:9d:0e:4b:69:31:c5:db:e5:9b:ca: 542s 05:0b:39:a1:bb:89:8d:73:14:1e:d7:ab:36:d8:06: 542s dd:fe:37:11:e7:00:4b:6f:7d:3f:f7:87:f5:a6:b5: 542s 8a:03:c9:02:c7:0c:87:ce:15:53:9f:3a:0a:0d:bb: 542s ab:5d:06:97:90:90:be:8e:4b:35:59:f9:ba:c2:cd: 542s ca:c5:dd:65:44:c7:5a:5e:81 542s Exponent: 65537 (0x10001) 542s Attributes: 542s Requested Extensions: 542s X509v3 Basic Constraints: 542s CA:FALSE 542s Netscape Cert Type: 542s SSL Client, S/MIME 542s Netscape Comment: 542s Test Organization Sub Intermediate CA trusted Certificate 542s X509v3 Subject Key Identifier: 542s 8F:B2:C4:9C:3D:0E:40:5F:C2:96:A8:52:98:0D:C7:84:64:3F:47:63 542s X509v3 Key Usage: critical 542s Digital Signature, Non Repudiation, Key Encipherment 542s X509v3 Extended Key Usage: 542s TLS Web Client Authentication, E-mail Protection 542s X509v3 Subject Alternative Name: 542s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 542s Signature Algorithm: sha256WithRSAEncryption 542s Signature Value: 542s 4f:1c:15:44:cb:40:d4:ea:5b:55:0a:18:5f:02:f4:8e:2b:b9: 542s b0:75:a0:24:bb:3f:c0:52:a9:42:57:ab:7a:dc:6b:55:94:c5: 542s 84:35:a6:fe:4f:95:0e:ce:f1:1b:ab:64:db:28:c5:cf:cd:74: 542s 55:51:00:9b:49:c2:cb:0b:bd:8b:e6:db:da:b7:af:bc:b7:8c: 542s 41:65:8a:46:09:60:30:18:b1:a1:ad:1d:18:5e:ff:b1:b7:a1: 542s 8b:6a:39:98:a4:ad:5d:ac:4f:af:26:1f:13:6e:59:6c:fd:34: 542s 1c:18:68:f0:04:2b:9f:43:2b:2a:15:7c:42:8f:4e:b6:01:71: 542s bf:12 542s + openssl ca -passin pass:random-sub-intermediate-CA-password-17395 -config /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem 542s Using configuration from /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.config 542s Check that the request matches the signature 542s Signature ok 542s Certificate Details: 542s Serial Number: 5 (0x5) 542s Validity 542s Not Before: Jun 13 19:15:27 2024 GMT 542s Not After : Jun 13 19:15:27 2025 GMT 542s Subject: 542s organizationName = Test Organization 542s organizationalUnitName = Test Organization Unit 542s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 542s X509v3 extensions: 542s X509v3 Authority Key Identifier: 542s D6:BF:01:96:C6:1D:3D:2B:AF:40:2D:B8:A0:C8:01:54:AF:E5:5C:6D 542s X509v3 Basic Constraints: 542s CA:FALSE 542s Netscape Cert Type: 542s SSL Client, S/MIME 542s Netscape Comment: 542s Test Organization Sub Intermediate CA trusted Certificate 542s X509v3 Subject Key Identifier: 542s 8F:B2:C4:9C:3D:0E:40:5F:C2:96:A8:52:98:0D:C7:84:64:3F:47:63 542s X509v3 Key Usage: critical 542s Digital Signature, Non Repudiation, Key Encipherment 542s X509v3 Extended Key Usage: 542s TLS Web Client Authentication, E-mail Protection 542s X509v3 Subject Alternative Name: 542s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 542s Certificate is to be certified until Jun 13 19:15:27 2025 GMT (365 days) 542s 542s Write out database with 1 new entries 542s Database updated 542s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem 542s + echo 'This certificate should not be trusted fully' 542s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem 542s + local cmd=openssl 542s This certificate should not be trusted fully 542s + shift 542s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem 542s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 542s error 2 at 1 depth lookup: unable to get issuer certificate 542s error /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 542s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem 542s + local cmd=openssl 542s + shift 542s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem 542s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 542s error 20 at 0 depth lookup: unable to get local issuer certificate 542s error /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 542s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem 542s /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 542s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem 542s + local cmd=openssl 542s + shift 542s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem 542s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 542s error 20 at 0 depth lookup: unable to get local issuer certificate 542s error /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 542s + echo 'Building a the full-chain CA file...' 542s + cat /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.pem 542s Building a the full-chain CA file... 542s + cat /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem 542s + cat /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.pem 542s + openssl pkcs7 -print_certs -noout 542s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-certs-WmIy2G/test-full-chain-CA.pem 542s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 542s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 542s 542s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 542s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 542s 542s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 542s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 542s 542s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem 542s /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA.pem: OK 542s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001.pem 542s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001.pem 542s /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001.pem: OK 542s /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001.pem: OK 542s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-root-intermediate-chain-CA.pem 542s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-WmIy2G/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem 542s /tmp/sssd-softhsm2-certs-WmIy2G/test-root-intermediate-chain-CA.pem: OK 542s /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 542s + echo 'Certificates generation completed!' 