0s autopkgtest [19:04:15]: starting date and time: 2024-06-13 19:04:15+0000 0s autopkgtest [19:04:15]: git checkout: 433ed4cb Merge branch 'skia/nova_flock' into 'ubuntu/5.34+prod' 0s autopkgtest [19:04:15]: host juju-7f2275-prod-proposed-migration-environment-3; command line: /home/ubuntu/autopkgtest/runner/autopkgtest --output-dir /tmp/autopkgtest-work.cpegeo9y/out --timeout-copy=6000 --setup-commands /home/ubuntu/autopkgtest-cloud/worker-config-production/setup-canonical.sh --apt-pocket=proposed=src:systemd --apt-upgrade sssd --timeout-short=300 --timeout-copy=20000 --timeout-build=20000 --env=ADT_TEST_TRIGGERS=systemd/256-1ubuntu1 -- ssh -s /home/ubuntu/autopkgtest/ssh-setup/nova -- --flavor autopkgtest --security-groups autopkgtest-juju-7f2275-prod-proposed-migration-environment-3@bos02-s390x-23.secgroup --name adt-oracular-s390x-sssd-20240613-190414-juju-7f2275-prod-proposed-migration-environment-3-20eb78c9-01ec-4318-be48-d64daf557beb --image adt/ubuntu-oracular-s390x-server --keyname testbed-juju-7f2275-prod-proposed-migration-environment-3 --net-id=net_prod-proposed-migration -e TERM=linux -e ''"'"'http_proxy=http://squid.internal:3128'"'"'' -e ''"'"'https_proxy=http://squid.internal:3128'"'"'' -e ''"'"'no_proxy=127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,keyserver.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com'"'"'' --mirror=http://ftpmaster.internal/ubuntu/ 138s autopkgtest [19:06:33]: testbed dpkg architecture: s390x 138s autopkgtest [19:06:33]: testbed apt version: 2.9.3 138s autopkgtest [19:06:33]: @@@@@@@@@@@@@@@@@@@@ test bed setup 139s Get:1 http://ftpmaster.internal/ubuntu oracular-proposed InRelease [110 kB] 139s Get:2 http://ftpmaster.internal/ubuntu oracular-proposed/universe Sources [363 kB] 139s Get:3 http://ftpmaster.internal/ubuntu oracular-proposed/multiverse Sources [2576 B] 139s Get:4 http://ftpmaster.internal/ubuntu oracular-proposed/main Sources [38.7 kB] 139s Get:5 http://ftpmaster.internal/ubuntu oracular-proposed/restricted Sources [7052 B] 139s Get:6 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x Packages [60.3 kB] 139s Get:7 http://ftpmaster.internal/ubuntu oracular-proposed/restricted s390x Packages [1860 B] 139s Get:8 http://ftpmaster.internal/ubuntu oracular-proposed/universe s390x Packages [308 kB] 139s Get:9 http://ftpmaster.internal/ubuntu oracular-proposed/multiverse s390x Packages [2528 B] 139s Fetched 894 kB in 1s (1305 kB/s) 139s Reading package lists... 142s Reading package lists... 142s Building dependency tree... 142s Reading state information... 142s Calculating upgrade... 142s The following package was automatically installed and is no longer required: 142s systemd-dev 142s Use 'sudo apt autoremove' to remove it. 142s The following packages will be upgraded: 142s dhcpcd-base dracut-install gir1.2-glib-2.0 libglib2.0-0t64 libglib2.0-data 142s libnss-systemd libpam-systemd libsystemd-shared libsystemd0 libtraceevent1 142s libtraceevent1-plugin libudev1 systemd systemd-dev systemd-resolved 142s systemd-sysv systemd-timesyncd udev 142s 18 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 142s Need to get 11.6 MB of archives. 142s After this operation, 1416 kB of additional disk space will be used. 142s Get:1 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x systemd-dev all 256-1ubuntu1 [111 kB] 143s Get:2 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x systemd-timesyncd s390x 256-1ubuntu1 [35.4 kB] 143s Get:3 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x systemd-resolved s390x 256-1ubuntu1 [318 kB] 143s Get:4 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x libsystemd-shared s390x 256-1ubuntu1 [2244 kB] 143s Get:5 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x libsystemd0 s390x 256-1ubuntu1 [455 kB] 143s Get:6 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x systemd-sysv s390x 256-1ubuntu1 [11.8 kB] 143s Get:7 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x libnss-systemd s390x 256-1ubuntu1 [170 kB] 143s Get:8 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x libpam-systemd s390x 256-1ubuntu1 [250 kB] 143s Get:9 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x systemd s390x 256-1ubuntu1 [3713 kB] 143s Get:10 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x udev s390x 256-1ubuntu1 [1965 kB] 143s Get:11 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x libudev1 s390x 256-1ubuntu1 [197 kB] 143s Get:12 http://ftpmaster.internal/ubuntu oracular/main s390x dhcpcd-base s390x 1:10.0.8-2 [216 kB] 143s Get:13 http://ftpmaster.internal/ubuntu oracular/main s390x gir1.2-glib-2.0 s390x 2.80.3-1ubuntu1 [180 kB] 143s Get:14 http://ftpmaster.internal/ubuntu oracular/main s390x libglib2.0-0t64 s390x 2.80.3-1ubuntu1 [1558 kB] 143s Get:15 http://ftpmaster.internal/ubuntu oracular/main s390x libglib2.0-data all 2.80.3-1ubuntu1 [49.3 kB] 143s Get:16 http://ftpmaster.internal/ubuntu oracular/main s390x libtraceevent1-plugin s390x 1:1.8.2-1ubuntu3 [20.4 kB] 143s Get:17 http://ftpmaster.internal/ubuntu oracular/main s390x libtraceevent1 s390x 1:1.8.2-1ubuntu3 [60.5 kB] 143s Get:18 http://ftpmaster.internal/ubuntu oracular/main s390x dracut-install s390x 102-3ubuntu1 [33.3 kB] 143s Fetched 11.6 MB in 1s (11.8 MB/s) 143s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54670 files and directories currently installed.) 143s Preparing to unpack .../systemd-dev_256-1ubuntu1_all.deb ... 143s Unpacking systemd-dev (256-1ubuntu1) over (255.4-1ubuntu8) ... 143s Preparing to unpack .../systemd-timesyncd_256-1ubuntu1_s390x.deb ... 143s Unpacking systemd-timesyncd (256-1ubuntu1) over (255.4-1ubuntu8) ... 144s Preparing to unpack .../systemd-resolved_256-1ubuntu1_s390x.deb ... 144s Unpacking systemd-resolved (256-1ubuntu1) over (255.4-1ubuntu8) ... 144s Preparing to unpack .../libsystemd-shared_256-1ubuntu1_s390x.deb ... 144s Unpacking libsystemd-shared:s390x (256-1ubuntu1) over (255.4-1ubuntu8) ... 144s Preparing to unpack .../libsystemd0_256-1ubuntu1_s390x.deb ... 144s Unpacking libsystemd0:s390x (256-1ubuntu1) over (255.4-1ubuntu8) ... 144s Setting up libsystemd0:s390x (256-1ubuntu1) ... 144s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54672 files and directories currently installed.) 144s Preparing to unpack .../0-systemd-sysv_256-1ubuntu1_s390x.deb ... 144s Unpacking systemd-sysv (256-1ubuntu1) over (255.4-1ubuntu8) ... 144s Preparing to unpack .../1-libnss-systemd_256-1ubuntu1_s390x.deb ... 144s Unpacking libnss-systemd:s390x (256-1ubuntu1) over (255.4-1ubuntu8) ... 144s Preparing to unpack .../2-libpam-systemd_256-1ubuntu1_s390x.deb ... 144s Unpacking libpam-systemd:s390x (256-1ubuntu1) over (255.4-1ubuntu8) ... 144s Preparing to unpack .../3-systemd_256-1ubuntu1_s390x.deb ... 144s Unpacking systemd (256-1ubuntu1) over (255.4-1ubuntu8) ... 144s Preparing to unpack .../4-udev_256-1ubuntu1_s390x.deb ... 144s Unpacking udev (256-1ubuntu1) over (255.4-1ubuntu8) ... 144s Preparing to unpack .../5-libudev1_256-1ubuntu1_s390x.deb ... 144s Unpacking libudev1:s390x (256-1ubuntu1) over (255.4-1ubuntu8) ... 144s Setting up libudev1:s390x (256-1ubuntu1) ... 144s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54732 files and directories currently installed.) 144s Preparing to unpack .../0-dhcpcd-base_1%3a10.0.8-2_s390x.deb ... 144s Unpacking dhcpcd-base (1:10.0.8-2) over (1:10.0.8-1) ... 144s Preparing to unpack .../1-gir1.2-glib-2.0_2.80.3-1ubuntu1_s390x.deb ... 144s Unpacking gir1.2-glib-2.0:s390x (2.80.3-1ubuntu1) over (2.80.2-1ubuntu1) ... 144s Preparing to unpack .../2-libglib2.0-0t64_2.80.3-1ubuntu1_s390x.deb ... 144s Unpacking libglib2.0-0t64:s390x (2.80.3-1ubuntu1) over (2.80.2-1ubuntu1) ... 144s Preparing to unpack .../3-libglib2.0-data_2.80.3-1ubuntu1_all.deb ... 144s Unpacking libglib2.0-data (2.80.3-1ubuntu1) over (2.80.2-1ubuntu1) ... 144s Preparing to unpack .../4-libtraceevent1-plugin_1%3a1.8.2-1ubuntu3_s390x.deb ... 144s Unpacking libtraceevent1-plugin:s390x (1:1.8.2-1ubuntu3) over (1:1.8.2-1ubuntu2) ... 144s Preparing to unpack .../5-libtraceevent1_1%3a1.8.2-1ubuntu3_s390x.deb ... 144s Unpacking libtraceevent1:s390x (1:1.8.2-1ubuntu3) over (1:1.8.2-1ubuntu2) ... 144s Preparing to unpack .../6-dracut-install_102-3ubuntu1_s390x.deb ... 144s Unpacking dracut-install (102-3ubuntu1) over (060+5-8ubuntu2) ... 144s Setting up systemd-dev (256-1ubuntu1) ... 144s Setting up libglib2.0-0t64:s390x (2.80.3-1ubuntu1) ... 144s No schema files found: doing nothing. 144s Setting up libglib2.0-data (2.80.3-1ubuntu1) ... 144s Setting up libsystemd-shared:s390x (256-1ubuntu1) ... 144s Setting up dhcpcd-base (1:10.0.8-2) ... 144s Setting up gir1.2-glib-2.0:s390x (2.80.3-1ubuntu1) ... 144s Setting up dracut-install (102-3ubuntu1) ... 144s Setting up libtraceevent1:s390x (1:1.8.2-1ubuntu3) ... 144s Setting up systemd (256-1ubuntu1) ... 144s Installing new version of config file /etc/systemd/journald.conf ... 144s Installing new version of config file /etc/systemd/logind.conf ... 144s Installing new version of config file /etc/systemd/networkd.conf ... 144s Installing new version of config file /etc/systemd/sleep.conf ... 144s Installing new version of config file /etc/systemd/system.conf ... 144s /usr/lib/tmpfiles.d/legacy.conf:13: Duplicate line for path "/run/lock", ignoring. 144s Created symlink '/run/systemd/system/tmp.mount' → '/dev/null'. 145s /usr/lib/tmpfiles.d/legacy.conf:13: Duplicate line for path "/run/lock", ignoring. 145s Setting up systemd-timesyncd (256-1ubuntu1) ... 146s Setting up udev (256-1ubuntu1) ... 147s Setting up libtraceevent1-plugin:s390x (1:1.8.2-1ubuntu3) ... 147s Setting up systemd-resolved (256-1ubuntu1) ... 147s Installing new version of config file /etc/systemd/resolved.conf ... 147s Setting up systemd-sysv (256-1ubuntu1) ... 147s Setting up libnss-systemd:s390x (256-1ubuntu1) ... 147s Setting up libpam-systemd:s390x (256-1ubuntu1) ... 147s Processing triggers for libc-bin (2.39-0ubuntu8.1) ... 147s Processing triggers for man-db (2.12.1-2) ... 148s Processing triggers for dbus (1.14.10-4ubuntu4) ... 148s Processing triggers for shared-mime-info (2.4-5) ... 148s Warning: program compiled against libxml 212 using older 209 149s Processing triggers for initramfs-tools (0.142ubuntu28) ... 149s update-initramfs: Generating /boot/initrd.img-6.8.0-31-generic 149s W: No lz4 in /usr/bin:/sbin:/bin, using gzip 152s Using config file '/etc/zipl.conf' 152s Building bootmap in '/boot' 152s Adding IPL section 'ubuntu' (default) 153s Preparing boot device for LD-IPL: vda (0000). 153s Done. 153s Reading package lists... 153s Building dependency tree... 153s Reading state information... 153s The following packages will be REMOVED: 153s systemd-dev* 153s 0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded. 153s After this operation, 760 kB disk space will be freed. 153s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54732 files and directories currently installed.) 153s Removing systemd-dev (256-1ubuntu1) ... 154s Hit:1 http://ftpmaster.internal/ubuntu oracular-proposed InRelease 154s Hit:2 http://ftpmaster.internal/ubuntu oracular InRelease 154s Hit:3 http://ftpmaster.internal/ubuntu oracular-updates InRelease 154s Hit:4 http://ftpmaster.internal/ubuntu oracular-security InRelease 155s Reading package lists... 155s Reading package lists... 155s Building dependency tree... 155s Reading state information... 155s Calculating upgrade... 156s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 156s Reading package lists... 156s Building dependency tree... 156s Reading state information... 156s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 156s autopkgtest [19:06:51]: rebooting testbed after setup commands that affected boot 160s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 180s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 189s autopkgtest [19:07:24]: testbed running kernel: Linux 6.8.0-31-generic #31-Ubuntu SMP Sat Apr 20 00:14:26 UTC 2024 194s autopkgtest [19:07:29]: @@@@@@@@@@@@@@@@@@@@ apt-source sssd 210s Get:1 http://ftpmaster.internal/ubuntu oracular/main sssd 2.9.4-1.1ubuntu6 (dsc) [5056 B] 210s Get:2 http://ftpmaster.internal/ubuntu oracular/main sssd 2.9.4-1.1ubuntu6 (tar) [7983 kB] 210s Get:3 http://ftpmaster.internal/ubuntu oracular/main sssd 2.9.4-1.1ubuntu6 (diff) [49.2 kB] 210s gpgv: Signature made Tue Apr 16 09:55:57 2024 UTC 210s gpgv: using RSA key 568BF22A66337CBFC9A6B9B72C83DBC8E9BD0E37 210s gpgv: Can't check signature: No public key 210s dpkg-source: warning: cannot verify inline signature for ./sssd_2.9.4-1.1ubuntu6.dsc: no acceptable signature found 211s autopkgtest [19:07:46]: testing package sssd version 2.9.4-1.1ubuntu6 211s autopkgtest [19:07:46]: build not needed 250s autopkgtest [19:08:25]: test ldap-user-group-ldap-auth: preparing testbed 255s Reading package lists... 255s Building dependency tree... 255s Reading state information... 255s Starting pkgProblemResolver with broken count: 0 255s Starting 2 pkgProblemResolver with broken count: 0 255s Done 255s The following additional packages will be installed: 255s expect ldap-utils libavahi-client3 libavahi-common-data libavahi-common3 255s libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 libdhash1t64 255s libevent-2.1-7t64 libini-config5t64 libipa-hbac-dev libipa-hbac0t64 libjose0 255s libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo libodbc2 255s libpam-pwquality libpam-sss libpath-utils1t64 libpwquality-common 255s libpwquality1 libref-array1t64 libsmbclient0 libsss-certmap-dev 255s libsss-certmap0 libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev 255s libsss-nss-idmap0 libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0t64 255s libverto-libevent1t64 libverto1t64 libwbclient0 python3-libipa-hbac 255s python3-libsss-nss-idmap python3-sss samba-libs slapd sssd sssd-ad 255s sssd-ad-common sssd-common sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 255s sssd-krb5-common sssd-ldap sssd-passkey sssd-proxy sssd-tools tcl-expect 255s tcl8.6 255s Suggested packages: 255s tk8.6 libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal 255s odbc-postgresql tdsodbc adcli libsasl2-modules-ldap tcl-tclreadline 255s Recommended packages: 255s cracklib-runtime libsasl2-modules-gssapi-mit 255s | libsasl2-modules-gssapi-heimdal 255s The following NEW packages will be installed: 255s autopkgtest-satdep expect ldap-utils libavahi-client3 libavahi-common-data 255s libavahi-common3 libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 255s libdhash1t64 libevent-2.1-7t64 libini-config5t64 libipa-hbac-dev 255s libipa-hbac0t64 libjose0 libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss 255s libnss-sudo libodbc2 libpam-pwquality libpam-sss libpath-utils1t64 255s libpwquality-common libpwquality1 libref-array1t64 libsmbclient0 255s libsss-certmap-dev libsss-certmap0 libsss-idmap-dev libsss-idmap0 255s libsss-nss-idmap-dev libsss-nss-idmap0 libsss-sudo libtalloc2 libtcl8.6 255s libtdb1 libtevent0t64 libverto-libevent1t64 libverto1t64 libwbclient0 255s python3-libipa-hbac python3-libsss-nss-idmap python3-sss samba-libs slapd 255s sssd sssd-ad sssd-ad-common sssd-common sssd-dbus sssd-idp sssd-ipa sssd-kcm 255s sssd-krb5 sssd-krb5-common sssd-ldap sssd-passkey sssd-proxy sssd-tools 255s tcl-expect tcl8.6 255s 0 upgraded, 65 newly installed, 0 to remove and 0 not upgraded. 255s Need to get 13.0 MB/13.0 MB of archives. 255s After this operation, 50.2 MB of additional disk space will be used. 255s Get:1 /tmp/autopkgtest.atwhkQ/1-autopkgtest-satdep.deb autopkgtest-satdep s390x 0 [868 B] 255s Get:2 http://ftpmaster.internal/ubuntu oracular/main s390x libltdl7 s390x 2.4.7-7build1 [41.8 kB] 256s Get:3 http://ftpmaster.internal/ubuntu oracular/main s390x libodbc2 s390x 2.3.12-1ubuntu1 [162 kB] 256s Get:4 http://ftpmaster.internal/ubuntu oracular/main s390x slapd s390x 2.6.7+dfsg-1~exp1ubuntu8 [1617 kB] 256s Get:5 http://ftpmaster.internal/ubuntu oracular/main s390x libtcl8.6 s390x 8.6.14+dfsg-1build1 [1038 kB] 256s Get:6 http://ftpmaster.internal/ubuntu oracular/main s390x tcl8.6 s390x 8.6.14+dfsg-1build1 [14.7 kB] 256s Get:7 http://ftpmaster.internal/ubuntu oracular/universe s390x tcl-expect s390x 5.45.4-3 [115 kB] 256s Get:8 http://ftpmaster.internal/ubuntu oracular/universe s390x expect s390x 5.45.4-3 [137 kB] 256s Get:9 http://ftpmaster.internal/ubuntu oracular/main s390x ldap-utils s390x 2.6.7+dfsg-1~exp1ubuntu8 [165 kB] 256s Get:10 http://ftpmaster.internal/ubuntu oracular/main s390x libavahi-common-data s390x 0.8-13ubuntu6 [29.7 kB] 256s Get:11 http://ftpmaster.internal/ubuntu oracular/main s390x libavahi-common3 s390x 0.8-13ubuntu6 [24.1 kB] 256s Get:12 http://ftpmaster.internal/ubuntu oracular/main s390x libavahi-client3 s390x 0.8-13ubuntu6 [27.2 kB] 256s Get:13 http://ftpmaster.internal/ubuntu oracular/main s390x libbasicobjects0t64 s390x 0.6.2-2.1build1 [5838 B] 256s Get:14 http://ftpmaster.internal/ubuntu oracular/main s390x libcares2 s390x 1.27.0-1.0ubuntu1 [79.2 kB] 256s Get:15 http://ftpmaster.internal/ubuntu oracular/main s390x libcollection4t64 s390x 0.6.2-2.1build1 [23.9 kB] 256s Get:16 http://ftpmaster.internal/ubuntu oracular/main s390x libcrack2 s390x 2.9.6-5.1build2 [30.0 kB] 256s Get:17 http://ftpmaster.internal/ubuntu oracular/main s390x libdhash1t64 s390x 0.6.2-2.1build1 [9126 B] 256s Get:18 http://ftpmaster.internal/ubuntu oracular/main s390x libevent-2.1-7t64 s390x 2.1.12-stable-10 [145 kB] 256s Get:19 http://ftpmaster.internal/ubuntu oracular/main s390x libpath-utils1t64 s390x 0.6.2-2.1build1 [9394 B] 256s Get:20 http://ftpmaster.internal/ubuntu oracular/main s390x libref-array1t64 s390x 0.6.2-2.1build1 [7226 B] 256s Get:21 http://ftpmaster.internal/ubuntu oracular/main s390x libini-config5t64 s390x 0.6.2-2.1build1 [46.6 kB] 256s Get:22 http://ftpmaster.internal/ubuntu oracular/main s390x libipa-hbac0t64 s390x 2.9.4-1.1ubuntu6 [17.3 kB] 256s Get:23 http://ftpmaster.internal/ubuntu oracular/universe s390x libjose0 s390x 13-1 [45.7 kB] 256s Get:24 http://ftpmaster.internal/ubuntu oracular/main s390x libverto-libevent1t64 s390x 0.3.1-1.2ubuntu3 [6384 B] 256s Get:25 http://ftpmaster.internal/ubuntu oracular/main s390x libverto1t64 s390x 0.3.1-1.2ubuntu3 [11.0 kB] 256s Get:26 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x libkrad0 s390x 1.20.1-6ubuntu2 [22.4 kB] 256s Get:27 http://ftpmaster.internal/ubuntu oracular/main s390x libtalloc2 s390x 2.4.2-1build2 [28.4 kB] 256s Get:28 http://ftpmaster.internal/ubuntu oracular/main s390x libtdb1 s390x 1.4.10-1build1 [50.0 kB] 256s Get:29 http://ftpmaster.internal/ubuntu oracular/main s390x libtevent0t64 s390x 0.16.1-2build1 [43.4 kB] 256s Get:30 http://ftpmaster.internal/ubuntu oracular/main s390x libldb2 s390x 2:2.8.0+samba4.19.5+dfsg-4ubuntu9 [192 kB] 256s Get:31 http://ftpmaster.internal/ubuntu oracular/main s390x libnfsidmap1 s390x 1:2.6.4-4ubuntu1 [49.9 kB] 256s Get:32 http://ftpmaster.internal/ubuntu oracular/universe s390x libnss-sudo all 1.9.15p5-3ubuntu5 [15.2 kB] 256s Get:33 http://ftpmaster.internal/ubuntu oracular/main s390x libpwquality-common all 1.4.5-3build1 [7748 B] 256s Get:34 http://ftpmaster.internal/ubuntu oracular/main s390x libpwquality1 s390x 1.4.5-3build1 [14.8 kB] 256s Get:35 http://ftpmaster.internal/ubuntu oracular/main s390x libpam-pwquality s390x 1.4.5-3build1 [11.5 kB] 256s Get:36 http://ftpmaster.internal/ubuntu oracular/main s390x libwbclient0 s390x 2:4.19.5+dfsg-4ubuntu9 [71.3 kB] 256s Get:37 http://ftpmaster.internal/ubuntu oracular/main s390x samba-libs s390x 2:4.19.5+dfsg-4ubuntu9 [6231 kB] 257s Get:38 http://ftpmaster.internal/ubuntu oracular/main s390x libsmbclient0 s390x 2:4.19.5+dfsg-4ubuntu9 [65.0 kB] 257s Get:39 http://ftpmaster.internal/ubuntu oracular/main s390x libnss-sss s390x 2.9.4-1.1ubuntu6 [33.0 kB] 257s Get:40 http://ftpmaster.internal/ubuntu oracular/main s390x libpam-sss s390x 2.9.4-1.1ubuntu6 [52.3 kB] 257s Get:41 http://ftpmaster.internal/ubuntu oracular/main s390x python3-sss s390x 2.9.4-1.1ubuntu6 [47.1 kB] 257s Get:42 http://ftpmaster.internal/ubuntu oracular/main s390x libsss-certmap0 s390x 2.9.4-1.1ubuntu6 [47.3 kB] 257s Get:43 http://ftpmaster.internal/ubuntu oracular/main s390x libsss-idmap0 s390x 2.9.4-1.1ubuntu6 [22.5 kB] 257s Get:44 http://ftpmaster.internal/ubuntu oracular/main s390x libsss-nss-idmap0 s390x 2.9.4-1.1ubuntu6 [31.7 kB] 257s Get:45 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-common s390x 2.9.4-1.1ubuntu6 [1125 kB] 257s Get:46 http://ftpmaster.internal/ubuntu oracular/universe s390x sssd-idp s390x 2.9.4-1.1ubuntu6 [27.3 kB] 257s Get:47 http://ftpmaster.internal/ubuntu oracular/universe s390x sssd-passkey s390x 2.9.4-1.1ubuntu6 [32.3 kB] 257s Get:48 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-ad-common s390x 2.9.4-1.1ubuntu6 [74.8 kB] 257s Get:49 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-krb5-common s390x 2.9.4-1.1ubuntu6 [90.3 kB] 257s Get:50 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-ad s390x 2.9.4-1.1ubuntu6 [133 kB] 257s Get:51 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-ipa s390x 2.9.4-1.1ubuntu6 [216 kB] 257s Get:52 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-krb5 s390x 2.9.4-1.1ubuntu6 [14.4 kB] 257s Get:53 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-ldap s390x 2.9.4-1.1ubuntu6 [31.0 kB] 257s Get:54 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-proxy s390x 2.9.4-1.1ubuntu6 [43.9 kB] 257s Get:55 http://ftpmaster.internal/ubuntu oracular/main s390x sssd s390x 2.9.4-1.1ubuntu6 [4116 B] 257s Get:56 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-dbus s390x 2.9.4-1.1ubuntu6 [101 kB] 257s Get:57 http://ftpmaster.internal/ubuntu oracular/universe s390x sssd-kcm s390x 2.9.4-1.1ubuntu6 [137 kB] 257s Get:58 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-tools s390x 2.9.4-1.1ubuntu6 [97.7 kB] 257s Get:59 http://ftpmaster.internal/ubuntu oracular/main s390x libipa-hbac-dev s390x 2.9.4-1.1ubuntu6 [6666 B] 257s Get:60 http://ftpmaster.internal/ubuntu oracular/main s390x libsss-certmap-dev s390x 2.9.4-1.1ubuntu6 [5730 B] 257s Get:61 http://ftpmaster.internal/ubuntu oracular/main s390x libsss-idmap-dev s390x 2.9.4-1.1ubuntu6 [8380 B] 257s Get:62 http://ftpmaster.internal/ubuntu oracular/main s390x libsss-nss-idmap-dev s390x 2.9.4-1.1ubuntu6 [6702 B] 257s Get:63 http://ftpmaster.internal/ubuntu oracular/universe s390x libsss-sudo s390x 2.9.4-1.1ubuntu6 [21.7 kB] 257s Get:64 http://ftpmaster.internal/ubuntu oracular/universe s390x python3-libipa-hbac s390x 2.9.4-1.1ubuntu6 [16.9 kB] 257s Get:65 http://ftpmaster.internal/ubuntu oracular/universe s390x python3-libsss-nss-idmap s390x 2.9.4-1.1ubuntu6 [9130 B] 257s Preconfiguring packages ... 257s Fetched 13.0 MB in 2s (8101 kB/s) 257s Selecting previously unselected package libltdl7:s390x. 257s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54685 files and directories currently installed.) 257s Preparing to unpack .../00-libltdl7_2.4.7-7build1_s390x.deb ... 257s Unpacking libltdl7:s390x (2.4.7-7build1) ... 257s Selecting previously unselected package libodbc2:s390x. 257s Preparing to unpack .../01-libodbc2_2.3.12-1ubuntu1_s390x.deb ... 257s Unpacking libodbc2:s390x (2.3.12-1ubuntu1) ... 257s Selecting previously unselected package slapd. 257s Preparing to unpack .../02-slapd_2.6.7+dfsg-1~exp1ubuntu8_s390x.deb ... 257s Unpacking slapd (2.6.7+dfsg-1~exp1ubuntu8) ... 257s Selecting previously unselected package libtcl8.6:s390x. 258s Preparing to unpack .../03-libtcl8.6_8.6.14+dfsg-1build1_s390x.deb ... 258s Unpacking libtcl8.6:s390x (8.6.14+dfsg-1build1) ... 258s Selecting previously unselected package tcl8.6. 258s Preparing to unpack .../04-tcl8.6_8.6.14+dfsg-1build1_s390x.deb ... 258s Unpacking tcl8.6 (8.6.14+dfsg-1build1) ... 258s Selecting previously unselected package tcl-expect:s390x. 258s Preparing to unpack .../05-tcl-expect_5.45.4-3_s390x.deb ... 258s Unpacking tcl-expect:s390x (5.45.4-3) ... 258s Selecting previously unselected package expect. 258s Preparing to unpack .../06-expect_5.45.4-3_s390x.deb ... 258s Unpacking expect (5.45.4-3) ... 258s Selecting previously unselected package ldap-utils. 258s Preparing to unpack .../07-ldap-utils_2.6.7+dfsg-1~exp1ubuntu8_s390x.deb ... 258s Unpacking ldap-utils (2.6.7+dfsg-1~exp1ubuntu8) ... 258s Selecting previously unselected package libavahi-common-data:s390x. 258s Preparing to unpack .../08-libavahi-common-data_0.8-13ubuntu6_s390x.deb ... 258s Unpacking libavahi-common-data:s390x (0.8-13ubuntu6) ... 258s Selecting previously unselected package libavahi-common3:s390x. 258s Preparing to unpack .../09-libavahi-common3_0.8-13ubuntu6_s390x.deb ... 258s Unpacking libavahi-common3:s390x (0.8-13ubuntu6) ... 258s Selecting previously unselected package libavahi-client3:s390x. 258s Preparing to unpack .../10-libavahi-client3_0.8-13ubuntu6_s390x.deb ... 258s Unpacking libavahi-client3:s390x (0.8-13ubuntu6) ... 258s Selecting previously unselected package libbasicobjects0t64:s390x. 258s Preparing to unpack .../11-libbasicobjects0t64_0.6.2-2.1build1_s390x.deb ... 258s Unpacking libbasicobjects0t64:s390x (0.6.2-2.1build1) ... 258s Selecting previously unselected package libcares2:s390x. 258s Preparing to unpack .../12-libcares2_1.27.0-1.0ubuntu1_s390x.deb ... 258s Unpacking libcares2:s390x (1.27.0-1.0ubuntu1) ... 258s Selecting previously unselected package libcollection4t64:s390x. 258s Preparing to unpack .../13-libcollection4t64_0.6.2-2.1build1_s390x.deb ... 258s Unpacking libcollection4t64:s390x (0.6.2-2.1build1) ... 258s Selecting previously unselected package libcrack2:s390x. 258s Preparing to unpack .../14-libcrack2_2.9.6-5.1build2_s390x.deb ... 258s Unpacking libcrack2:s390x (2.9.6-5.1build2) ... 258s Selecting previously unselected package libdhash1t64:s390x. 258s Preparing to unpack .../15-libdhash1t64_0.6.2-2.1build1_s390x.deb ... 258s Unpacking libdhash1t64:s390x (0.6.2-2.1build1) ... 258s Selecting previously unselected package libevent-2.1-7t64:s390x. 258s Preparing to unpack .../16-libevent-2.1-7t64_2.1.12-stable-10_s390x.deb ... 258s Unpacking libevent-2.1-7t64:s390x (2.1.12-stable-10) ... 258s Selecting previously unselected package libpath-utils1t64:s390x. 258s Preparing to unpack .../17-libpath-utils1t64_0.6.2-2.1build1_s390x.deb ... 258s Unpacking libpath-utils1t64:s390x (0.6.2-2.1build1) ... 258s Selecting previously unselected package libref-array1t64:s390x. 258s Preparing to unpack .../18-libref-array1t64_0.6.2-2.1build1_s390x.deb ... 258s Unpacking libref-array1t64:s390x (0.6.2-2.1build1) ... 258s Selecting previously unselected package libini-config5t64:s390x. 258s Preparing to unpack .../19-libini-config5t64_0.6.2-2.1build1_s390x.deb ... 258s Unpacking libini-config5t64:s390x (0.6.2-2.1build1) ... 258s Selecting previously unselected package libipa-hbac0t64. 258s Preparing to unpack .../20-libipa-hbac0t64_2.9.4-1.1ubuntu6_s390x.deb ... 258s Unpacking libipa-hbac0t64 (2.9.4-1.1ubuntu6) ... 258s Selecting previously unselected package libjose0:s390x. 258s Preparing to unpack .../21-libjose0_13-1_s390x.deb ... 258s Unpacking libjose0:s390x (13-1) ... 258s Selecting previously unselected package libverto-libevent1t64:s390x. 258s Preparing to unpack .../22-libverto-libevent1t64_0.3.1-1.2ubuntu3_s390x.deb ... 258s Unpacking libverto-libevent1t64:s390x (0.3.1-1.2ubuntu3) ... 258s Selecting previously unselected package libverto1t64:s390x. 258s Preparing to unpack .../23-libverto1t64_0.3.1-1.2ubuntu3_s390x.deb ... 258s Unpacking libverto1t64:s390x (0.3.1-1.2ubuntu3) ... 258s Selecting previously unselected package libkrad0:s390x. 258s Preparing to unpack .../24-libkrad0_1.20.1-6ubuntu2_s390x.deb ... 258s Unpacking libkrad0:s390x (1.20.1-6ubuntu2) ... 258s Selecting previously unselected package libtalloc2:s390x. 258s Preparing to unpack .../25-libtalloc2_2.4.2-1build2_s390x.deb ... 258s Unpacking libtalloc2:s390x (2.4.2-1build2) ... 258s Selecting previously unselected package libtdb1:s390x. 258s Preparing to unpack .../26-libtdb1_1.4.10-1build1_s390x.deb ... 258s Unpacking libtdb1:s390x (1.4.10-1build1) ... 258s Selecting previously unselected package libtevent0t64:s390x. 258s Preparing to unpack .../27-libtevent0t64_0.16.1-2build1_s390x.deb ... 258s Unpacking libtevent0t64:s390x (0.16.1-2build1) ... 258s Selecting previously unselected package libldb2:s390x. 258s Preparing to unpack .../28-libldb2_2%3a2.8.0+samba4.19.5+dfsg-4ubuntu9_s390x.deb ... 258s Unpacking libldb2:s390x (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 258s Selecting previously unselected package libnfsidmap1:s390x. 258s Preparing to unpack .../29-libnfsidmap1_1%3a2.6.4-4ubuntu1_s390x.deb ... 258s Unpacking libnfsidmap1:s390x (1:2.6.4-4ubuntu1) ... 258s Selecting previously unselected package libnss-sudo. 258s Preparing to unpack .../30-libnss-sudo_1.9.15p5-3ubuntu5_all.deb ... 258s Unpacking libnss-sudo (1.9.15p5-3ubuntu5) ... 258s Selecting previously unselected package libpwquality-common. 258s Preparing to unpack .../31-libpwquality-common_1.4.5-3build1_all.deb ... 258s Unpacking libpwquality-common (1.4.5-3build1) ... 258s Selecting previously unselected package libpwquality1:s390x. 258s Preparing to unpack .../32-libpwquality1_1.4.5-3build1_s390x.deb ... 258s Unpacking libpwquality1:s390x (1.4.5-3build1) ... 258s Selecting previously unselected package libpam-pwquality:s390x. 258s Preparing to unpack .../33-libpam-pwquality_1.4.5-3build1_s390x.deb ... 258s Unpacking libpam-pwquality:s390x (1.4.5-3build1) ... 258s Selecting previously unselected package libwbclient0:s390x. 258s Preparing to unpack .../34-libwbclient0_2%3a4.19.5+dfsg-4ubuntu9_s390x.deb ... 258s Unpacking libwbclient0:s390x (2:4.19.5+dfsg-4ubuntu9) ... 258s Selecting previously unselected package samba-libs:s390x. 258s Preparing to unpack .../35-samba-libs_2%3a4.19.5+dfsg-4ubuntu9_s390x.deb ... 258s Unpacking samba-libs:s390x (2:4.19.5+dfsg-4ubuntu9) ... 258s Selecting previously unselected package libsmbclient0:s390x. 258s Preparing to unpack .../36-libsmbclient0_2%3a4.19.5+dfsg-4ubuntu9_s390x.deb ... 258s Unpacking libsmbclient0:s390x (2:4.19.5+dfsg-4ubuntu9) ... 258s Selecting previously unselected package libnss-sss:s390x. 258s Preparing to unpack .../37-libnss-sss_2.9.4-1.1ubuntu6_s390x.deb ... 258s Unpacking libnss-sss:s390x (2.9.4-1.1ubuntu6) ... 258s Selecting previously unselected package libpam-sss:s390x. 258s Preparing to unpack .../38-libpam-sss_2.9.4-1.1ubuntu6_s390x.deb ... 258s Unpacking libpam-sss:s390x (2.9.4-1.1ubuntu6) ... 258s Selecting previously unselected package python3-sss. 258s Preparing to unpack .../39-python3-sss_2.9.4-1.1ubuntu6_s390x.deb ... 258s Unpacking python3-sss (2.9.4-1.1ubuntu6) ... 258s Selecting previously unselected package libsss-certmap0. 258s Preparing to unpack .../40-libsss-certmap0_2.9.4-1.1ubuntu6_s390x.deb ... 258s Unpacking libsss-certmap0 (2.9.4-1.1ubuntu6) ... 258s Selecting previously unselected package libsss-idmap0. 258s Preparing to unpack .../41-libsss-idmap0_2.9.4-1.1ubuntu6_s390x.deb ... 258s Unpacking libsss-idmap0 (2.9.4-1.1ubuntu6) ... 258s Selecting previously unselected package libsss-nss-idmap0. 258s Preparing to unpack .../42-libsss-nss-idmap0_2.9.4-1.1ubuntu6_s390x.deb ... 258s Unpacking libsss-nss-idmap0 (2.9.4-1.1ubuntu6) ... 258s Selecting previously unselected package sssd-common. 258s Preparing to unpack .../43-sssd-common_2.9.4-1.1ubuntu6_s390x.deb ... 258s Unpacking sssd-common (2.9.4-1.1ubuntu6) ... 258s Selecting previously unselected package sssd-idp. 258s Preparing to unpack .../44-sssd-idp_2.9.4-1.1ubuntu6_s390x.deb ... 258s Unpacking sssd-idp (2.9.4-1.1ubuntu6) ... 258s Selecting previously unselected package sssd-passkey. 258s Preparing to unpack .../45-sssd-passkey_2.9.4-1.1ubuntu6_s390x.deb ... 258s Unpacking sssd-passkey (2.9.4-1.1ubuntu6) ... 258s Selecting previously unselected package sssd-ad-common. 258s Preparing to unpack .../46-sssd-ad-common_2.9.4-1.1ubuntu6_s390x.deb ... 258s Unpacking sssd-ad-common (2.9.4-1.1ubuntu6) ... 258s Selecting previously unselected package sssd-krb5-common. 258s Preparing to unpack .../47-sssd-krb5-common_2.9.4-1.1ubuntu6_s390x.deb ... 258s Unpacking sssd-krb5-common (2.9.4-1.1ubuntu6) ... 258s Selecting previously unselected package sssd-ad. 258s Preparing to unpack .../48-sssd-ad_2.9.4-1.1ubuntu6_s390x.deb ... 258s Unpacking sssd-ad (2.9.4-1.1ubuntu6) ... 258s Selecting previously unselected package sssd-ipa. 258s Preparing to unpack .../49-sssd-ipa_2.9.4-1.1ubuntu6_s390x.deb ... 258s Unpacking sssd-ipa (2.9.4-1.1ubuntu6) ... 258s Selecting previously unselected package sssd-krb5. 258s Preparing to unpack .../50-sssd-krb5_2.9.4-1.1ubuntu6_s390x.deb ... 258s Unpacking sssd-krb5 (2.9.4-1.1ubuntu6) ... 258s Selecting previously unselected package sssd-ldap. 258s Preparing to unpack .../51-sssd-ldap_2.9.4-1.1ubuntu6_s390x.deb ... 258s Unpacking sssd-ldap (2.9.4-1.1ubuntu6) ... 258s Selecting previously unselected package sssd-proxy. 258s Preparing to unpack .../52-sssd-proxy_2.9.4-1.1ubuntu6_s390x.deb ... 258s Unpacking sssd-proxy (2.9.4-1.1ubuntu6) ... 259s Selecting previously unselected package sssd. 259s Preparing to unpack .../53-sssd_2.9.4-1.1ubuntu6_s390x.deb ... 259s Unpacking sssd (2.9.4-1.1ubuntu6) ... 259s Selecting previously unselected package sssd-dbus. 259s Preparing to unpack .../54-sssd-dbus_2.9.4-1.1ubuntu6_s390x.deb ... 259s Unpacking sssd-dbus (2.9.4-1.1ubuntu6) ... 259s Selecting previously unselected package sssd-kcm. 259s Preparing to unpack .../55-sssd-kcm_2.9.4-1.1ubuntu6_s390x.deb ... 259s Unpacking sssd-kcm (2.9.4-1.1ubuntu6) ... 259s Selecting previously unselected package sssd-tools. 259s Preparing to unpack .../56-sssd-tools_2.9.4-1.1ubuntu6_s390x.deb ... 259s Unpacking sssd-tools (2.9.4-1.1ubuntu6) ... 259s Selecting previously unselected package libipa-hbac-dev. 259s Preparing to unpack .../57-libipa-hbac-dev_2.9.4-1.1ubuntu6_s390x.deb ... 259s Unpacking libipa-hbac-dev (2.9.4-1.1ubuntu6) ... 259s Selecting previously unselected package libsss-certmap-dev. 259s Preparing to unpack .../58-libsss-certmap-dev_2.9.4-1.1ubuntu6_s390x.deb ... 259s Unpacking libsss-certmap-dev (2.9.4-1.1ubuntu6) ... 259s Selecting previously unselected package libsss-idmap-dev. 259s Preparing to unpack .../59-libsss-idmap-dev_2.9.4-1.1ubuntu6_s390x.deb ... 259s Unpacking libsss-idmap-dev (2.9.4-1.1ubuntu6) ... 259s Selecting previously unselected package libsss-nss-idmap-dev. 259s Preparing to unpack .../60-libsss-nss-idmap-dev_2.9.4-1.1ubuntu6_s390x.deb ... 259s Unpacking libsss-nss-idmap-dev (2.9.4-1.1ubuntu6) ... 259s Selecting previously unselected package libsss-sudo. 259s Preparing to unpack .../61-libsss-sudo_2.9.4-1.1ubuntu6_s390x.deb ... 259s Unpacking libsss-sudo (2.9.4-1.1ubuntu6) ... 259s Selecting previously unselected package python3-libipa-hbac. 259s Preparing to unpack .../62-python3-libipa-hbac_2.9.4-1.1ubuntu6_s390x.deb ... 259s Unpacking python3-libipa-hbac (2.9.4-1.1ubuntu6) ... 259s Selecting previously unselected package python3-libsss-nss-idmap. 259s Preparing to unpack .../63-python3-libsss-nss-idmap_2.9.4-1.1ubuntu6_s390x.deb ... 259s Unpacking python3-libsss-nss-idmap (2.9.4-1.1ubuntu6) ... 259s Selecting previously unselected package autopkgtest-satdep. 259s Preparing to unpack .../64-1-autopkgtest-satdep.deb ... 259s Unpacking autopkgtest-satdep (0) ... 259s Setting up libpwquality-common (1.4.5-3build1) ... 259s Setting up libnfsidmap1:s390x (1:2.6.4-4ubuntu1) ... 259s Setting up libsss-idmap0 (2.9.4-1.1ubuntu6) ... 259s Setting up libbasicobjects0t64:s390x (0.6.2-2.1build1) ... 259s Setting up libipa-hbac0t64 (2.9.4-1.1ubuntu6) ... 259s Setting up libsss-idmap-dev (2.9.4-1.1ubuntu6) ... 259s Setting up libref-array1t64:s390x (0.6.2-2.1build1) ... 259s Setting up libipa-hbac-dev (2.9.4-1.1ubuntu6) ... 259s Setting up libtdb1:s390x (1.4.10-1build1) ... 259s Setting up libcollection4t64:s390x (0.6.2-2.1build1) ... 259s Setting up libevent-2.1-7t64:s390x (2.1.12-stable-10) ... 259s Setting up ldap-utils (2.6.7+dfsg-1~exp1ubuntu8) ... 259s Setting up libjose0:s390x (13-1) ... 259s Setting up libwbclient0:s390x (2:4.19.5+dfsg-4ubuntu9) ... 259s Setting up libtalloc2:s390x (2.4.2-1build2) ... 259s Setting up libpath-utils1t64:s390x (0.6.2-2.1build1) ... 259s Setting up libavahi-common-data:s390x (0.8-13ubuntu6) ... 259s Setting up libcares2:s390x (1.27.0-1.0ubuntu1) ... 259s Setting up libdhash1t64:s390x (0.6.2-2.1build1) ... 259s Setting up libtcl8.6:s390x (8.6.14+dfsg-1build1) ... 259s Setting up libltdl7:s390x (2.4.7-7build1) ... 259s Setting up libcrack2:s390x (2.9.6-5.1build2) ... 259s Setting up libodbc2:s390x (2.3.12-1ubuntu1) ... 259s Setting up python3-libipa-hbac (2.9.4-1.1ubuntu6) ... 259s Setting up libnss-sudo (1.9.15p5-3ubuntu5) ... 259s Setting up libsss-nss-idmap0 (2.9.4-1.1ubuntu6) ... 259s Setting up libini-config5t64:s390x (0.6.2-2.1build1) ... 259s Setting up libtevent0t64:s390x (0.16.1-2build1) ... 259s Setting up libnss-sss:s390x (2.9.4-1.1ubuntu6) ... 259s Setting up slapd (2.6.7+dfsg-1~exp1ubuntu8) ... 259s Creating new user openldap... done. 259s Creating initial configuration... done. 259s Creating LDAP directory... done. 259s Setting up tcl8.6 (8.6.14+dfsg-1build1) ... 259s Setting up libsss-sudo (2.9.4-1.1ubuntu6) ... 259s Setting up libsss-nss-idmap-dev (2.9.4-1.1ubuntu6) ... 259s Setting up libavahi-common3:s390x (0.8-13ubuntu6) ... 259s Setting up tcl-expect:s390x (5.45.4-3) ... 259s Setting up libsss-certmap0 (2.9.4-1.1ubuntu6) ... 259s Setting up libpwquality1:s390x (1.4.5-3build1) ... 259s Setting up python3-libsss-nss-idmap (2.9.4-1.1ubuntu6) ... 259s Setting up libldb2:s390x (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 259s Setting up libavahi-client3:s390x (0.8-13ubuntu6) ... 