542s Certificates generation completed! 542s + [[ -v NO_SSSD_TESTS ]] 542s + [[ -v GENERATE_SMART_CARDS ]] 542s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-16309 542s + local certificate=/tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001.pem 542s + local key_pass=pass:random-root-ca-trusted-cert-0001-16309 542s + local key_cn 542s + local key_name 542s + local tokens_dir 542s + local output_cert_file 542s + token_name= 542s ++ basename /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001.pem .pem 542s + key_name=test-root-CA-trusted-certificate-0001 542s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001.pem 542s ++ sed -n 's/ *commonName *= //p' 542s + key_cn='Test Organization Root Trusted Certificate 0001' 542s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 542s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-root-CA-trusted-certificate-0001.conf 542s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-root-CA-trusted-certificate-0001.conf 542s ++ basename /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 542s + tokens_dir=/tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-root-CA-trusted-certificate-0001 542s + token_name='Test Organization Root Tr Token' 542s + '[' '!' -e /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 542s + local key_file 542s + local decrypted_key 542s + mkdir -p /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-root-CA-trusted-certificate-0001 542s + key_file=/tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001-key.pem 542s + decrypted_key=/tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001-key-decrypted.pem 542s + cat 542s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 123456 --so-pin 123456 --free 542s Slot 0 has a free/uninitialized token. 542s The token has been initialized and is reassigned to slot 1786071138 542s + softhsm2-util --show-slots 542s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 542s Available slots: 542s Slot 1786071138 542s Slot info: 542s Description: SoftHSM slot ID 0x6a754862 542s Manufacturer ID: SoftHSM project 542s Hardware version: 2.6 542s Firmware version: 2.6 542s Token present: yes 542s Token info: 542s Manufacturer ID: SoftHSM project 542s Model: SoftHSM v2 542s Hardware version: 2.6 542s Firmware version: 2.6 542s Serial number: 43f04bad6a754862 542s Initialized: yes 542s User PIN init.: yes 542s Label: Test Organization Root Tr Token 542s Slot 1 542s Slot info: 542s Description: SoftHSM slot ID 0x1 542s Manufacturer ID: SoftHSM project 542s Hardware version: 2.6 542s Firmware version: 2.6 542s Token present: yes 542s Token info: 542s Manufacturer ID: SoftHSM project 542s Model: SoftHSM v2 542s Hardware version: 2.6 542s Firmware version: 2.6 542s Serial number: 542s Initialized: no 542s User PIN init.: no 542s Label: 542s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-16309 -in /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001-key-decrypted.pem 542s writing RSA key 542s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 542s + rm /tmp/sssd-softhsm2-certs-WmIy2G/test-root-CA-trusted-certificate-0001-key-decrypted.pem 542s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 542s Object 0: 542s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=43f04bad6a754862;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 542s Type: X.509 Certificate (RSA-1024) 542s Expires: Fri Jun 13 19:15:26 2025 542s Label: Test Organization Root Trusted Certificate 0001 542s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 542s 542s Test Organization Root Tr Token 542s + echo 'Test Organization Root Tr Token' 542s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27349 542s + local certificate=/tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001.pem 542s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27349 542s + local key_cn 542s + local key_name 542s + local tokens_dir 542s + local output_cert_file 542s + token_name= 542s ++ basename /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001.pem .pem 542s + key_name=test-intermediate-CA-trusted-certificate-0001 542s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001.pem 542s ++ sed -n 's/ *commonName *= //p' 542s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 542s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 542s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 542s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 542s ++ basename /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 542s + tokens_dir=/tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-intermediate-CA-trusted-certificate-0001 542s + token_name='Test Organization Interme Token' 542s + '[' '!' -e /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 542s + local key_file 542s + local decrypted_key 542s + mkdir -p /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-intermediate-CA-trusted-certificate-0001 542s + key_file=/tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001-key.pem 542s + decrypted_key=/tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 542s + cat 542s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 123456 --so-pin 123456 --free 542s Slot 0 has a free/uninitialized token. 542s The token has been initialized and is reassigned to slot 530226274 542s + softhsm2-util --show-slots 542s Available slots: 542s Slot 530226274 542s Slot info: 542s Description: SoftHSM slot ID 0x1f9a9c62 542s Manufacturer ID: SoftHSM project 542s Hardware version: 2.6 542s Firmware version: 2.6 542s Token present: yes 542s Token info: 542s Manufacturer ID: SoftHSM project 542s Model: SoftHSM v2 542s Hardware version: 2.6 542s Firmware version: 2.6 542s Serial number: 186e9b239f9a9c62 542s Initialized: yes 542s User PIN init.: yes 542s Label: Test Organization Interme Token 542s Slot 1 542s Slot info: 542s Description: SoftHSM slot ID 0x1 542s Manufacturer ID: SoftHSM project 542s Hardware version: 2.6 542s Firmware version: 2.6 542s Token present: yes 542s Token info: 542s Manufacturer ID: SoftHSM project 542s Model: SoftHSM v2 542s Hardware version: 2.6 542s Firmware version: 2.6 542s Serial number: 542s Initialized: no 542s User PIN init.: no 542s Label: 542s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 542s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-27349 -in /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 542s writing RSA key 542s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 542s + rm /tmp/sssd-softhsm2-certs-WmIy2G/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 542s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 542s Object 0: 542s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=186e9b239f9a9c62;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 542s Type: X.509 Certificate (RSA-1024) 542s Expires: Fri Jun 13 19:15:26 2025 542s Label: Test Organization Intermediate Trusted Certificate 0001 542s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 542s 542s Test Organization Interme Token 542s + echo 'Test Organization Interme Token' 542s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-4325 542s + local certificate=/tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem 542s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-4325 542s + local key_cn 542s + local key_name 542s + local tokens_dir 542s + local output_cert_file 542s + token_name= 542s ++ basename /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 542s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 542s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem 542s ++ sed -n 's/ *commonName *= //p' 542s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 542s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 542s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 542s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 542s ++ basename /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 542s + tokens_dir=/tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 542s + token_name='Test Organization Sub Int Token' 542s + '[' '!' -e /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 542s + local key_file 542s + local decrypted_key 542s + mkdir -p /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 542s + key_file=/tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 542s + decrypted_key=/tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 542s + cat 542s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 123456 --so-pin 123456 --free 542s Slot 0 has a free/uninitialized token. 542s The token has been initialized and is reassigned to slot 527396264 542s + softhsm2-util --show-slots 542s Available slots: 542s Slot 527396264 542s Slot info: 542s Description: SoftHSM slot ID 0x1f6f6da8 542s Manufacturer ID: SoftHSM project 542s Hardware version: 2.6 542s Firmware version: 2.6 542s Token present: yes 542s Token info: 542s Manufacturer ID: SoftHSM project 542s Model: SoftHSM v2 542s Hardware version: 2.6 542s Firmware version: 2.6 542s Serial number: 1fd12f899f6f6da8 542s Initialized: yes 542s User PIN init.: yes 542s Label: Test Organization Sub Int Token 542s Slot 1 542s Slot info: 542s Description: SoftHSM slot ID 0x1 542s Manufacturer ID: SoftHSM project 542s Hardware version: 2.6 542s Firmware version: 2.6 542s Token present: yes 542s Token info: 542s Manufacturer ID: SoftHSM project 542s Model: SoftHSM v2 542s Hardware version: 2.6 542s Firmware version: 2.6 542s Serial number: 542s Initialized: no 542s User PIN init.: no 542s Label: 542s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 542s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-4325 -in /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 542s writing RSA key 542s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 542s + rm /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 542s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 542s Object 0: 542s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=1fd12f899f6f6da8;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 542s Type: X.509 Certificate (RSA-1024) 542s Expires: Fri Jun 13 19:15:27 2025 542s Label: Test Organization Sub Intermediate Trusted Certificate 0001 542s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 542s 542s Test Organization Sub Int Token 542s Certificates generation completed! 542s + echo 'Test Organization Sub Int Token' 542s + echo 'Certificates generation completed!' 