259s Setting up expect (5.45.4-3) ... 259s Setting up libpam-pwquality:s390x (1.4.5-3build1) ... 260s Setting up samba-libs:s390x (2:4.19.5+dfsg-4ubuntu9) ... 260s Setting up libsss-certmap-dev (2.9.4-1.1ubuntu6) ... 260s Setting up python3-sss (2.9.4-1.1ubuntu6) ... 260s Setting up libsmbclient0:s390x (2:4.19.5+dfsg-4ubuntu9) ... 260s Setting up libpam-sss:s390x (2.9.4-1.1ubuntu6) ... 260s Setting up sssd-common (2.9.4-1.1ubuntu6) ... 260s Creating SSSD system user & group... 260s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 260s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 260s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 260s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 260s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-autofs.socket' → '/usr/lib/systemd/system/sssd-autofs.socket'. 261s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-nss.socket' → '/usr/lib/systemd/system/sssd-nss.socket'. 261s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket' → '/usr/lib/systemd/system/sssd-pam-priv.socket'. 261s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pam.socket' → '/usr/lib/systemd/system/sssd-pam.socket'. 261s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-ssh.socket' → '/usr/lib/systemd/system/sssd-ssh.socket'. 261s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-sudo.socket' → '/usr/lib/systemd/system/sssd-sudo.socket'. 262s Created symlink '/etc/systemd/system/multi-user.target.wants/sssd.service' → '/usr/lib/systemd/system/sssd.service'. 262s sssd-autofs.service is a disabled or a static unit, not starting it. 262s sssd-nss.service is a disabled or a static unit, not starting it. 262s sssd-pam.service is a disabled or a static unit, not starting it. 262s sssd-ssh.service is a disabled or a static unit, not starting it. 262s sssd-sudo.service is a disabled or a static unit, not starting it. 262s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 262s Setting up sssd-proxy (2.9.4-1.1ubuntu6) ... 262s Setting up sssd-kcm (2.9.4-1.1ubuntu6) ... 262s Created symlink '/etc/systemd/system/sockets.target.wants/sssd-kcm.socket' → '/usr/lib/systemd/system/sssd-kcm.socket'. 263s sssd-kcm.service is a disabled or a static unit, not starting it. 263s Setting up sssd-dbus (2.9.4-1.1ubuntu6) ... 263s sssd-ifp.service is a disabled or a static unit, not starting it. 263s Setting up sssd-ad-common (2.9.4-1.1ubuntu6) ... 263s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pac.socket' → '/usr/lib/systemd/system/sssd-pac.socket'. 263s sssd-pac.service is a disabled or a static unit, not starting it. 263s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 263s Setting up sssd-krb5-common (2.9.4-1.1ubuntu6) ... 263s Setting up sssd-krb5 (2.9.4-1.1ubuntu6) ... 263s Setting up sssd-ldap (2.9.4-1.1ubuntu6) ... 263s Setting up sssd-ad (2.9.4-1.1ubuntu6) ... 263s Setting up sssd-tools (2.9.4-1.1ubuntu6) ... 263s Setting up sssd-ipa (2.9.4-1.1ubuntu6) ... 263s Setting up sssd (2.9.4-1.1ubuntu6) ... 263s Setting up libverto-libevent1t64:s390x (0.3.1-1.2ubuntu3) ... 263s Setting up libverto1t64:s390x (0.3.1-1.2ubuntu3) ... 263s Setting up libkrad0:s390x (1.20.1-6ubuntu2) ... 263s Setting up sssd-passkey (2.9.4-1.1ubuntu6) ... 263s Setting up sssd-idp (2.9.4-1.1ubuntu6) ... 263s Setting up autopkgtest-satdep (0) ... 263s Processing triggers for libc-bin (2.39-0ubuntu8.1) ... 263s Processing triggers for ufw (0.36.2-6) ... 264s Processing triggers for man-db (2.12.1-2) ... 264s Processing triggers for dbus (1.14.10-4ubuntu4) ... 282s (Reading database ... 55976 files and directories currently installed.) 282s Removing autopkgtest-satdep (0) ... 283s autopkgtest [19:08:58]: test ldap-user-group-ldap-auth: [----------------------- 283s + . debian/tests/util 283s + . debian/tests/common-tests 283s + mydomain=example.com 283s + myhostname=ldap.example.com 283s + mysuffix=dc=example,dc=com 283s + admin_dn=cn=admin,dc=example,dc=com 283s + admin_pw=secret 283s + ldap_user=testuser1 283s + ldap_user_pw=testuser1secret 283s + ldap_group=ldapusers 283s + adjust_hostname ldap.example.com 283s + local myhostname=ldap.example.com 283s + echo ldap.example.com 283s + hostname ldap.example.com 283s + grep -qE ldap.example.com /etc/hosts 283s + echo 127.0.1.10 ldap.example.com 283s + reconfigure_slapd 283s + debconf-set-selections 283s + rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb 283s + dpkg-reconfigure -fnoninteractive -pcritical slapd 283s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8... done. 283s Moving old database directory to /var/backups: 283s - directory unknown... done. 283s Creating initial configuration... done. 283s Creating LDAP directory... done. 284s + generate_certs ldap.example.com 284s + local cn=ldap.example.com 284s + local cert=/etc/ldap/server.pem 284s + local key=/etc/ldap/server.key 284s + local cnf=/etc/ldap/openssl.cnf 284s + cat 284s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 284s ............................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 284s ..................................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 284s ----- 284s + chmod 0640 /etc/ldap/server.key 284s + chgrp openldap /etc/ldap/server.key 284s + [ ! -f /etc/ldap/server.pem ] 284s + [ ! -f /etc/ldap/server.key ] 284s + enable_ldap_ssl 284s + cat 284s + cat 284s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 284s + populate_ldap_rfc2307 284s + modifying entry "cn=config" 284s 284s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 284s cat 284s adding new entry "ou=People,dc=example,dc=com" 284s 284s adding new entry "ou=Group,dc=example,dc=com" 284s 284s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 284s 284s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 284s 284s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 284s 284s + configure_sssd_ldap_rfc2307 284s + cat 284s + chmod 0600 /etc/sssd/sssd.conf 284s + systemctl restart sssd 284s + enable_pam_mkhomedir 284s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 284s + echo session optional pam_mkhomedir.so 284s + run_common_tests 284s + Assert local user databases do not have our LDAP test data 284s echo Assert local user databases do not have our LDAP test data 284s + check_local_user testuser1 284s + local local_user=testuser1 284s + grep -q ^testuser1 /etc/passwd 284s + check_local_group testuser1 284s + local local_group=testuser1 284s + grep -q ^testuser1 /etc/group 284s + check_local_group ldapusers 284s + local local_group=ldapusers 284s + grep -q ^ldapusers /etc/group 284s The LDAP user is known to the system via getent 284s + echo The LDAP user is known to the system via getent 284s + check_getent_user testuser1 284s + local getent_user=testuser1 284s + local output 284s + getent passwd testuser1 284s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 284s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 284s The LDAP user's private group is known to the system via getent 284s + echo The LDAP user's private group is known to the system via getent 284s + check_getent_group testuser1 284s + localThe LDAP group ldapusers is known to the system via getent 284s getent_group=testuser1 284s + local output 284s + getent group testuser1 284s + output=testuser1:*:10001:testuser1 284s + [ -z testuser1:*:10001:testuser1 ] 284s + echo The LDAP group ldapusers is known to the system via getent 284s + check_getent_group ldapusers 284s + local getent_group=ldapusers 284s + local output 284s + getent group ldapusers 284s + output=ldapusers:*:10100:testuser1 284s + [ -z ldapusers:*:10100:testuser1 ] 284s + echo The id(1) command can resolve the group membership of the LDAP user 284s + id -Gn testuser1 284s + output=testuser1 ldapusers 284s + [ testuser1 ldapusers != testuser1 ldapusers ] 284s + echo The LDAP user can login on a terminal 284s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1secret 284s The id(1) command can resolve the group membership of the LDAP user 284s The LDAP user can login on a terminal 284s spawn login 284s ldap.example.com login: testuser1 284s Password: 284s Welcome to Ubuntu Oracular Oriole (development branch) (GNU/Linux 6.8.0-31-generic s390x) 284s 284s * Documentation: https://help.ubuntu.com 284s * Management: https://landscape.canonical.com 284s * Support: https://ubuntu.com/pro 284s 284s 284s The programs included with the Ubuntu system are free software; 284s the exact distribution terms for each program are described in the 284s individual files in /usr/share/doc/*/copyright. 284s 284s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 284s applicable law. 284s 284s 284s The programs included with the Ubuntu system are free software; 284s the exact distribution terms for each program are described in the 284s individual files in /usr/share/doc/*/copyright. 284s 284s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 284s applicable law. 284s 284s Creating directory '/home/testuser1'. 284s [?2004htestuser1@ldap:~$ id -un 284s [?2004l testuser1 284s [?2004htestuser1@ldap:~$ autopkgtest [19:08:59]: test ldap-user-group-ldap-auth: -----------------------] 285s autopkgtest [19:09:00]: test ldap-user-group-ldap-auth: - - - - - - - - - - results - - - - - - - - - - 285s ldap-user-group-ldap-auth PASS 285s autopkgtest [19:09:00]: test ldap-user-group-krb5-auth: preparing testbed 287s Reading package lists... 287s Building dependency tree... 287s Reading state information... 287s Starting pkgProblemResolver with broken count: 0 287s Starting 2 pkgProblemResolver with broken count: 0 287s Done 287s The following additional packages will be installed: 287s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4t64 287s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10t64 287s Suggested packages: 287s krb5-kdc-ldap krb5-kpropd krb5-k5tls krb5-doc 287s The following NEW packages will be installed: 287s autopkgtest-satdep krb5-admin-server krb5-config krb5-kdc krb5-user 287s libgssrpc4t64 libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10t64 287s 0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded. 287s Need to get 620 kB/621 kB of archives. 287s After this operation, 2106 kB of additional disk space will be used. 287s Get:1 /tmp/autopkgtest.atwhkQ/2-autopkgtest-satdep.deb autopkgtest-satdep s390x 0 [888 B] 287s Get:2 http://ftpmaster.internal/ubuntu oracular/main s390x krb5-config all 2.7 [22.0 kB] 287s Get:3 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x libgssrpc4t64 s390x 1.20.1-6ubuntu2 [60.5 kB] 287s Get:4 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x libkadm5clnt-mit12 s390x 1.20.1-6ubuntu2 [40.9 kB] 288s Get:5 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x libkdb5-10t64 s390x 1.20.1-6ubuntu2 [42.4 kB] 288s Get:6 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x libkadm5srv-mit12 s390x 1.20.1-6ubuntu2 [55.9 kB] 288s Get:7 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x krb5-user s390x 1.20.1-6ubuntu2 [110 kB] 288s Get:8 http://ftpmaster.internal/ubuntu oracular-proposed/universe s390x krb5-kdc s390x 1.20.1-6ubuntu2 [191 kB] 288s Get:9 http://ftpmaster.internal/ubuntu oracular-proposed/universe s390x krb5-admin-server s390x 1.20.1-6ubuntu2 [96.9 kB] 288s Preconfiguring packages ... 289s Fetched 620 kB in 1s (1091 kB/s) 289s Selecting previously unselected package krb5-config. 289s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 55976 files and directories currently installed.) 289s Preparing to unpack .../0-krb5-config_2.7_all.deb ... 289s Unpacking krb5-config (2.7) ... 289s Selecting previously unselected package libgssrpc4t64:s390x. 289s Preparing to unpack .../1-libgssrpc4t64_1.20.1-6ubuntu2_s390x.deb ... 289s Unpacking libgssrpc4t64:s390x (1.20.1-6ubuntu2) ... 289s Selecting previously unselected package libkadm5clnt-mit12:s390x. 289s Preparing to unpack .../2-libkadm5clnt-mit12_1.20.1-6ubuntu2_s390x.deb ... 289s Unpacking libkadm5clnt-mit12:s390x (1.20.1-6ubuntu2) ... 289s Selecting previously unselected package libkdb5-10t64:s390x. 289s Preparing to unpack .../3-libkdb5-10t64_1.20.1-6ubuntu2_s390x.deb ... 289s Unpacking libkdb5-10t64:s390x (1.20.1-6ubuntu2) ... 289s Selecting previously unselected package libkadm5srv-mit12:s390x. 289s Preparing to unpack .../4-libkadm5srv-mit12_1.20.1-6ubuntu2_s390x.deb ... 289s Unpacking libkadm5srv-mit12:s390x (1.20.1-6ubuntu2) ... 289s Selecting previously unselected package krb5-user. 289s Preparing to unpack .../5-krb5-user_1.20.1-6ubuntu2_s390x.deb ... 289s Unpacking krb5-user (1.20.1-6ubuntu2) ... 289s Selecting previously unselected package krb5-kdc. 289s Preparing to unpack .../6-krb5-kdc_1.20.1-6ubuntu2_s390x.deb ... 289s Unpacking krb5-kdc (1.20.1-6ubuntu2) ... 290s Selecting previously unselected package krb5-admin-server. 290s Preparing to unpack .../7-krb5-admin-server_1.20.1-6ubuntu2_s390x.deb ... 290s Unpacking krb5-admin-server (1.20.1-6ubuntu2) ... 290s Selecting previously unselected package autopkgtest-satdep. 290s Preparing to unpack .../8-2-autopkgtest-satdep.deb ... 290s Unpacking autopkgtest-satdep (0) ... 290s Setting up libgssrpc4t64:s390x (1.20.1-6ubuntu2) ... 290s Setting up krb5-config (2.7) ... 290s Setting up libkadm5clnt-mit12:s390x (1.20.1-6ubuntu2) ... 290s Setting up libkdb5-10t64:s390x (1.20.1-6ubuntu2) ... 290s Setting up libkadm5srv-mit12:s390x (1.20.1-6ubuntu2) ... 290s Setting up krb5-user (1.20.1-6ubuntu2) ... 290s update-alternatives: using /usr/bin/kinit.mit to provide /usr/bin/kinit (kinit) in auto mode 290s update-alternatives: using /usr/bin/klist.mit to provide /usr/bin/klist (klist) in auto mode 290s update-alternatives: using /usr/bin/kswitch.mit to provide /usr/bin/kswitch (kswitch) in auto mode 290s update-alternatives: using /usr/bin/ksu.mit to provide /usr/bin/ksu (ksu) in auto mode 290s update-alternatives: using /usr/bin/kpasswd.mit to provide /usr/bin/kpasswd (kpasswd) in auto mode 290s update-alternatives: using /usr/bin/kdestroy.mit to provide /usr/bin/kdestroy (kdestroy) in auto mode 290s update-alternatives: using /usr/bin/kadmin.mit to provide /usr/bin/kadmin (kadmin) in auto mode 290s update-alternatives: using /usr/bin/ktutil.mit to provide /usr/bin/ktutil (ktutil) in auto mode 290s Setting up krb5-kdc (1.20.1-6ubuntu2) ... 290s Created symlink '/etc/systemd/system/multi-user.target.wants/krb5-kdc.service' → '/usr/lib/systemd/system/krb5-kdc.service'. 291s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 291s Setting up krb5-admin-server (1.20.1-6ubuntu2) ... 291s Created symlink '/etc/systemd/system/multi-user.target.wants/krb5-admin-server.service' → '/usr/lib/systemd/system/krb5-admin-server.service'. 292s Setting up autopkgtest-satdep (0) ... 292s Processing triggers for man-db (2.12.1-2) ... 292s Processing triggers for libc-bin (2.39-0ubuntu8.1) ... 300s (Reading database ... 56071 files and directories currently installed.) 300s Removing autopkgtest-satdep (0) ... 300s autopkgtest [19:09:15]: test ldap-user-group-krb5-auth: [----------------------- 301s + . debian/tests/util 301s + . debian/tests/common-tests 301s + mydomain=example.com 301s + myhostname=ldap.example.com 301s + mysuffix=dc=example,dc=com 301s + myrealm=EXAMPLE.COM 301s + admin_dn=cn=admin,dc=example,dc=com 301s + admin_pw=secret 301s + ldap_user=testuser1 301s + ldap_user_pw=testuser1secret 301s + kerberos_principal_pw=testuser1kerberos 301s + ldap_group=ldapusers 301s + adjust_hostname ldap.example.com 301s + local myhostname=ldap.example.com 301s + echo ldap.example.com 301s + hostname ldap.example.com 301s + grep -qE ldap.example.com /etc/hosts 301s + reconfigure_slapd 301s + debconf-set-selections 301s + rm -rf /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8 /var/backups/unknown-2.6.7+dfsg-1~exp1ubuntu8-20240613-190858.ldapdb 301s + dpkg-reconfigure -fnoninteractive -pcritical slapd 301s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu8... done. 301s Moving old database directory to /var/backups: 301s - directory unknown... done. 301s Creating initial configuration... done. 301s Creating LDAP directory... done. 301s + generate_certs ldap.example.com 301s + local cn=ldap.example.com 301s + local cert=/etc/ldap/server.pem 301s + local key=/etc/ldap/server.key 301s + local cnf=/etc/ldap/openssl.cnf 301s + cat 301s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 301s ......++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 301s ..................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 301s ----- 301s + chmod 0640 /etc/ldap/server.key 301s modifying entry "cn=config" 301s 301s adding new entry "ou=People,dc=example,dc=com" 301s 301s adding new entry "ou=Group,dc=example,dc=com" 301s 301s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 301s 301s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 301s 301s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 301s 301s Initializing database '/var/lib/krb5kdc/principal' for realm 'EXAMPLE.COM', 301s master key name 'K/M@EXAMPLE.COM' 301s + chgrp openldap /etc/ldap/server.key 301s + [ ! -f /etc/ldap/server.pem ] 301s + [ ! -f /etc/ldap/server.key ] 301s + enable_ldap_ssl 301s + cat 301s + cat+ 301s ldapmodify -H ldapi:/// -Y EXTERNAL -Q 301s + populate_ldap_rfc2307 301s + cat 301s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 301s + create_realm EXAMPLE.COM ldap.example.com 301s + local realm_name=EXAMPLE.COM 301s + local kerberos_server=ldap.example.com 301s + rm -rf /var/lib/krb5kdc/* 301s + rm -rf /etc/krb5kdc/kdc.conf 301s + rm -f /etc/krb5.keytab 301s + cat 301s + cat 301s + echo # */admin * 301s + kdb5_util create -s -P secretpassword 301s + systemctl restart krb5-kdc.service krb5-admin-server.service 302s + create_krb_principal testuser1 testuser1kerberos 302s + local principal=testuser1 302s + local password=testuser1kerberos 302s + kadmin.local -q addprinc -pw testuser1kerberos testuser1 302s No policy specified for testuser1@EXAMPLE.COM; defaulting to no policy 302s Authenticating as principal root/admin@EXAMPLE.COM with password. 302s Principal "testuser1@EXAMPLE.COM" created. 302s + configure_sssd_ldap_rfc2307_krb5_auth 302s + cat 302s + chmod 0600 /etc/sssd/sssd.conf 302s + systemctl restart sssd 302s + enable_pam_mkhomedir 302s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 302s + run_common_tests 302s + echoAssert local user databases do not have our LDAP test data 302s Assert local user databases do not have our LDAP test data 302s + check_local_user testuser1 302s + local local_user=testuser1 302s + grep -q ^testuser1 /etc/passwd 302s + check_local_group testuser1 302s + local local_group=testuser1 302s + grep -q ^testuser1 /etc/group 302s + check_local_group ldapusers 302s + local local_group=ldapusers 302s + grep -q ^ldapusers /etc/group 302s + echo The LDAP user is known to the system via getent 302s + check_getent_user testuser1 302s + local getent_user=testuser1 302s + local output 302s + getent passwd testuser1 302s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 302s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 302s + echo The LDAP user's private group is known to the system via getent 302s + check_getent_group testuser1 302s + local getent_group=testuser1 302s + local output 302s + getent group testuser1 302s + output=testuser1:*:10001:testuser1 302s + [ -z testuser1:*:10001:testuser1 ] 302s + echo The LDAP group ldapusers is known to the system via getent 302s + check_getent_group ldapusers 302s + local getent_group=ldapusers 302s + local output 302s + getent group ldapusers 302s + output=ldapusers:*:10100:testuser1 302s + [ -z ldapusers:*:10100:testuser1 ] 302s + echo The id(1) command can resolve the group membership of the LDAP user 302s + id -Gn testuser1 302s + output=testuser1 ldapusers 302s + [ testuser1 ldapusers != testuser1 ldapusersThe LDAP user is known to the system via getent 302s The LDAP user's private group is known to the system via getent 302s The LDAP group ldapusers is known to the system via getent 302s The id(1) command can resolve the group membership of the LDAP user 302s The Kerberos principal can login on a terminal 302s spawn login 302s ldap.example.com login: testuser1 302s ] 302s + echo The Kerberos principal can login on a terminal 302s + kdestroy 302s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1kerberos testuser1@EXAMPLE.COM 302s Password: 302s Welcome to Ubuntu Oracular Oriole (development branch) (GNU/Linux 6.8.0-31-generic s390x) 302s 302s * Documentation: https://help.ubuntu.com 302s * Management: https://landscape.canonical.com 302s * Support: https://ubuntu.com/pro 302s 302s 302s The programs included with the Ubuntu system are free software; 302s the exact distribution terms for each program are described in the 302s individual files in /usr/share/doc/*/copyright. 302s 302s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 302s applicable law. 302s 302s [?2004htestuser1@ldap:~$ id -un 302s [?2004l testuser1 302s [?2004htestuser1@ldap:~$ klist 302s [?2004l Ticket cache: FILE:/tmp/krb5cc_10001_mklr9F 302s Default principal: testuser1@EXAMPLE.COMautopkgtest [19:09:17]: test ldap-user-group-krb5-auth: -----------------------] 303s autopkgtest [19:09:18]: test ldap-user-group-krb5-auth: - - - - - - - - - - results - - - - - - - - - - 303s ldap-user-group-krb5-auth PASS 303s autopkgtest [19:09:18]: test sssd-softhism2-certificates-tests.sh: preparing testbed 446s autopkgtest [19:11:41]: testbed dpkg architecture: s390x 446s autopkgtest [19:11:41]: testbed apt version: 2.9.3 446s autopkgtest [19:11:41]: @@@@@@@@@@@@@@@@@@@@ test bed setup 447s Get:1 http://ftpmaster.internal/ubuntu oracular-proposed InRelease [110 kB] 447s Get:2 http://ftpmaster.internal/ubuntu oracular-proposed/universe Sources [363 kB] 447s Get:3 http://ftpmaster.internal/ubuntu oracular-proposed/multiverse Sources [2576 B] 447s Get:4 http://ftpmaster.internal/ubuntu oracular-proposed/main Sources [38.7 kB] 447s Get:5 http://ftpmaster.internal/ubuntu oracular-proposed/restricted Sources [7052 B] 447s Get:6 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x Packages [60.3 kB] 447s Get:7 http://ftpmaster.internal/ubuntu oracular-proposed/restricted s390x Packages [1860 B] 447s Get:8 http://ftpmaster.internal/ubuntu oracular-proposed/universe s390x Packages [308 kB] 447s Get:9 http://ftpmaster.internal/ubuntu oracular-proposed/multiverse s390x Packages [2528 B] 447s Fetched 894 kB in 1s (1244 kB/s) 447s Reading package lists... 449s Reading package lists... 450s Building dependency tree... 450s Reading state information... 450s Calculating upgrade... 450s The following package was automatically installed and is no longer required: 450s systemd-dev 450s Use 'sudo apt autoremove' to remove it. 450s The following packages will be upgraded: 450s dhcpcd-base dracut-install gir1.2-glib-2.0 libglib2.0-0t64 libglib2.0-data 450s libnss-systemd libpam-systemd libsystemd-shared libsystemd0 libtraceevent1 450s libtraceevent1-plugin libudev1 systemd systemd-dev systemd-resolved 450s systemd-sysv systemd-timesyncd udev 450s 18 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 450s Need to get 11.6 MB of archives. 450s After this operation, 1416 kB of additional disk space will be used. 450s Get:1 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x systemd-dev all 256-1ubuntu1 [111 kB] 450s Get:2 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x systemd-timesyncd s390x 256-1ubuntu1 [35.4 kB] 450s Get:3 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x systemd-resolved s390x 256-1ubuntu1 [318 kB] 450s Get:4 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x libsystemd-shared s390x 256-1ubuntu1 [2244 kB] 451s Get:5 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x libsystemd0 s390x 256-1ubuntu1 [455 kB] 451s Get:6 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x systemd-sysv s390x 256-1ubuntu1 [11.8 kB] 451s Get:7 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x libnss-systemd s390x 256-1ubuntu1 [170 kB] 452s Get:8 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x libpam-systemd s390x 256-1ubuntu1 [250 kB] 452s Get:9 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x systemd s390x 256-1ubuntu1 [3713 kB] 452s Get:10 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x udev s390x 256-1ubuntu1 [1965 kB] 453s Get:11 http://ftpmaster.internal/ubuntu oracular-proposed/main s390x libudev1 s390x 256-1ubuntu1 [197 kB] 453s Get:12 http://ftpmaster.internal/ubuntu oracular/main s390x dhcpcd-base s390x 1:10.0.8-2 [216 kB] 453s Get:13 http://ftpmaster.internal/ubuntu oracular/main s390x gir1.2-glib-2.0 s390x 2.80.3-1ubuntu1 [180 kB] 453s Get:14 http://ftpmaster.internal/ubuntu oracular/main s390x libglib2.0-0t64 s390x 2.80.3-1ubuntu1 [1558 kB] 453s Get:15 http://ftpmaster.internal/ubuntu oracular/main s390x libglib2.0-data all 2.80.3-1ubuntu1 [49.3 kB] 453s Get:16 http://ftpmaster.internal/ubuntu oracular/main s390x libtraceevent1-plugin s390x 1:1.8.2-1ubuntu3 [20.4 kB] 453s Get:17 http://ftpmaster.internal/ubuntu oracular/main s390x libtraceevent1 s390x 1:1.8.2-1ubuntu3 [60.5 kB] 453s Get:18 http://ftpmaster.internal/ubuntu oracular/main s390x dracut-install s390x 102-3ubuntu1 [33.3 kB] 453s Fetched 11.6 MB in 3s (3942 kB/s) 453s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54670 files and directories currently installed.) 453s Preparing to unpack .../systemd-dev_256-1ubuntu1_all.deb ... 453s Unpacking systemd-dev (256-1ubuntu1) over (255.4-1ubuntu8) ... 453s Preparing to unpack .../systemd-timesyncd_256-1ubuntu1_s390x.deb ... 453s Unpacking systemd-timesyncd (256-1ubuntu1) over (255.4-1ubuntu8) ... 453s Preparing to unpack .../systemd-resolved_256-1ubuntu1_s390x.deb ... 453s Unpacking systemd-resolved (256-1ubuntu1) over (255.4-1ubuntu8) ... 453s Preparing to unpack .../libsystemd-shared_256-1ubuntu1_s390x.deb ... 453s Unpacking libsystemd-shared:s390x (256-1ubuntu1) over (255.4-1ubuntu8) ... 453s Preparing to unpack .../libsystemd0_256-1ubuntu1_s390x.deb ... 453s Unpacking libsystemd0:s390x (256-1ubuntu1) over (255.4-1ubuntu8) ... 453s Setting up libsystemd0:s390x (256-1ubuntu1) ... 453s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54672 files and directories currently installed.) 453s Preparing to unpack .../0-systemd-sysv_256-1ubuntu1_s390x.deb ... 453s Unpacking systemd-sysv (256-1ubuntu1) over (255.4-1ubuntu8) ... 453s Preparing to unpack .../1-libnss-systemd_256-1ubuntu1_s390x.deb ... 453s Unpacking libnss-systemd:s390x (256-1ubuntu1) over (255.4-1ubuntu8) ... 453s Preparing to unpack .../2-libpam-systemd_256-1ubuntu1_s390x.deb ... 453s Unpacking libpam-systemd:s390x (256-1ubuntu1) over (255.4-1ubuntu8) ... 453s Preparing to unpack .../3-systemd_256-1ubuntu1_s390x.deb ... 453s Unpacking systemd (256-1ubuntu1) over (255.4-1ubuntu8) ... 454s Preparing to unpack .../4-udev_256-1ubuntu1_s390x.deb ... 454s Unpacking udev (256-1ubuntu1) over (255.4-1ubuntu8) ... 454s Preparing to unpack .../5-libudev1_256-1ubuntu1_s390x.deb ... 454s Unpacking libudev1:s390x (256-1ubuntu1) over (255.4-1ubuntu8) ... 454s Setting up libudev1:s390x (256-1ubuntu1) ... 454s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54732 files and directories currently installed.) 454s Preparing to unpack .../0-dhcpcd-base_1%3a10.0.8-2_s390x.deb ... 454s Unpacking dhcpcd-base (1:10.0.8-2) over (1:10.0.8-1) ... 454s Preparing to unpack .../1-gir1.2-glib-2.0_2.80.3-1ubuntu1_s390x.deb ... 454s Unpacking gir1.2-glib-2.0:s390x (2.80.3-1ubuntu1) over (2.80.2-1ubuntu1) ... 454s Preparing to unpack .../2-libglib2.0-0t64_2.80.3-1ubuntu1_s390x.deb ... 454s Unpacking libglib2.0-0t64:s390x (2.80.3-1ubuntu1) over (2.80.2-1ubuntu1) ... 454s Preparing to unpack .../3-libglib2.0-data_2.80.3-1ubuntu1_all.deb ... 454s Unpacking libglib2.0-data (2.80.3-1ubuntu1) over (2.80.2-1ubuntu1) ... 454s Preparing to unpack .../4-libtraceevent1-plugin_1%3a1.8.2-1ubuntu3_s390x.deb ... 454s Unpacking libtraceevent1-plugin:s390x (1:1.8.2-1ubuntu3) over (1:1.8.2-1ubuntu2) ... 454s Preparing to unpack .../5-libtraceevent1_1%3a1.8.2-1ubuntu3_s390x.deb ... 454s Unpacking libtraceevent1:s390x (1:1.8.2-1ubuntu3) over (1:1.8.2-1ubuntu2) ... 454s Preparing to unpack .../6-dracut-install_102-3ubuntu1_s390x.deb ... 454s Unpacking dracut-install (102-3ubuntu1) over (060+5-8ubuntu2) ... 454s Setting up systemd-dev (256-1ubuntu1) ... 454s Setting up libglib2.0-0t64:s390x (2.80.3-1ubuntu1) ... 454s No schema files found: doing nothing. 454s Setting up libglib2.0-data (2.80.3-1ubuntu1) ... 454s Setting up libsystemd-shared:s390x (256-1ubuntu1) ... 454s Setting up dhcpcd-base (1:10.0.8-2) ... 454s Setting up gir1.2-glib-2.0:s390x (2.80.3-1ubuntu1) ... 454s Setting up dracut-install (102-3ubuntu1) ... 454s Setting up libtraceevent1:s390x (1:1.8.2-1ubuntu3) ... 454s Setting up systemd (256-1ubuntu1) ... 454s Installing new version of config file /etc/systemd/journald.conf ... 454s Installing new version of config file /etc/systemd/logind.conf ... 454s Installing new version of config file /etc/systemd/networkd.conf ... 454s Installing new version of config file /etc/systemd/sleep.conf ... 454s Installing new version of config file /etc/systemd/system.conf ... 454s /usr/lib/tmpfiles.d/legacy.conf:13: Duplicate line for path "/run/lock", ignoring. 454s Created symlink '/run/systemd/system/tmp.mount' → '/dev/null'. 454s /usr/lib/tmpfiles.d/legacy.conf:13: Duplicate line for path "/run/lock", ignoring. 455s Setting up systemd-timesyncd (256-1ubuntu1) ... 456s Setting up udev (256-1ubuntu1) ... 456s Setting up libtraceevent1-plugin:s390x (1:1.8.2-1ubuntu3) ... 456s Setting up systemd-resolved (256-1ubuntu1) ... 456s Installing new version of config file /etc/systemd/resolved.conf ... 457s Setting up systemd-sysv (256-1ubuntu1) ... 457s Setting up libnss-systemd:s390x (256-1ubuntu1) ... 457s Setting up libpam-systemd:s390x (256-1ubuntu1) ... 457s Processing triggers for libc-bin (2.39-0ubuntu8.1) ... 457s Processing triggers for man-db (2.12.1-2) ... 458s Processing triggers for dbus (1.14.10-4ubuntu4) ... 458s Processing triggers for shared-mime-info (2.4-5) ... 458s Warning: program compiled against libxml 212 using older 209 458s Processing triggers for initramfs-tools (0.142ubuntu28) ... 458s update-initramfs: Generating /boot/initrd.img-6.8.0-31-generic 458s W: No lz4 in /usr/bin:/sbin:/bin, using gzip 462s Using config file '/etc/zipl.conf' 462s Building bootmap in '/boot' 462s Adding IPL section 'ubuntu' (default) 462s Preparing boot device for LD-IPL: vda (0000). 462s Done. 462s Reading package lists... 462s Building dependency tree... 462s Reading state information... 462s The following packages will be REMOVED: 462s systemd-dev* 463s 0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded. 463s After this operation, 760 kB disk space will be freed. 463s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54732 files and directories currently installed.) 463s Removing systemd-dev (256-1ubuntu1) ... 463s Hit:1 http://ftpmaster.internal/ubuntu oracular-proposed InRelease 463s Hit:2 http://ftpmaster.internal/ubuntu oracular InRelease 463s Hit:3 http://ftpmaster.internal/ubuntu oracular-updates InRelease 464s Hit:4 http://ftpmaster.internal/ubuntu oracular-security InRelease 464s Reading package lists... 464s Reading package lists... 464s Building dependency tree... 464s Reading state information... 465s Calculating upgrade... 465s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 465s Reading package lists... 465s Building dependency tree... 465s Reading state information... 465s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 465s autopkgtest [19:12:00]: rebooting testbed after setup commands that affected boot 469s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 497s Reading package lists... 497s Building dependency tree... 497s Reading state information... 497s Starting pkgProblemResolver with broken count: 0 497s Starting 2 pkgProblemResolver with broken count: 0 498s Done 498s The following additional packages will be installed: 498s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 498s libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 libdhash1t64 498s libevent-2.1-7t64 libgnutls-dane0t64 libini-config5t64 libipa-hbac0t64 498s libldb2 libnfsidmap1 libnss-sss libpam-pwquality libpam-sss 498s libpath-utils1t64 libpwquality-common libpwquality1 libref-array1t64 498s libsmbclient0 libsofthsm2 libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 498s libtalloc2 libtdb1 libtevent0t64 libunbound8 libwbclient0 python3-sss 498s samba-libs softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common 498s sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy 498s Suggested packages: 498s dns-root-data adcli libsss-sudo sssd-tools libsasl2-modules-ldap 498s Recommended packages: 498s cracklib-runtime libsasl2-modules-gssapi-mit 498s | libsasl2-modules-gssapi-heimdal ldap-utils 498s The following NEW packages will be installed: 498s autopkgtest-satdep gnutls-bin libavahi-client3 libavahi-common-data 498s libavahi-common3 libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 498s libdhash1t64 libevent-2.1-7t64 libgnutls-dane0t64 libini-config5t64 498s libipa-hbac0t64 libldb2 libnfsidmap1 libnss-sss libpam-pwquality libpam-sss 498s libpath-utils1t64 libpwquality-common libpwquality1 libref-array1t64 498s libsmbclient0 libsofthsm2 libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 498s libtalloc2 libtdb1 libtevent0t64 libunbound8 libwbclient0 python3-sss 498s samba-libs softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common 498s sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy 498s 0 upgraded, 46 newly installed, 0 to remove and 0 not upgraded. 498s Need to get 10.4 MB/10.4 MB of archives. 498s After this operation, 40.6 MB of additional disk space will be used. 498s Get:1 /tmp/autopkgtest.atwhkQ/3-autopkgtest-satdep.deb autopkgtest-satdep s390x 0 [748 B] 498s Get:2 http://ftpmaster.internal/ubuntu oracular/main s390x libevent-2.1-7t64 s390x 2.1.12-stable-10 [145 kB] 498s Get:3 http://ftpmaster.internal/ubuntu oracular/main s390x libunbound8 s390x 1.19.2-1ubuntu3 [454 kB] 498s Get:4 http://ftpmaster.internal/ubuntu oracular/main s390x libgnutls-dane0t64 s390x 3.8.5-4ubuntu1 [23.8 kB] 498s Get:5 http://ftpmaster.internal/ubuntu oracular/universe s390x gnutls-bin s390x 3.8.5-4ubuntu1 [284 kB] 498s Get:6 http://ftpmaster.internal/ubuntu oracular/main s390x libavahi-common-data s390x 0.8-13ubuntu6 [29.7 kB] 498s Get:7 http://ftpmaster.internal/ubuntu oracular/main s390x libavahi-common3 s390x 0.8-13ubuntu6 [24.1 kB] 498s Get:8 http://ftpmaster.internal/ubuntu oracular/main s390x libavahi-client3 s390x 0.8-13ubuntu6 [27.2 kB] 498s Get:9 http://ftpmaster.internal/ubuntu oracular/main s390x libbasicobjects0t64 s390x 0.6.2-2.1build1 [5838 B] 498s Get:10 http://ftpmaster.internal/ubuntu oracular/main s390x libcares2 s390x 1.27.0-1.0ubuntu1 [79.2 kB] 498s Get:11 http://ftpmaster.internal/ubuntu oracular/main s390x libcollection4t64 s390x 0.6.2-2.1build1 [23.9 kB] 498s Get:12 http://ftpmaster.internal/ubuntu oracular/main s390x libcrack2 s390x 2.9.6-5.1build2 [30.0 kB] 498s Get:13 http://ftpmaster.internal/ubuntu oracular/main s390x libdhash1t64 s390x 0.6.2-2.1build1 [9126 B] 498s Get:14 http://ftpmaster.internal/ubuntu oracular/main s390x libpath-utils1t64 s390x 0.6.2-2.1build1 [9394 B] 498s Get:15 http://ftpmaster.internal/ubuntu oracular/main s390x libref-array1t64 s390x 0.6.2-2.1build1 [7226 B] 498s Get:16 http://ftpmaster.internal/ubuntu oracular/main s390x libini-config5t64 s390x 0.6.2-2.1build1 [46.6 kB] 498s Get:17 http://ftpmaster.internal/ubuntu oracular/main s390x libipa-hbac0t64 s390x 2.9.4-1.1ubuntu6 [17.3 kB] 498s Get:18 http://ftpmaster.internal/ubuntu oracular/main s390x libtalloc2 s390x 2.4.2-1build2 [28.4 kB] 498s Get:19 http://ftpmaster.internal/ubuntu oracular/main s390x libtdb1 s390x 1.4.10-1build1 [50.0 kB] 498s Get:20 http://ftpmaster.internal/ubuntu oracular/main s390x libtevent0t64 s390x 0.16.1-2build1 [43.4 kB] 498s Get:21 http://ftpmaster.internal/ubuntu oracular/main s390x libldb2 s390x 2:2.8.0+samba4.19.5+dfsg-4ubuntu9 [192 kB] 498s Get:22 http://ftpmaster.internal/ubuntu oracular/main s390x libnfsidmap1 s390x 1:2.6.4-4ubuntu1 [49.9 kB] 498s Get:23 http://ftpmaster.internal/ubuntu oracular/main s390x libpwquality-common all 1.4.5-3build1 [7748 B] 499s Get:24 http://ftpmaster.internal/ubuntu oracular/main s390x libpwquality1 s390x 1.4.5-3build1 [14.8 kB] 499s Get:25 http://ftpmaster.internal/ubuntu oracular/main s390x libpam-pwquality s390x 1.4.5-3build1 [11.5 kB] 499s Get:26 http://ftpmaster.internal/ubuntu oracular/main s390x libwbclient0 s390x 2:4.19.5+dfsg-4ubuntu9 [71.3 kB] 499s Get:27 http://ftpmaster.internal/ubuntu oracular/main s390x samba-libs s390x 2:4.19.5+dfsg-4ubuntu9 [6231 kB] 499s Get:28 http://ftpmaster.internal/ubuntu oracular/main s390x libsmbclient0 s390x 2:4.19.5+dfsg-4ubuntu9 [65.0 kB] 499s Get:29 http://ftpmaster.internal/ubuntu oracular/universe s390x softhsm2-common s390x 2.6.1-2.2ubuntu3 [6196 B] 499s Get:30 http://ftpmaster.internal/ubuntu oracular/universe s390x libsofthsm2 s390x 2.6.1-2.2ubuntu3 [267 kB] 499s Get:31 http://ftpmaster.internal/ubuntu oracular/universe s390x softhsm2 s390x 2.6.1-2.2ubuntu3 [176 kB] 499s Get:32 http://ftpmaster.internal/ubuntu oracular/main s390x python3-sss s390x 2.9.4-1.1ubuntu6 [47.1 kB] 499s Get:33 http://ftpmaster.internal/ubuntu oracular/main s390x libsss-idmap0 s390x 2.9.4-1.1ubuntu6 [22.5 kB] 499s Get:34 http://ftpmaster.internal/ubuntu oracular/main s390x libnss-sss s390x 2.9.4-1.1ubuntu6 [33.0 kB] 499s Get:35 http://ftpmaster.internal/ubuntu oracular/main s390x libpam-sss s390x 2.9.4-1.1ubuntu6 [52.3 kB] 499s Get:36 http://ftpmaster.internal/ubuntu oracular/main s390x libsss-certmap0 s390x 2.9.4-1.1ubuntu6 [47.3 kB] 499s Get:37 http://ftpmaster.internal/ubuntu oracular/main s390x libsss-nss-idmap0 s390x 2.9.4-1.1ubuntu6 [31.7 kB] 499s Get:38 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-common s390x 2.9.4-1.1ubuntu6 [1125 kB] 500s Get:39 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-ad-common s390x 2.9.4-1.1ubuntu6 [74.8 kB] 500s Get:40 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-krb5-common s390x 2.9.4-1.1ubuntu6 [90.3 kB] 500s Get:41 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-ad s390x 2.9.4-1.1ubuntu6 [133 kB] 500s Get:42 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-ipa s390x 2.9.4-1.1ubuntu6 [216 kB] 500s Get:43 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-krb5 s390x 2.9.4-1.1ubuntu6 [14.4 kB] 500s Get:44 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-ldap s390x 2.9.4-1.1ubuntu6 [31.0 kB] 500s Get:45 http://ftpmaster.internal/ubuntu oracular/main s390x sssd-proxy s390x 2.9.4-1.1ubuntu6 [43.9 kB] 500s Get:46 http://ftpmaster.internal/ubuntu oracular/main s390x sssd s390x 2.9.4-1.1ubuntu6 [4116 B] 500s Fetched 10.4 MB in 2s (5889 kB/s) 500s Selecting previously unselected package libevent-2.1-7t64:s390x. 500s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 54685 files and directories currently installed.) 