542s + exit 0 542s + find /tmp/sssd-softhsm2-certs-WmIy2G -type d -exec chmod 777 '{}' ';' 542s + find /tmp/sssd-softhsm2-certs-WmIy2G -type f -exec chmod 666 '{}' ';' 542s + backup_file /etc/sssd/sssd.conf 542s + '[' -z '' ']' 542s ++ mktemp -d -t sssd-softhsm2-backups-XXXXXX 542s + backupsdir=/tmp/sssd-softhsm2-backups-7UiS3Y 542s + '[' -e /etc/sssd/sssd.conf ']' 542s + delete_paths+=("$1") 542s + rm -f /etc/sssd/sssd.conf 542s ++ runuser -u ubuntu -- sh -c 'echo ~' 542s + user_home=/home/ubuntu 542s + mkdir -p /home/ubuntu 542s + chown ubuntu:ubuntu /home/ubuntu 542s ++ runuser -u ubuntu -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}' 542s + user_config=/home/ubuntu/.config 542s + system_config=/etc 542s + softhsm2_conf_paths=("${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf" "root:$system_config/softhsm/softhsm2.conf") 542s + for path_pair in "${softhsm2_conf_paths[@]}" 542s + IFS=: 542s + read -r -a path 542s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 542s + backup_file /home/ubuntu/.config/softhsm2/softhsm2.conf 542s + '[' -z /tmp/sssd-softhsm2-backups-7UiS3Y ']' 542s + '[' -e /home/ubuntu/.config/softhsm2/softhsm2.conf ']' 542s + delete_paths+=("$1") 542s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 542s + for path_pair in "${softhsm2_conf_paths[@]}" 542s + IFS=: 542s + read -r -a path 542s + path=/etc/softhsm/softhsm2.conf 542s + backup_file /etc/softhsm/softhsm2.conf 542s + '[' -z /tmp/sssd-softhsm2-backups-7UiS3Y ']' 542s + '[' -e /etc/softhsm/softhsm2.conf ']' 542s ++ dirname /etc/softhsm/softhsm2.conf 542s + local back_dir=/tmp/sssd-softhsm2-backups-7UiS3Y//etc/softhsm 542s ++ basename /etc/softhsm/softhsm2.conf 542s + local back_path=/tmp/sssd-softhsm2-backups-7UiS3Y//etc/softhsm/softhsm2.conf 542s + '[' '!' -e /tmp/sssd-softhsm2-backups-7UiS3Y//etc/softhsm/softhsm2.conf ']' 542s + mkdir -p /tmp/sssd-softhsm2-backups-7UiS3Y//etc/softhsm 542s + cp -a /etc/softhsm/softhsm2.conf /tmp/sssd-softhsm2-backups-7UiS3Y//etc/softhsm/softhsm2.conf 542s + restore_paths+=("$back_path") 542s + rm -f /etc/softhsm/softhsm2.conf 542s + test_authentication login /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-root-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-WmIy2G/test-full-chain-CA.pem 542s + pam_service=login 542s + certificate_config=/tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-root-CA-trusted-certificate-0001.conf 542s + ca_db=/tmp/sssd-softhsm2-certs-WmIy2G/test-full-chain-CA.pem 542s + verification_options= 542s + mkdir -p -m 700 /etc/sssd 542s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-WmIy2G/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 542s + cat 542s Using CA DB '/tmp/sssd-softhsm2-certs-WmIy2G/test-full-chain-CA.pem' with verification options: '' 542s + chmod 600 /etc/sssd/sssd.conf 542s + for path_pair in "${softhsm2_conf_paths[@]}" 542s + IFS=: 542s + read -r -a path 542s + user=ubuntu 542s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 542s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 542s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 542s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-root-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 542s + runuser -u ubuntu -- softhsm2-util --show-slots 542s + grep 'Test Organization' 542s Label: Test Organization Root Tr Token 542s + for path_pair in "${softhsm2_conf_paths[@]}" 542s + IFS=: 542s + read -r -a path 542s + user=root 542s + path=/etc/softhsm/softhsm2.conf 542s ++ dirname /etc/softhsm/softhsm2.conf 542s + runuser -u root -- mkdir -p /etc/softhsm 542s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-root-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 542s + runuser -u root -- softhsm2-util --show-slots 542s + grep 'Test Organization' 542s Label: Test Organization Root Tr Token 542s + systemctl restart sssd 542s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 543s + for alternative in "${alternative_pam_configs[@]}" 543s + pam-auth-update --enable sss-smart-card-optional 543s + cat /etc/pam.d/common-auth 543s # 543s # /etc/pam.d/common-auth - authentication settings common to all services 543s # 543s # This file is included from other service-specific PAM config files, 543s # and should contain a list of the authentication modules that define 543s # the central authentication scheme for use on the system 543s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 543s # traditional Unix authentication mechanisms. 543s # 543s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 543s # To take advantage of this, it is recommended that you configure any 543s # local modules either before or after the default block, and use 543s # pam-auth-update to manage selection of other modules. See 543s # pam-auth-update(8) for details. 543s 543s # here are the per-package modules (the "Primary" block) 543s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 543s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 543s auth [success=1 default=ignore] pam_sss.so use_first_pass 543s # here's the fallback if no module succeeds 543s auth requisite pam_deny.so 543s # prime the stack with a positive return value if there isn't one already; 543s # this avoids us returning an error just because nothing sets a success code 543s # since the modules above will each just jump around 543s auth required pam_permit.so 543s # and here are more per-package modules (the "Additional" block) 543s auth optional pam_cap.so 543s # end of pam-auth-update config 543s + echo -n -e 123456 543s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 543s pamtester: invoking pam_start(login, ubuntu, ...) 543s pamtester: performing operation - authenticate 543s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 543s + echo -n -e 123456 543s + runuser -u ubuntu -- pamtester -v login '' authenticate 543s pamtester: invoking pam_start(login, , ...) 543s pamtester: performing operation - authenticate 543s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 543s + echo -n -e wrong123456 543s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 543s pamtester: invoking pam_start(login, ubuntu, ...) 543s pamtester: performing operation - authenticate 546s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 546s + echo -n -e wrong123456 546s + runuser -u ubuntu -- pamtester -v login '' authenticate 546s pamtester: invoking pam_start(login, , ...) 546s pamtester: performing operation - authenticate 549s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 549s + echo -n -e 123456 549s + pamtester -v login root authenticate 549s pamtester: invoking pam_start(login, root, ...) 549s pamtester: performing operation - authenticate 552s Password: pamtester: Authentication failure 552s + for alternative in "${alternative_pam_configs[@]}" 552s + pam-auth-update --enable sss-smart-card-required 552s PAM configuration 552s ----------------- 552s 552s Incompatible PAM profiles selected. 552s 552s The following PAM profiles cannot be used together: 552s 552s SSS required smart card authentication, SSS optional smart card 552s authentication 552s 552s Please select a different set of modules to enable. 552s 552s + cat /etc/pam.d/common-auth 552s + echo -n -e 123456 552s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 552s # 552s # /etc/pam.d/common-auth - authentication settings common to all services 552s # 552s # This file is included from other service-specific PAM config files, 552s # and should contain a list of the authentication modules that define 552s # the central authentication scheme for use on the system 552s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 552s # traditional Unix authentication mechanisms. 552s # 552s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 552s # To take advantage of this, it is recommended that you configure any 552s # local modules either before or after the default block, and use 552s # pam-auth-update to manage selection of other modules. See 552s # pam-auth-update(8) for details. 552s 552s # here are the per-package modules (the "Primary" block) 552s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 552s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 552s auth [success=1 default=ignore] pam_sss.so use_first_pass 552s # here's the fallback if no module succeeds 552s auth requisite pam_deny.so 552s # prime the stack with a positive return value if there isn't one already; 552s # this avoids us returning an error just because nothing sets a success code 552s # since the modules above will each just jump around 552s auth required pam_permit.so 552s # and here are more per-package modules (the "Additional" block) 552s auth optional pam_cap.so 552s # end of pam-auth-update config 552s pamtester: invoking pam_start(login, ubuntu, ...) 552s pamtester: performing operation - authenticate 552s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 552s + echo -n -e 123456 552s + runuser -u ubuntu -- pamtester -v login '' authenticate 552s pamtester: invoking pam_start(login, , ...) 552s pamtester: performing operation - authenticate 552s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 552s + echo -n -e wrong123456 552s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 552s pamtester: invoking pam_start(login, ubuntu, ...) 552s pamtester: performing operation - authenticate 555s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 555s + echo -n -e wrong123456 555s + runuser -u ubuntu -- pamtester -v login '' authenticate 555s pamtester: invoking pam_start(login, , ...) 555s pamtester: performing operation - authenticate 558s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 558s + echo -n -e 123456 558s + pamtester -v login root authenticate 558s pamtester: invoking pam_start(login, root, ...) 558s pamtester: performing operation - authenticate 561s pamtester: Authentication service cannot retrieve authentication info 561s + test_authentication login /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-WmIy2G/test-full-chain-CA.pem 561s + pam_service=login 561s + certificate_config=/tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 561s + ca_db=/tmp/sssd-softhsm2-certs-WmIy2G/test-full-chain-CA.pem 561s + verification_options= 561s + mkdir -p -m 700 /etc/sssd 561s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-WmIy2G/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 561s Using CA DB '/tmp/sssd-softhsm2-certs-WmIy2G/test-full-chain-CA.pem' with verification options: '' 561s + cat 561s Label: Test Organization Sub Int Token 561s Label: Test Organization Sub Int Token 561s + chmod 600 /etc/sssd/sssd.conf 561s + for path_pair in "${softhsm2_conf_paths[@]}" 561s + IFS=: 561s + read -r -a path 561s + user=ubuntu 561s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 561s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 561s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 561s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 561s + runuser -u