500s Preparing to unpack .../00-libevent-2.1-7t64_2.1.12-stable-10_s390x.deb ... 500s Unpacking libevent-2.1-7t64:s390x (2.1.12-stable-10) ... 500s Selecting previously unselected package libunbound8:s390x. 500s Preparing to unpack .../01-libunbound8_1.19.2-1ubuntu3_s390x.deb ... 500s Unpacking libunbound8:s390x (1.19.2-1ubuntu3) ... 500s Selecting previously unselected package libgnutls-dane0t64:s390x. 500s Preparing to unpack .../02-libgnutls-dane0t64_3.8.5-4ubuntu1_s390x.deb ... 500s Unpacking libgnutls-dane0t64:s390x (3.8.5-4ubuntu1) ... 500s Selecting previously unselected package gnutls-bin. 500s Preparing to unpack .../03-gnutls-bin_3.8.5-4ubuntu1_s390x.deb ... 500s Unpacking gnutls-bin (3.8.5-4ubuntu1) ... 500s Selecting previously unselected package libavahi-common-data:s390x. 500s Preparing to unpack .../04-libavahi-common-data_0.8-13ubuntu6_s390x.deb ... 500s Unpacking libavahi-common-data:s390x (0.8-13ubuntu6) ... 500s Selecting previously unselected package libavahi-common3:s390x. 500s Preparing to unpack .../05-libavahi-common3_0.8-13ubuntu6_s390x.deb ... 500s Unpacking libavahi-common3:s390x (0.8-13ubuntu6) ... 500s Selecting previously unselected package libavahi-client3:s390x. 500s Preparing to unpack .../06-libavahi-client3_0.8-13ubuntu6_s390x.deb ... 500s Unpacking libavahi-client3:s390x (0.8-13ubuntu6) ... 500s Selecting previously unselected package libbasicobjects0t64:s390x. 500s Preparing to unpack .../07-libbasicobjects0t64_0.6.2-2.1build1_s390x.deb ... 500s Unpacking libbasicobjects0t64:s390x (0.6.2-2.1build1) ... 500s Selecting previously unselected package libcares2:s390x. 500s Preparing to unpack .../08-libcares2_1.27.0-1.0ubuntu1_s390x.deb ... 500s Unpacking libcares2:s390x (1.27.0-1.0ubuntu1) ... 500s Selecting previously unselected package libcollection4t64:s390x. 500s Preparing to unpack .../09-libcollection4t64_0.6.2-2.1build1_s390x.deb ... 500s Unpacking libcollection4t64:s390x (0.6.2-2.1build1) ... 500s Selecting previously unselected package libcrack2:s390x. 500s Preparing to unpack .../10-libcrack2_2.9.6-5.1build2_s390x.deb ... 500s Unpacking libcrack2:s390x (2.9.6-5.1build2) ... 500s Selecting previously unselected package libdhash1t64:s390x. 500s Preparing to unpack .../11-libdhash1t64_0.6.2-2.1build1_s390x.deb ... 500s Unpacking libdhash1t64:s390x (0.6.2-2.1build1) ... 500s Selecting previously unselected package libpath-utils1t64:s390x. 500s Preparing to unpack .../12-libpath-utils1t64_0.6.2-2.1build1_s390x.deb ... 500s Unpacking libpath-utils1t64:s390x (0.6.2-2.1build1) ... 500s Selecting previously unselected package libref-array1t64:s390x. 500s Preparing to unpack .../13-libref-array1t64_0.6.2-2.1build1_s390x.deb ... 500s Unpacking libref-array1t64:s390x (0.6.2-2.1build1) ... 500s Selecting previously unselected package libini-config5t64:s390x. 500s Preparing to unpack .../14-libini-config5t64_0.6.2-2.1build1_s390x.deb ... 500s Unpacking libini-config5t64:s390x (0.6.2-2.1build1) ... 500s Selecting previously unselected package libipa-hbac0t64. 500s Preparing to unpack .../15-libipa-hbac0t64_2.9.4-1.1ubuntu6_s390x.deb ... 500s Unpacking libipa-hbac0t64 (2.9.4-1.1ubuntu6) ... 500s Selecting previously unselected package libtalloc2:s390x. 500s Preparing to unpack .../16-libtalloc2_2.4.2-1build2_s390x.deb ... 500s Unpacking libtalloc2:s390x (2.4.2-1build2) ... 500s Selecting previously unselected package libtdb1:s390x. 500s Preparing to unpack .../17-libtdb1_1.4.10-1build1_s390x.deb ... 500s Unpacking libtdb1:s390x (1.4.10-1build1) ... 500s Selecting previously unselected package libtevent0t64:s390x. 500s Preparing to unpack .../18-libtevent0t64_0.16.1-2build1_s390x.deb ... 500s Unpacking libtevent0t64:s390x (0.16.1-2build1) ... 500s Selecting previously unselected package libldb2:s390x. 500s Preparing to unpack .../19-libldb2_2%3a2.8.0+samba4.19.5+dfsg-4ubuntu9_s390x.deb ... 500s Unpacking libldb2:s390x (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 500s Selecting previously unselected package libnfsidmap1:s390x. 500s Preparing to unpack .../20-libnfsidmap1_1%3a2.6.4-4ubuntu1_s390x.deb ... 500s Unpacking libnfsidmap1:s390x (1:2.6.4-4ubuntu1) ... 500s Selecting previously unselected package libpwquality-common. 500s Preparing to unpack .../21-libpwquality-common_1.4.5-3build1_all.deb ... 500s Unpacking libpwquality-common (1.4.5-3build1) ... 500s Selecting previously unselected package libpwquality1:s390x. 500s Preparing to unpack .../22-libpwquality1_1.4.5-3build1_s390x.deb ... 500s Unpacking libpwquality1:s390x (1.4.5-3build1) ... 500s Selecting previously unselected package libpam-pwquality:s390x. 500s Preparing to unpack .../23-libpam-pwquality_1.4.5-3build1_s390x.deb ... 500s Unpacking libpam-pwquality:s390x (1.4.5-3build1) ... 500s Selecting previously unselected package libwbclient0:s390x. 500s Preparing to unpack .../24-libwbclient0_2%3a4.19.5+dfsg-4ubuntu9_s390x.deb ... 500s Unpacking libwbclient0:s390x (2:4.19.5+dfsg-4ubuntu9) ... 500s Selecting previously unselected package samba-libs:s390x. 500s Preparing to unpack .../25-samba-libs_2%3a4.19.5+dfsg-4ubuntu9_s390x.deb ... 500s Unpacking samba-libs:s390x (2:4.19.5+dfsg-4ubuntu9) ... 500s Selecting previously unselected package libsmbclient0:s390x. 500s Preparing to unpack .../26-libsmbclient0_2%3a4.19.5+dfsg-4ubuntu9_s390x.deb ... 500s Unpacking libsmbclient0:s390x (2:4.19.5+dfsg-4ubuntu9) ... 500s Selecting previously unselected package softhsm2-common. 500s Preparing to unpack .../27-softhsm2-common_2.6.1-2.2ubuntu3_s390x.deb ... 500s Unpacking softhsm2-common (2.6.1-2.2ubuntu3) ... 500s Selecting previously unselected package libsofthsm2. 500s Preparing to unpack .../28-libsofthsm2_2.6.1-2.2ubuntu3_s390x.deb ... 500s Unpacking libsofthsm2 (2.6.1-2.2ubuntu3) ... 501s Selecting previously unselected package softhsm2. 501s Preparing to unpack .../29-softhsm2_2.6.1-2.2ubuntu3_s390x.deb ... 501s Unpacking softhsm2 (2.6.1-2.2ubuntu3) ... 501s Selecting previously unselected package python3-sss. 501s Preparing to unpack .../30-python3-sss_2.9.4-1.1ubuntu6_s390x.deb ... 501s Unpacking python3-sss (2.9.4-1.1ubuntu6) ... 501s Selecting previously unselected package libsss-idmap0. 501s Preparing to unpack .../31-libsss-idmap0_2.9.4-1.1ubuntu6_s390x.deb ... 501s Unpacking libsss-idmap0 (2.9.4-1.1ubuntu6) ... 501s Selecting previously unselected package libnss-sss:s390x. 501s Preparing to unpack .../32-libnss-sss_2.9.4-1.1ubuntu6_s390x.deb ... 501s Unpacking libnss-sss:s390x (2.9.4-1.1ubuntu6) ... 501s Selecting previously unselected package libpam-sss:s390x. 501s Preparing to unpack .../33-libpam-sss_2.9.4-1.1ubuntu6_s390x.deb ... 501s Unpacking libpam-sss:s390x (2.9.4-1.1ubuntu6) ... 501s Selecting previously unselected package libsss-certmap0. 501s Preparing to unpack .../34-libsss-certmap0_2.9.4-1.1ubuntu6_s390x.deb ... 501s Unpacking libsss-certmap0 (2.9.4-1.1ubuntu6) ... 501s Selecting previously unselected package libsss-nss-idmap0. 501s Preparing to unpack .../35-libsss-nss-idmap0_2.9.4-1.1ubuntu6_s390x.deb ... 501s Unpacking libsss-nss-idmap0 (2.9.4-1.1ubuntu6) ... 501s Selecting previously unselected package sssd-common. 501s Preparing to unpack .../36-sssd-common_2.9.4-1.1ubuntu6_s390x.deb ... 501s Unpacking sssd-common (2.9.4-1.1ubuntu6) ... 501s Selecting previously unselected package sssd-ad-common. 501s Preparing to unpack .../37-sssd-ad-common_2.9.4-1.1ubuntu6_s390x.deb ... 501s Unpacking sssd-ad-common (2.9.4-1.1ubuntu6) ... 501s Selecting previously unselected package sssd-krb5-common. 501s Preparing to unpack .../38-sssd-krb5-common_2.9.4-1.1ubuntu6_s390x.deb ... 501s Unpacking sssd-krb5-common (2.9.4-1.1ubuntu6) ... 501s Selecting previously unselected package sssd-ad. 501s Preparing to unpack .../39-sssd-ad_2.9.4-1.1ubuntu6_s390x.deb ... 501s Unpacking sssd-ad (2.9.4-1.1ubuntu6) ... 501s Selecting previously unselected package sssd-ipa. 501s Preparing to unpack .../40-sssd-ipa_2.9.4-1.1ubuntu6_s390x.deb ... 501s Unpacking sssd-ipa (2.9.4-1.1ubuntu6) ... 501s Selecting previously unselected package sssd-krb5. 501s Preparing to unpack .../41-sssd-krb5_2.9.4-1.1ubuntu6_s390x.deb ... 501s Unpacking sssd-krb5 (2.9.4-1.1ubuntu6) ... 501s Selecting previously unselected package sssd-ldap. 501s Preparing to unpack .../42-sssd-ldap_2.9.4-1.1ubuntu6_s390x.deb ... 501s Unpacking sssd-ldap (2.9.4-1.1ubuntu6) ... 501s Selecting previously unselected package sssd-proxy. 501s Preparing to unpack .../43-sssd-proxy_2.9.4-1.1ubuntu6_s390x.deb ... 501s Unpacking sssd-proxy (2.9.4-1.1ubuntu6) ... 501s Selecting previously unselected package sssd. 501s Preparing to unpack .../44-sssd_2.9.4-1.1ubuntu6_s390x.deb ... 501s Unpacking sssd (2.9.4-1.1ubuntu6) ... 501s Selecting previously unselected package autopkgtest-satdep. 501s Preparing to unpack .../45-3-autopkgtest-satdep.deb ... 501s Unpacking autopkgtest-satdep (0) ... 501s Setting up libpwquality-common (1.4.5-3build1) ... 501s Setting up softhsm2-common (2.6.1-2.2ubuntu3) ... 501s 501s Creating config file /etc/softhsm/softhsm2.conf with new version 501s Setting up libnfsidmap1:s390x (1:2.6.4-4ubuntu1) ... 501s Setting up libsss-idmap0 (2.9.4-1.1ubuntu6) ... 501s Setting up libbasicobjects0t64:s390x (0.6.2-2.1build1) ... 501s Setting up libipa-hbac0t64 (2.9.4-1.1ubuntu6) ... 501s Setting up libref-array1t64:s390x (0.6.2-2.1build1) ... 501s Setting up libtdb1:s390x (1.4.10-1build1) ... 501s Setting up libcollection4t64:s390x (0.6.2-2.1build1) ... 501s Setting up libevent-2.1-7t64:s390x (2.1.12-stable-10) ... 501s Setting up libwbclient0:s390x (2:4.19.5+dfsg-4ubuntu9) ... 501s Setting up libtalloc2:s390x (2.4.2-1build2) ... 501s Setting up libpath-utils1t64:s390x (0.6.2-2.1build1) ... 501s Setting up libunbound8:s390x (1.19.2-1ubuntu3) ... 501s Setting up libgnutls-dane0t64:s390x (3.8.5-4ubuntu1) ... 501s Setting up libavahi-common-data:s390x (0.8-13ubuntu6) ... 501s Setting up libcares2:s390x (1.27.0-1.0ubuntu1) ... 501s Setting up libdhash1t64:s390x (0.6.2-2.1build1) ... 501s Setting up libcrack2:s390x (2.9.6-5.1build2) ... 501s Setting up libsss-nss-idmap0 (2.9.4-1.1ubuntu6) ... 501s Setting up libini-config5t64:s390x (0.6.2-2.1build1) ... 501s Setting up libtevent0t64:s390x (0.16.1-2build1) ... 501s Setting up libnss-sss:s390x (2.9.4-1.1ubuntu6) ... 501s Setting up gnutls-bin (3.8.5-4ubuntu1) ... 501s Setting up libsofthsm2 (2.6.1-2.2ubuntu3) ... 501s Setting up softhsm2 (2.6.1-2.2ubuntu3) ... 501s Setting up libavahi-common3:s390x (0.8-13ubuntu6) ... 501s Setting up libsss-certmap0 (2.9.4-1.1ubuntu6) ... 501s Setting up libpwquality1:s390x (1.4.5-3build1) ... 501s Setting up libldb2:s390x (2:2.8.0+samba4.19.5+dfsg-4ubuntu9) ... 501s Setting up libavahi-client3:s390x (0.8-13ubuntu6) ... 501s Setting up libpam-pwquality:s390x (1.4.5-3build1) ... 501s Setting up samba-libs:s390x (2:4.19.5+dfsg-4ubuntu9) ... 501s Setting up python3-sss (2.9.4-1.1ubuntu6) ... 501s Setting up libsmbclient0:s390x (2:4.19.5+dfsg-4ubuntu9) ... 501s Setting up libpam-sss:s390x (2.9.4-1.1ubuntu6) ... 501s Setting up sssd-common (2.9.4-1.1ubuntu6) ... 501s Creating SSSD system user & group... 501s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 501s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 502s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 502s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 502s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-autofs.socket' → '/usr/lib/systemd/system/sssd-autofs.socket'. 502s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-nss.socket' → '/usr/lib/systemd/system/sssd-nss.socket'. 502s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket' → '/usr/lib/systemd/system/sssd-pam-priv.socket'. 502s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pam.socket' → '/usr/lib/systemd/system/sssd-pam.socket'. 503s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-ssh.socket' → '/usr/lib/systemd/system/sssd-ssh.socket'. 503s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-sudo.socket' → '/usr/lib/systemd/system/sssd-sudo.socket'. 503s Created symlink '/etc/systemd/system/multi-user.target.wants/sssd.service' → '/usr/lib/systemd/system/sssd.service'. 503s sssd-autofs.service is a disabled or a static unit, not starting it. 503s sssd-nss.service is a disabled or a static unit, not starting it. 503s sssd-pam.service is a disabled or a static unit, not starting it. 503s sssd-ssh.service is a disabled or a static unit, not starting it. 504s sssd-sudo.service is a disabled or a static unit, not starting it. 504s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 504s Setting up sssd-proxy (2.9.4-1.1ubuntu6) ... 504s Setting up sssd-ad-common (2.9.4-1.1ubuntu6) ... 504s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pac.socket' → '/usr/lib/systemd/system/sssd-pac.socket'. 504s sssd-pac.service is a disabled or a static unit, not starting it. 504s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 504s Setting up sssd-krb5-common (2.9.4-1.1ubuntu6) ... 504s Setting up sssd-krb5 (2.9.4-1.1ubuntu6) ... 504s Setting up sssd-ldap (2.9.4-1.1ubuntu6) ... 504s Setting up sssd-ad (2.9.4-1.1ubuntu6) ... 504s Setting up sssd-ipa (2.9.4-1.1ubuntu6) ... 504s Setting up sssd (2.9.4-1.1ubuntu6) ... 504s Setting up autopkgtest-satdep (0) ... 504s Processing triggers for man-db (2.12.1-2) ... 505s Processing triggers for libc-bin (2.39-0ubuntu8.1) ... 508s (Reading database ... 55281 files and directories currently installed.) 508s Removing autopkgtest-satdep (0) ... 513s autopkgtest [19:12:48]: test sssd-softhism2-certificates-tests.sh: [----------------------- 513s + '[' -z ubuntu ']' 513s + required_tools=(p11tool openssl softhsm2-util) 513s + for cmd in "${required_tools[@]}" 513s + command -v p11tool 513s + for cmd in "${required_tools[@]}" 513s + command -v openssl 513s + for cmd in "${required_tools[@]}" 513s + command -v softhsm2-util 513s + PIN=053350 513s +++ find /usr/lib/softhsm/libsofthsm2.so 513s +++ head -n 1 513s ++ realpath /usr/lib/softhsm/libsofthsm2.so 513s + SOFTHSM2_MODULE=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 513s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 513s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 513s + '[' '!' -v NO_SSSD_TESTS ']' 513s + '[' '!' -x /usr/libexec/sssd/p11_child ']' 513s + ca_db_arg=ca_db 513s ++ /usr/libexec/sssd/p11_child --help 513s + p11_child_help='Usage: p11_child [OPTION...] 513s -d, --debug-level=INT Debug level 513s --debug-timestamps=INT Add debug timestamps 513s --debug-microseconds=INT Show timestamps with microseconds 513s --dumpable=INT Allow core dumps 513s --debug-fd=INT An open file descriptor for the debug 513s logs 513s --logger=stderr|files|journald Set logger 513s --auth Run in auth mode 513s --pre Run in pre-auth mode 513s --wait_for_card Wait until card is available 513s --verification Run in verification mode 513s --pin Expect PIN on stdin 513s --keypad Expect PIN on keypad 513s --verify=STRING Tune validation 513s --ca_db=STRING CA DB to use 513s --module_name=STRING Module name for authentication 513s --token_name=STRING Token name for authentication 513s --key_id=STRING Key ID for authentication 513s --label=STRING Label for authentication 513s --certificate=STRING certificate to verify, base64 encoded 513s --uri=STRING PKCS#11 URI to restrict selection 513s --chain-id=LONG Tevent chain ID used for logging 513s purposes 513s 513s Help options: 513s -?, --help Show this help message 513s --usage Display brief usage message' 513s + echo 'Usage: p11_child [OPTION...] 513s -d, --debug-level=INT Debug level 513s --debug-timestamps=INT Add debug timestamps 513s --debug-microseconds=INT Show timestamps with microseconds 513s --dumpable=INT Allow core dumps 513s --debug-fd=INT An open file descriptor for the debug 513s logs 513s --logger=stderr|files|journald Set logger 513s --auth Run in auth mode 513s --pre Run in pre-auth mode 513s --wait_for_card Wait until card is available 513s --verification Run in verification mode 513s --pin Expect PIN on stdin 513s --keypad Expect PIN on keypad 513s --verify=STRING Tune validation 513s --ca_db=STRING CA DB to use 513s --module_name=STRING Module name for authentication 513s --token_name=STRING Token name for authentication 513s --key_id=STRING Key ID for authentication 513s --label=STRING Label for authentication 513s --certificate=STRING certificate to verify, base64 encoded 513s --uri=STRING PKCS#11 URI to restrict selection 513s --chain-id=LONG Tevent chain ID used for logging 513s purposes 513s 513s Help options: 513s -?, --help Show this help message 513s --usage Display brief usage message' 513s + grep nssdb -qs 513s + echo 'Usage: p11_child [OPTION...] 513s -d, --debug-level=INT Debug level 513s --debug-timestamps=INT Add debug timestamps 513s --debug-microseconds=INT Show timestamps with microseconds 513s --dumpable=INT Allow core dumps 513s --debug-fd=INT An open file descriptor for the debug 513s logs 513s --logger=stderr|files|journald Set logger 513s --auth Run in auth mode 513s --pre Run in pre-auth mode 513s --wait_for_card Wait until card is available 513s --verification Run in verification mode 513s --pin Expect PIN on stdin 513s --keypad Expect PIN on keypad 513s --verify=STRING Tune validation 513s --ca_db=STRING CA DB to use 513s --module_name=STRING Module name for authentication 513s --token_name=STRING Token name for authentication 513s --key_id=STRING Key ID for authentication 513s --label=STRING Label for authentication 513s --certificate=STRING certificate to verify, base64 encoded 513s --uri=STRING PKCS#11 URI to restrict selection 513s --chain-id=LONG Tevent chain ID used for logging 513s purposes 513s 513s Help options: 513s -?, --help Show this help message 513s --usage Display brief usage message' 513s + grep -qs -- --ca_db 513s + '[' '!' -e /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so ']' 513s ++ mktemp -d -t sssd-softhsm2-XXXXXX 513s + tmpdir=/tmp/sssd-softhsm2-scUpsx 513s + keys_size=1024 513s + [[ ! -v KEEP_TEMPORARY_FILES ]] 513s + trap 'rm -rf "$tmpdir"' EXIT 513s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 513s + echo -n 01 513s + touch /tmp/sssd-softhsm2-scUpsx/index.txt 513s + mkdir -p /tmp/sssd-softhsm2-scUpsx/new_certs 513s + cat 513s + root_ca_key_pass=pass:random-root-CA-password-16790 513s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-scUpsx/test-root-CA-key.pem -passout pass:random-root-CA-password-16790 1024 513s + openssl req -passin pass:random-root-CA-password-16790 -batch -config /tmp/sssd-softhsm2-scUpsx/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-scUpsx/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 513s + openssl x509 -noout -in /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 513s + cat 513s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-14398 513s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-14398 1024 513s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-14398 -config /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.config -key /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-16790 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-certificate-request.pem 513s + openssl req -text -noout -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-certificate-request.pem 513s Certificate Request: 513s Data: 513s Version: 1 (0x0) 513s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 513s Subject Public Key Info: 513s Public Key Algorithm: rsaEncryption 513s Public-Key: (1024 bit) 513s Modulus: 513s 00:b6:55:ce:78:e9:8d:75:94:1f:27:fc:eb:29:b9: 513s ae:3f:20:81:9e:36:09:04:4b:0a:b3:0d:07:57:82: 513s 5a:9e:ed:e9:d6:be:84:43:61:1b:e7:71:f1:63:38: 513s 84:12:0b:58:ea:f6:da:8a:24:38:43:1e:64:1e:49: 513s ea:6b:bc:09:0d:a7:df:ec:36:9a:a5:77:61:4f:16: 513s 27:30:6f:2d:06:50:ba:e9:3b:f3:89:90:af:46:1d: 513s a2:0e:90:20:65:e0:d3:c8:96:ad:80:d0:82:07:a1: 513s f3:39:86:67:1c:6a:44:cc:7b:dd:d1:52:46:8c:be: 513s 9d:2c:c1:cc:52:b6:65:53:19 513s Exponent: 65537 (0x10001) 513s Attributes: 513s (none) 513s Requested Extensions: 513s Signature Algorithm: sha256WithRSAEncryption 513s Signature Value: 513s 26:18:1b:2c:0d:b0:c7:26:da:9c:76:82:7d:5a:63:ed:29:2b: 513s b2:1b:8f:88:b7:eb:c2:6a:8a:b0:d7:8c:99:8a:fc:53:f6:16: 513s 52:c9:ed:76:a7:c9:3d:6d:c1:e7:4f:3a:27:b0:72:51:c0:05: 513s 1b:2a:c2:4d:7d:30:08:a8:9e:15:7a:b1:8c:88:eb:d8:69:fe: 513s 95:8e:30:52:9a:0a:a1:bf:76:1f:b0:10:a6:2e:88:04:b6:ca: 513s dd:36:2f:45:3f:5a:90:55:da:7f:9f:d1:a0:56:fb:00:7e:2f: 513s 29:77:37:0d:6f:7b:4c:87:78:08:af:0a:86:33:cb:cd:35:a3: 513s 49:4b 513s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-scUpsx/test-root-CA.config -passin pass:random-root-CA-password-16790 -keyfile /tmp/sssd-softhsm2-scUpsx/test-root-CA-key.pem -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem 513s Using configuration from /tmp/sssd-softhsm2-scUpsx/test-root-CA.config 513s Check that the request matches the signature 513s Signature ok 513s Certificate Details: 513s Serial Number: 1 (0x1) 513s Validity 513s Not Before: Jun 13 19:12:48 2024 GMT 513s Not After : Jun 13 19:12:48 2025 GMT 513s Subject: 513s organizationName = Test Organization 513s organizationalUnitName = Test Organization Unit 513s commonName = Test Organization Intermediate CA 513s X509v3 extensions: 513s X509v3 Subject Key Identifier: 513s 13:B8:24:86:77:94:95:63:0A:18:EC:4C:54:B6:38:4C:7A:FF:BD:04 513s X509v3 Authority Key Identifier: 513s keyid:25:A0:87:54:8D:6E:E5:99:A4:B8:3C:1A:B2:03:72:EA:92:A3:E0:75 513s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 513s serial:00 513s X509v3 Basic Constraints: 513s CA:TRUE 513s X509v3 Key Usage: critical 513s Digital Signature, Certificate Sign, CRL Sign 513s Certificate is to be certified until Jun 13 19:12:48 2025 GMT (365 days) 513s 513s Write out database with 1 new entries 513s Database updated 513s + openssl x509 -noout -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem 513s + openssl verify -CAfile /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem 513s /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem: OK 513s + cat 513s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-12756 513s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-12756 1024 513s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-12756 -config /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-14398 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-certificate-request.pem 513s + openssl req -text -noout -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-certificate-request.pem 513s Certificate Request: 513s Data: 513s Version: 1 (0x0) 513s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 513s Subject Public Key Info: 513s Public Key Algorithm: rsaEncryption 513s Public-Key: (1024 bit) 513s Modulus: 513s 00:c8:5e:41:b0:65:ca:a9:e0:04:cd:a6:49:8f:3c: 513s 24:24:3c:ae:18:14:5f:a2:bb:00:06:2d:42:1b:0f: 513s b0:64:9e:ad:ee:97:08:a6:f5:c9:d5:80:de:fa:73: 513s b4:f4:37:52:ca:b1:39:2b:71:32:30:17:d7:f4:f0: 513s 1e:01:5c:55:af:dc:2a:92:71:17:25:e1:5e:55:44: 513s 84:93:12:e4:dc:81:da:68:be:b8:69:cb:de:cb:7e: 513s 02:43:8b:13:c7:7b:bc:ba:f9:8b:ae:b7:3d:47:88: 513s f1:54:c6:15:f2:c2:b3:a3:65:3a:89:f3:f3:f3:de: 513s 01:0f:9b:c1:80:7f:3a:07:e9 513s Exponent: 65537 (0x10001) 513s Attributes: 513s (none) 513s Requested Extensions: 513s Signature Algorithm: sha256WithRSAEncryption 513s Signature Value: 513s 08:99:70:c1:6d:e2:d4:ca:da:23:05:1e:a0:f5:c6:78:28:38: 513s 3b:eb:97:b9:e4:4b:a0:76:ac:7d:af:e1:7f:0b:fb:eb:4e:b1: 513s b3:c4:4f:28:42:43:22:09:eb:c3:d4:1e:c7:41:e7:b2:27:29: 513s 6a:f1:b4:f6:48:22:68:23:7d:8e:7d:49:fd:38:b4:df:2d:3b: 513s f3:e5:fa:e6:cf:d4:93:4b:3c:2d:a9:3e:e4:99:8b:19:82:0d: 513s 0c:a9:82:1e:de:f7:bf:66:fb:b6:b0:46:5a:fa:33:78:3a:e8: 513s 7b:12:31:c0:bb:7b:52:1e:b7:3b:6f:d6:29:01:44:5a:07:2c: 513s 14:3f 513s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-14398 -keyfile /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem 513s Using configuration from /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.config 513s Check that the request matches the signature 513s Signature ok 513s Certificate Details: 513s Serial Number: 2 (0x2) 513s Validity 513s Not Before: Jun 13 19:12:48 2024 GMT 513s Not After : Jun 13 19:12:48 2025 GMT 513s Subject: 513s organizationName = Test Organization 513s organizationalUnitName = Test Organization Unit 513s commonName = Test Organization Sub Intermediate CA 513s X509v3 extensions: 513s X509v3 Subject Key Identifier: 513s 4E:DE:2F:32:06:06:4F:4F:21:D1:7C:F3:D0:5D:B5:04:D3:78:DD:4E 513s X509v3 Authority Key Identifier: 513s keyid:13:B8:24:86:77:94:95:63:0A:18:EC:4C:54:B6:38:4C:7A:FF:BD:04 513s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 513s serial:01 513s X509v3 Basic Constraints: 513s CA:TRUE 513s X509v3 Key Usage: critical 513s Digital Signature, Certificate Sign, CRL Sign 513s Certificate is to be certified until Jun 13 19:12:48 2025 GMT (365 days) 513s 513s Write out database with 1 new entries 513s Database updated 513s + openssl x509 -noout -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem 513s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem 513s /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem: OK 513s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem 513s + local cmd=openssl 513s + shift 513s + openssl verify -CAfile /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem 513s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 513s error 20 at 0 depth lookup: unable to get local issuer certificate 513s error /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem: verification failed 513s + cat 513s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-25623 513s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-25623 1024 513s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-25623 -key /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001-request.pem 513s + openssl req -text -noout -in /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001-request.pem 513s Certificate Request: 513s Data: 513s Version: 1 (0x0) 513s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 513s Subject Public Key Info: 513s Public Key Algorithm: rsaEncryption 513s Public-Key: (1024 bit) 513s Modulus: 513s 00:c7:86:e7:1d:d7:1c:2d:cf:0b:84:5b:e4:f9:97: 513s 47:64:0b:7f:d7:7c:90:80:f0:00:45:b8:8b:fb:64: 513s 7a:81:99:fc:1f:52:a6:37:b0:26:d9:71:d4:83:1a: 513s be:7f:ed:72:08:a5:33:3e:31:a0:75:91:45:f7:f5: 513s f3:fd:86:73:f5:2a:d8:f2:7e:ee:43:65:7d:9c:06: 513s 6a:b1:28:80:54:34:e2:01:e0:f8:d3:8f:61:81:bf: 513s 35:33:7d:90:7a:be:b6:bf:07:8b:af:92:54:a6:c7: 513s 4b:cb:75:8f:7f:7e:0e:61:4e:58:4c:3a:ae:12:d0: 513s 80:89:3a:0d:14:d2:6a:21:6d 513s Exponent: 65537 (0x10001) 513s Attributes: 513s Requested Extensions: 513s X509v3 Basic Constraints: 513s CA:FALSE 513s Netscape Cert Type: 513s SSL Client, S/MIME 513s Netscape Comment: 513s Test Organization Root CA trusted Certificate 513s X509v3 Subject Key Identifier: 513s 00:B9:9C:CB:D2:4E:7C:CD:3B:D9:92:14:E5:5B:60:6C:1E:D4:37:53 513s X509v3 Key Usage: critical 513s Digital Signature, Non Repudiation, Key Encipherment 513s X509v3 Extended Key Usage: 513s TLS Web Client Authentication, E-mail Protection 513s X509v3 Subject Alternative Name: 513s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 513s Signature Algorithm: sha256WithRSAEncryption 513s Signature Value: 513s 10:4c:2b:01:f3:38:d1:c7:d9:94:0a:fb:b0:c4:f3:78:40:3a: 513s 88:1f:32:88:55:a9:7e:7a:47:cb:b0:ab:f7:bd:44:a4:c5:d4: 513s 85:f7:93:5f:1d:6d:94:8a:83:69:1f:e5:28:f4:89:6e:b8:74: 513s 8b:34:57:65:a5:1e:d1:a2:03:0a:3a:47:7f:9d:59:85:27:fb: 513s 84:5e:5d:36:d6:d4:fc:cf:4c:2a:01:ea:64:d9:e1:ee:97:31: 513s ea:d7:d6:3c:2c:90:b0:d8:9d:36:e2:20:ef:6b:71:62:51:07: 513s 11:ed:16:94:88:23:57:25:07:f6:43:93:af:0e:0c:63:be:e8: 513s 05:ab 513s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-scUpsx/test-root-CA.config -passin pass:random-root-CA-password-16790 -keyfile /tmp/sssd-softhsm2-scUpsx/test-root-CA-key.pem -in /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 513s Using configuration from /tmp/sssd-softhsm2-scUpsx/test-root-CA.config 513s Check that the request matches the signature 513s Signature ok 513s Certificate Details: 513s Serial Number: 3 (0x3) 513s Validity 513s Not Before: Jun 13 19:12:48 2024 GMT 513s Not After : Jun 13 19:12:48 2025 GMT 513s Subject: 513s organizationName = Test Organization 513s organizationalUnitName = Test Organization Unit 513s commonName = Test Organization Root Trusted Certificate 0001 513s X509v3 extensions: 513s X509v3 Authority Key Identifier: 513s 25:A0:87:54:8D:6E:E5:99:A4:B8:3C:1A:B2:03:72:EA:92:A3:E0:75 513s X509v3 Basic Constraints: 513s CA:FALSE 513s Netscape Cert Type: 513s SSL Client, S/MIME 513s Netscape Comment: 513s Test Organization Root CA trusted Certificate 513s X509v3 Subject Key Identifier: 513s 00:B9:9C:CB:D2:4E:7C:CD:3B:D9:92:14:E5:5B:60:6C:1E:D4:37:53 513s X509v3 Key Usage: critical 513s Digital Signature, Non Repudiation, Key Encipherment 513s X509v3 Extended Key Usage: 513s TLS Web Client Authentication, E-mail Protection 513s X509v3 Subject Alternative Name: 513s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 513s Certificate is to be certified until Jun 13 19:12:48 2025 GMT (365 days) 513s 513s Write out database with 1 new entries 513s Database updated 513s + openssl x509 -noout -in /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 513s + openssl verify -CAfile /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 513s /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem: OK 513s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 513s + local cmd=openssl 513s + shift 513s + openssl verify -CAfile /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 513s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 513s error 20 at 0 depth lookup: unable to get local issuer certificate 513s error /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem: verification failed 513s + cat 513s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-32766 513s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-32766 1024 513s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-32766 -key /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001-request.pem 513s + openssl req -text -noout -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001-request.pem 513s Certificate Request: 513s Data: 513s Version: 1 (0x0) 513s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 513s Subject Public Key Info: 513s Public Key Algorithm: rsaEncryption 513s Public-Key: (1024 bit) 513s Modulus: 513s 00:9a:9d:03:f4:90:d6:eb:24:f0:cd:f0:69:92:2b: 513s 73:3c:dd:2c:f7:92:5b:5d:52:7b:b9:06:cc:25:08: 513s a5:63:a5:c7:0b:b6:12:cb:f8:f4:c6:82:27:78:db: 513s 1a:8d:a0:69:30:2d:e6:3b:8f:47:36:df:15:df:05: 513s 87:f9:fc:68:7f:7c:75:30:3c:1c:8f:55:c9:17:37: 513s ce:cb:6a:b8:47:14:39:71:f8:16:f2:3c:c8:a4:6c: 513s 23:8d:14:0e:84:2b:24:5f:23:62:1a:e0:31:a2:a8: 513s dc:9b:8e:8a:af:1f:fb:c5:24:24:a1:90:83:81:f5: 513s 95:75:fb:71:f7:26:6b:36:15 513s Exponent: 65537 (0x10001) 513s Attributes: 513s Requested Extensions: 513s X509v3 Basic Constraints: 513s CA:FALSE 513s Netscape Cert Type: 513s SSL Client, S/MIME 513s Netscape Comment: 513s Test Organization Intermediate CA trusted Certificate 513s X509v3 Subject Key Identifier: 513s 8C:31:F6:68:9E:29:0D:F2:1C:B4:40:41:8E:72:14:EF:E0:95:BB:67 513s X509v3 Key Usage: critical 513s Digital Signature, Non Repudiation, Key Encipherment 513s X509v3 Extended Key Usage: 513s TLS Web Client Authentication, E-mail Protection 513s X509v3 Subject Alternative Name: 513s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 513s Signature Algorithm: sha256WithRSAEncryption 513s Signature Value: 513s 5f:67:69:21:a0:17:a3:ac:99:a1:dc:ed:72:57:5e:8c:16:a0: 513s c7:73:22:e0:86:b8:e8:8e:9e:3d:8f:2f:94:31:00:93:c6:d6: 513s dc:97:c7:ea:95:d4:91:50:68:1e:ce:a4:70:1c:93:5f:03:8e: 513s 61:79:44:a9:93:15:f5:44:f3:40:bd:c3:1d:47:42:bd:25:ca: 513s 16:9e:41:9b:5a:dd:fb:b5:f9:a8:13:8e:6f:4b:c7:ca:83:71: 513s 4f:92:30:aa:0b:c5:b3:db:db:63:0e:5e:15:dc:ac:ee:37:cb: 513s 8a:33:63:45:d2:79:c7:8e:ca:7e:db:13:48:f7:fb:e2:50:26: 513s 9a:66 513s + openssl ca -passin pass:random-intermediate-CA-password-14398 -config /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 513s Using configuration from /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.config 513s Check that the request matches the signature 513s Signature ok 513s Certificate Details: 513s Serial Number: 4 (0x4) 513s Validity 513s Not Before: Jun 13 19:12:48 2024 GMT 513s Not After : Jun 13 19:12:48 2025 GMT 513s Subject: 513s organizationName = Test Organization 513s organizationalUnitName = Test Organization Unit 513s commonName = Test Organization Intermediate Trusted Certificate 0001 513s X509v3 extensions: 513s X509v3 Authority Key Identifier: 513s 13:B8:24:86:77:94:95:63:0A:18:EC:4C:54:B6:38:4C:7A:FF:BD:04 513s X509v3 Basic Constraints: 513s CA:FALSE 513s Netscape Cert Type: 513s SSL Client, S/MIME 513s Netscape Comment: 513s Test Organization Intermediate CA trusted Certificate 513s X509v3 Subject Key Identifier: 513s 8C:31:F6:68:9E:29:0D:F2:1C:B4:40:41:8E:72:14:EF:E0:95:BB:67 513s X509v3 Key Usage: critical 513s Digital Signature, Non Repudiation, Key Encipherment 513s X509v3 Extended Key Usage: 513s TLS Web Client Authentication, E-mail Protection 513s X509v3 Subject Alternative Name: 513s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 513s Certificate is to be certified until Jun 13 19:12:48 2025 GMT (365 days) 513s 513s Write out database with 1 new entries 513s Database updated 513s + openssl x509 -noout -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 514s + echo 'This certificate should not be trusted fully' 514s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 514s + local cmd=openssl 514s + shift 514s + openssl verify -CAfile /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 514s This certificate should not be trusted fully 514s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 514s error 2 at 1 depth lookup: unable to get issuer certificate 514s error /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 514s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 514s /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem: OK 514s + cat 514s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18388 514s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-18388 1024 514s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-18388 -key /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 514s + openssl req -text -noout -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 514s Certificate Request: 514s Data: 514s Version: 1 (0x0) 514s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 514s Subject Public Key Info: 514s Public Key Algorithm: rsaEncryption 514s Public-Key: (1024 bit) 514s Modulus: 514s 00:c7:5a:85:05:6f:c3:00:8a:2f:76:8a:ab:fd:78: 514s 85:82:1a:ad:77:c3:2f:69:08:51:51:d1:bc:0a:0b: 514s a2:0a:b4:b2:cf:0a:95:54:f1:ab:c1:2c:fe:d2:af: 514s 80:31:d9:67:0e:fd:00:ff:c1:28:fb:54:1f:19:46: 514s ab:36:97:f6:51:3c:16:0a:d7:a0:a0:96:1a:17:62: 514s 0c:65:a3:c7:ba:82:91:d1:88:5d:05:0f:59:7e:69: 514s 61:ba:19:95:f7:c5:47:e5:6c:d5:43:e6:65:0a:50: 514s 1c:3e:7f:95:43:7f:57:2d:b2:e4:e7:d3:6f:0f:51: 514s 02:08:42:9c:ce:6e:c8:10:1b 514s Exponent: 65537 (0x10001) 514s Attributes: 514s Requested Extensions: 514s X509v3 Basic Constraints: 514s CA:FALSE 514s Netscape Cert Type: 514s SSL Client, S/MIME 514s Netscape Comment: 514s Test Organization Sub Intermediate CA trusted Certificate 514s X509v3 Subject Key Identifier: 514s AD:81:7E:65:58:F4:F2:3B:5A:F8:77:E0:85:CA:0F:A6:C0:36:BD:43 514s X509v3 Key Usage: critical 514s Digital Signature, Non Repudiation, Key Encipherment 514s X509v3 Extended Key Usage: 514s TLS Web Client Authentication, E-mail Protection 514s X509v3 Subject Alternative Name: 514s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 514s Signature Algorithm: sha256WithRSAEncryption 514s Signature Value: 514s 85:69:86:fb:55:72:75:c4:ec:8c:6c:8f:0e:e5:52:79:f3:4b: 514s be:2a:f2:6e:e9:18:96:0a:89:f8:27:b1:1f:11:f6:a6:a8:d0: 514s 75:24:64:82:95:d3:02:ca:54:52:bf:93:e5:79:ae:ee:a1:57: 514s c3:56:80:e8:9e:c4:aa:15:48:cd:d8:89:41:50:ff:88:fe:d9: 514s f0:71:94:59:a7:0c:57:bc:fa:b4:ab:12:87:2b:54:06:48:83: 514s 94:58:de:84:e7:e7:e7:71:8e:4c:a6:cb:17:52:ac:8b:81:c5: 514s 58:22:bd:83:bc:68:3e:bf:7c:44:15:e0:48:27:1b:41:71:19: 514s e9:d9 514s + openssl ca -passin pass:random-sub-intermediate-CA-password-12756 -config /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 514s Using configuration from /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.config 514s Check that the request matches the signature 514s Signature ok 514s Certificate Details: 514s Serial Number: 5 (0x5) 514s Validity 514s Not Before: Jun 13 19:12:49 2024 GMT 514s Not After : Jun 13 19:12:49 2025 GMT 514s Subject: 514s organizationName = Test Organization 514s organizationalUnitName = Test Organization Unit 514s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 514s X509v3 extensions: 514s X509v3 Authority Key Identifier: 514s 4E:DE:2F:32:06:06:4F:4F:21:D1:7C:F3:D0:5D:B5:04:D3:78:DD:4E 514s X509v3 Basic Constraints: 514s CA:FALSE 514s Netscape Cert Type: 514s SSL Client, S/MIME 514s Netscape Comment: 514s Test Organization Sub Intermediate CA trusted Certificate 514s X509v3 Subject Key Identifier: 514s AD:81:7E:65:58:F4:F2:3B:5A:F8:77:E0:85:CA:0F:A6:C0:36:BD:43 514s X509v3 Key Usage: critical 514s Digital Signature, Non Repudiation, Key Encipherment 514s X509v3 Extended Key Usage: 514s TLS Web Client Authentication, E-mail Protection 514s X509v3 Subject Alternative Name: 514s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 514s Certificate is to be certified until Jun 13 19:12:49 2025 GMT (365 days) 514s 514s Write out database with 1 new entries 514s Database updated 514s + openssl x509 -noout -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 514s + echo 'This certificate should not be trusted fully' 514s This certificate should not be trusted fully 514s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 514s + local cmd=openssl 514s + shift 514s + openssl verify -CAfile /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 514s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 514s error 2 at 1 depth lookup: unable to get issuer certificate 514s error /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 514s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 514s + local cmd=openssl 514s + shift 514s + openssl verify -CAfile /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 514s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 514s error 20 at 0 depth lookup: unable to get local issuer certificate 514s error /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 514s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 514s /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 514s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 514s + local cmd=openssl 514s + shift 514s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 514s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 514s error 20 at 0 depth lookup: unable to get local issuer certificate 514s error /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 514s + echo 'Building a the full-chain CA file...' 514s Building a the full-chain CA file... 514s + cat /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem 514s + cat /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem 514s + cat /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem 514s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 514s + openssl pkcs7 -print_certs -noout 514s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 514s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 514s 514s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 514s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 514s 514s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 514s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 514s 514s + openssl verify -CAfile /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem 514s + openssl verify -CAfile /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem: OK 514s /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem: OK 514s + openssl verify -CAfile /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 514s + openssl verify -CAfile /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem /tmp/sssd-softhsm2-scUpsx/test-root-intermediate-chain-CA.pem 514s /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem: OK 514s /tmp/sssd-softhsm2-scUpsx/test-root-intermediate-chain-CA.pem: OK 514s + openssl verify -CAfile /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 514s /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 514s + echo 'Certificates generation completed!' 514s Certificates generation completed! 514s + [[ -v NO_SSSD_TESTS ]] 514s + invalid_certificate /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 /dev/null 514s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 /dev/null 514s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s + local key_pass=pass:random-root-ca-trusted-cert-0001-25623 514s + local key_ring=/dev/null 514s + local verify_option= 514s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 514s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s + local key_pass=pass:random-root-ca-trusted-cert-0001-25623 514s + local key_cn 514s + local key_name 514s + local tokens_dir 514s + local output_cert_file 514s + token_name= 514s ++ basename /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem .pem 514s + key_name=test-root-CA-trusted-certificate-0001 514s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s ++ sed -n 's/ *commonName *= //p' 514s + key_cn='Test Organization Root Trusted Certificate 0001' 514s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 514s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf 514s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf 514s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 514s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001 514s + token_name='Test Organization Root Tr Token' 514s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 514s + local key_file 514s + local decrypted_key 514s + mkdir -p /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001 514s + key_file=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001-key.pem 514s + decrypted_key=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001-key-decrypted.pem 514s + cat 514s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 053350 --so-pin 053350 --free 514s Slot 0 has a free/uninitialized token. 514s The token has been initialized and is reassigned to slot 1883946020 514s + softhsm2-util --show-slots 514s Available slots: 514s Slot 1883946020 514s Slot info: 514s Description: SoftHSM slot ID 0x704abc24 514s Manufacturer ID: SoftHSM project 514s Hardware version: 2.6 514s Firmware version: 2.6 514s Token present: yes 514s Token info: 514s Manufacturer ID: SoftHSM project 514s Model: SoftHSM v2 514s Hardware version: 2.6 514s Firmware version: 2.6 514s Serial number: 353f9e7cf04abc24 514s Initialized: yes 514s User PIN init.: yes 514s Label: Test Organization Root Tr Token 514s Slot 1 514s Slot info: 514s Description: SoftHSM slot ID 0x1 514s Manufacturer ID: SoftHSM project 514s Hardware version: 2.6 514s Firmware version: 2.6 514s Token present: yes 514s Token info: 514s Manufacturer ID: SoftHSM project 514s Model: SoftHSM v2 514s Hardware version: 2.6 514s Firmware version: 2.6 514s Serial number: 514s Initialized: no 514s User PIN init.: no 514s Label: 514s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 514s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-25623 -in /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001-key-decrypted.pem 514s writing RSA key 514s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 514s + rm /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001-key-decrypted.pem 514s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 514s Object 0: 514s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=353f9e7cf04abc24;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 514s Type: X.509 Certificate (RSA-1024) 514s Expires: Fri Jun 13 19:12:48 2025 514s Label: Test Organization Root Trusted Certificate 0001 514s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 514s 514s + echo 'Test Organization Root Tr Token' 514s Test Organization Root Tr Token 514s + '[' -n '' ']' 514s + local output_base_name=SSSD-child-28316 514s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-28316.output 514s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-28316.pem 514s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 514s [p11_child[2202]] [main] (0x0400): p11_child started. 514s [p11_child[2202]] [main] (0x2000): Running in [pre-auth] mode. 514s [p11_child[2202]] [main] (0x2000): Running with effective IDs: [0][0]. 514s [p11_child[2202]] [main] (0x2000): Running with real IDs [0][0]. 514s [p11_child[2202]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 514s [p11_child[2202]] [do_work] (0x0040): init_verification failed. 514s [p11_child[2202]] [main] (0x0020): p11_child failed (5) 514s + return 2 514s + valid_certificate /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 /dev/null no_verification 514s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 /dev/null no_verification 514s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s + local key_pass=pass:random-root-ca-trusted-cert-0001-25623 514s + local key_ring=/dev/null 514s + local verify_option=no_verification 514s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 514s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s + local key_pass=pass:random-root-ca-trusted-cert-0001-25623 514s + local key_cn 514s + local key_name 514s + local tokens_dir 514s + local output_cert_file 514s + token_name= 514s ++ basename /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem .pem 514s + key_name=test-root-CA-trusted-certificate-0001 514s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s ++ sed -n 's/ *commonName *= //p' 514s + key_cn='Test Organization Root Trusted Certificate 0001' 514s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 514s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf 514s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf 514s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 514s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001 514s Test Organization Root Tr Token 514s + token_name='Test Organization Root Tr Token' 514s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 514s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001 ']' 514s + echo 'Test Organization Root Tr Token' 514s + '[' -n no_verification ']' 514s + local verify_arg=--verify=no_verification 514s + local output_base_name=SSSD-child-19658 514s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-19658.output 514s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-19658.pem 514s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 514s [p11_child[2208]] [main] (0x0400): p11_child started. 514s [p11_child[2208]] [main] (0x2000): Running in [pre-auth] mode. 514s [p11_child[2208]] [main] (0x2000): Running with effective IDs: [0][0]. 514s [p11_child[2208]] [main] (0x2000): Running with real IDs [0][0]. 514s [p11_child[2208]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 514s [p11_child[2208]] [do_card] (0x4000): Module List: 514s [p11_child[2208]] [do_card] (0x4000): common name: [softhsm2]. 514s [p11_child[2208]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 514s [p11_child[2208]] [do_card] (0x4000): Description [SoftHSM slot ID 0x704abc24] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 514s [p11_child[2208]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 514s [p11_child[2208]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x704abc24][1883946020] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 514s [p11_child[2208]] [do_card] (0x4000): Login NOT required. 514s [p11_child[2208]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 514s [p11_child[2208]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 514s [p11_child[2208]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x704abc24;slot-manufacturer=SoftHSM%20project;slot-id=1883946020;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=353f9e7cf04abc24;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 514s [p11_child[2208]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 514s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-19658.output 514s + echo '-----BEGIN CERTIFICATE-----' 514s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-19658.output 514s + echo '-----END CERTIFICATE-----' 514s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-19658.pem 514s Certificate: 514s Data: 514s Version: 3 (0x2) 514s Serial Number: 3 (0x3) 514s Signature Algorithm: sha256WithRSAEncryption 514s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 514s Validity 514s Not Before: Jun 13 19:12:48 2024 GMT 514s Not After : Jun 13 19:12:48 2025 GMT 514s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 514s Subject Public Key Info: 514s Public Key Algorithm: rsaEncryption 514s Public-Key: (1024 bit) 514s Modulus: 514s 00:c7:86:e7:1d:d7:1c:2d:cf:0b:84:5b:e4:f9:97: 514s 47:64:0b:7f:d7:7c:90:80:f0:00:45:b8:8b:fb:64: 514s 7a:81:99:fc:1f:52:a6:37:b0:26:d9:71:d4:83:1a: 514s be:7f:ed:72:08:a5:33:3e:31:a0:75:91:45:f7:f5: 514s f3:fd:86:73:f5:2a:d8:f2:7e:ee:43:65:7d:9c:06: 514s 6a:b1:28:80:54:34:e2:01:e0:f8:d3:8f:61:81:bf: 514s 35:33:7d:90:7a:be:b6:bf:07:8b:af:92:54:a6:c7: 514s 4b:cb:75:8f:7f:7e:0e:61:4e:58:4c:3a:ae:12:d0: 514s 80:89:3a:0d:14:d2:6a:21:6d 514s Exponent: 65537 (0x10001) 514s X509v3 extensions: 514s X509v3 Authority Key Identifier: 514s 25:A0:87:54:8D:6E:E5:99:A4:B8:3C:1A:B2:03:72:EA:92:A3:E0:75 514s X509v3 Basic Constraints: 514s CA:FALSE 514s Netscape Cert Type: 514s SSL Client, S/MIME 514s Netscape Comment: 514s Test Organization Root CA trusted Certificate 514s X509v3 Subject Key Identifier: 514s 00:B9:9C:CB:D2:4E:7C:CD:3B:D9:92:14:E5:5B:60:6C:1E:D4:37:53 514s X509v3 Key Usage: critical 514s Digital Signature, Non Repudiation, Key Encipherment 514s X509v3 Extended Key Usage: 514s TLS Web Client Authentication, E-mail Protection 514s X509v3 Subject Alternative Name: 514s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 514s Signature Algorithm: sha256WithRSAEncryption 514s Signature Value: 514s 64:cc:9c:7a:c6:10:72:5e:a1:45:e7:56:31:d8:2e:e6:4a:1c: 514s 86:b8:76:ef:18:af:10:9a:cf:3e:2f:67:1b:18:c8:df:dc:fc: 514s 7c:6a:89:48:d5:bc:42:d7:6e:c6:a4:5e:3c:89:6e:e6:7f:9c: 514s 9b:fc:2f:78:ce:97:ca:d7:a1:32:f1:4d:91:a5:86:42:4c:48: 514s f8:eb:b1:2f:c2:c4:90:1a:9d:aa:78:11:6b:68:c1:00:a0:05: 514s 65:9e:41:e3:ec:d1:74:59:8e:39:c4:b6:7e:eb:25:c2:db:8e: 514s 4f:f3:b6:b6:c3:58:a4:0b:30:02:32:68:d7:27:f8:93:f3:57: 514s 15:4a 514s + local found_md5 expected_md5 514s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s + expected_md5=Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D 514s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-19658.pem 514s + found_md5=Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D 514s + '[' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D '!=' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D ']' 514s + output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-19658-auth.output 514s ++ basename /tmp/sssd-softhsm2-scUpsx/SSSD-child-19658-auth.output .output 514s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-19658-auth.pem 514s + echo -n 053350 514s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 514s [p11_child[2216]] [main] (0x0400): p11_child started. 514s [p11_child[2216]] [main] (0x2000): Running in [auth] mode. 514s [p11_child[2216]] [main] (0x2000): Running with effective IDs: [0][0]. 514s [p11_child[2216]] [main] (0x2000): Running with real IDs [0][0]. 514s [p11_child[2216]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 514s [p11_child[2216]] [do_card] (0x4000): Module List: 514s [p11_child[2216]] [do_card] (0x4000): common name: [softhsm2]. 514s [p11_child[2216]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 514s [p11_child[2216]] [do_card] (0x4000): Description [SoftHSM slot ID 0x704abc24] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 514s [p11_child[2216]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 514s [p11_child[2216]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x704abc24][1883946020] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 514s [p11_child[2216]] [do_card] (0x4000): Login required. 514s [p11_child[2216]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 514s [p11_child[2216]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 514s [p11_child[2216]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x704abc24;slot-manufacturer=SoftHSM%20project;slot-id=1883946020;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=353f9e7cf04abc24;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 514s [p11_child[2216]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 514s [p11_child[2216]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 514s [p11_child[2216]] [do_card] (0x4000): Certificate verified and validated. 514s [p11_child[2216]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 514s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-19658-auth.output 514s + echo '-----BEGIN CERTIFICATE-----' 514s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-19658-auth.output 514s + echo '-----END CERTIFICATE-----' 514s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-19658-auth.pem 514s Certificate: 514s Data: 514s Version: 3 (0x2) 514s Serial Number: 3 (0x3) 514s Signature Algorithm: sha256WithRSAEncryption 514s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 514s Validity 514s Not Before: Jun 13 19:12:48 2024 GMT 514s Not After : Jun 13 19:12:48 2025 GMT 514s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 514s Subject Public Key Info: 514s Public Key Algorithm: rsaEncryption 514s Public-Key: (1024 bit) 514s Modulus: 514s 00:c7:86:e7:1d:d7:1c:2d:cf:0b:84:5b:e4:f9:97: 514s 47:64:0b:7f:d7:7c:90:80:f0:00:45:b8:8b:fb:64: 514s 7a:81:99:fc:1f:52:a6:37:b0:26:d9:71:d4:83:1a: 514s be:7f:ed:72:08:a5:33:3e:31:a0:75:91:45:f7:f5: 514s f3:fd:86:73:f5:2a:d8:f2:7e:ee:43:65:7d:9c:06: 514s 6a:b1:28:80:54:34:e2:01:e0:f8:d3:8f:61:81:bf: 514s 35:33:7d:90:7a:be:b6:bf:07:8b:af:92:54:a6:c7: 514s 4b:cb:75:8f:7f:7e:0e:61:4e:58:4c:3a:ae:12:d0: 514s 80:89:3a:0d:14:d2:6a:21:6d 514s Exponent: 65537 (0x10001) 514s X509v3 extensions: 514s X509v3 Authority Key Identifier: 514s 25:A0:87:54:8D:6E:E5:99:A4:B8:3C:1A:B2:03:72:EA:92:A3:E0:75 514s X509v3 Basic Constraints: 514s CA:FALSE 514s Netscape Cert Type: 514s SSL Client, S/MIME 514s Netscape Comment: 514s Test Organization Root CA trusted Certificate 514s X509v3 Subject Key Identifier: 514s 00:B9:9C:CB:D2:4E:7C:CD:3B:D9:92:14:E5:5B:60:6C:1E:D4:37:53 514s X509v3 Key Usage: critical 514s Digital Signature, Non Repudiation, Key Encipherment 514s X509v3 Extended Key Usage: 514s TLS Web Client Authentication, E-mail Protection 514s X509v3 Subject Alternative Name: 514s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 514s Signature Algorithm: sha256WithRSAEncryption 514s Signature Value: 514s 64:cc:9c:7a:c6:10:72:5e:a1:45:e7:56:31:d8:2e:e6:4a:1c: 514s 86:b8:76:ef:18:af:10:9a:cf:3e:2f:67:1b:18:c8:df:dc:fc: 514s 7c:6a:89:48:d5:bc:42:d7:6e:c6:a4:5e:3c:89:6e:e6:7f:9c: 514s 9b:fc:2f:78:ce:97:ca:d7:a1:32:f1:4d:91:a5:86:42:4c:48: 514s f8:eb:b1:2f:c2:c4:90:1a:9d:aa:78:11:6b:68:c1:00:a0:05: 514s 65:9e:41:e3:ec:d1:74:59:8e:39:c4:b6:7e:eb:25:c2:db:8e: 514s 4f:f3:b6:b6:c3:58:a4:0b:30:02:32:68:d7:27:f8:93:f3:57: 514s 15:4a 514s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-19658-auth.pem 514s + found_md5=Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D 514s + '[' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D '!=' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D ']' 514s + valid_certificate /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 514s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 514s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s + local key_pass=pass:random-root-ca-trusted-cert-0001-25623 514s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 514s + local verify_option= 514s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 514s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s + local key_pass=pass:random-root-ca-trusted-cert-0001-25623 514s + local key_cn 514s + local key_name 514s + local tokens_dir 514s + local output_cert_file 514s + token_name= 514s ++ basename /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem .pem 514s + key_name=test-root-CA-trusted-certificate-0001 514s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s ++ sed -n 's/ *commonName *= //p' 514s + key_cn='Test Organization Root Trusted Certificate 0001' 514s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 514s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf 514s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf 514s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 514s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001 514s + token_name='Test Organization Root Tr Token' 514s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 514s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001 ']' 514s + echo 'Test Organization Root Tr Token' 514s Test Organization Root Tr Token 514s + '[' -n '' ']' 514s + local output_base_name=SSSD-child-13273 514s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-13273.output 514s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-13273.pem 514s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 514s [p11_child[2226]] [main] (0x0400): p11_child started. 514s [p11_child[2226]] [main] (0x2000): Running in [pre-auth] mode. 514s [p11_child[2226]] [main] (0x2000): Running with effective IDs: [0][0]. 514s [p11_child[2226]] [main] (0x2000): Running with real IDs [0][0]. 514s [p11_child[2226]] [do_card] (0x4000): Module List: 514s [p11_child[2226]] [do_card] (0x4000): common name: [softhsm2]. 514s [p11_child[2226]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 514s [p11_child[2226]] [do_card] (0x4000): Description [SoftHSM slot ID 0x704abc24] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 514s [p11_child[2226]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 514s [p11_child[2226]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x704abc24][1883946020] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 514s [p11_child[2226]] [do_card] (0x4000): Login NOT required. 514s [p11_child[2226]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 514s [p11_child[2226]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 514s [p11_child[2226]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 514s [p11_child[2226]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x704abc24;slot-manufacturer=SoftHSM%20project;slot-id=1883946020;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=353f9e7cf04abc24;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 514s [p11_child[2226]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 514s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-13273.output 514s + echo '-----BEGIN CERTIFICATE-----' 514s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-13273.output 514s + echo '-----END CERTIFICATE-----' 514s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-13273.pem 514s Certificate: 514s Data: 514s Version: 3 (0x2) 514s Serial Number: 3 (0x3) 514s Signature Algorithm: sha256WithRSAEncryption 514s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 514s Validity 514s Not Before: Jun 13 19:12:48 2024 GMT 514s Not After : Jun 13 19:12:48 2025 GMT 514s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 514s Subject Public Key Info: 514s Public Key Algorithm: rsaEncryption 514s Public-Key: (1024 bit) 514s Modulus: 514s 00:c7:86:e7:1d:d7:1c:2d:cf:0b:84:5b:e4:f9:97: 514s 47:64:0b:7f:d7:7c:90:80:f0:00:45:b8:8b:fb:64: 514s 7a:81:99:fc:1f:52:a6:37:b0:26:d9:71:d4:83:1a: 514s be:7f:ed:72:08:a5:33:3e:31:a0:75:91:45:f7:f5: 514s f3:fd:86:73:f5:2a:d8:f2:7e:ee:43:65:7d:9c:06: 514s 6a:b1:28:80:54:34:e2:01:e0:f8:d3:8f:61:81:bf: 514s 35:33:7d:90:7a:be:b6:bf:07:8b:af:92:54:a6:c7: 514s 4b:cb:75:8f:7f:7e:0e:61:4e:58:4c:3a:ae:12:d0: 514s 80:89:3a:0d:14:d2:6a:21:6d 514s Exponent: 65537 (0x10001) 514s X509v3 extensions: 514s X509v3 Authority Key Identifier: 514s 25:A0:87:54:8D:6E:E5:99:A4:B8:3C:1A:B2:03:72:EA:92:A3:E0:75 514s X509v3 Basic Constraints: 514s CA:FALSE 514s Netscape Cert Type: 514s SSL Client, S/MIME 514s Netscape Comment: 514s Test Organization Root CA trusted Certificate 514s X509v3 Subject Key Identifier: 514s 00:B9:9C:CB:D2:4E:7C:CD:3B:D9:92:14:E5:5B:60:6C:1E:D4:37:53 514s X509v3 Key Usage: critical 514s Digital Signature, Non Repudiation, Key Encipherment 514s X509v3 Extended Key Usage: 514s TLS Web Client Authentication, E-mail Protection 514s X509v3 Subject Alternative Name: 514s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 514s Signature Algorithm: sha256WithRSAEncryption 514s Signature Value: 514s 64:cc:9c:7a:c6:10:72:5e:a1:45:e7:56:31:d8:2e:e6:4a:1c: 514s 86:b8:76:ef:18:af:10:9a:cf:3e:2f:67:1b:18:c8:df:dc:fc: 514s 7c:6a:89:48:d5:bc:42:d7:6e:c6:a4:5e:3c:89:6e:e6:7f:9c: 514s 9b:fc:2f:78:ce:97:ca:d7:a1:32:f1:4d:91:a5:86:42:4c:48: 514s f8:eb:b1:2f:c2:c4:90:1a:9d:aa:78:11:6b:68:c1:00:a0:05: 514s 65:9e:41:e3:ec:d1:74:59:8e:39:c4:b6:7e:eb:25:c2:db:8e: 514s 4f:f3:b6:b6:c3:58:a4:0b:30:02:32:68:d7:27:f8:93:f3:57: 514s 15:4a 514s + local found_md5 expected_md5 514s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s + expected_md5=Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D 514s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-13273.pem 514s + found_md5=Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D 514s + '[' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D '!=' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D ']' 514s + output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-13273-auth.output 514s ++ basename /tmp/sssd-softhsm2-scUpsx/SSSD-child-13273-auth.output .output 514s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-13273-auth.pem 514s + echo -n 053350 514s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-scUpsx/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 514s [p11_child[2234]] [main] (0x0400): p11_child started. 514s [p11_child[2234]] [main] (0x2000): Running in [auth] mode. 514s [p11_child[2234]] [main] (0x2000): Running with effective IDs: [0][0]. 514s [p11_child[2234]] [main] (0x2000): Running with real IDs [0][0]. 514s [p11_child[2234]] [do_card] (0x4000): Module List: 514s [p11_child[2234]] [do_card] (0x4000): common name: [softhsm2]. 514s [p11_child[2234]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 514s [p11_child[2234]] [do_card] (0x4000): Description [SoftHSM slot ID 0x704abc24] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 514s [p11_child[2234]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 514s [p11_child[2234]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x704abc24][1883946020] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 514s [p11_child[2234]] [do_card] (0x4000): Login required. 514s [p11_child[2234]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 514s [p11_child[2234]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 514s [p11_child[2234]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 514s [p11_child[2234]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x704abc24;slot-manufacturer=SoftHSM%20project;slot-id=1883946020;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=353f9e7cf04abc24;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 514s [p11_child[2234]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 514s [p11_child[2234]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 514s [p11_child[2234]] [do_card] (0x4000): Certificate verified and validated. 514s [p11_child[2234]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 514s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-13273-auth.output 514s + echo '-----BEGIN CERTIFICATE-----' 514s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-13273-auth.output 514s + echo '-----END CERTIFICATE-----' 514s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-13273-auth.pem 514s Certificate: 514s Data: 514s Version: 3 (0x2) 514s Serial Number: 3 (0x3) 514s Signature Algorithm: sha256WithRSAEncryption 514s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 514s Validity 514s Not Before: Jun 13 19:12:48 2024 GMT 514s Not After : Jun 13 19:12:48 2025 GMT 514s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 514s Subject Public Key Info: 514s Public Key Algorithm: rsaEncryption 514s Public-Key: (1024 bit) 514s Modulus: 514s 00:c7:86:e7:1d:d7:1c:2d:cf:0b:84:5b:e4:f9:97: 514s 47:64:0b:7f:d7:7c:90:80:f0:00:45:b8:8b:fb:64: 514s 7a:81:99:fc:1f:52:a6:37:b0:26:d9:71:d4:83:1a: 514s be:7f:ed:72:08:a5:33:3e:31:a0:75:91:45:f7:f5: 514s f3:fd:86:73:f5:2a:d8:f2:7e:ee:43:65:7d:9c:06: 514s 6a:b1:28:80:54:34:e2:01:e0:f8:d3:8f:61:81:bf: 514s 35:33:7d:90:7a:be:b6:bf:07:8b:af:92:54:a6:c7: 514s 4b:cb:75:8f:7f:7e:0e:61:4e:58:4c:3a:ae:12:d0: 514s 80:89:3a:0d:14:d2:6a:21:6d 514s Exponent: 65537 (0x10001) 514s X509v3 extensions: 514s X509v3 Authority Key Identifier: 514s 25:A0:87:54:8D:6E:E5:99:A4:B8:3C:1A:B2:03:72:EA:92:A3:E0:75 514s X509v3 Basic Constraints: 514s CA:FALSE 514s Netscape Cert Type: 514s SSL Client, S/MIME 514s Netscape Comment: 514s Test Organization Root CA trusted Certificate 514s X509v3 Subject Key Identifier: 514s 00:B9:9C:CB:D2:4E:7C:CD:3B:D9:92:14:E5:5B:60:6C:1E:D4:37:53 514s X509v3 Key Usage: critical 514s Digital Signature, Non Repudiation, Key Encipherment 514s X509v3 Extended Key Usage: 514s TLS Web Client Authentication, E-mail Protection 514s X509v3 Subject Alternative Name: 514s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 514s Signature Algorithm: sha256WithRSAEncryption 514s Signature Value: 514s 64:cc:9c:7a:c6:10:72:5e:a1:45:e7:56:31:d8:2e:e6:4a:1c: 514s 86:b8:76:ef:18:af:10:9a:cf:3e:2f:67:1b:18:c8:df:dc:fc: 514s 7c:6a:89:48:d5:bc:42:d7:6e:c6:a4:5e:3c:89:6e:e6:7f:9c: 514s 9b:fc:2f:78:ce:97:ca:d7:a1:32:f1:4d:91:a5:86:42:4c:48: 514s f8:eb:b1:2f:c2:c4:90:1a:9d:aa:78:11:6b:68:c1:00:a0:05: 514s 65:9e:41:e3:ec:d1:74:59:8e:39:c4:b6:7e:eb:25:c2:db:8e: 514s 4f:f3:b6:b6:c3:58:a4:0b:30:02:32:68:d7:27:f8:93:f3:57: 514s 15:4a 514s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-13273-auth.pem 514s + found_md5=Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D 514s + '[' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D '!=' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D ']' 514s + valid_certificate /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem partial_chain 514s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem partial_chain 514s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s + local key_pass=pass:random-root-ca-trusted-cert-0001-25623 514s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 514s + local verify_option=partial_chain 514s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 514s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s + local key_pass=pass:random-root-ca-trusted-cert-0001-25623 514s + local key_cn 514s + local key_name 514s + local tokens_dir 514s + local output_cert_file 514s + token_name= 514s ++ basename /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem .pem 514s + key_name=test-root-CA-trusted-certificate-0001 514s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s ++ sed -n 's/ *commonName *= //p' 514s + key_cn='Test Organization Root Trusted Certificate 0001' 514s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 514s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf 514s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf 514s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 514s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001 514s + token_name='Test Organization Root Tr Token' 514s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 514s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001 ']' 514s + echo 'Test Organization Root Tr Token' 514s + '[' -n partial_chain ']' 514s + local verify_arg=--verify=partial_chain 514s + local output_base_name=SSSD-child-25454 514s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-25454.output 514s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-25454.pem 514s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 514s Test Organization Root Tr Token 514s [p11_child[2244]] [main] (0x0400): p11_child started. 514s [p11_child[2244]] [main] (0x2000): Running in [pre-auth] mode. 514s [p11_child[2244]] [main] (0x2000): Running with effective IDs: [0][0]. 514s [p11_child[2244]] [main] (0x2000): Running with real IDs [0][0]. 514s [p11_child[2244]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 514s [p11_child[2244]] [do_card] (0x4000): Module List: 514s [p11_child[2244]] [do_card] (0x4000): common name: [softhsm2]. 514s [p11_child[2244]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 514s [p11_child[2244]] [do_card] (0x4000): Description [SoftHSM slot ID 0x704abc24] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 514s [p11_child[2244]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 514s [p11_child[2244]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x704abc24][1883946020] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 514s [p11_child[2244]] [do_card] (0x4000): Login NOT required. 514s [p11_child[2244]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 514s [p11_child[2244]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 514s [p11_child[2244]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 514s [p11_child[2244]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x704abc24;slot-manufacturer=SoftHSM%20project;slot-id=1883946020;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=353f9e7cf04abc24;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 514s [p11_child[2244]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 514s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-25454.output 514s + echo '-----BEGIN CERTIFICATE-----' 514s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-25454.output 514s + echo '-----END CERTIFICATE-----' 514s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-25454.pem 514s Certificate: 514s Data: 514s Version: 3 (0x2) 514s Serial Number: 3 (0x3) 514s Signature Algorithm: sha256WithRSAEncryption 514s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 514s Validity 514s Not Before: Jun 13 19:12:48 2024 GMT 514s Not After : Jun 13 19:12:48 2025 GMT 514s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 514s Subject Public Key Info: 514s Public Key Algorithm: rsaEncryption 514s Public-Key: (1024 bit) 514s Modulus: 514s 00:c7:86:e7:1d:d7:1c:2d:cf:0b:84:5b:e4:f9:97: 514s 47:64:0b:7f:d7:7c:90:80:f0:00:45:b8:8b:fb:64: 514s 7a:81:99:fc:1f:52:a6:37:b0:26:d9:71:d4:83:1a: 514s be:7f:ed:72:08:a5:33:3e:31:a0:75:91:45:f7:f5: 514s f3:fd:86:73:f5:2a:d8:f2:7e:ee:43:65:7d:9c:06: 514s 6a:b1:28:80:54:34:e2:01:e0:f8:d3:8f:61:81:bf: 514s 35:33:7d:90:7a:be:b6:bf:07:8b:af:92:54:a6:c7: 514s 4b:cb:75:8f:7f:7e:0e:61:4e:58:4c:3a:ae:12:d0: 514s 80:89:3a:0d:14:d2:6a:21:6d 514s Exponent: 65537 (0x10001) 514s X509v3 extensions: 514s X509v3 Authority Key Identifier: 514s 25:A0:87:54:8D:6E:E5:99:A4:B8:3C:1A:B2:03:72:EA:92:A3:E0:75 514s X509v3 Basic Constraints: 514s CA:FALSE 514s Netscape Cert Type: 514s SSL Client, S/MIME 514s Netscape Comment: 514s Test Organization Root CA trusted Certificate 514s X509v3 Subject Key Identifier: 514s 00:B9:9C:CB:D2:4E:7C:CD:3B:D9:92:14:E5:5B:60:6C:1E:D4:37:53 514s X509v3 Key Usage: critical 514s Digital Signature, Non Repudiation, Key Encipherment 514s X509v3 Extended Key Usage: 514s TLS Web Client Authentication, E-mail Protection 514s X509v3 Subject Alternative Name: 514s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 514s Signature Algorithm: sha256WithRSAEncryption 514s Signature Value: 514s 64:cc:9c:7a:c6:10:72:5e:a1:45:e7:56:31:d8:2e:e6:4a:1c: 514s 86:b8:76:ef:18:af:10:9a:cf:3e:2f:67:1b:18:c8:df:dc:fc: 514s 7c:6a:89:48:d5:bc:42:d7:6e:c6:a4:5e:3c:89:6e:e6:7f:9c: 514s 9b:fc:2f:78:ce:97:ca:d7:a1:32:f1:4d:91:a5:86:42:4c:48: 514s f8:eb:b1:2f:c2:c4:90:1a:9d:aa:78:11:6b:68:c1:00:a0:05: 514s 65:9e:41:e3:ec:d1:74:59:8e:39:c4:b6:7e:eb:25:c2:db:8e: 514s 4f:f3:b6:b6:c3:58:a4:0b:30:02:32:68:d7:27:f8:93:f3:57: 514s 15:4a 514s + local found_md5 expected_md5 514s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s + expected_md5=Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D 514s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-25454.pem 514s + found_md5=Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D 514s + '[' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D '!=' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D ']' 514s + output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-25454-auth.output 514s ++ basename /tmp/sssd-softhsm2-scUpsx/SSSD-child-25454-auth.output .output 514s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-25454-auth.pem 514s + echo -n 053350 514s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-scUpsx/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 514s [p11_child[2252]] [main] (0x0400): p11_child started. 514s [p11_child[2252]] [main] (0x2000): Running in [auth] mode. 514s [p11_child[2252]] [main] (0x2000): Running with effective IDs: [0][0]. 514s [p11_child[2252]] [main] (0x2000): Running with real IDs [0][0]. 514s [p11_child[2252]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 514s [p11_child[2252]] [do_card] (0x4000): Module List: 514s [p11_child[2252]] [do_card] (0x4000): common name: [softhsm2]. 