ubuntu -- softhsm2-util --show-slots 561s + grep 'Test Organization' 561s + for path_pair in "${softhsm2_conf_paths[@]}" 561s + IFS=: 561s + read -r -a path 561s + user=root 561s + path=/etc/softhsm/softhsm2.conf 561s ++ dirname /etc/softhsm/softhsm2.conf 561s + runuser -u root -- mkdir -p /etc/softhsm 561s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 561s + runuser -u root -- softhsm2-util --show-slots 561s + grep 'Test Organization' 561s + systemctl restart sssd 561s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 561s + for alternative in "${alternative_pam_configs[@]}" 561s + pam-auth-update --enable sss-smart-card-optional 561s + cat /etc/pam.d/common-auth 561s # 561s # /etc/pam.d/common-auth - authentication settings common to all services 561s # 561s # This file is included from other service-specific PAM config files, 561s # and should contain a list of the authentication modules that define 561s # the central authentication scheme for use on the system 561s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 561s # traditional Unix authentication mechanisms. 561s # 561s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 561s # To take advantage of this, it is recommended that you configure any 561s # local modules either before or after the default block, and use 561s # pam-auth-update to manage selection of other modules. See 561s # pam-auth-update(8) for details. 561s 561s # here are the per-package modules (the "Primary" block) 561s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 561s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 561s auth [success=1 default=ignore] pam_sss.so use_first_pass 561s # here's the fallback if no module succeeds 561s auth requisite pam_deny.so 561s # prime the stack with a positive return value if there isn't one already; 561s # this avoids us returning an error just because nothing sets a success code 561s # since the modules above will each just jump around 561s auth required pam_permit.so 561s # and here are more per-package modules (the "Additional" block) 561s auth optional pam_cap.so 561s # end of pam-auth-update config 561s + echo -n -e 123456 561s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 561s pamtester: invoking pam_start(login, ubuntu, ...) 561s pamtester: performing operation - authenticate 561s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 561s + echo -n -e 123456 561s + runuser -u ubuntu -- pamtester -v login '' authenticate 561s pamtester: invoking pam_start(login, , ...) 561s pamtester: performing operation - authenticate 561s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 561s + echo -n -e wrong123456 561s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 561s pamtester: invoking pam_start(login, ubuntu, ...) 561s pamtester: performing operation - authenticate 565s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 565s + echo -n -e wrong123456 565s + runuser -u ubuntu -- pamtester -v login '' authenticate 565s pamtester: invoking pam_start(login, , ...) 565s pamtester: performing operation - authenticate 568s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 568s + echo -n -e 123456 568s + pamtester -v login root authenticate 568s pamtester: invoking pam_start(login, root, ...) 568s pamtester: performing operation - authenticate 570s Password: pamtester: Authentication failure 570s + for alternative in "${alternative_pam_configs[@]}" 570s + pam-auth-update --enable sss-smart-card-required 571s PAM configuration 571s ----------------- 571s 571s Incompatible PAM profiles selected. 571s 571s The following PAM profiles cannot be used together: 571s 571s SSS required smart card authentication, SSS optional smart card 571s authentication 571s 571s Please select a different set of modules to enable. 571s 571s + cat /etc/pam.d/common-auth 571s # 571s # /etc/pam.d/common-auth - authentication settings common to all services 571s # 571s # This file is included from other service-specific PAM config files, 571s # and should contain a list of the authentication modules that define 571s # the central authentication scheme for use on the system 571s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 571s # traditional Unix authentication mechanisms. 571s # 571s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 571s # To take advantage of this, it is recommended that you configure any 571s # local modules either before or after the default block, and use 571s # pam-auth-update to manage selection of other modules. See 571s # pam-auth-update(8) for details. 571s 571s # here are the per-package modules (the "Primary" block) 571s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 571s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 571s auth [success=1 default=ignore] pam_sss.so use_first_pass 571s # here's the fallback if no module succeeds 571s auth requisite pam_deny.so 571s # prime the stack with a positive return value if there isn't one already; 571s # this avoids us returning an error just because nothing sets a success code 571s # since the modules above will each just jump around 571s auth required pam_permit.so 571s # and here are more per-package modules (the "Additional" block) 571s auth optional pam_cap.so 571s # end of pam-auth-update config 571s + echo -n -e 123456 571s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 571s pamtester: invoking pam_start(login, ubuntu, ...) 571s pamtester: performing operation - authenticate 571s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 571s + echo -n -e 123456 571s + runuser -u ubuntu -- pamtester -v login '' authenticate 571s pamtester: invoking pam_start(login, , ...) 571s pamtester: performing operation - authenticate 571s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 571s + echo -n -e wrong123456 571s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 571s pamtester: invoking pam_start(login, ubuntu, ...) 571s pamtester: performing operation - authenticate 573s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 573s + echo -n -e wrong123456 573s + runuser -u ubuntu -- pamtester -v login '' authenticate 573s pamtester: invoking pam_start(login, , ...) 573s pamtester: performing operation - authenticate 576s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 576s + echo -n -e 123456 576s + pamtester -v login root authenticate 576s pamtester: invoking pam_start(login, root, ...) 576s pamtester: performing operation - authenticate 578s pamtester: Authentication service cannot retrieve authentication info 578s + test_authentication login /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.pem partial_chain 578s + pam_service=login 578s + certificate_config=/tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 578s + ca_db=/tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.pem 578s + verification_options=partial_chain 578s + mkdir -p -m 700 /etc/sssd 578s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.pem'\'' with verification options: '\''partial_chain'\''' 578s Using CA DB '/tmp/sssd-softhsm2-certs-WmIy2G/test-sub-intermediate-CA.pem' with verification options: 'partial_chain' 578s + cat 578s + chmod 600 /etc/sssd/sssd.conf 578s + for path_pair in "${softhsm2_conf_paths[@]}" 578s + IFS=: 578s + read -r -a path 578s + user=ubuntu 578s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 578s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 578s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 578s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 578s + runuser -u ubuntu -- softhsm2-util --show-slots 578s + grep 'Test Organization' 578s + for path_pair in "${softhsm2_conf_paths[@]}" 578s + IFS=: 578s + read -r -a path 578s + user=root 578s + path=/etc/softhsm/softhsm2.conf 578s ++ dirname /etc/softhsm/softhsm2.conf 578s + runuser -u root -- mkdir -p /etc/softhsm 578s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-WmIy2G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 578s + runuser -u root -- softhsm2-util --show-slots 578s + grep 'Test Organization' 578s Label: Test Organization Sub Int Token 578s Label: Test Organization Sub Int Token 578s + systemctl restart sssd 579s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 579s + for alternative in "${alternative_pam_configs[@]}" 579s + pam-auth-update --enable sss-smart-card-optional 579s + cat /etc/pam.d/common-auth 579s # 579s # /etc/pam.d/common-auth - authentication settings common to all services 579s # 579s # This file is included from other service-specific PAM config files, 579s # and should contain a list of the authentication modules that define 579s # the central authentication scheme for use on the system 579s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 579s # traditional Unix authentication mechanisms. 579s # 579s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 579s # To take advantage of this, it is recommended that you configure any 579s # local modules either before or after the default block, and use 579s # pam-auth-update to manage selection of other modules. See 579s # pam-auth-update(8) for details. 579s 579s # here are the per-package modules (the "Primary" block) 579s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 579s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 579s auth [success=1 default=ignore] pam_sss.so use_first_pass 579s # here's the fallback if no module succeeds 579s auth requisite pam_deny.so 579s # prime the stack with a positive return value if there isn't one already; 579s # this avoids us returning an error just because nothing sets a success code 579s # since the modules above will each just jump around 579s auth required pam_permit.so 579s # and here are more per-package modules (the "Additional" block) 579s auth optional pam_cap.so 579s # end of pam-auth-update config 579s + echo -n -e 123456 579s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 579s pamtester: invoking pam_start(login, ubuntu, ...) 579s pamtester: performing operation - authenticate 579s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 579s + echo -n -e 123456 579s + runuser -u ubuntu -- pamtester -v login '' authenticate 579s pamtester: invoking pam_start(login, , ...) 579s pamtester: performing operation - authenticate 579s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 579s + echo -n -e wrong123456 579s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 579s pamtester: invoking pam_start(login, ubuntu, ...) 579s pamtester: performing operation - authenticate 582s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 582s + echo -n -e wrong123456 582s + runuser -u ubuntu -- pamtester -v login '' authenticate 582s pamtester: invoking pam_start(login, , ...) 582s pamtester: performing operation - authenticate 584s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 584s + echo -n -e 123456 584s + pamtester -v login root authenticate 584s pamtester: invoking pam_start(login, root, ...) 