514s [p11_child[2252]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 514s [p11_child[2252]] [do_card] (0x4000): Description [SoftHSM slot ID 0x704abc24] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 514s [p11_child[2252]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 514s [p11_child[2252]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x704abc24][1883946020] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 514s [p11_child[2252]] [do_card] (0x4000): Login required. 514s [p11_child[2252]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 514s [p11_child[2252]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 514s [p11_child[2252]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 514s [p11_child[2252]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x704abc24;slot-manufacturer=SoftHSM%20project;slot-id=1883946020;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=353f9e7cf04abc24;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 514s [p11_child[2252]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 514s [p11_child[2252]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 514s [p11_child[2252]] [do_card] (0x4000): Certificate verified and validated. 514s [p11_child[2252]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 514s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-25454-auth.output 514s + echo '-----BEGIN CERTIFICATE-----' 514s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-25454-auth.output 514s + echo '-----END CERTIFICATE-----' 514s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-25454-auth.pem 514s Certificate: 514s Data: 514s Version: 3 (0x2) 514s Serial Number: 3 (0x3) 514s Signature Algorithm: sha256WithRSAEncryption 514s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 514s Validity 514s Not Before: Jun 13 19:12:48 2024 GMT 514s Not After : Jun 13 19:12:48 2025 GMT 514s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 514s Subject Public Key Info: 514s Public Key Algorithm: rsaEncryption 514s Public-Key: (1024 bit) 514s Modulus: 514s 00:c7:86:e7:1d:d7:1c:2d:cf:0b:84:5b:e4:f9:97: 514s 47:64:0b:7f:d7:7c:90:80:f0:00:45:b8:8b:fb:64: 514s 7a:81:99:fc:1f:52:a6:37:b0:26:d9:71:d4:83:1a: 514s be:7f:ed:72:08:a5:33:3e:31:a0:75:91:45:f7:f5: 514s f3:fd:86:73:f5:2a:d8:f2:7e:ee:43:65:7d:9c:06: 514s 6a:b1:28:80:54:34:e2:01:e0:f8:d3:8f:61:81:bf: 514s 35:33:7d:90:7a:be:b6:bf:07:8b:af:92:54:a6:c7: 514s 4b:cb:75:8f:7f:7e:0e:61:4e:58:4c:3a:ae:12:d0: 514s 80:89:3a:0d:14:d2:6a:21:6d 514s Exponent: 65537 (0x10001) 514s X509v3 extensions: 514s X509v3 Authority Key Identifier: 514s 25:A0:87:54:8D:6E:E5:99:A4:B8:3C:1A:B2:03:72:EA:92:A3:E0:75 514s X509v3 Basic Constraints: 514s CA:FALSE 514s Netscape Cert Type: 514s SSL Client, S/MIME 514s Netscape Comment: 514s Test Organization Root CA trusted Certificate 514s X509v3 Subject Key Identifier: 514s 00:B9:9C:CB:D2:4E:7C:CD:3B:D9:92:14:E5:5B:60:6C:1E:D4:37:53 514s X509v3 Key Usage: critical 514s Digital Signature, Non Repudiation, Key Encipherment 514s X509v3 Extended Key Usage: 514s TLS Web Client Authentication, E-mail Protection 514s X509v3 Subject Alternative Name: 514s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 514s Signature Algorithm: sha256WithRSAEncryption 514s Signature Value: 514s 64:cc:9c:7a:c6:10:72:5e:a1:45:e7:56:31:d8:2e:e6:4a:1c: 514s 86:b8:76:ef:18:af:10:9a:cf:3e:2f:67:1b:18:c8:df:dc:fc: 514s 7c:6a:89:48:d5:bc:42:d7:6e:c6:a4:5e:3c:89:6e:e6:7f:9c: 514s 9b:fc:2f:78:ce:97:ca:d7:a1:32:f1:4d:91:a5:86:42:4c:48: 514s f8:eb:b1:2f:c2:c4:90:1a:9d:aa:78:11:6b:68:c1:00:a0:05: 514s 65:9e:41:e3:ec:d1:74:59:8e:39:c4:b6:7e:eb:25:c2:db:8e: 514s 4f:f3:b6:b6:c3:58:a4:0b:30:02:32:68:d7:27:f8:93:f3:57: 514s 15:4a 514s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-25454-auth.pem 514s + found_md5=Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D 514s + '[' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D '!=' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D ']' 514s + valid_certificate /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 514s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 514s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s + local key_pass=pass:random-root-ca-trusted-cert-0001-25623 514s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 514s + local verify_option= 514s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 514s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s + local key_pass=pass:random-root-ca-trusted-cert-0001-25623 514s + local key_cn 514s + local key_name 514s + local tokens_dir 514s + local output_cert_file 514s + token_name= 514s ++ basename /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem .pem 514s + key_name=test-root-CA-trusted-certificate-0001 514s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 514s ++ sed -n 's/ *commonName *= //p' 515s + key_cn='Test Organization Root Trusted Certificate 0001' 515s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 515s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf 515s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf 515s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 515s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001 515s + token_name='Test Organization Root Tr Token' 515s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 515s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001 ']' 515s + echo 'Test Organization Root Tr Token' 515s + '[' -n '' ']' 515s + local output_base_name=SSSD-child-6796 515s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-6796.output 515s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-6796.pem 515s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 515s Test Organization Root Tr Token 515s [p11_child[2262]] [main] (0x0400): p11_child started. 515s [p11_child[2262]] [main] (0x2000): Running in [pre-auth] mode. 515s [p11_child[2262]] [main] (0x2000): Running with effective IDs: [0][0]. 515s [p11_child[2262]] [main] (0x2000): Running with real IDs [0][0]. 515s [p11_child[2262]] [do_card] (0x4000): Module List: 515s [p11_child[2262]] [do_card] (0x4000): common name: [softhsm2]. 515s [p11_child[2262]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2262]] [do_card] (0x4000): Description [SoftHSM slot ID 0x704abc24] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 515s [p11_child[2262]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 515s [p11_child[2262]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x704abc24][1883946020] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2262]] [do_card] (0x4000): Login NOT required. 515s [p11_child[2262]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 515s [p11_child[2262]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 515s [p11_child[2262]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 515s [p11_child[2262]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x704abc24;slot-manufacturer=SoftHSM%20project;slot-id=1883946020;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=353f9e7cf04abc24;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 515s [p11_child[2262]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 515s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-6796.output 515s + echo '-----BEGIN CERTIFICATE-----' 515s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-6796.output 515s + echo '-----END CERTIFICATE-----' 515s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-6796.pem 515s Certificate: 515s Data: 515s Version: 3 (0x2) 515s Serial Number: 3 (0x3) 515s Signature Algorithm: sha256WithRSAEncryption 515s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 515s Validity 515s Not Before: Jun 13 19:12:48 2024 GMT 515s Not After : Jun 13 19:12:48 2025 GMT 515s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 515s Subject Public Key Info: 515s Public Key Algorithm: rsaEncryption 515s Public-Key: (1024 bit) 515s Modulus: 515s 00:c7:86:e7:1d:d7:1c:2d:cf:0b:84:5b:e4:f9:97: 515s 47:64:0b:7f:d7:7c:90:80:f0:00:45:b8:8b:fb:64: 515s 7a:81:99:fc:1f:52:a6:37:b0:26:d9:71:d4:83:1a: 515s be:7f:ed:72:08:a5:33:3e:31:a0:75:91:45:f7:f5: 515s f3:fd:86:73:f5:2a:d8:f2:7e:ee:43:65:7d:9c:06: 515s 6a:b1:28:80:54:34:e2:01:e0:f8:d3:8f:61:81:bf: 515s 35:33:7d:90:7a:be:b6:bf:07:8b:af:92:54:a6:c7: 515s 4b:cb:75:8f:7f:7e:0e:61:4e:58:4c:3a:ae:12:d0: 515s 80:89:3a:0d:14:d2:6a:21:6d 515s Exponent: 65537 (0x10001) 515s X509v3 extensions: 515s X509v3 Authority Key Identifier: 515s 25:A0:87:54:8D:6E:E5:99:A4:B8:3C:1A:B2:03:72:EA:92:A3:E0:75 515s X509v3 Basic Constraints: 515s CA:FALSE 515s Netscape Cert Type: 515s SSL Client, S/MIME 515s Netscape Comment: 515s Test Organization Root CA trusted Certificate 515s X509v3 Subject Key Identifier: 515s 00:B9:9C:CB:D2:4E:7C:CD:3B:D9:92:14:E5:5B:60:6C:1E:D4:37:53 515s X509v3 Key Usage: critical 515s Digital Signature, Non Repudiation, Key Encipherment 515s X509v3 Extended Key Usage: 515s TLS Web Client Authentication, E-mail Protection 515s X509v3 Subject Alternative Name: 515s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 515s Signature Algorithm: sha256WithRSAEncryption 515s Signature Value: 515s 64:cc:9c:7a:c6:10:72:5e:a1:45:e7:56:31:d8:2e:e6:4a:1c: 515s 86:b8:76:ef:18:af:10:9a:cf:3e:2f:67:1b:18:c8:df:dc:fc: 515s 7c:6a:89:48:d5:bc:42:d7:6e:c6:a4:5e:3c:89:6e:e6:7f:9c: 515s 9b:fc:2f:78:ce:97:ca:d7:a1:32:f1:4d:91:a5:86:42:4c:48: 515s f8:eb:b1:2f:c2:c4:90:1a:9d:aa:78:11:6b:68:c1:00:a0:05: 515s 65:9e:41:e3:ec:d1:74:59:8e:39:c4:b6:7e:eb:25:c2:db:8e: 515s 4f:f3:b6:b6:c3:58:a4:0b:30:02:32:68:d7:27:f8:93:f3:57: 515s 15:4a 515s + local found_md5 expected_md5 515s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 515s + expected_md5=Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D 515s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-6796.pem 515s + found_md5=Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D 515s + '[' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D '!=' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D ']' 515s + output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-6796-auth.output 515s ++ basename /tmp/sssd-softhsm2-scUpsx/SSSD-child-6796-auth.output .output 515s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-6796-auth.pem 515s + echo -n 053350 515s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 515s [p11_child[2270]] [main] (0x0400): p11_child started. 515s [p11_child[2270]] [main] (0x2000): Running in [auth] mode. 515s [p11_child[2270]] [main] (0x2000): Running with effective IDs: [0][0]. 515s [p11_child[2270]] [main] (0x2000): Running with real IDs [0][0]. 515s [p11_child[2270]] [do_card] (0x4000): Module List: 515s [p11_child[2270]] [do_card] (0x4000): common name: [softhsm2]. 515s [p11_child[2270]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2270]] [do_card] (0x4000): Description [SoftHSM slot ID 0x704abc24] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 515s [p11_child[2270]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 515s [p11_child[2270]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x704abc24][1883946020] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2270]] [do_card] (0x4000): Login required. 515s [p11_child[2270]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 515s [p11_child[2270]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 515s [p11_child[2270]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 515s [p11_child[2270]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x704abc24;slot-manufacturer=SoftHSM%20project;slot-id=1883946020;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=353f9e7cf04abc24;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 515s [p11_child[2270]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 515s [p11_child[2270]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 515s [p11_child[2270]] [do_card] (0x4000): Certificate verified and validated. 515s [p11_child[2270]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 515s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-6796-auth.output 515s + echo '-----BEGIN CERTIFICATE-----' 515s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-6796-auth.output 515s + echo '-----END CERTIFICATE-----' 515s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-6796-auth.pem 515s Certificate: 515s Data: 515s Version: 3 (0x2) 515s Serial Number: 3 (0x3) 515s Signature Algorithm: sha256WithRSAEncryption 515s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 515s Validity 515s Not Before: Jun 13 19:12:48 2024 GMT 515s Not After : Jun 13 19:12:48 2025 GMT 515s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 515s Subject Public Key Info: 515s Public Key Algorithm: rsaEncryption 515s Public-Key: (1024 bit) 515s Modulus: 515s 00:c7:86:e7:1d:d7:1c:2d:cf:0b:84:5b:e4:f9:97: 515s 47:64:0b:7f:d7:7c:90:80:f0:00:45:b8:8b:fb:64: 515s 7a:81:99:fc:1f:52:a6:37:b0:26:d9:71:d4:83:1a: 515s be:7f:ed:72:08:a5:33:3e:31:a0:75:91:45:f7:f5: 515s f3:fd:86:73:f5:2a:d8:f2:7e:ee:43:65:7d:9c:06: 515s 6a:b1:28:80:54:34:e2:01:e0:f8:d3:8f:61:81:bf: 515s 35:33:7d:90:7a:be:b6:bf:07:8b:af:92:54:a6:c7: 515s 4b:cb:75:8f:7f:7e:0e:61:4e:58:4c:3a:ae:12:d0: 515s 80:89:3a:0d:14:d2:6a:21:6d 515s Exponent: 65537 (0x10001) 515s X509v3 extensions: 515s X509v3 Authority Key Identifier: 515s 25:A0:87:54:8D:6E:E5:99:A4:B8:3C:1A:B2:03:72:EA:92:A3:E0:75 515s X509v3 Basic Constraints: 515s CA:FALSE 515s Netscape Cert Type: 515s SSL Client, S/MIME 515s Netscape Comment: 515s Test Organization Root CA trusted Certificate 515s X509v3 Subject Key Identifier: 515s 00:B9:9C:CB:D2:4E:7C:CD:3B:D9:92:14:E5:5B:60:6C:1E:D4:37:53 515s X509v3 Key Usage: critical 515s Digital Signature, Non Repudiation, Key Encipherment 515s X509v3 Extended Key Usage: 515s TLS Web Client Authentication, E-mail Protection 515s X509v3 Subject Alternative Name: 515s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 515s Signature Algorithm: sha256WithRSAEncryption 515s Signature Value: 515s 64:cc:9c:7a:c6:10:72:5e:a1:45:e7:56:31:d8:2e:e6:4a:1c: 515s 86:b8:76:ef:18:af:10:9a:cf:3e:2f:67:1b:18:c8:df:dc:fc: 515s 7c:6a:89:48:d5:bc:42:d7:6e:c6:a4:5e:3c:89:6e:e6:7f:9c: 515s 9b:fc:2f:78:ce:97:ca:d7:a1:32:f1:4d:91:a5:86:42:4c:48: 515s f8:eb:b1:2f:c2:c4:90:1a:9d:aa:78:11:6b:68:c1:00:a0:05: 515s 65:9e:41:e3:ec:d1:74:59:8e:39:c4:b6:7e:eb:25:c2:db:8e: 515s 4f:f3:b6:b6:c3:58:a4:0b:30:02:32:68:d7:27:f8:93:f3:57: 515s 15:4a 515s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-6796-auth.pem 515s + found_md5=Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D 515s + '[' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D '!=' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D ']' 515s + valid_certificate /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem partial_chain 515s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem partial_chain 515s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 515s + local key_pass=pass:random-root-ca-trusted-cert-0001-25623 515s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 515s + local verify_option=partial_chain 515s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 515s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 515s + local key_pass=pass:random-root-ca-trusted-cert-0001-25623 515s + local key_cn 515s + local key_name 515s + local tokens_dir 515s + local output_cert_file 515s + token_name= 515s ++ basename /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem .pem 515s + key_name=test-root-CA-trusted-certificate-0001 515s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 515s ++ sed -n 's/ *commonName *= //p' 515s + key_cn='Test Organization Root Trusted Certificate 0001' 515s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 515s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf 515s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf 515s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 515s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001 515s + token_name='Test Organization Root Tr Token' 515s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 515s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001 ']' 515s + echo 'Test Organization Root Tr Token' 515s + '[' -n partial_chain ']' 515s + local verify_arg=--verify=partial_chain 515s + local output_base_name=SSSD-child-16168 515s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-16168.output 515s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-16168.pem 515s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 515s Test Organization Root Tr Token 515s [p11_child[2280]] [main] (0x0400): p11_child started. 515s [p11_child[2280]] [main] (0x2000): Running in [pre-auth] mode. 515s [p11_child[2280]] [main] (0x2000): Running with effective IDs: [0][0]. 515s [p11_child[2280]] [main] (0x2000): Running with real IDs [0][0]. 515s [p11_child[2280]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 515s [p11_child[2280]] [do_card] (0x4000): Module List: 515s [p11_child[2280]] [do_card] (0x4000): common name: [softhsm2]. 515s [p11_child[2280]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2280]] [do_card] (0x4000): Description [SoftHSM slot ID 0x704abc24] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 515s [p11_child[2280]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 515s [p11_child[2280]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x704abc24][1883946020] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2280]] [do_card] (0x4000): Login NOT required. 515s [p11_child[2280]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 515s [p11_child[2280]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 515s [p11_child[2280]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 515s [p11_child[2280]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x704abc24;slot-manufacturer=SoftHSM%20project;slot-id=1883946020;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=353f9e7cf04abc24;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 515s [p11_child[2280]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 515s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-16168.output 515s + echo '-----BEGIN CERTIFICATE-----' 515s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-16168.output 515s + echo '-----END CERTIFICATE-----' 515s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-16168.pem 515s Certificate: 515s Data: 515s Version: 3 (0x2) 515s Serial Number: 3 (0x3) 515s Signature Algorithm: sha256WithRSAEncryption 515s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 515s Validity 515s Not Before: Jun 13 19:12:48 2024 GMT 515s Not After : Jun 13 19:12:48 2025 GMT 515s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 515s Subject Public Key Info: 515s Public Key Algorithm: rsaEncryption 515s Public-Key: (1024 bit) 515s Modulus: 515s 00:c7:86:e7:1d:d7:1c:2d:cf:0b:84:5b:e4:f9:97: 515s 47:64:0b:7f:d7:7c:90:80:f0:00:45:b8:8b:fb:64: 515s 7a:81:99:fc:1f:52:a6:37:b0:26:d9:71:d4:83:1a: 515s be:7f:ed:72:08:a5:33:3e:31:a0:75:91:45:f7:f5: 515s f3:fd:86:73:f5:2a:d8:f2:7e:ee:43:65:7d:9c:06: 515s 6a:b1:28:80:54:34:e2:01:e0:f8:d3:8f:61:81:bf: 515s 35:33:7d:90:7a:be:b6:bf:07:8b:af:92:54:a6:c7: 515s 4b:cb:75:8f:7f:7e:0e:61:4e:58:4c:3a:ae:12:d0: 515s 80:89:3a:0d:14:d2:6a:21:6d 515s Exponent: 65537 (0x10001) 515s X509v3 extensions: 515s X509v3 Authority Key Identifier: 515s 25:A0:87:54:8D:6E:E5:99:A4:B8:3C:1A:B2:03:72:EA:92:A3:E0:75 515s X509v3 Basic Constraints: 515s CA:FALSE 515s Netscape Cert Type: 515s SSL Client, S/MIME 515s Netscape Comment: 515s Test Organization Root CA trusted Certificate 515s X509v3 Subject Key Identifier: 515s 00:B9:9C:CB:D2:4E:7C:CD:3B:D9:92:14:E5:5B:60:6C:1E:D4:37:53 515s X509v3 Key Usage: critical 515s Digital Signature, Non Repudiation, Key Encipherment 515s X509v3 Extended Key Usage: 515s TLS Web Client Authentication, E-mail Protection 515s X509v3 Subject Alternative Name: 515s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 515s Signature Algorithm: sha256WithRSAEncryption 515s Signature Value: 515s 64:cc:9c:7a:c6:10:72:5e:a1:45:e7:56:31:d8:2e:e6:4a:1c: 515s 86:b8:76:ef:18:af:10:9a:cf:3e:2f:67:1b:18:c8:df:dc:fc: 515s 7c:6a:89:48:d5:bc:42:d7:6e:c6:a4:5e:3c:89:6e:e6:7f:9c: 515s 9b:fc:2f:78:ce:97:ca:d7:a1:32:f1:4d:91:a5:86:42:4c:48: 515s f8:eb:b1:2f:c2:c4:90:1a:9d:aa:78:11:6b:68:c1:00:a0:05: 515s 65:9e:41:e3:ec:d1:74:59:8e:39:c4:b6:7e:eb:25:c2:db:8e: 515s 4f:f3:b6:b6:c3:58:a4:0b:30:02:32:68:d7:27:f8:93:f3:57: 515s 15:4a 515s + local found_md5 expected_md5 515s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 515s + expected_md5=Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D 515s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-16168.pem 515s + found_md5=Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D 515s + '[' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D '!=' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D ']' 515s + output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-16168-auth.output 515s ++ basename /tmp/sssd-softhsm2-scUpsx/SSSD-child-16168-auth.output .output 515s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-16168-auth.pem 515s + echo -n 053350 515s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 515s [p11_child[2288]] [main] (0x0400): p11_child started. 515s [p11_child[2288]] [main] (0x2000): Running in [auth] mode. 515s [p11_child[2288]] [main] (0x2000): Running with effective IDs: [0][0]. 515s [p11_child[2288]] [main] (0x2000): Running with real IDs [0][0]. 515s [p11_child[2288]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 515s [p11_child[2288]] [do_card] (0x4000): Module List: 515s [p11_child[2288]] [do_card] (0x4000): common name: [softhsm2]. 515s [p11_child[2288]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2288]] [do_card] (0x4000): Description [SoftHSM slot ID 0x704abc24] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 515s [p11_child[2288]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 515s [p11_child[2288]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x704abc24][1883946020] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2288]] [do_card] (0x4000): Login required. 515s [p11_child[2288]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 515s [p11_child[2288]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 515s [p11_child[2288]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 515s [p11_child[2288]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x704abc24;slot-manufacturer=SoftHSM%20project;slot-id=1883946020;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=353f9e7cf04abc24;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 515s [p11_child[2288]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 515s [p11_child[2288]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 515s [p11_child[2288]] [do_card] (0x4000): Certificate verified and validated. 515s [p11_child[2288]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 515s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-16168-auth.output 515s + echo '-----BEGIN CERTIFICATE-----' 515s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-16168-auth.output 515s + echo '-----END CERTIFICATE-----' 515s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-16168-auth.pem 515s Certificate: 515s Data: 515s Version: 3 (0x2) 515s Serial Number: 3 (0x3) 515s Signature Algorithm: sha256WithRSAEncryption 515s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 515s Validity 515s Not Before: Jun 13 19:12:48 2024 GMT 515s Not After : Jun 13 19:12:48 2025 GMT 515s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 515s Subject Public Key Info: 515s Public Key Algorithm: rsaEncryption 515s Public-Key: (1024 bit) 515s Modulus: 515s 00:c7:86:e7:1d:d7:1c:2d:cf:0b:84:5b:e4:f9:97: 515s 47:64:0b:7f:d7:7c:90:80:f0:00:45:b8:8b:fb:64: 515s 7a:81:99:fc:1f:52:a6:37:b0:26:d9:71:d4:83:1a: 515s be:7f:ed:72:08:a5:33:3e:31:a0:75:91:45:f7:f5: 515s f3:fd:86:73:f5:2a:d8:f2:7e:ee:43:65:7d:9c:06: 515s 6a:b1:28:80:54:34:e2:01:e0:f8:d3:8f:61:81:bf: 515s 35:33:7d:90:7a:be:b6:bf:07:8b:af:92:54:a6:c7: 515s 4b:cb:75:8f:7f:7e:0e:61:4e:58:4c:3a:ae:12:d0: 515s 80:89:3a:0d:14:d2:6a:21:6d 515s Exponent: 65537 (0x10001) 515s X509v3 extensions: 515s X509v3 Authority Key Identifier: 515s 25:A0:87:54:8D:6E:E5:99:A4:B8:3C:1A:B2:03:72:EA:92:A3:E0:75 515s X509v3 Basic Constraints: 515s CA:FALSE 515s Netscape Cert Type: 515s SSL Client, S/MIME 515s Netscape Comment: 515s Test Organization Root CA trusted Certificate 515s X509v3 Subject Key Identifier: 515s 00:B9:9C:CB:D2:4E:7C:CD:3B:D9:92:14:E5:5B:60:6C:1E:D4:37:53 515s X509v3 Key Usage: critical 515s Digital Signature, Non Repudiation, Key Encipherment 515s X509v3 Extended Key Usage: 515s TLS Web Client Authentication, E-mail Protection 515s X509v3 Subject Alternative Name: 515s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 515s Signature Algorithm: sha256WithRSAEncryption 515s Signature Value: 515s 64:cc:9c:7a:c6:10:72:5e:a1:45:e7:56:31:d8:2e:e6:4a:1c: 515s 86:b8:76:ef:18:af:10:9a:cf:3e:2f:67:1b:18:c8:df:dc:fc: 515s 7c:6a:89:48:d5:bc:42:d7:6e:c6:a4:5e:3c:89:6e:e6:7f:9c: 515s 9b:fc:2f:78:ce:97:ca:d7:a1:32:f1:4d:91:a5:86:42:4c:48: 515s f8:eb:b1:2f:c2:c4:90:1a:9d:aa:78:11:6b:68:c1:00:a0:05: 515s 65:9e:41:e3:ec:d1:74:59:8e:39:c4:b6:7e:eb:25:c2:db:8e: 515s 4f:f3:b6:b6:c3:58:a4:0b:30:02:32:68:d7:27:f8:93:f3:57: 515s 15:4a 515s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-16168-auth.pem 515s + found_md5=Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D 515s + '[' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D '!=' Modulus=C786E71DD71C2DCF0B845BE4F99747640B7FD77C9080F00045B88BFB647A8199FC1F52A637B026D971D4831ABE7FED7208A5333E31A0759145F7F5F3FD8673F52AD8F27EEE43657D9C066AB128805434E201E0F8D38F6181BF35337D907ABEB6BF078BAF9254A6C74BCB758F7F7E0E614E584C3AAE12D080893A0D14D26A216D ']' 515s + invalid_certificate /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem 515s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem 515s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 515s + local key_pass=pass:random-root-ca-trusted-cert-0001-25623 515s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem 515s + local verify_option= 515s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 515s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 515s + local key_pass=pass:random-root-ca-trusted-cert-0001-25623 515s + local key_cn 515s + local key_name 515s + local tokens_dir 515s + local output_cert_file 515s + token_name= 515s ++ basename /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem .pem 515s + key_name=test-root-CA-trusted-certificate-0001 515s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 515s ++ sed -n 's/ *commonName *= //p' 515s + key_cn='Test Organization Root Trusted Certificate 0001' 515s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 515s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf 515s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf 515s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 515s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001 515s + token_name='Test Organization Root Tr Token' 515s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 515s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001 ']' 515s + echo 'Test Organization Root Tr Token' 515s + '[' -n '' ']' 515s + local output_base_name=SSSD-child-9506 515s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-9506.output 515s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-9506.pem 515s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem 515s [p11_child[2298]] [main] (0x0400): p11_child started. 515s [p11_child[2298]] [main] (0x2000): Running in [pre-auth] mode. 515s [p11_child[2298]] [main] (0x2000): Running with effective IDs: [0][0]. 515s [p11_child[2298]] [main] (0x2000): Running with real IDs [0][0]. 515s Test Organization Root Tr Token 515s [p11_child[2298]] [do_card] (0x4000): Module List: 515s [p11_child[2298]] [do_card] (0x4000): common name: [softhsm2]. 515s [p11_child[2298]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2298]] [do_card] (0x4000): Description [SoftHSM slot ID 0x704abc24] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 515s [p11_child[2298]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 515s [p11_child[2298]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x704abc24][1883946020] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2298]] [do_card] (0x4000): Login NOT required. 515s [p11_child[2298]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 515s [p11_child[2298]] [do_verification] (0x0040): X509_verify_cert failed [0]. 515s [p11_child[2298]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 515s [p11_child[2298]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 515s [p11_child[2298]] [do_card] (0x4000): No certificate found. 515s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-9506.output 515s + return 2 515s + invalid_certificate /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem partial_chain 515s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem partial_chain 515s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 515s + local key_pass=pass:random-root-ca-trusted-cert-0001-25623 515s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem 515s + local verify_option=partial_chain 515s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-25623 515s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 515s + local key_pass=pass:random-root-ca-trusted-cert-0001-25623 515s + local key_cn 515s + local key_name 515s + local tokens_dir 515s + local output_cert_file 515s + token_name= 515s ++ basename /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem .pem 515s + key_name=test-root-CA-trusted-certificate-0001 515s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-root-CA-trusted-certificate-0001.pem 515s ++ sed -n 's/ *commonName *= //p' 515s + key_cn='Test Organization Root Trusted Certificate 0001' 515s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 515s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf 515s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf 515s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 515s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001 515s + token_name='Test Organization Root Tr Token' 515s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 515s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-root-CA-trusted-certificate-0001 ']' 515s + echo 'Test Organization Root Tr Token' 515s + '[' -n partial_chain ']' 515s + local verify_arg=--verify=partial_chain 515s + local output_base_name=SSSD-child-19544 515s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-19544.output 515s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-19544.pem 515s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem 515s [p11_child[2305]] [main] (0x0400): p11_child started. 515s [p11_child[2305]] [main] (0x2000): Running in [pre-auth] mode. 515s Test Organization Root Tr Token 515s [p11_child[2305]] [main] (0x2000): Running with effective IDs: [0][0]. 515s [p11_child[2305]] [main] (0x2000): Running with real IDs [0][0]. 515s [p11_child[2305]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 515s [p11_child[2305]] [do_card] (0x4000): Module List: 515s [p11_child[2305]] [do_card] (0x4000): common name: [softhsm2]. 515s [p11_child[2305]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2305]] [do_card] (0x4000): Description [SoftHSM slot ID 0x704abc24] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 515s [p11_child[2305]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 515s [p11_child[2305]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x704abc24][1883946020] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2305]] [do_card] (0x4000): Login NOT required. 515s [p11_child[2305]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 515s [p11_child[2305]] [do_verification] (0x0040): X509_verify_cert failed [0]. 515s [p11_child[2305]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 515s [p11_child[2305]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 515s [p11_child[2305]] [do_card] (0x4000): No certificate found. 515s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-19544.output 515s + return 2 515s + invalid_certificate /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 /dev/null 515s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 /dev/null 515s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 515s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32766 515s + local key_ring=/dev/null 515s + local verify_option= 515s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 515s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 515s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32766 515s + local key_cn 515s + local key_name 515s + local tokens_dir 515s + local output_cert_file 515s + token_name= 515s ++ basename /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem .pem 515s + key_name=test-intermediate-CA-trusted-certificate-0001 515s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 515s ++ sed -n 's/ *commonName *= //p' 515s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 515s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 515s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 515s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 515s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 515s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001 515s + token_name='Test Organization Interme Token' 515s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 515s + local key_file 515s + local decrypted_key 515s + mkdir -p /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001 515s + key_file=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001-key.pem 515s + decrypted_key=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 515s + cat 515s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 053350 --so-pin 053350 --free 515s Slot 0 has a free/uninitialized token. 515s The token has been initialized and is reassigned to slot 1282113434 515s + softhsm2-util --show-slots 515s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 515s Available slots: 515s Slot 1282113434 515s Slot info: 515s Description: SoftHSM slot ID 0x4c6b7f9a 515s Manufacturer ID: SoftHSM project 515s Hardware version: 2.6 515s Firmware version: 2.6 515s Token present: yes 515s Token info: 515s Manufacturer ID: SoftHSM project 515s Model: SoftHSM v2 515s Hardware version: 2.6 515s Firmware version: 2.6 515s Serial number: 6cf8acfbcc6b7f9a 515s Initialized: yes 515s User PIN init.: yes 515s Label: Test Organization Interme Token 515s Slot 1 515s Slot info: 515s Description: SoftHSM slot ID 0x1 515s Manufacturer ID: SoftHSM project 515s Hardware version: 2.6 515s Firmware version: 2.6 515s Token present: yes 515s Token info: 515s Manufacturer ID: SoftHSM project 515s Model: SoftHSM v2 515s Hardware version: 2.6 515s Firmware version: 2.6 515s Serial number: 515s Initialized: no 515s User PIN init.: no 515s Label: 515s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-32766 -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 515s writing RSA key 515s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 515s + rm /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 515s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 515s Object 0: 515s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6cf8acfbcc6b7f9a;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 515s Type: X.509 Certificate (RSA-1024) 515s Expires: Fri Jun 13 19:12:48 2025 515s Label: Test Organization Intermediate Trusted Certificate 0001 515s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 515s 515s + echo 'Test Organization Interme Token' 515s + '[' -n '' ']' 515s Test Organization Interme Token 515s + local output_base_name=SSSD-child-1197 515s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-1197.output 515s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-1197.pem 515s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 515s [p11_child[2321]] [main] (0x0400): p11_child started. 515s [p11_child[2321]] [main] (0x2000): Running in [pre-auth] mode. 515s [p11_child[2321]] [main] (0x2000): Running with effective IDs: [0][0]. 515s [p11_child[2321]] [main] (0x2000): Running with real IDs [0][0]. 515s [p11_child[2321]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 515s [p11_child[2321]] [do_work] (0x0040): init_verification failed. 515s [p11_child[2321]] [main] (0x0020): p11_child failed (5) 515s + return 2 515s + valid_certificate /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 /dev/null no_verification 515s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 /dev/null no_verification 515s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 515s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32766 515s + local key_ring=/dev/null 515s + local verify_option=no_verification 515s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 515s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 515s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32766 515s + local key_cn 515s + local key_name 515s + local tokens_dir 515s + local output_cert_file 515s + token_name= 515s ++ basename /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem .pem 515s + key_name=test-intermediate-CA-trusted-certificate-0001 515s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 515s ++ sed -n 's/ *commonName *= //p' 515s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 515s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 515s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 515s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 515s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 515s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001 515s + token_name='Test Organization Interme Token' 515s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 515s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 515s + echo 'Test Organization Interme Token' 515s + '[' -n no_verification ']' 515s + local verify_arg=--verify=no_verification 515s + local output_base_name=SSSD-child-16667 515s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-16667.output 515s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-16667.pem 515s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 515s Test Organization Interme Token 515s [p11_child[2327]] [main] (0x0400): p11_child started. 