584s pamtester: performing operation - authenticate 587s Password: pamtester: Authentication failure 587s + for alternative in "${alternative_pam_configs[@]}" 587s + pam-auth-update --enable sss-smart-card-required 587s PAM configuration 587s ----------------- 587s 587s Incompatible PAM profiles selected. 587s 587s The following PAM profiles cannot be used together: 587s 587s SSS required smart card authentication, SSS optional smart card 587s authentication 587s 587s Please select a different set of modules to enable. 587s 587s + cat /etc/pam.d/common-auth 587s # 587s # /etc/pam.d/common-auth - authentication settings common to all services 587s # 587s # This file is included from other service-specific PAM config files, 587s # and should contain a list of the authentication modules that define 587s # the central authentication scheme for use on the system 587s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 587s # traditional Unix authentication mechanisms. 587s # 587s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 587s # To take advantage of this, it is recommended that you configure any 587s # local modules either before or after the default block, and use 587s # pam-auth-update to manage selection of other modules. See 587s # pam-auth-update(8) for details. 587s 587s # here are the per-package modules (the "Primary" block) 587s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 587s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 587s auth [success=1 default=ignore] pam_sss.so use_first_pass 587s # here's the fallback if no module succeeds 587s auth requisite pam_deny.so 587s # prime the stack with a positive return value if there isn't one already; 587s # this avoids us returning an error just because nothing sets a success code 587s # since the modules above will each just jump around 587s auth required pam_permit.so 587s # and here are more per-package modules (the "Additional" block) 587s auth optional pam_cap.so 587s # end of pam-auth-update config 587s + echo -n -e 123456 587s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 587s pamtester: invoking pam_start(login, ubuntu, ...) 587s pamtester: performing operation - authenticate 587s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 587s + echo -n -e 123456 587s + runuser -u ubuntu -- pamtester -v login '' authenticate 587s pamtester: invoking pam_start(login, , ...) 587s pamtester: performing operation - authenticate 587s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 587s + echo -n -e wrong123456 587s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 587s pamtester: invoking pam_start(login, ubuntu, ...) 587s pamtester: performing operation - authenticate 591s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 591s + echo -n -e wrong123456 591s + runuser -u ubuntu -- pamtester -v login '' authenticate 591s pamtester: invoking pam_start(login, , ...) 591s pamtester: performing operation - authenticate 594s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 594s + echo -n -e 123456 594s + pamtester -v login root authenticate 594s pamtester: invoking pam_start(login, root, ...) 594s pamtester: performing operation - authenticate 596s pamtester: Authentication service cannot retrieve authentication info 596s + handle_exit 596s + exit_code=0 596s + restore_changes 596s + for path in "${restore_paths[@]}" 596s + local original_path 596s ++ realpath --strip --relative-base=/tmp/sssd-softhsm2-backups-7UiS3Y /tmp/sssd-softhsm2-backups-7UiS3Y//etc/softhsm/softhsm2.conf 596s + original_path=/etc/softhsm/softhsm2.conf 596s + rm /etc/softhsm/softhsm2.conf 596s + mv /tmp/sssd-softhsm2-backups-7UiS3Y//etc/softhsm/softhsm2.conf /etc/softhsm/softhsm2.conf 596s + for path in "${delete_paths[@]}" 596s + rm -f /etc/sssd/sssd.conf 596s + for path in "${delete_paths[@]}" 596s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 596s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 596s + '[' -e /etc/sssd/sssd.conf ']' 596s + systemctl stop sssd 596s + '[' -e /etc/softhsm/softhsm2.conf ']' 596s + chmod 600 /etc/softhsm/softhsm2.conf 596s + rm -rf /tmp/sssd-softhsm2-certs-WmIy2G 596s + '[' 0 = 0 ']' 596s + rm -rf /tmp/sssd-softhsm2-backups-7UiS3Y 596s + set +x 596s Script completed successfully! 596s autopkgtest [19:16:21]: test sssd-smart-card-pam-auth-configs: -----------------------] 597s autopkgtest [19:16:22]: test sssd-smart-card-pam-auth-configs: - - - - - - - - - - results - - - - - - - - - - 597s sssd-smart-card-pam-auth-configs PASS 597s autopkgtest [19:16:22]: @@@@@@@@@@@@@@@@@@@@ summary 597s ldap-user-group-ldap-auth PASS 597s ldap-user-group-krb5-auth PASS 597s sssd-softhism2-certificates-tests.sh PASS 597s sssd-smart-card-pam-auth-configs PASS 608s nova [W] Using flock in scalingstack-bos02-ppc64el 608s Creating nova instance adt-oracular-ppc64el-sssd-20240613-190625-juju-7f2275-prod-proposed-migration-environment-2-44e0a463-e47d-4770-9af7-c49ffc0b6e63 from image adt/ubuntu-oracular-ppc64el-server-20240613.img (UUID b022c868-e65a-494f-91c4-3c5ad047f572)... 608s nova [W] Using flock in scalingstack-bos02-ppc64el 608s Creating nova instance adt-oracular-ppc64el-sssd-20240613-190625-juju-7f2275-prod-proposed-migration-environment-2-44e0a463-e47d-4770-9af7-c49ffc0b6e63 from image adt/ubuntu-oracular-ppc64el-server-20240613.img (UUID b022c868-e65a-494f-91c4-3c5ad047f572)...