515s [p11_child[2327]] [main] (0x2000): Running in [pre-auth] mode. 515s [p11_child[2327]] [main] (0x2000): Running with effective IDs: [0][0]. 515s [p11_child[2327]] [main] (0x2000): Running with real IDs [0][0]. 515s [p11_child[2327]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 515s [p11_child[2327]] [do_card] (0x4000): Module List: 515s [p11_child[2327]] [do_card] (0x4000): common name: [softhsm2]. 515s [p11_child[2327]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2327]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4c6b7f9a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 515s [p11_child[2327]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 515s [p11_child[2327]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4c6b7f9a][1282113434] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2327]] [do_card] (0x4000): Login NOT required. 515s [p11_child[2327]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 515s [p11_child[2327]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 515s [p11_child[2327]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4c6b7f9a;slot-manufacturer=SoftHSM%20project;slot-id=1282113434;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6cf8acfbcc6b7f9a;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 515s [p11_child[2327]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 515s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-16667.output 515s + echo '-----BEGIN CERTIFICATE-----' 515s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-16667.output 515s + echo '-----END CERTIFICATE-----' 515s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-16667.pem 515s Certificate: 515s Data: 515s Version: 3 (0x2) 515s Serial Number: 4 (0x4) 515s Signature Algorithm: sha256WithRSAEncryption 515s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 515s Validity 515s Not Before: Jun 13 19:12:48 2024 GMT 515s Not After : Jun 13 19:12:48 2025 GMT 515s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 515s Subject Public Key Info: 515s Public Key Algorithm: rsaEncryption 515s Public-Key: (1024 bit) 515s Modulus: 515s 00:9a:9d:03:f4:90:d6:eb:24:f0:cd:f0:69:92:2b: 515s 73:3c:dd:2c:f7:92:5b:5d:52:7b:b9:06:cc:25:08: 515s a5:63:a5:c7:0b:b6:12:cb:f8:f4:c6:82:27:78:db: 515s 1a:8d:a0:69:30:2d:e6:3b:8f:47:36:df:15:df:05: 515s 87:f9:fc:68:7f:7c:75:30:3c:1c:8f:55:c9:17:37: 515s ce:cb:6a:b8:47:14:39:71:f8:16:f2:3c:c8:a4:6c: 515s 23:8d:14:0e:84:2b:24:5f:23:62:1a:e0:31:a2:a8: 515s dc:9b:8e:8a:af:1f:fb:c5:24:24:a1:90:83:81:f5: 515s 95:75:fb:71:f7:26:6b:36:15 515s Exponent: 65537 (0x10001) 515s X509v3 extensions: 515s X509v3 Authority Key Identifier: 515s 13:B8:24:86:77:94:95:63:0A:18:EC:4C:54:B6:38:4C:7A:FF:BD:04 515s X509v3 Basic Constraints: 515s CA:FALSE 515s Netscape Cert Type: 515s SSL Client, S/MIME 515s Netscape Comment: 515s Test Organization Intermediate CA trusted Certificate 515s X509v3 Subject Key Identifier: 515s 8C:31:F6:68:9E:29:0D:F2:1C:B4:40:41:8E:72:14:EF:E0:95:BB:67 515s X509v3 Key Usage: critical 515s Digital Signature, Non Repudiation, Key Encipherment 515s X509v3 Extended Key Usage: 515s TLS Web Client Authentication, E-mail Protection 515s X509v3 Subject Alternative Name: 515s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 515s Signature Algorithm: sha256WithRSAEncryption 515s Signature Value: 515s 32:23:b6:b8:b5:38:2b:19:a9:ca:aa:e8:d5:c5:9c:04:c6:db: 515s 30:0c:6f:d3:6d:c9:58:3f:78:d6:2e:39:e7:69:db:73:e1:f2: 515s 0c:5b:de:4f:9c:f9:0b:bc:93:67:77:ac:c6:96:b0:3d:74:4f: 515s e4:39:c0:c1:b9:fc:82:33:4b:4a:03:22:19:a1:f7:47:e0:49: 515s eb:f5:d1:21:c3:b0:d6:b2:07:d1:1d:f6:29:50:09:a0:60:ce: 515s c6:50:d3:4e:ab:f9:73:aa:c0:e0:8d:30:87:5a:c9:08:99:ee: 515s 1b:f2:4d:c9:5e:0c:f9:1a:87:d7:53:a9:c2:90:fe:44:27:09: 515s 8c:38 515s + local found_md5 expected_md5 515s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 515s + expected_md5=Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 515s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-16667.pem 515s + found_md5=Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 515s + '[' Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 '!=' Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 ']' 515s + output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-16667-auth.output 515s ++ basename /tmp/sssd-softhsm2-scUpsx/SSSD-child-16667-auth.output .output 515s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-16667-auth.pem 515s + echo -n 053350 515s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Interme Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 515s [p11_child[2335]] [main] (0x0400): p11_child started. 515s [p11_child[2335]] [main] (0x2000): Running in [auth] mode. 515s [p11_child[2335]] [main] (0x2000): Running with effective IDs: [0][0]. 515s [p11_child[2335]] [main] (0x2000): Running with real IDs [0][0]. 515s [p11_child[2335]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 515s [p11_child[2335]] [do_card] (0x4000): Module List: 515s [p11_child[2335]] [do_card] (0x4000): common name: [softhsm2]. 515s [p11_child[2335]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2335]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4c6b7f9a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 515s [p11_child[2335]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 515s [p11_child[2335]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4c6b7f9a][1282113434] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2335]] [do_card] (0x4000): Login required. 515s [p11_child[2335]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 515s [p11_child[2335]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 515s [p11_child[2335]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4c6b7f9a;slot-manufacturer=SoftHSM%20project;slot-id=1282113434;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6cf8acfbcc6b7f9a;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 515s [p11_child[2335]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 515s [p11_child[2335]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 515s [p11_child[2335]] [do_card] (0x4000): Certificate verified and validated. 515s [p11_child[2335]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 515s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-16667-auth.output 515s + echo '-----BEGIN CERTIFICATE-----' 515s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-16667-auth.output 515s + echo '-----END CERTIFICATE-----' 515s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-16667-auth.pem 515s Certificate: 515s Data: 515s Version: 3 (0x2) 515s Serial Number: 4 (0x4) 515s Signature Algorithm: sha256WithRSAEncryption 515s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 515s Validity 515s Not Before: Jun 13 19:12:48 2024 GMT 515s Not After : Jun 13 19:12:48 2025 GMT 515s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 515s Subject Public Key Info: 515s Public Key Algorithm: rsaEncryption 515s Public-Key: (1024 bit) 515s Modulus: 515s 00:9a:9d:03:f4:90:d6:eb:24:f0:cd:f0:69:92:2b: 515s 73:3c:dd:2c:f7:92:5b:5d:52:7b:b9:06:cc:25:08: 515s a5:63:a5:c7:0b:b6:12:cb:f8:f4:c6:82:27:78:db: 515s 1a:8d:a0:69:30:2d:e6:3b:8f:47:36:df:15:df:05: 515s 87:f9:fc:68:7f:7c:75:30:3c:1c:8f:55:c9:17:37: 515s ce:cb:6a:b8:47:14:39:71:f8:16:f2:3c:c8:a4:6c: 515s 23:8d:14:0e:84:2b:24:5f:23:62:1a:e0:31:a2:a8: 515s dc:9b:8e:8a:af:1f:fb:c5:24:24:a1:90:83:81:f5: 515s 95:75:fb:71:f7:26:6b:36:15 515s Exponent: 65537 (0x10001) 515s X509v3 extensions: 515s X509v3 Authority Key Identifier: 515s 13:B8:24:86:77:94:95:63:0A:18:EC:4C:54:B6:38:4C:7A:FF:BD:04 515s X509v3 Basic Constraints: 515s CA:FALSE 515s Netscape Cert Type: 515s SSL Client, S/MIME 515s Netscape Comment: 515s Test Organization Intermediate CA trusted Certificate 515s X509v3 Subject Key Identifier: 515s 8C:31:F6:68:9E:29:0D:F2:1C:B4:40:41:8E:72:14:EF:E0:95:BB:67 515s X509v3 Key Usage: critical 515s Digital Signature, Non Repudiation, Key Encipherment 515s X509v3 Extended Key Usage: 515s TLS Web Client Authentication, E-mail Protection 515s X509v3 Subject Alternative Name: 515s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 515s Signature Algorithm: sha256WithRSAEncryption 515s Signature Value: 515s 32:23:b6:b8:b5:38:2b:19:a9:ca:aa:e8:d5:c5:9c:04:c6:db: 515s 30:0c:6f:d3:6d:c9:58:3f:78:d6:2e:39:e7:69:db:73:e1:f2: 515s 0c:5b:de:4f:9c:f9:0b:bc:93:67:77:ac:c6:96:b0:3d:74:4f: 515s e4:39:c0:c1:b9:fc:82:33:4b:4a:03:22:19:a1:f7:47:e0:49: 515s eb:f5:d1:21:c3:b0:d6:b2:07:d1:1d:f6:29:50:09:a0:60:ce: 515s c6:50:d3:4e:ab:f9:73:aa:c0:e0:8d:30:87:5a:c9:08:99:ee: 515s 1b:f2:4d:c9:5e:0c:f9:1a:87:d7:53:a9:c2:90:fe:44:27:09: 515s 8c:38 515s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-16667-auth.pem 515s + found_md5=Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 515s + '[' Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 '!=' Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 ']' 515s + invalid_certificate /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 515s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 515s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 515s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32766 515s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 515s + local verify_option= 515s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 515s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 515s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32766 515s + local key_cn 515s + local key_name 515s + local tokens_dir 515s + local output_cert_file 515s + token_name= 515s ++ basename /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem .pem 515s + key_name=test-intermediate-CA-trusted-certificate-0001 515s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 515s ++ sed -n 's/ *commonName *= //p' 515s Test Organization Interme Token 515s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 515s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 515s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 515s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 515s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 515s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001 515s + token_name='Test Organization Interme Token' 515s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 515s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 515s + echo 'Test Organization Interme Token' 515s + '[' -n '' ']' 515s + local output_base_name=SSSD-child-22381 515s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-22381.output 515s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-22381.pem 515s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 515s [p11_child[2345]] [main] (0x0400): p11_child started. 515s [p11_child[2345]] [main] (0x2000): Running in [pre-auth] mode. 515s [p11_child[2345]] [main] (0x2000): Running with effective IDs: [0][0]. 515s [p11_child[2345]] [main] (0x2000): Running with real IDs [0][0]. 515s [p11_child[2345]] [do_card] (0x4000): Module List: 515s [p11_child[2345]] [do_card] (0x4000): common name: [softhsm2]. 515s [p11_child[2345]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2345]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4c6b7f9a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 515s [p11_child[2345]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 515s [p11_child[2345]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4c6b7f9a][1282113434] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2345]] [do_card] (0x4000): Login NOT required. 515s [p11_child[2345]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 515s [p11_child[2345]] [do_verification] (0x0040): X509_verify_cert failed [0]. 515s [p11_child[2345]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 515s [p11_child[2345]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 515s [p11_child[2345]] [do_card] (0x4000): No certificate found. 515s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-22381.output 515s + return 2 515s + invalid_certificate /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem partial_chain 515s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem partial_chain 515s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 515s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32766 515s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 515s + local verify_option=partial_chain 515s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 515s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 515s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32766 515s + local key_cn 515s + local key_name 515s + local tokens_dir 515s + local output_cert_file 515s + token_name= 515s ++ basename /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem .pem 515s + key_name=test-intermediate-CA-trusted-certificate-0001 515s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 515s ++ sed -n 's/ *commonName *= //p' 515s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 515s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 515s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 515s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 515s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 515s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001 515s Test Organization Interme Token 515s + token_name='Test Organization Interme Token' 515s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 515s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 515s + echo 'Test Organization Interme Token' 515s + '[' -n partial_chain ']' 515s + local verify_arg=--verify=partial_chain 515s + local output_base_name=SSSD-child-30529 515s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-30529.output 515s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-30529.pem 515s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 515s [p11_child[2352]] [main] (0x0400): p11_child started. 515s [p11_child[2352]] [main] (0x2000): Running in [pre-auth] mode. 515s [p11_child[2352]] [main] (0x2000): Running with effective IDs: [0][0]. 515s [p11_child[2352]] [main] (0x2000): Running with real IDs [0][0]. 515s [p11_child[2352]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 515s [p11_child[2352]] [do_card] (0x4000): Module List: 515s [p11_child[2352]] [do_card] (0x4000): common name: [softhsm2]. 515s [p11_child[2352]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2352]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4c6b7f9a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 515s [p11_child[2352]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 515s [p11_child[2352]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4c6b7f9a][1282113434] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2352]] [do_card] (0x4000): Login NOT required. 515s [p11_child[2352]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 515s [p11_child[2352]] [do_verification] (0x0040): X509_verify_cert failed [0]. 515s [p11_child[2352]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 515s [p11_child[2352]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 515s [p11_child[2352]] [do_card] (0x4000): No certificate found. 515s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-30529.output 515s + return 2 515s + valid_certificate /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 515s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 515s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 515s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32766 515s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 515s + local verify_option= 515s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 515s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 515s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32766 515s + local key_cn 515s + local key_name 515s + local tokens_dir 515s + local output_cert_file 515s + token_name= 515s ++ basename /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem .pem 515s + key_name=test-intermediate-CA-trusted-certificate-0001 515s ++ sed -n 's/ *commonName *= //p' 515s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 515s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 515s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 515s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 515s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 515s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 515s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001 515s + token_name='Test Organization Interme Token' 515s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 515s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 515s + echo 'Test Organization Interme Token' 515s Test Organization Interme Token 515s + '[' -n '' ']' 515s + local output_base_name=SSSD-child-17562 515s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-17562.output 515s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-17562.pem 515s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 515s [p11_child[2359]] [main] (0x0400): p11_child started. 515s [p11_child[2359]] [main] (0x2000): Running in [pre-auth] mode. 515s [p11_child[2359]] [main] (0x2000): Running with effective IDs: [0][0]. 515s [p11_child[2359]] [main] (0x2000): Running with real IDs [0][0]. 515s [p11_child[2359]] [do_card] (0x4000): Module List: 515s [p11_child[2359]] [do_card] (0x4000): common name: [softhsm2]. 515s [p11_child[2359]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2359]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4c6b7f9a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 515s [p11_child[2359]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 515s [p11_child[2359]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4c6b7f9a][1282113434] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 515s [p11_child[2359]] [do_card] (0x4000): Login NOT required. 515s [p11_child[2359]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 515s [p11_child[2359]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 515s [p11_child[2359]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 515s [p11_child[2359]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4c6b7f9a;slot-manufacturer=SoftHSM%20project;slot-id=1282113434;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6cf8acfbcc6b7f9a;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 515s [p11_child[2359]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 515s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-17562.output 515s + echo '-----BEGIN CERTIFICATE-----' 515s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-17562.output 515s + echo '-----END CERTIFICATE-----' 515s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-17562.pem 516s Certificate: 516s Data: 516s Version: 3 (0x2) 516s Serial Number: 4 (0x4) 516s Signature Algorithm: sha256WithRSAEncryption 516s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 516s Validity 516s Not Before: Jun 13 19:12:48 2024 GMT 516s Not After : Jun 13 19:12:48 2025 GMT 516s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 516s Subject Public Key Info: 516s Public Key Algorithm: rsaEncryption 516s Public-Key: (1024 bit) 516s Modulus: 516s 00:9a:9d:03:f4:90:d6:eb:24:f0:cd:f0:69:92:2b: 516s 73:3c:dd:2c:f7:92:5b:5d:52:7b:b9:06:cc:25:08: 516s a5:63:a5:c7:0b:b6:12:cb:f8:f4:c6:82:27:78:db: 516s 1a:8d:a0:69:30:2d:e6:3b:8f:47:36:df:15:df:05: 516s 87:f9:fc:68:7f:7c:75:30:3c:1c:8f:55:c9:17:37: 516s ce:cb:6a:b8:47:14:39:71:f8:16:f2:3c:c8:a4:6c: 516s 23:8d:14:0e:84:2b:24:5f:23:62:1a:e0:31:a2:a8: 516s dc:9b:8e:8a:af:1f:fb:c5:24:24:a1:90:83:81:f5: 516s 95:75:fb:71:f7:26:6b:36:15 516s Exponent: 65537 (0x10001) 516s X509v3 extensions: 516s X509v3 Authority Key Identifier: 516s 13:B8:24:86:77:94:95:63:0A:18:EC:4C:54:B6:38:4C:7A:FF:BD:04 516s X509v3 Basic Constraints: 516s CA:FALSE 516s Netscape Cert Type: 516s SSL Client, S/MIME 516s Netscape Comment: 516s Test Organization Intermediate CA trusted Certificate 516s X509v3 Subject Key Identifier: 516s 8C:31:F6:68:9E:29:0D:F2:1C:B4:40:41:8E:72:14:EF:E0:95:BB:67 516s X509v3 Key Usage: critical 516s Digital Signature, Non Repudiation, Key Encipherment 516s X509v3 Extended Key Usage: 516s TLS Web Client Authentication, E-mail Protection 516s X509v3 Subject Alternative Name: 516s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 516s Signature Algorithm: sha256WithRSAEncryption 516s Signature Value: 516s 32:23:b6:b8:b5:38:2b:19:a9:ca:aa:e8:d5:c5:9c:04:c6:db: 516s 30:0c:6f:d3:6d:c9:58:3f:78:d6:2e:39:e7:69:db:73:e1:f2: 516s 0c:5b:de:4f:9c:f9:0b:bc:93:67:77:ac:c6:96:b0:3d:74:4f: 516s e4:39:c0:c1:b9:fc:82:33:4b:4a:03:22:19:a1:f7:47:e0:49: 516s eb:f5:d1:21:c3:b0:d6:b2:07:d1:1d:f6:29:50:09:a0:60:ce: 516s c6:50:d3:4e:ab:f9:73:aa:c0:e0:8d:30:87:5a:c9:08:99:ee: 516s 1b:f2:4d:c9:5e:0c:f9:1a:87:d7:53:a9:c2:90:fe:44:27:09: 516s 8c:38 516s + local found_md5 expected_md5 516s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 516s + expected_md5=Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 516s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-17562.pem 516s + found_md5=Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 516s + '[' Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 '!=' Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 ']' 516s + output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-17562-auth.output 516s ++ basename /tmp/sssd-softhsm2-scUpsx/SSSD-child-17562-auth.output .output 516s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-17562-auth.pem 516s + echo -n 053350 516s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Interme Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 516s [p11_child[2367]] [main] (0x0400): p11_child started. 516s [p11_child[2367]] [main] (0x2000): Running in [auth] mode. 516s [p11_child[2367]] [main] (0x2000): Running with effective IDs: [0][0]. 516s [p11_child[2367]] [main] (0x2000): Running with real IDs [0][0]. 516s [p11_child[2367]] [do_card] (0x4000): Module List: 516s [p11_child[2367]] [do_card] (0x4000): common name: [softhsm2]. 516s [p11_child[2367]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2367]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4c6b7f9a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 516s [p11_child[2367]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 516s [p11_child[2367]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4c6b7f9a][1282113434] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2367]] [do_card] (0x4000): Login required. 516s [p11_child[2367]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 516s [p11_child[2367]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 516s [p11_child[2367]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 516s [p11_child[2367]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4c6b7f9a;slot-manufacturer=SoftHSM%20project;slot-id=1282113434;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6cf8acfbcc6b7f9a;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 516s [p11_child[2367]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 516s [p11_child[2367]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 516s [p11_child[2367]] [do_card] (0x4000): Certificate verified and validated. 516s [p11_child[2367]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 516s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-17562-auth.output 516s + echo '-----BEGIN CERTIFICATE-----' 516s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-17562-auth.output 516s + echo '-----END CERTIFICATE-----' 516s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-17562-auth.pem 516s Certificate: 516s Data: 516s Version: 3 (0x2) 516s Serial Number: 4 (0x4) 516s Signature Algorithm: sha256WithRSAEncryption 516s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 516s Validity 516s Not Before: Jun 13 19:12:48 2024 GMT 516s Not After : Jun 13 19:12:48 2025 GMT 516s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 516s Subject Public Key Info: 516s Public Key Algorithm: rsaEncryption 516s Public-Key: (1024 bit) 516s Modulus: 516s 00:9a:9d:03:f4:90:d6:eb:24:f0:cd:f0:69:92:2b: 516s 73:3c:dd:2c:f7:92:5b:5d:52:7b:b9:06:cc:25:08: 516s a5:63:a5:c7:0b:b6:12:cb:f8:f4:c6:82:27:78:db: 516s 1a:8d:a0:69:30:2d:e6:3b:8f:47:36:df:15:df:05: 516s 87:f9:fc:68:7f:7c:75:30:3c:1c:8f:55:c9:17:37: 516s ce:cb:6a:b8:47:14:39:71:f8:16:f2:3c:c8:a4:6c: 516s 23:8d:14:0e:84:2b:24:5f:23:62:1a:e0:31:a2:a8: 516s dc:9b:8e:8a:af:1f:fb:c5:24:24:a1:90:83:81:f5: 516s 95:75:fb:71:f7:26:6b:36:15 516s Exponent: 65537 (0x10001) 516s X509v3 extensions: 516s X509v3 Authority Key Identifier: 516s 13:B8:24:86:77:94:95:63:0A:18:EC:4C:54:B6:38:4C:7A:FF:BD:04 516s X509v3 Basic Constraints: 516s CA:FALSE 516s Netscape Cert Type: 516s SSL Client, S/MIME 516s Netscape Comment: 516s Test Organization Intermediate CA trusted Certificate 516s X509v3 Subject Key Identifier: 516s 8C:31:F6:68:9E:29:0D:F2:1C:B4:40:41:8E:72:14:EF:E0:95:BB:67 516s X509v3 Key Usage: critical 516s Digital Signature, Non Repudiation, Key Encipherment 516s X509v3 Extended Key Usage: 516s TLS Web Client Authentication, E-mail Protection 516s X509v3 Subject Alternative Name: 516s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 516s Signature Algorithm: sha256WithRSAEncryption 516s Signature Value: 516s 32:23:b6:b8:b5:38:2b:19:a9:ca:aa:e8:d5:c5:9c:04:c6:db: 516s 30:0c:6f:d3:6d:c9:58:3f:78:d6:2e:39:e7:69:db:73:e1:f2: 516s 0c:5b:de:4f:9c:f9:0b:bc:93:67:77:ac:c6:96:b0:3d:74:4f: 516s e4:39:c0:c1:b9:fc:82:33:4b:4a:03:22:19:a1:f7:47:e0:49: 516s eb:f5:d1:21:c3:b0:d6:b2:07:d1:1d:f6:29:50:09:a0:60:ce: 516s c6:50:d3:4e:ab:f9:73:aa:c0:e0:8d:30:87:5a:c9:08:99:ee: 516s 1b:f2:4d:c9:5e:0c:f9:1a:87:d7:53:a9:c2:90:fe:44:27:09: 516s 8c:38 516s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-17562-auth.pem 516s + found_md5=Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 516s + '[' Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 '!=' Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 ']' 516s + valid_certificate /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem partial_chain 516s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem partial_chain 516s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 516s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32766 516s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 516s + local verify_option=partial_chain 516s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 516s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 516s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32766 516s + local key_cn 516s + local key_name 516s + local tokens_dir 516s + local output_cert_file 516s + token_name= 516s ++ basename /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem .pem 516s + key_name=test-intermediate-CA-trusted-certificate-0001 516s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 516s ++ sed -n 's/ *commonName *= //p' 516s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 516s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 516s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 516s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 516s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 516s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001 516s + token_name='Test Organization Interme Token' 516s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 516s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 516s + echo 'Test Organization Interme Token' 516s + '[' -n partial_chain ']' 516s + local verify_arg=--verify=partial_chain 516s + local output_base_name=SSSD-child-18687 516s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-18687.output 516s Test Organization Interme Token 516s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-18687.pem 516s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 516s [p11_child[2377]] [main] (0x0400): p11_child started. 516s [p11_child[2377]] [main] (0x2000): Running in [pre-auth] mode. 516s [p11_child[2377]] [main] (0x2000): Running with effective IDs: [0][0]. 516s [p11_child[2377]] [main] (0x2000): Running with real IDs [0][0]. 516s [p11_child[2377]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 516s [p11_child[2377]] [do_card] (0x4000): Module List: 516s [p11_child[2377]] [do_card] (0x4000): common name: [softhsm2]. 516s [p11_child[2377]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2377]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4c6b7f9a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 516s [p11_child[2377]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 516s [p11_child[2377]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4c6b7f9a][1282113434] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2377]] [do_card] (0x4000): Login NOT required. 516s [p11_child[2377]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 516s [p11_child[2377]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 516s [p11_child[2377]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 516s [p11_child[2377]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4c6b7f9a;slot-manufacturer=SoftHSM%20project;slot-id=1282113434;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6cf8acfbcc6b7f9a;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 516s [p11_child[2377]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 516s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-18687.output 516s + echo '-----BEGIN CERTIFICATE-----' 516s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-18687.output 516s + echo '-----END CERTIFICATE-----' 516s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-18687.pem 516s Certificate: 516s Data: 516s Version: 3 (0x2) 516s Serial Number: 4 (0x4) 516s Signature Algorithm: sha256WithRSAEncryption 516s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 516s Validity 516s Not Before: Jun 13 19:12:48 2024 GMT 516s Not After : Jun 13 19:12:48 2025 GMT 516s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 516s Subject Public Key Info: 516s Public Key Algorithm: rsaEncryption 516s Public-Key: (1024 bit) 516s Modulus: 516s 00:9a:9d:03:f4:90:d6:eb:24:f0:cd:f0:69:92:2b: 516s 73:3c:dd:2c:f7:92:5b:5d:52:7b:b9:06:cc:25:08: 516s a5:63:a5:c7:0b:b6:12:cb:f8:f4:c6:82:27:78:db: 516s 1a:8d:a0:69:30:2d:e6:3b:8f:47:36:df:15:df:05: 516s 87:f9:fc:68:7f:7c:75:30:3c:1c:8f:55:c9:17:37: 516s ce:cb:6a:b8:47:14:39:71:f8:16:f2:3c:c8:a4:6c: 516s 23:8d:14:0e:84:2b:24:5f:23:62:1a:e0:31:a2:a8: 516s dc:9b:8e:8a:af:1f:fb:c5:24:24:a1:90:83:81:f5: 516s 95:75:fb:71:f7:26:6b:36:15 516s Exponent: 65537 (0x10001) 516s X509v3 extensions: 516s X509v3 Authority Key Identifier: 516s 13:B8:24:86:77:94:95:63:0A:18:EC:4C:54:B6:38:4C:7A:FF:BD:04 516s X509v3 Basic Constraints: 516s CA:FALSE 516s Netscape Cert Type: 516s SSL Client, S/MIME 516s Netscape Comment: 516s Test Organization Intermediate CA trusted Certificate 516s X509v3 Subject Key Identifier: 516s 8C:31:F6:68:9E:29:0D:F2:1C:B4:40:41:8E:72:14:EF:E0:95:BB:67 516s X509v3 Key Usage: critical 516s Digital Signature, Non Repudiation, Key Encipherment 516s X509v3 Extended Key Usage: 516s TLS Web Client Authentication, E-mail Protection 516s X509v3 Subject Alternative Name: 516s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 516s Signature Algorithm: sha256WithRSAEncryption 516s Signature Value: 516s 32:23:b6:b8:b5:38:2b:19:a9:ca:aa:e8:d5:c5:9c:04:c6:db: 516s 30:0c:6f:d3:6d:c9:58:3f:78:d6:2e:39:e7:69:db:73:e1:f2: 516s 0c:5b:de:4f:9c:f9:0b:bc:93:67:77:ac:c6:96:b0:3d:74:4f: 516s e4:39:c0:c1:b9:fc:82:33:4b:4a:03:22:19:a1:f7:47:e0:49: 516s eb:f5:d1:21:c3:b0:d6:b2:07:d1:1d:f6:29:50:09:a0:60:ce: 516s c6:50:d3:4e:ab:f9:73:aa:c0:e0:8d:30:87:5a:c9:08:99:ee: 516s 1b:f2:4d:c9:5e:0c:f9:1a:87:d7:53:a9:c2:90:fe:44:27:09: 516s 8c:38 516s + local found_md5 expected_md5 516s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 516s + expected_md5=Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 516s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-18687.pem 516s + found_md5=Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 516s + '[' Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 '!=' Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 ']' 516s + output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-18687-auth.output 516s ++ basename /tmp/sssd-softhsm2-scUpsx/SSSD-child-18687-auth.output .output 516s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-18687-auth.pem 516s + echo -n 053350 516s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 516s [p11_child[2385]] [main] (0x0400): p11_child started. 516s [p11_child[2385]] [main] (0x2000): Running in [auth] mode. 516s [p11_child[2385]] [main] (0x2000): Running with effective IDs: [0][0]. 516s [p11_child[2385]] [main] (0x2000): Running with real IDs [0][0]. 516s [p11_child[2385]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 516s [p11_child[2385]] [do_card] (0x4000): Module List: 516s [p11_child[2385]] [do_card] (0x4000): common name: [softhsm2]. 516s [p11_child[2385]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2385]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4c6b7f9a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 516s [p11_child[2385]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 516s [p11_child[2385]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4c6b7f9a][1282113434] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2385]] [do_card] (0x4000): Login required. 516s [p11_child[2385]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 516s [p11_child[2385]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 516s [p11_child[2385]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 516s [p11_child[2385]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4c6b7f9a;slot-manufacturer=SoftHSM%20project;slot-id=1282113434;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6cf8acfbcc6b7f9a;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 516s [p11_child[2385]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 516s [p11_child[2385]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 516s [p11_child[2385]] [do_card] (0x4000): Certificate verified and validated. 516s [p11_child[2385]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 516s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-18687-auth.output 516s + echo '-----BEGIN CERTIFICATE-----' 516s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-18687-auth.output 516s + echo '-----END CERTIFICATE-----' 516s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-18687-auth.pem 516s Certificate: 516s Data: 516s Version: 3 (0x2) 516s Serial Number: 4 (0x4) 516s Signature Algorithm: sha256WithRSAEncryption 516s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 516s Validity 516s Not Before: Jun 13 19:12:48 2024 GMT 516s Not After : Jun 13 19:12:48 2025 GMT 516s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 516s Subject Public Key Info: 516s Public Key Algorithm: rsaEncryption 516s Public-Key: (1024 bit) 516s Modulus: 516s 00:9a:9d:03:f4:90:d6:eb:24:f0:cd:f0:69:92:2b: 516s 73:3c:dd:2c:f7:92:5b:5d:52:7b:b9:06:cc:25:08: 516s a5:63:a5:c7:0b:b6:12:cb:f8:f4:c6:82:27:78:db: 516s 1a:8d:a0:69:30:2d:e6:3b:8f:47:36:df:15:df:05: 516s 87:f9:fc:68:7f:7c:75:30:3c:1c:8f:55:c9:17:37: 516s ce:cb:6a:b8:47:14:39:71:f8:16:f2:3c:c8:a4:6c: 516s 23:8d:14:0e:84:2b:24:5f:23:62:1a:e0:31:a2:a8: 516s dc:9b:8e:8a:af:1f:fb:c5:24:24:a1:90:83:81:f5: 516s 95:75:fb:71:f7:26:6b:36:15 516s Exponent: 65537 (0x10001) 516s X509v3 extensions: 516s X509v3 Authority Key Identifier: 516s 13:B8:24:86:77:94:95:63:0A:18:EC:4C:54:B6:38:4C:7A:FF:BD:04 516s X509v3 Basic Constraints: 516s CA:FALSE 516s Netscape Cert Type: 516s SSL Client, S/MIME 516s Netscape Comment: 516s Test Organization Intermediate CA trusted Certificate 516s X509v3 Subject Key Identifier: 516s 8C:31:F6:68:9E:29:0D:F2:1C:B4:40:41:8E:72:14:EF:E0:95:BB:67 516s X509v3 Key Usage: critical 516s Digital Signature, Non Repudiation, Key Encipherment 516s X509v3 Extended Key Usage: 516s TLS Web Client Authentication, E-mail Protection 516s X509v3 Subject Alternative Name: 516s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 516s Signature Algorithm: sha256WithRSAEncryption 516s Signature Value: 516s 32:23:b6:b8:b5:38:2b:19:a9:ca:aa:e8:d5:c5:9c:04:c6:db: 516s 30:0c:6f:d3:6d:c9:58:3f:78:d6:2e:39:e7:69:db:73:e1:f2: 516s 0c:5b:de:4f:9c:f9:0b:bc:93:67:77:ac:c6:96:b0:3d:74:4f: 516s e4:39:c0:c1:b9:fc:82:33:4b:4a:03:22:19:a1:f7:47:e0:49: 516s eb:f5:d1:21:c3:b0:d6:b2:07:d1:1d:f6:29:50:09:a0:60:ce: 516s c6:50:d3:4e:ab:f9:73:aa:c0:e0:8d:30:87:5a:c9:08:99:ee: 516s 1b:f2:4d:c9:5e:0c:f9:1a:87:d7:53:a9:c2:90:fe:44:27:09: 516s 8c:38 516s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-18687-auth.pem 516s + found_md5=Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 516s + '[' Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 '!=' Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 ']' 516s + invalid_certificate /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem 516s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem 516s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 516s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32766 516s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem 516s + local verify_option= 516s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 516s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 516s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32766 516s + local key_cn 516s + local key_name 516s + local tokens_dir 516s + local output_cert_file 516s + token_name= 516s ++ basename /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem .pem 516s + key_name=test-intermediate-CA-trusted-certificate-0001 516s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 516s ++ sed -n 's/ *commonName *= //p' 516s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 516s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 516s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 516s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 516s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 516s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001 516s + token_name='Test Organization Interme Token' 516s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 516s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 516s + echo 'Test Organization Interme Token' 516s + '[' -n '' ']' 516s + local output_base_name=SSSD-child-4859 516s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-4859.output 516s Test Organization Interme Token 516s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-4859.pem 516s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem 516s [p11_child[2395]] [main] (0x0400): p11_child started. 516s [p11_child[2395]] [main] (0x2000): Running in [pre-auth] mode. 516s [p11_child[2395]] [main] (0x2000): Running with effective IDs: [0][0]. 516s [p11_child[2395]] [main] (0x2000): Running with real IDs [0][0]. 516s [p11_child[2395]] [do_card] (0x4000): Module List: 516s [p11_child[2395]] [do_card] (0x4000): common name: [softhsm2]. 516s [p11_child[2395]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2395]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4c6b7f9a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 516s [p11_child[2395]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 516s [p11_child[2395]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4c6b7f9a][1282113434] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2395]] [do_card] (0x4000): Login NOT required. 516s [p11_child[2395]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 516s [p11_child[2395]] [do_verification] (0x0040): X509_verify_cert failed [0]. 516s [p11_child[2395]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 516s [p11_child[2395]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 516s [p11_child[2395]] [do_card] (0x4000): No certificate found. 516s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-4859.output 516s + return 2 516s + valid_certificate /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem partial_chain 516s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem partial_chain 516s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 516s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32766 516s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem 516s + local verify_option=partial_chain 516s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-32766 516s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 516s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-32766 516s + local key_cn 516s + local key_name 516s + local tokens_dir 516s + local output_cert_file 516s + token_name= 516s ++ basename /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem .pem 516s + key_name=test-intermediate-CA-trusted-certificate-0001 516s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 516s ++ sed -n 's/ *commonName *= //p' 516s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 516s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 516s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 516s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 516s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 516s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001 516s Test Organization Interme Token 516s + token_name='Test Organization Interme Token' 516s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 516s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 516s + echo 'Test Organization Interme Token' 516s + '[' -n partial_chain ']' 516s + local verify_arg=--verify=partial_chain 516s + local output_base_name=SSSD-child-10438 516s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-10438.output 516s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-10438.pem 516s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem 516s [p11_child[2402]] [main] (0x0400): p11_child started. 516s [p11_child[2402]] [main] (0x2000): Running in [pre-auth] mode. 516s [p11_child[2402]] [main] (0x2000): Running with effective IDs: [0][0]. 516s [p11_child[2402]] [main] (0x2000): Running with real IDs [0][0]. 516s [p11_child[2402]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 516s [p11_child[2402]] [do_card] (0x4000): Module List: 516s [p11_child[2402]] [do_card] (0x4000): common name: [softhsm2]. 516s [p11_child[2402]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2402]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4c6b7f9a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 516s [p11_child[2402]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 516s [p11_child[2402]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4c6b7f9a][1282113434] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2402]] [do_card] (0x4000): Login NOT required. 516s [p11_child[2402]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 516s [p11_child[2402]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 516s [p11_child[2402]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 516s [p11_child[2402]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4c6b7f9a;slot-manufacturer=SoftHSM%20project;slot-id=1282113434;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6cf8acfbcc6b7f9a;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 516s [p11_child[2402]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 516s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-10438.output 516s + echo '-----BEGIN CERTIFICATE-----' 516s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-10438.output 516s + echo '-----END CERTIFICATE-----' 516s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-10438.pem 516s Certificate: 516s Data: 516s Version: 3 (0x2) 516s Serial Number: 4 (0x4) 516s Signature Algorithm: sha256WithRSAEncryption 516s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 516s Validity 516s Not Before: Jun 13 19:12:48 2024 GMT 516s Not After : Jun 13 19:12:48 2025 GMT 516s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 516s Subject Public Key Info: 516s Public Key Algorithm: rsaEncryption 516s Public-Key: (1024 bit) 516s Modulus: 516s 00:9a:9d:03:f4:90:d6:eb:24:f0:cd:f0:69:92:2b: 516s 73:3c:dd:2c:f7:92:5b:5d:52:7b:b9:06:cc:25:08: 516s a5:63:a5:c7:0b:b6:12:cb:f8:f4:c6:82:27:78:db: 516s 1a:8d:a0:69:30:2d:e6:3b:8f:47:36:df:15:df:05: 516s 87:f9:fc:68:7f:7c:75:30:3c:1c:8f:55:c9:17:37: 516s ce:cb:6a:b8:47:14:39:71:f8:16:f2:3c:c8:a4:6c: 516s 23:8d:14:0e:84:2b:24:5f:23:62:1a:e0:31:a2:a8: 516s dc:9b:8e:8a:af:1f:fb:c5:24:24:a1:90:83:81:f5: 516s 95:75:fb:71:f7:26:6b:36:15 516s Exponent: 65537 (0x10001) 516s X509v3 extensions: 516s X509v3 Authority Key Identifier: 516s 13:B8:24:86:77:94:95:63:0A:18:EC:4C:54:B6:38:4C:7A:FF:BD:04 516s X509v3 Basic Constraints: 516s CA:FALSE 516s Netscape Cert Type: 516s SSL Client, S/MIME 516s Netscape Comment: 516s Test Organization Intermediate CA trusted Certificate 516s X509v3 Subject Key Identifier: 516s 8C:31:F6:68:9E:29:0D:F2:1C:B4:40:41:8E:72:14:EF:E0:95:BB:67 516s X509v3 Key Usage: critical 516s Digital Signature, Non Repudiation, Key Encipherment 516s X509v3 Extended Key Usage: 516s TLS Web Client Authentication, E-mail Protection 516s X509v3 Subject Alternative Name: 516s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 516s Signature Algorithm: sha256WithRSAEncryption 516s Signature Value: 516s 32:23:b6:b8:b5:38:2b:19:a9:ca:aa:e8:d5:c5:9c:04:c6:db: 516s 30:0c:6f:d3:6d:c9:58:3f:78:d6:2e:39:e7:69:db:73:e1:f2: 516s 0c:5b:de:4f:9c:f9:0b:bc:93:67:77:ac:c6:96:b0:3d:74:4f: 516s e4:39:c0:c1:b9:fc:82:33:4b:4a:03:22:19:a1:f7:47:e0:49: 516s eb:f5:d1:21:c3:b0:d6:b2:07:d1:1d:f6:29:50:09:a0:60:ce: 516s c6:50:d3:4e:ab:f9:73:aa:c0:e0:8d:30:87:5a:c9:08:99:ee: 516s 1b:f2:4d:c9:5e:0c:f9:1a:87:d7:53:a9:c2:90:fe:44:27:09: 516s 8c:38 516s + local found_md5 expected_md5 516s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/test-intermediate-CA-trusted-certificate-0001.pem 516s + expected_md5=Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 516s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-10438.pem 516s + found_md5=Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 516s + '[' Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 '!=' Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 ']' 516s + output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-10438-auth.output 516s ++ basename /tmp/sssd-softhsm2-scUpsx/SSSD-child-10438-auth.output .output 516s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-10438-auth.pem 516s + echo -n 053350 516s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-scUpsx/test-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 516s [p11_child[2410]] [main] (0x0400): p11_child started. 516s [p11_child[2410]] [main] (0x2000): Running in [auth] mode. 516s [p11_child[2410]] [main] (0x2000): Running with effective IDs: [0][0]. 516s [p11_child[2410]] [main] (0x2000): Running with real IDs [0][0]. 516s [p11_child[2410]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 516s [p11_child[2410]] [do_card] (0x4000): Module List: 516s [p11_child[2410]] [do_card] (0x4000): common name: [softhsm2]. 516s [p11_child[2410]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2410]] [do_card] (0x4000): Description [SoftHSM slot ID 0x4c6b7f9a] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 516s [p11_child[2410]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 516s [p11_child[2410]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x4c6b7f9a][1282113434] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2410]] [do_card] (0x4000): Login required. 516s [p11_child[2410]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 516s [p11_child[2410]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 516s [p11_child[2410]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 516s [p11_child[2410]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x4c6b7f9a;slot-manufacturer=SoftHSM%20project;slot-id=1282113434;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6cf8acfbcc6b7f9a;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 516s [p11_child[2410]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 516s [p11_child[2410]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 516s [p11_child[2410]] [do_card] (0x4000): Certificate verified and validated. 516s [p11_child[2410]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 516s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-10438-auth.output 516s + echo '-----BEGIN CERTIFICATE-----' 516s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-10438-auth.output 516s + echo '-----END CERTIFICATE-----' 516s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-10438-auth.pem 516s Certificate: 516s Data: 516s Version: 3 (0x2) 516s Serial Number: 4 (0x4) 516s Signature Algorithm: sha256WithRSAEncryption 516s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 516s Validity 516s Not Before: Jun 13 19:12:48 2024 GMT 516s Not After : Jun 13 19:12:48 2025 GMT 516s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 516s Subject Public Key Info: 516s Public Key Algorithm: rsaEncryption 516s Public-Key: (1024 bit) 516s Modulus: 516s 00:9a:9d:03:f4:90:d6:eb:24:f0:cd:f0:69:92:2b: 516s 73:3c:dd:2c:f7:92:5b:5d:52:7b:b9:06:cc:25:08: 516s a5:63:a5:c7:0b:b6:12:cb:f8:f4:c6:82:27:78:db: 516s 1a:8d:a0:69:30:2d:e6:3b:8f:47:36:df:15:df:05: 516s 87:f9:fc:68:7f:7c:75:30:3c:1c:8f:55:c9:17:37: 516s ce:cb:6a:b8:47:14:39:71:f8:16:f2:3c:c8:a4:6c: 516s 23:8d:14:0e:84:2b:24:5f:23:62:1a:e0:31:a2:a8: 516s dc:9b:8e:8a:af:1f:fb:c5:24:24:a1:90:83:81:f5: 516s 95:75:fb:71:f7:26:6b:36:15 516s Exponent: 65537 (0x10001) 516s X509v3 extensions: 516s X509v3 Authority Key Identifier: 516s 13:B8:24:86:77:94:95:63:0A:18:EC:4C:54:B6:38:4C:7A:FF:BD:04 516s X509v3 Basic Constraints: 516s CA:FALSE 516s Netscape Cert Type: 516s SSL Client, S/MIME 516s Netscape Comment: 516s Test Organization Intermediate CA trusted Certificate 516s X509v3 Subject Key Identifier: 516s 8C:31:F6:68:9E:29:0D:F2:1C:B4:40:41:8E:72:14:EF:E0:95:BB:67 516s X509v3 Key Usage: critical 516s Digital Signature, Non Repudiation, Key Encipherment 516s X509v3 Extended Key Usage: 516s TLS Web Client Authentication, E-mail Protection 516s X509v3 Subject Alternative Name: 516s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 516s Signature Algorithm: sha256WithRSAEncryption 516s Signature Value: 516s 32:23:b6:b8:b5:38:2b:19:a9:ca:aa:e8:d5:c5:9c:04:c6:db: 516s 30:0c:6f:d3:6d:c9:58:3f:78:d6:2e:39:e7:69:db:73:e1:f2: 516s 0c:5b:de:4f:9c:f9:0b:bc:93:67:77:ac:c6:96:b0:3d:74:4f: 516s e4:39:c0:c1:b9:fc:82:33:4b:4a:03:22:19:a1:f7:47:e0:49: 516s eb:f5:d1:21:c3:b0:d6:b2:07:d1:1d:f6:29:50:09:a0:60:ce: 516s c6:50:d3:4e:ab:f9:73:aa:c0:e0:8d:30:87:5a:c9:08:99:ee: 516s 1b:f2:4d:c9:5e:0c:f9:1a:87:d7:53:a9:c2:90:fe:44:27:09: 516s 8c:38 516s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-10438-auth.pem 516s + found_md5=Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 516s + '[' Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 '!=' Modulus=9A9D03F490D6EB24F0CDF069922B733CDD2CF7925B5D527BB906CC2508A563A5C70BB612CBF8F4C6822778DB1A8DA069302DE63B8F4736DF15DF0587F9FC687F7C75303C1C8F55C91737CECB6AB847143971F816F23CC8A46C238D140E842B245F23621AE031A2A8DC9B8E8AAF1FFBC52424A1908381F59575FB71F7266B3615 ']' 516s + invalid_certificate /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 516s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 516s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 516s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18388 516s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 516s + local verify_option= 516s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 516s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 516s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18388 516s + local key_cn 516s + local key_name 516s + local tokens_dir 516s + local output_cert_file 516s + token_name= 516s ++ basename /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 516s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 516s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 516s ++ sed -n 's/ *commonName *= //p' 516s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 516s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 516s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 516s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 516s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 516s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 516s + token_name='Test Organization Sub Int Token' 516s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 516s + local key_file 516s + local decrypted_key 516s + mkdir -p /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 516s + key_file=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 516s + decrypted_key=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 516s + cat 516s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 053350 --so-pin 053350 --free 516s Slot 0 has a free/uninitialized token. 516s The token has been initialized and is reassigned to slot 2075507516 516s + softhsm2-util --show-slots 516s Available slots: 516s Slot 2075507516 516s Slot info: 516s Description: SoftHSM slot ID 0x7bb5bb3c 516s Manufacturer ID: SoftHSM project 516s Hardware version: 2.6 516s Firmware version: 2.6 516s Token present: yes 516s Token info: 516s Manufacturer ID: SoftHSM project 516s Model: SoftHSM v2 516s Hardware version: 2.6 516s Firmware version: 2.6 516s Serial number: b893d2417bb5bb3c 516s Initialized: yes 516s User PIN init.: yes 516s Label: Test Organization Sub Int Token 516s Slot 1 516s Slot info: 516s Description: SoftHSM slot ID 0x1 516s Manufacturer ID: SoftHSM project 516s Hardware version: 2.6 516s Firmware version: 2.6 516s Token present: yes 516s Token info: 516s Manufacturer ID: SoftHSM project 516s Model: SoftHSM v2 516s Hardware version: 2.6 516s Firmware version: 2.6 516s Serial number: 516s Initialized: no 516s User PIN init.: no 516s Label: 516s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 516s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-18388 -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 516s writing RSA key 516s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 516s + rm /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 516s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 516s Object 0: 516s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=b893d2417bb5bb3c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 516s Type: X.509 Certificate (RSA-1024) 516s Expires: Fri Jun 13 19:12:49 2025 516s Label: Test Organization Sub Intermediate Trusted Certificate 0001 516s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 516s 516s Test Organization Sub Int Token 516s + echo 'Test Organization Sub Int Token' 516s + '[' -n '' ']' 516s + local output_base_name=SSSD-child-27414 516s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-27414.output 516s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-27414.pem 516s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 516s [p11_child[2429]] [main] (0x0400): p11_child started. 516s [p11_child[2429]] [main] (0x2000): Running in [pre-auth] mode. 516s [p11_child[2429]] [main] (0x2000): Running with effective IDs: [0][0]. 516s [p11_child[2429]] [main] (0x2000): Running with real IDs [0][0]. 516s [p11_child[2429]] [do_card] (0x4000): Module List: 516s [p11_child[2429]] [do_card] (0x4000): common name: [softhsm2]. 516s [p11_child[2429]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2429]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7bb5bb3c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 516s [p11_child[2429]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 516s [p11_child[2429]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7bb5bb3c][2075507516] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2429]] [do_card] (0x4000): Login NOT required. 516s [p11_child[2429]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 516s [p11_child[2429]] [do_verification] (0x0040): X509_verify_cert failed [0]. 516s [p11_child[2429]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 516s [p11_child[2429]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 516s [p11_child[2429]] [do_card] (0x4000): No certificate found. 516s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-27414.output 516s + return 2 516s + invalid_certificate /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem partial_chain 516s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 /tmp/sssd-softhsm2-scUpsx/test-root-CA.pem partial_chain 516s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 516s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18388 516s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 516s + local verify_option=partial_chain 516s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 516s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 516s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18388 516s + local key_cn 516s + local key_name 516s + local tokens_dir 516s + local output_cert_file 516s + token_name= 516s ++ basename /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 516s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 516s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 516s ++ sed -n 's/ *commonName *= //p' 516s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 516s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 516s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 516s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 516s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 516s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 516s + token_name='Test Organization Sub Int Token' 516s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 516s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 516s + echo 'Test Organization Sub Int Token' 516s + '[' -n partial_chain ']' 516s + local verify_arg=--verify=partial_chain 516s + local output_base_name=SSSD-child-665 516s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-665.output 516s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-665.pem 516s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-scUpsx/test-root-CA.pem 516s Test Organization Sub Int Token 516s [p11_child[2436]] [main] (0x0400): p11_child started. 516s [p11_child[2436]] [main] (0x2000): Running in [pre-auth] mode. 516s [p11_child[2436]] [main] (0x2000): Running with effective IDs: [0][0]. 516s [p11_child[2436]] [main] (0x2000): Running with real IDs [0][0]. 516s [p11_child[2436]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 516s [p11_child[2436]] [do_card] (0x4000): Module List: 516s [p11_child[2436]] [do_card] (0x4000): common name: [softhsm2]. 516s [p11_child[2436]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2436]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7bb5bb3c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 516s [p11_child[2436]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 516s [p11_child[2436]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7bb5bb3c][2075507516] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2436]] [do_card] (0x4000): Login NOT required. 516s [p11_child[2436]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 516s [p11_child[2436]] [do_verification] (0x0040): X509_verify_cert failed [0]. 516s [p11_child[2436]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 516s [p11_child[2436]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 516s [p11_child[2436]] [do_card] (0x4000): No certificate found. 516s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-665.output 516s + return 2 516s + valid_certificate /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 516s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 516s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 516s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18388 516s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 516s + local verify_option= 516s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 516s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 516s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18388 516s + local key_cn 516s + local key_name 516s + local tokens_dir 516s + local output_cert_file 516s + token_name= 516s ++ basename /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 516s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 516s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 516s ++ sed -n 's/ *commonName *= //p' 516s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 516s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 516s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 516s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 516s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 516s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 516s + token_name='Test Organization Sub Int Token' 516s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 516s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 516s + echo 'Test Organization Sub Int Token' 516s + '[' -n '' ']' 516s + local output_base_name=SSSD-child-5316 516s Test Organization Sub Int Token 516s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-5316.output 516s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-5316.pem 516s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 516s [p11_child[2443]] [main] (0x0400): p11_child started. 516s [p11_child[2443]] [main] (0x2000): Running in [pre-auth] mode. 516s [p11_child[2443]] [main] (0x2000): Running with effective IDs: [0][0]. 516s [p11_child[2443]] [main] (0x2000): Running with real IDs [0][0]. 516s [p11_child[2443]] [do_card] (0x4000): Module List: 516s [p11_child[2443]] [do_card] (0x4000): common name: [softhsm2]. 516s [p11_child[2443]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2443]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7bb5bb3c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 516s [p11_child[2443]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 516s [p11_child[2443]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7bb5bb3c][2075507516] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2443]] [do_card] (0x4000): Login NOT required. 516s [p11_child[2443]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 516s [p11_child[2443]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 516s [p11_child[2443]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 516s [p11_child[2443]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7bb5bb3c;slot-manufacturer=SoftHSM%20project;slot-id=2075507516;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=b893d2417bb5bb3c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 516s [p11_child[2443]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 516s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-5316.output 516s + echo '-----BEGIN CERTIFICATE-----' 516s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-5316.output 516s + echo '-----END CERTIFICATE-----' 516s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-5316.pem 516s Certificate: 516s Data: 516s Version: 3 (0x2) 516s Serial Number: 5 (0x5) 516s Signature Algorithm: sha256WithRSAEncryption 516s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 516s Validity 516s Not Before: Jun 13 19:12:49 2024 GMT 516s Not After : Jun 13 19:12:49 2025 GMT 516s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 516s Subject Public Key Info: 516s Public Key Algorithm: rsaEncryption 516s Public-Key: (1024 bit) 516s Modulus: 516s 00:c7:5a:85:05:6f:c3:00:8a:2f:76:8a:ab:fd:78: 516s 85:82:1a:ad:77:c3:2f:69:08:51:51:d1:bc:0a:0b: 516s a2:0a:b4:b2:cf:0a:95:54:f1:ab:c1:2c:fe:d2:af: 516s 80:31:d9:67:0e:fd:00:ff:c1:28:fb:54:1f:19:46: 516s ab:36:97:f6:51:3c:16:0a:d7:a0:a0:96:1a:17:62: 516s 0c:65:a3:c7:ba:82:91:d1:88:5d:05:0f:59:7e:69: 516s 61:ba:19:95:f7:c5:47:e5:6c:d5:43:e6:65:0a:50: 516s 1c:3e:7f:95:43:7f:57:2d:b2:e4:e7:d3:6f:0f:51: 516s 02:08:42:9c:ce:6e:c8:10:1b 516s Exponent: 65537 (0x10001) 516s X509v3 extensions: 516s X509v3 Authority Key Identifier: 516s 4E:DE:2F:32:06:06:4F:4F:21:D1:7C:F3:D0:5D:B5:04:D3:78:DD:4E 516s X509v3 Basic Constraints: 516s CA:FALSE 516s Netscape Cert Type: 516s SSL Client, S/MIME 516s Netscape Comment: 516s Test Organization Sub Intermediate CA trusted Certificate 516s X509v3 Subject Key Identifier: 516s AD:81:7E:65:58:F4:F2:3B:5A:F8:77:E0:85:CA:0F:A6:C0:36:BD:43 516s X509v3 Key Usage: critical 516s Digital Signature, Non Repudiation, Key Encipherment 516s X509v3 Extended Key Usage: 516s TLS Web Client Authentication, E-mail Protection 516s X509v3 Subject Alternative Name: 516s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 516s Signature Algorithm: sha256WithRSAEncryption 516s Signature Value: 516s 62:ce:83:14:47:63:eb:11:e8:38:68:d5:89:dc:ab:8c:86:34: 516s 5a:98:cf:c5:25:c5:f6:ec:5d:db:55:c0:e9:33:84:9f:c4:60: 516s 36:cc:72:f6:a2:4f:67:22:22:c6:14:8d:5f:0d:a3:f9:26:aa: 516s 43:3d:26:92:51:20:6c:4f:eb:a6:dc:f9:ab:bc:09:b4:b6:84: 516s 1b:06:2d:a0:31:a9:05:ee:28:c6:72:36:74:aa:f5:b0:07:67: 516s 90:44:5d:17:e1:57:85:d5:49:79:b7:71:0b:1e:15:b0:5c:07: 516s ac:61:79:a5:5a:ae:aa:fa:fa:db:97:60:37:fb:ae:62:c4:f2: 516s 30:33 516s + local found_md5 expected_md5 516s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 516s + expected_md5=Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B 516s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-5316.pem 516s + found_md5=Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B 516s + '[' Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B '!=' Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B ']' 516s + output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-5316-auth.output 516s ++ basename /tmp/sssd-softhsm2-scUpsx/SSSD-child-5316-auth.output .output 516s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-5316-auth.pem 516s + echo -n 053350 516s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 516s [p11_child[2454]] [main] (0x0400): p11_child started. 516s [p11_child[2454]] [main] (0x2000): Running in [auth] mode. 516s [p11_child[2454]] [main] (0x2000): Running with effective IDs: [0][0]. 516s [p11_child[2454]] [main] (0x2000): Running with real IDs [0][0]. 516s [p11_child[2454]] [do_card] (0x4000): Module List: 516s [p11_child[2454]] [do_card] (0x4000): common name: [softhsm2]. 516s [p11_child[2454]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2454]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7bb5bb3c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 516s [p11_child[2454]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 516s [p11_child[2454]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7bb5bb3c][2075507516] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 516s [p11_child[2454]] [do_card] (0x4000): Login required. 516s [p11_child[2454]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 516s [p11_child[2454]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 516s [p11_child[2454]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 516s [p11_child[2454]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7bb5bb3c;slot-manufacturer=SoftHSM%20project;slot-id=2075507516;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=b893d2417bb5bb3c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 516s [p11_child[2454]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 516s [p11_child[2454]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 516s [p11_child[2454]] [do_card] (0x4000): Certificate verified and validated. 516s [p11_child[2454]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 516s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-5316-auth.output 516s + echo '-----BEGIN CERTIFICATE-----' 516s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-5316-auth.output 516s + echo '-----END CERTIFICATE-----' 516s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-5316-auth.pem 516s Certificate: 516s Data: 516s Version: 3 (0x2) 516s Serial Number: 5 (0x5) 516s Signature Algorithm: sha256WithRSAEncryption 516s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 516s Validity 516s Not Before: Jun 13 19:12:49 2024 GMT 516s Not After : Jun 13 19:12:49 2025 GMT 516s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 516s Subject Public Key Info: 516s Public Key Algorithm: rsaEncryption 516s Public-Key: (1024 bit) 516s Modulus: 516s 00:c7:5a:85:05:6f:c3:00:8a:2f:76:8a:ab:fd:78: 516s 85:82:1a:ad:77:c3:2f:69:08:51:51:d1:bc:0a:0b: 516s a2:0a:b4:b2:cf:0a:95:54:f1:ab:c1:2c:fe:d2:af: 516s 80:31:d9:67:0e:fd:00:ff:c1:28:fb:54:1f:19:46: 516s ab:36:97:f6:51:3c:16:0a:d7:a0:a0:96:1a:17:62: 516s 0c:65:a3:c7:ba:82:91:d1:88:5d:05:0f:59:7e:69: 516s 61:ba:19:95:f7:c5:47:e5:6c:d5:43:e6:65:0a:50: 516s 1c:3e:7f:95:43:7f:57:2d:b2:e4:e7:d3:6f:0f:51: 516s 02:08:42:9c:ce:6e:c8:10:1b 516s Exponent: 65537 (0x10001) 516s X509v3 extensions: 516s X509v3 Authority Key Identifier: 516s 4E:DE:2F:32:06:06:4F:4F:21:D1:7C:F3:D0:5D:B5:04:D3:78:DD:4E 516s X509v3 Basic Constraints: 516s CA:FALSE 516s Netscape Cert Type: 516s SSL Client, S/MIME 516s Netscape Comment: 516s Test Organization Sub Intermediate CA trusted Certificate 516s X509v3 Subject Key Identifier: 516s AD:81:7E:65:58:F4:F2:3B:5A:F8:77:E0:85:CA:0F:A6:C0:36:BD:43 516s X509v3 Key Usage: critical 516s Digital Signature, Non Repudiation, Key Encipherment 516s X509v3 Extended Key Usage: 516s TLS Web Client Authentication, E-mail Protection 516s X509v3 Subject Alternative Name: 516s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 516s Signature Algorithm: sha256WithRSAEncryption 516s Signature Value: 516s 62:ce:83:14:47:63:eb:11:e8:38:68:d5:89:dc:ab:8c:86:34: 516s 5a:98:cf:c5:25:c5:f6:ec:5d:db:55:c0:e9:33:84:9f:c4:60: 516s 36:cc:72:f6:a2:4f:67:22:22:c6:14:8d:5f:0d:a3:f9:26:aa: 516s 43:3d:26:92:51:20:6c:4f:eb:a6:dc:f9:ab:bc:09:b4:b6:84: 516s 1b:06:2d:a0:31:a9:05:ee:28:c6:72:36:74:aa:f5:b0:07:67: 516s 90:44:5d:17:e1:57:85:d5:49:79:b7:71:0b:1e:15:b0:5c:07: 516s ac:61:79:a5:5a:ae:aa:fa:fa:db:97:60:37:fb:ae:62:c4:f2: 516s 30:33 516s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-5316-auth.pem 516s + found_md5=Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B 516s + '[' Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B '!=' Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B ']' 516s + valid_certificate /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem partial_chain 516s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 /tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem partial_chain 516s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 516s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18388 516s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 516s + local verify_option=partial_chain 516s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 516s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 516s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18388 516s + local key_cn 516s + local key_name 516s + local tokens_dir 516s + local output_cert_file 516s + token_name= 516s ++ basename /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 516s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 516s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 516s ++ sed -n 's/ *commonName *= //p' 517s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 517s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 517s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 517s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 517s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 517s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 517s + token_name='Test Organization Sub Int Token' 517s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 517s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 517s + echo 'Test Organization Sub Int Token' 517s Test Organization Sub Int Token 517s + '[' -n partial_chain ']' 517s + local verify_arg=--verify=partial_chain 517s + local output_base_name=SSSD-child-23366 517s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-23366.output 517s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-23366.pem 517s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem 517s [p11_child[2464]] [main] (0x0400): p11_child started. 517s [p11_child[2464]] [main] (0x2000): Running in [pre-auth] mode. 517s [p11_child[2464]] [main] (0x2000): Running with effective IDs: [0][0]. 517s [p11_child[2464]] [main] (0x2000): Running with real IDs [0][0]. 517s [p11_child[2464]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 517s [p11_child[2464]] [do_card] (0x4000): Module List: 517s [p11_child[2464]] [do_card] (0x4000): common name: [softhsm2]. 517s [p11_child[2464]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 517s [p11_child[2464]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7bb5bb3c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 517s [p11_child[2464]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 517s [p11_child[2464]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7bb5bb3c][2075507516] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 517s [p11_child[2464]] [do_card] (0x4000): Login NOT required. 517s [p11_child[2464]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 517s [p11_child[2464]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 517s [p11_child[2464]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 517s [p11_child[2464]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7bb5bb3c;slot-manufacturer=SoftHSM%20project;slot-id=2075507516;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=b893d2417bb5bb3c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 517s [p11_child[2464]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 517s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-23366.output 517s + echo '-----BEGIN CERTIFICATE-----' 517s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-23366.output 517s + echo '-----END CERTIFICATE-----' 517s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-23366.pem 517s Certificate: 517s Data: 517s Version: 3 (0x2) 517s Serial Number: 5 (0x5) 517s Signature Algorithm: sha256WithRSAEncryption 517s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 517s Validity 517s Not Before: Jun 13 19:12:49 2024 GMT 517s Not After : Jun 13 19:12:49 2025 GMT 517s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 517s Subject Public Key Info: 517s Public Key Algorithm: rsaEncryption 517s Public-Key: (1024 bit) 517s Modulus: 517s 00:c7:5a:85:05:6f:c3:00:8a:2f:76:8a:ab:fd:78: 517s 85:82:1a:ad:77:c3:2f:69:08:51:51:d1:bc:0a:0b: 517s a2:0a:b4:b2:cf:0a:95:54:f1:ab:c1:2c:fe:d2:af: 517s 80:31:d9:67:0e:fd:00:ff:c1:28:fb:54:1f:19:46: 517s ab:36:97:f6:51:3c:16:0a:d7:a0:a0:96:1a:17:62: 517s 0c:65:a3:c7:ba:82:91:d1:88:5d:05:0f:59:7e:69: 517s 61:ba:19:95:f7:c5:47:e5:6c:d5:43:e6:65:0a:50: 517s 1c:3e:7f:95:43:7f:57:2d:b2:e4:e7:d3:6f:0f:51: 517s 02:08:42:9c:ce:6e:c8:10:1b 517s Exponent: 65537 (0x10001) 517s X509v3 extensions: 517s X509v3 Authority Key Identifier: 517s 4E:DE:2F:32:06:06:4F:4F:21:D1:7C:F3:D0:5D:B5:04:D3:78:DD:4E 517s X509v3 Basic Constraints: 517s CA:FALSE 517s Netscape Cert Type: 517s SSL Client, S/MIME 517s Netscape Comment: 517s Test Organization Sub Intermediate CA trusted Certificate 517s X509v3 Subject Key Identifier: 517s AD:81:7E:65:58:F4:F2:3B:5A:F8:77:E0:85:CA:0F:A6:C0:36:BD:43 517s X509v3 Key Usage: critical 517s Digital Signature, Non Repudiation, Key Encipherment 517s X509v3 Extended Key Usage: 517s TLS Web Client Authentication, E-mail Protection 517s X509v3 Subject Alternative Name: 517s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 517s Signature Algorithm: sha256WithRSAEncryption 517s Signature Value: 517s 62:ce:83:14:47:63:eb:11:e8:38:68:d5:89:dc:ab:8c:86:34: 517s 5a:98:cf:c5:25:c5:f6:ec:5d:db:55:c0:e9:33:84:9f:c4:60: 517s 36:cc:72:f6:a2:4f:67:22:22:c6:14:8d:5f:0d:a3:f9:26:aa: 517s 43:3d:26:92:51:20:6c:4f:eb:a6:dc:f9:ab:bc:09:b4:b6:84: 517s 1b:06:2d:a0:31:a9:05:ee:28:c6:72:36:74:aa:f5:b0:07:67: 517s 90:44:5d:17:e1:57:85:d5:49:79:b7:71:0b:1e:15:b0:5c:07: 517s ac:61:79:a5:5a:ae:aa:fa:fa:db:97:60:37:fb:ae:62:c4:f2: 517s 30:33 517s + local found_md5 expected_md5 517s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 517s + expected_md5=Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B 517s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-23366.pem 517s + found_md5=Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B 517s + '[' Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B '!=' Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B ']' 517s + output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-23366-auth.output 517s ++ basename /tmp/sssd-softhsm2-scUpsx/SSSD-child-23366-auth.output .output 517s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-23366-auth.pem 517s + echo -n 053350 517s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-scUpsx/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 517s [p11_child[2472]] [main] (0x0400): p11_child started. 517s [p11_child[2472]] [main] (0x2000): Running in [auth] mode. 517s [p11_child[2472]] [main] (0x2000): Running with effective IDs: [0][0]. 517s [p11_child[2472]] [main] (0x2000): Running with real IDs [0][0]. 517s [p11_child[2472]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 517s [p11_child[2472]] [do_card] (0x4000): Module List: 517s [p11_child[2472]] [do_card] (0x4000): common name: [softhsm2]. 517s [p11_child[2472]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 517s [p11_child[2472]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7bb5bb3c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 517s [p11_child[2472]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 517s [p11_child[2472]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7bb5bb3c][2075507516] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 517s [p11_child[2472]] [do_card] (0x4000): Login required. 517s [p11_child[2472]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 517s [p11_child[2472]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 517s [p11_child[2472]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 517s [p11_child[2472]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7bb5bb3c;slot-manufacturer=SoftHSM%20project;slot-id=2075507516;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=b893d2417bb5bb3c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 517s [p11_child[2472]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 517s [p11_child[2472]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 517s [p11_child[2472]] [do_card] (0x4000): Certificate verified and validated. 517s [p11_child[2472]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 517s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-23366-auth.output 517s + echo '-----BEGIN CERTIFICATE-----' 517s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-23366-auth.output 517s + echo '-----END CERTIFICATE-----' 517s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-23366-auth.pem 517s Certificate: 517s Data: 517s Version: 3 (0x2) 517s Serial Number: 5 (0x5) 517s Signature Algorithm: sha256WithRSAEncryption 517s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 517s Validity 517s Not Before: Jun 13 19:12:49 2024 GMT 517s Not After : Jun 13 19:12:49 2025 GMT 517s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 517s Subject Public Key Info: 517s Public Key Algorithm: rsaEncryption 517s Public-Key: (1024 bit) 517s Modulus: 517s 00:c7:5a:85:05:6f:c3:00:8a:2f:76:8a:ab:fd:78: 517s 85:82:1a:ad:77:c3:2f:69:08:51:51:d1:bc:0a:0b: 517s a2:0a:b4:b2:cf:0a:95:54:f1:ab:c1:2c:fe:d2:af: 517s 80:31:d9:67:0e:fd:00:ff:c1:28:fb:54:1f:19:46: 517s ab:36:97:f6:51:3c:16:0a:d7:a0:a0:96:1a:17:62: 517s 0c:65:a3:c7:ba:82:91:d1:88:5d:05:0f:59:7e:69: 517s 61:ba:19:95:f7:c5:47:e5:6c:d5:43:e6:65:0a:50: 517s 1c:3e:7f:95:43:7f:57:2d:b2:e4:e7:d3:6f:0f:51: 517s 02:08:42:9c:ce:6e:c8:10:1b 517s Exponent: 65537 (0x10001) 517s X509v3 extensions: 517s X509v3 Authority Key Identifier: 517s 4E:DE:2F:32:06:06:4F:4F:21:D1:7C:F3:D0:5D:B5:04:D3:78:DD:4E 517s X509v3 Basic Constraints: 517s CA:FALSE 517s Netscape Cert Type: 517s SSL Client, S/MIME 517s Netscape Comment: 517s Test Organization Sub Intermediate CA trusted Certificate 517s X509v3 Subject Key Identifier: 517s AD:81:7E:65:58:F4:F2:3B:5A:F8:77:E0:85:CA:0F:A6:C0:36:BD:43 517s X509v3 Key Usage: critical 517s Digital Signature, Non Repudiation, Key Encipherment 517s X509v3 Extended Key Usage: 517s TLS Web Client Authentication, E-mail Protection 517s X509v3 Subject Alternative Name: 517s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 517s Signature Algorithm: sha256WithRSAEncryption 517s Signature Value: 517s 62:ce:83:14:47:63:eb:11:e8:38:68:d5:89:dc:ab:8c:86:34: 517s 5a:98:cf:c5:25:c5:f6:ec:5d:db:55:c0:e9:33:84:9f:c4:60: 517s 36:cc:72:f6:a2:4f:67:22:22:c6:14:8d:5f:0d:a3:f9:26:aa: 517s 43:3d:26:92:51:20:6c:4f:eb:a6:dc:f9:ab:bc:09:b4:b6:84: 517s 1b:06:2d:a0:31:a9:05:ee:28:c6:72:36:74:aa:f5:b0:07:67: 517s 90:44:5d:17:e1:57:85:d5:49:79:b7:71:0b:1e:15:b0:5c:07: 517s ac:61:79:a5:5a:ae:aa:fa:fa:db:97:60:37:fb:ae:62:c4:f2: 517s 30:33 517s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-23366-auth.pem 517s + found_md5=Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B 517s + '[' Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B '!=' Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B ']' 517s + invalid_certificate /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem 517s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem 517s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 517s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18388 517s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem 517s + local verify_option= 517s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 517s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 517s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18388 517s + local key_cn 517s + local key_name 517s + local tokens_dir 517s + local output_cert_file 517s + token_name= 517s ++ basename /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 517s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 517s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 517s ++ sed -n 's/ *commonName *= //p' 517s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 517s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 517s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 517s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 517s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 517s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 517s + token_name='Test Organization Sub Int Token' 517s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 517s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 517s + echo 'Test Organization Sub Int Token' 517s + '[' -n '' ']' 517s + local output_base_name=SSSD-child-21170 517s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-21170.output 517s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-21170.pem 517s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem 517s Test Organization Sub Int Token 517s [p11_child[2482]] [main] (0x0400): p11_child started. 517s [p11_child[2482]] [main] (0x2000): Running in [pre-auth] mode. 517s [p11_child[2482]] [main] (0x2000): Running with effective IDs: [0][0]. 517s [p11_child[2482]] [main] (0x2000): Running with real IDs [0][0]. 517s [p11_child[2482]] [do_card] (0x4000): Module List: 517s [p11_child[2482]] [do_card] (0x4000): common name: [softhsm2]. 517s [p11_child[2482]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 517s [p11_child[2482]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7bb5bb3c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 517s [p11_child[2482]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 517s [p11_child[2482]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7bb5bb3c][2075507516] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 517s [p11_child[2482]] [do_card] (0x4000): Login NOT required. 517s [p11_child[2482]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 517s [p11_child[2482]] [do_verification] (0x0040): X509_verify_cert failed [0]. 517s [p11_child[2482]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 517s [p11_child[2482]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 517s [p11_child[2482]] [do_card] (0x4000): No certificate found. 517s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-21170.output 517s + return 2 517s + invalid_certificate /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 /tmp/sssd-softhsm2-scUpsx/test-root-intermediate-chain-CA.pem partial_chain 517s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 /tmp/sssd-softhsm2-scUpsx/test-root-intermediate-chain-CA.pem partial_chain 517s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 517s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18388 517s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-root-intermediate-chain-CA.pem 517s + local verify_option=partial_chain 517s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 517s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 517s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18388 517s + local key_cn 517s + local key_name 517s + local tokens_dir 517s + local output_cert_file 517s + token_name= 517s ++ basename /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 517s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 517s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 517s ++ sed -n 's/ *commonName *= //p' 517s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 517s Test Organization Sub Int Token 517s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 517s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 517s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 517s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 517s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 517s + token_name='Test Organization Sub Int Token' 517s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 517s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 517s + echo 'Test Organization Sub Int Token' 517s + '[' -n partial_chain ']' 517s + local verify_arg=--verify=partial_chain 517s + local output_base_name=SSSD-child-8339 517s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-8339.output 517s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-8339.pem 517s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-scUpsx/test-root-intermediate-chain-CA.pem 517s [p11_child[2489]] [main] (0x0400): p11_child started. 517s [p11_child[2489]] [main] (0x2000): Running in [pre-auth] mode. 517s [p11_child[2489]] [main] (0x2000): Running with effective IDs: [0][0]. 517s [p11_child[2489]] [main] (0x2000): Running with real IDs [0][0]. 517s [p11_child[2489]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 517s [p11_child[2489]] [do_card] (0x4000): Module List: 517s [p11_child[2489]] [do_card] (0x4000): common name: [softhsm2]. 517s [p11_child[2489]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 517s [p11_child[2489]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7bb5bb3c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 517s [p11_child[2489]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 517s [p11_child[2489]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7bb5bb3c][2075507516] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 517s [p11_child[2489]] [do_card] (0x4000): Login NOT required. 517s [p11_child[2489]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 517s [p11_child[2489]] [do_verification] (0x0040): X509_verify_cert failed [0]. 517s [p11_child[2489]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 517s [p11_child[2489]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 517s [p11_child[2489]] [do_card] (0x4000): No certificate found. 517s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-8339.output 517s + return 2 517s + valid_certificate /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem partial_chain 517s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem partial_chain 517s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 517s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18388 517s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem 517s + local verify_option=partial_chain 517s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 517s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 517s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18388 517s + local key_cn 517s + local key_name 517s + local tokens_dir 517s + local output_cert_file 517s + token_name= 517s ++ basename /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 517s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 517s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 517s ++ sed -n 's/ *commonName *= //p' 517s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 517s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 517s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 517s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 517s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 517s Test Organization Sub Int Token 517s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 517s + token_name='Test Organization Sub Int Token' 517s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 517s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 517s + echo 'Test Organization Sub Int Token' 517s + '[' -n partial_chain ']' 517s + local verify_arg=--verify=partial_chain 517s + local output_base_name=SSSD-child-14387 517s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-14387.output 517s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-14387.pem 517s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem 517s [p11_child[2496]] [main] (0x0400): p11_child started. 517s [p11_child[2496]] [main] (0x2000): Running in [pre-auth] mode. 517s [p11_child[2496]] [main] (0x2000): Running with effective IDs: [0][0]. 517s [p11_child[2496]] [main] (0x2000): Running with real IDs [0][0]. 517s [p11_child[2496]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 517s [p11_child[2496]] [do_card] (0x4000): Module List: 517s [p11_child[2496]] [do_card] (0x4000): common name: [softhsm2]. 517s [p11_child[2496]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 517s [p11_child[2496]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7bb5bb3c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 517s [p11_child[2496]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 517s [p11_child[2496]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7bb5bb3c][2075507516] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 517s [p11_child[2496]] [do_card] (0x4000): Login NOT required. 517s [p11_child[2496]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 517s [p11_child[2496]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 517s [p11_child[2496]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 517s [p11_child[2496]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7bb5bb3c;slot-manufacturer=SoftHSM%20project;slot-id=2075507516;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=b893d2417bb5bb3c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 517s [p11_child[2496]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 517s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-14387.output 517s + echo '-----BEGIN CERTIFICATE-----' 517s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-14387.output 517s + echo '-----END CERTIFICATE-----' 517s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-14387.pem 517s Certificate: 517s Data: 517s Version: 3 (0x2) 517s Serial Number: 5 (0x5) 517s Signature Algorithm: sha256WithRSAEncryption 517s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 517s Validity 517s Not Before: Jun 13 19:12:49 2024 GMT 517s Not After : Jun 13 19:12:49 2025 GMT 517s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 517s Subject Public Key Info: 517s Public Key Algorithm: rsaEncryption 517s Public-Key: (1024 bit) 517s Modulus: 517s 00:c7:5a:85:05:6f:c3:00:8a:2f:76:8a:ab:fd:78: 517s 85:82:1a:ad:77:c3:2f:69:08:51:51:d1:bc:0a:0b: 517s a2:0a:b4:b2:cf:0a:95:54:f1:ab:c1:2c:fe:d2:af: 517s 80:31:d9:67:0e:fd:00:ff:c1:28:fb:54:1f:19:46: 517s ab:36:97:f6:51:3c:16:0a:d7:a0:a0:96:1a:17:62: 517s 0c:65:a3:c7:ba:82:91:d1:88:5d:05:0f:59:7e:69: 517s 61:ba:19:95:f7:c5:47:e5:6c:d5:43:e6:65:0a:50: 517s 1c:3e:7f:95:43:7f:57:2d:b2:e4:e7:d3:6f:0f:51: 517s 02:08:42:9c:ce:6e:c8:10:1b 517s Exponent: 65537 (0x10001) 517s X509v3 extensions: 517s X509v3 Authority Key Identifier: 517s 4E:DE:2F:32:06:06:4F:4F:21:D1:7C:F3:D0:5D:B5:04:D3:78:DD:4E 517s X509v3 Basic Constraints: 517s CA:FALSE 517s Netscape Cert Type: 517s SSL Client, S/MIME 517s Netscape Comment: 517s Test Organization Sub Intermediate CA trusted Certificate 517s X509v3 Subject Key Identifier: 517s AD:81:7E:65:58:F4:F2:3B:5A:F8:77:E0:85:CA:0F:A6:C0:36:BD:43 517s X509v3 Key Usage: critical 517s Digital Signature, Non Repudiation, Key Encipherment 517s X509v3 Extended Key Usage: 517s TLS Web Client Authentication, E-mail Protection 517s X509v3 Subject Alternative Name: 517s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 517s Signature Algorithm: sha256WithRSAEncryption 517s Signature Value: 517s 62:ce:83:14:47:63:eb:11:e8:38:68:d5:89:dc:ab:8c:86:34: 517s 5a:98:cf:c5:25:c5:f6:ec:5d:db:55:c0:e9:33:84:9f:c4:60: 517s 36:cc:72:f6:a2:4f:67:22:22:c6:14:8d:5f:0d:a3:f9:26:aa: 517s 43:3d:26:92:51:20:6c:4f:eb:a6:dc:f9:ab:bc:09:b4:b6:84: 517s 1b:06:2d:a0:31:a9:05:ee:28:c6:72:36:74:aa:f5:b0:07:67: 517s 90:44:5d:17:e1:57:85:d5:49:79:b7:71:0b:1e:15:b0:5c:07: 517s ac:61:79:a5:5a:ae:aa:fa:fa:db:97:60:37:fb:ae:62:c4:f2: 517s 30:33 517s + local found_md5 expected_md5 517s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 517s + expected_md5=Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B 517s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-14387.pem 517s + found_md5=Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B 517s + '[' Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B '!=' Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B ']' 517s + output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-14387-auth.output 517s ++ basename /tmp/sssd-softhsm2-scUpsx/SSSD-child-14387-auth.output .output 517s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-14387-auth.pem 517s + echo -n 053350 517s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 517s [p11_child[2504]] [main] (0x0400): p11_child started. 517s [p11_child[2504]] [main] (0x2000): Running in [auth] mode. 517s [p11_child[2504]] [main] (0x2000): Running with effective IDs: [0][0]. 517s [p11_child[2504]] [main] (0x2000): Running with real IDs [0][0]. 517s [p11_child[2504]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 517s [p11_child[2504]] [do_card] (0x4000): Module List: 517s [p11_child[2504]] [do_card] (0x4000): common name: [softhsm2]. 517s [p11_child[2504]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 517s [p11_child[2504]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7bb5bb3c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 517s [p11_child[2504]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 517s [p11_child[2504]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7bb5bb3c][2075507516] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 517s [p11_child[2504]] [do_card] (0x4000): Login required. 517s [p11_child[2504]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 517s [p11_child[2504]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 517s [p11_child[2504]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 517s [p11_child[2504]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7bb5bb3c;slot-manufacturer=SoftHSM%20project;slot-id=2075507516;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=b893d2417bb5bb3c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 517s [p11_child[2504]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 517s [p11_child[2504]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 517s [p11_child[2504]] [do_card] (0x4000): Certificate verified and validated. 517s [p11_child[2504]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 517s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-14387-auth.output 517s + echo '-----BEGIN CERTIFICATE-----' 517s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-14387-auth.output 517s + echo '-----END CERTIFICATE-----' 517s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-14387-auth.pem 517s Certificate: 517s Data: 517s Version: 3 (0x2) 517s Serial Number: 5 (0x5) 517s Signature Algorithm: sha256WithRSAEncryption 517s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 517s Validity 517s Not Before: Jun 13 19:12:49 2024 GMT 517s Not After : Jun 13 19:12:49 2025 GMT 517s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 517s Subject Public Key Info: 517s Public Key Algorithm: rsaEncryption 517s Public-Key: (1024 bit) 517s Modulus: 517s 00:c7:5a:85:05:6f:c3:00:8a:2f:76:8a:ab:fd:78: 517s 85:82:1a:ad:77:c3:2f:69:08:51:51:d1:bc:0a:0b: 517s a2:0a:b4:b2:cf:0a:95:54:f1:ab:c1:2c:fe:d2:af: 517s 80:31:d9:67:0e:fd:00:ff:c1:28:fb:54:1f:19:46: 517s ab:36:97:f6:51:3c:16:0a:d7:a0:a0:96:1a:17:62: 517s 0c:65:a3:c7:ba:82:91:d1:88:5d:05:0f:59:7e:69: 517s 61:ba:19:95:f7:c5:47:e5:6c:d5:43:e6:65:0a:50: 517s 1c:3e:7f:95:43:7f:57:2d:b2:e4:e7:d3:6f:0f:51: 517s 02:08:42:9c:ce:6e:c8:10:1b 517s Exponent: 65537 (0x10001) 517s X509v3 extensions: 517s X509v3 Authority Key Identifier: 517s 4E:DE:2F:32:06:06:4F:4F:21:D1:7C:F3:D0:5D:B5:04:D3:78:DD:4E 517s X509v3 Basic Constraints: 517s CA:FALSE 517s Netscape Cert Type: 517s SSL Client, S/MIME 517s Netscape Comment: 517s Test Organization Sub Intermediate CA trusted Certificate 517s X509v3 Subject Key Identifier: 517s AD:81:7E:65:58:F4:F2:3B:5A:F8:77:E0:85:CA:0F:A6:C0:36:BD:43 517s X509v3 Key Usage: critical 517s Digital Signature, Non Repudiation, Key Encipherment 517s X509v3 Extended Key Usage: 517s TLS Web Client Authentication, E-mail Protection 517s X509v3 Subject Alternative Name: 517s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 517s Signature Algorithm: sha256WithRSAEncryption 517s Signature Value: 517s 62:ce:83:14:47:63:eb:11:e8:38:68:d5:89:dc:ab:8c:86:34: 517s 5a:98:cf:c5:25:c5:f6:ec:5d:db:55:c0:e9:33:84:9f:c4:60: 517s 36:cc:72:f6:a2:4f:67:22:22:c6:14:8d:5f:0d:a3:f9:26:aa: 517s 43:3d:26:92:51:20:6c:4f:eb:a6:dc:f9:ab:bc:09:b4:b6:84: 517s 1b:06:2d:a0:31:a9:05:ee:28:c6:72:36:74:aa:f5:b0:07:67: 517s 90:44:5d:17:e1:57:85:d5:49:79:b7:71:0b:1e:15:b0:5c:07: 517s ac:61:79:a5:5a:ae:aa:fa:fa:db:97:60:37:fb:ae:62:c4:f2: 517s 30:33 517s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-14387-auth.pem 517s + found_md5=Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B 517s + '[' Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B '!=' Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B ']' 517s + valid_certificate /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 /tmp/sssd-softhsm2-scUpsx/test-intermediate-sub-chain-CA.pem partial_chain 517s + check_certificate /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 /tmp/sssd-softhsm2-scUpsx/test-intermediate-sub-chain-CA.pem partial_chain 517s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 517s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18388 517s + local key_ring=/tmp/sssd-softhsm2-scUpsx/test-intermediate-sub-chain-CA.pem 517s + local verify_option=partial_chain 517s + prepare_softhsm2_card /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-18388 517s + local certificate=/tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 517s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-18388 517s + local key_cn 517s + local key_name 517s + local tokens_dir 517s + local output_cert_file 517s + token_name= 517s ++ basename /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 517s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 517s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 517s ++ sed -n 's/ *commonName *= //p' 517s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 517s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 517s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 517s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 517s ++ basename /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 517s + tokens_dir=/tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 517s + token_name='Test Organization Sub Int Token' 517s + '[' '!' -e /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 517s + '[' '!' -d /tmp/sssd-softhsm2-scUpsx/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 517s + echo 'Test Organization Sub Int Token' 517s Test Organization Sub Int Token 517s + '[' -n partial_chain ']' 517s + local verify_arg=--verify=partial_chain 517s + local output_base_name=SSSD-child-21410 517s + local output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-21410.output 517s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-21410.pem 517s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-scUpsx/test-intermediate-sub-chain-CA.pem 517s [p11_child[2514]] [main] (0x0400): p11_child started. 517s [p11_child[2514]] [main] (0x2000): Running in [pre-auth] mode. 517s [p11_child[2514]] [main] (0x2000): Running with effective IDs: [0][0]. 517s [p11_child[2514]] [main] (0x2000): Running with real IDs [0][0]. 517s [p11_child[2514]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 517s [p11_child[2514]] [do_card] (0x4000): Module List: 517s [p11_child[2514]] [do_card] (0x4000): common name: [softhsm2]. 517s [p11_child[2514]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 517s [p11_child[2514]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7bb5bb3c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 517s [p11_child[2514]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 517s [p11_child[2514]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7bb5bb3c][2075507516] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 517s [p11_child[2514]] [do_card] (0x4000): Login NOT required. 517s [p11_child[2514]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 517s [p11_child[2514]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 517s [p11_child[2514]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 517s [p11_child[2514]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7bb5bb3c;slot-manufacturer=SoftHSM%20project;slot-id=2075507516;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=b893d2417bb5bb3c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 517s [p11_child[2514]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 517s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-21410.output 517s + echo '-----BEGIN CERTIFICATE-----' 517s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-21410.output 517s + echo '-----END CERTIFICATE-----' 517s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-21410.pem 517s Certificate: 517s Data: 517s Version: 3 (0x2) 517s Serial Number: 5 (0x5) 517s Signature Algorithm: sha256WithRSAEncryption 517s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 517s Validity 517s Not Before: Jun 13 19:12:49 2024 GMT 517s Not After : Jun 13 19:12:49 2025 GMT 517s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 517s Subject Public Key Info: 517s Public Key Algorithm: rsaEncryption 517s Public-Key: (1024 bit) 517s Modulus: 517s 00:c7:5a:85:05:6f:c3:00:8a:2f:76:8a:ab:fd:78: 517s 85:82:1a:ad:77:c3:2f:69:08:51:51:d1:bc:0a:0b: 517s a2:0a:b4:b2:cf:0a:95:54:f1:ab:c1:2c:fe:d2:af: 517s 80:31:d9:67:0e:fd:00:ff:c1:28:fb:54:1f:19:46: 517s ab:36:97:f6:51:3c:16:0a:d7:a0:a0:96:1a:17:62: 517s 0c:65:a3:c7:ba:82:91:d1:88:5d:05:0f:59:7e:69: 517s 61:ba:19:95:f7:c5:47:e5:6c:d5:43:e6:65:0a:50: 517s 1c:3e:7f:95:43:7f:57:2d:b2:e4:e7:d3:6f:0f:51: 517s 02:08:42:9c:ce:6e:c8:10:1b 517s Exponent: 65537 (0x10001) 517s X509v3 extensions: 517s X509v3 Authority Key Identifier: 517s 4E:DE:2F:32:06:06:4F:4F:21:D1:7C:F3:D0:5D:B5:04:D3:78:DD:4E 517s X509v3 Basic Constraints: 517s CA:FALSE 517s Netscape Cert Type: 517s SSL Client, S/MIME 517s Netscape Comment: 517s Test Organization Sub Intermediate CA trusted Certificate 517s X509v3 Subject Key Identifier: 517s AD:81:7E:65:58:F4:F2:3B:5A:F8:77:E0:85:CA:0F:A6:C0:36:BD:43 517s X509v3 Key Usage: critical 517s Digital Signature, Non Repudiation, Key Encipherment 517s X509v3 Extended Key Usage: 517s TLS Web Client Authentication, E-mail Protection 517s X509v3 Subject Alternative Name: 517s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 517s Signature Algorithm: sha256WithRSAEncryption 517s Signature Value: 517s 62:ce:83:14:47:63:eb:11:e8:38:68:d5:89:dc:ab:8c:86:34: 517s 5a:98:cf:c5:25:c5:f6:ec:5d:db:55:c0:e9:33:84:9f:c4:60: 517s 36:cc:72:f6:a2:4f:67:22:22:c6:14:8d:5f:0d:a3:f9:26:aa: 517s 43:3d:26:92:51:20:6c:4f:eb:a6:dc:f9:ab:bc:09:b4:b6:84: 517s 1b:06:2d:a0:31:a9:05:ee:28:c6:72:36:74:aa:f5:b0:07:67: 517s 90:44:5d:17:e1:57:85:d5:49:79:b7:71:0b:1e:15:b0:5c:07: 517s ac:61:79:a5:5a:ae:aa:fa:fa:db:97:60:37:fb:ae:62:c4:f2: 517s 30:33 517s + local found_md5 expected_md5 517s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/test-sub-intermediate-CA-trusted-certificate-0001.pem 517s + expected_md5=Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B 517s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-21410.pem 517s + found_md5=Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B 517s + '[' Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B '!=' Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B ']' 517s + output_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-21410-auth.output 517s ++ basename /tmp/sssd-softhsm2-scUpsx/SSSD-child-21410-auth.output .output 517s + output_cert_file=/tmp/sssd-softhsm2-scUpsx/SSSD-child-21410-auth.pem 517s + echo -n 053350 517s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-scUpsx/test-intermediate-sub-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 517s [p11_child[2522]] [main] (0x0400): p11_child started. 517s [p11_child[2522]] [main] (0x2000): Running in [auth] mode. 517s [p11_child[2522]] [main] (0x2000): Running with effective IDs: [0][0]. 517s [p11_child[2522]] [main] (0x2000): Running with real IDs [0][0]. 517s [p11_child[2522]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 517s [p11_child[2522]] [do_card] (0x4000): Module List: 517s [p11_child[2522]] [do_card] (0x4000): common name: [softhsm2]. 517s [p11_child[2522]] [do_card] (0x4000): dll name: [/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 517s [p11_child[2522]] [do_card] (0x4000): Description [SoftHSM slot ID 0x7bb5bb3c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 517s [p11_child[2522]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 517s [p11_child[2522]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x7bb5bb3c][2075507516] of module [0][/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so]. 517s [p11_child[2522]] [do_card] (0x4000): Login required. 517s [p11_child[2522]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 517s [p11_child[2522]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 517s [p11_child[2522]] [do_card] (0x4000): /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 517s [p11_child[2522]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x7bb5bb3c;slot-manufacturer=SoftHSM%20project;slot-id=2075507516;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=b893d2417bb5bb3c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 517s [p11_child[2522]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 517s [p11_child[2522]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 517s [p11_child[2522]] [do_card] (0x4000): Certificate verified and validated. 517s [p11_child[2522]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 517s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-scUpsx/SSSD-child-21410-auth.output 517s + echo '-----BEGIN CERTIFICATE-----' 517s + tail -n1 /tmp/sssd-softhsm2-scUpsx/SSSD-child-21410-auth.output 517s + echo '-----END CERTIFICATE-----' 517s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-21410-auth.pem 517s Certificate: 517s Data: 517s Version: 3 (0x2) 517s Serial Number: 5 (0x5) 517s Signature Algorithm: sha256WithRSAEncryption 517s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 517s Validity 517s Not Before: Jun 13 19:12:49 2024 GMT 517s Not After : Jun 13 19:12:49 2025 GMT 517s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 517s Subject Public Key Info: 517s Public Key Algorithm: rsaEncryption 517s Public-Key: (1024 bit) 517s Modulus: 517s 00:c7:5a:85:05:6f:c3:00:8a:2f:76:8a:ab:fd:78: 517s 85:82:1a:ad:77:c3:2f:69:08:51:51:d1:bc:0a:0b: 517s a2:0a:b4:b2:cf:0a:95:54:f1:ab:c1:2c:fe:d2:af: 517s 80:31:d9:67:0e:fd:00:ff:c1:28:fb:54:1f:19:46: 517s ab:36:97:f6:51:3c:16:0a:d7:a0:a0:96:1a:17:62: 517s 0c:65:a3:c7:ba:82:91:d1:88:5d:05:0f:59:7e:69: 517s 61:ba:19:95:f7:c5:47:e5:6c:d5:43:e6:65:0a:50: 517s 1c:3e:7f:95:43:7f:57:2d:b2:e4:e7:d3:6f:0f:51: 517s 02:08:42:9c:ce:6e:c8:10:1b 517s Exponent: 65537 (0x10001) 517s X509v3 extensions: 517s X509v3 Authority Key Identifier: 517s 4E:DE:2F:32:06:06:4F:4F:21:D1:7C:F3:D0:5D:B5:04:D3:78:DD:4E 517s X509v3 Basic Constraints: 517s CA:FALSE 517s Netscape Cert Type: 517s SSL Client, S/MIME 517s Netscape Comment: 517s Test Organization Sub Intermediate CA trusted Certificate 517s X509v3 Subject Key Identifier: 517s AD:81:7E:65:58:F4:F2:3B:5A:F8:77:E0:85:CA:0F:A6:C0:36:BD:43 517s X509v3 Key Usage: critical 517s Digital Signature, Non Repudiation, Key Encipherment 517s X509v3 Extended Key Usage: 517s TLS Web Client Authentication, E-mail Protection 517s X509v3 Subject Alternative Name: 517s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 517s Signature Algorithm: sha256WithRSAEncryption 517s Signature Value: 517s 62:ce:83:14:47:63:eb:11:e8:38:68:d5:89:dc:ab:8c:86:34: 517s 5a:98:cf:c5:25:c5:f6:ec:5d:db:55:c0:e9:33:84:9f:c4:60: 517s 36:cc:72:f6:a2:4f:67:22:22:c6:14:8d:5f:0d:a3:f9:26:aa: 517s 43:3d:26:92:51:20:6c:4f:eb:a6:dc:f9:ab:bc:09:b4:b6:84: 517s 1b:06:2d:a0:31:a9:05:ee:28:c6:72:36:74:aa:f5:b0:07:67: 517s 90:44:5d:17:e1:57:85:d5:49:79:b7:71:0b:1e:15:b0:5c:07: 517s ac:61:79:a5:5a:ae:aa:fa:fa:db:97:60:37:fb:ae:62:c4:f2: 517s 30:33 517s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-scUpsx/SSSD-child-21410-auth.pem 517s 517s Test completed, Root CA and intermediate issued certificates verified! 517s + found_md5=Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B 517s + '[' Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B '!=' Modulus=C75A85056FC3008A2F768AABFD7885821AAD77C32F69085151D1BC0A0BA20AB4B2CF0A9554F1ABC12CFED2AF8031D9670EFD00FFC128FB541F1946AB3697F6513C160AD7A0A0961A17620C65A3C7BA8291D1885D050F597E6961BA1995F7C547E56CD543E6650A501C3E7F95437F572DB2E4E7D36F0F510208429CCE6EC8101B ']' 517s + set +x 518s autopkgtest [19:12:53]: test sssd-softhism2-certificates-tests.sh: -----------------------] 518s sssd-softhism2-certificates-tests.sh PASS 518s autopkgtest [19:12:53]: test sssd-softhism2-certificates-tests.sh: - - - - - - - - - - results - - - - - - - - - - 518s autopkgtest [19:12:53]: test sssd-smart-card-pam-auth-configs: preparing testbed 520s Reading package lists... 520s Building dependency tree... 520s Reading state information... 520s Starting pkgProblemResolver with broken count: 0 520s Starting 2 pkgProblemResolver with broken count: 0 520s Done 520s The following additional packages will be installed: 520s pamtester 520s The following NEW packages will be installed: 520s autopkgtest-satdep pamtester 520s 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. 520s Need to get 12.2 kB/13.0 kB of archives. 520s After this operation, 36.9 kB of additional disk space will be used. 520s Get:1 /tmp/autopkgtest.atwhkQ/4-autopkgtest-satdep.deb autopkgtest-satdep s390x 0 [764 B] 520s Get:2 http://ftpmaster.internal/ubuntu oracular/universe s390x pamtester s390x 0.1.2-4 [12.2 kB] 521s Fetched 12.2 kB in 0s (81.6 kB/s) 521s Selecting previously unselected package pamtester. 521s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 55282 files and directories currently installed.) 521s Preparing to unpack .../pamtester_0.1.2-4_s390x.deb ... 521s Unpacking pamtester (0.1.2-4) ... 521s Selecting previously unselected package autopkgtest-satdep. 521s Preparing to unpack .../4-autopkgtest-satdep.deb ... 521s Unpacking autopkgtest-satdep (0) ... 521s Setting up pamtester (0.1.2-4) ... 521s Setting up autopkgtest-satdep (0) ... 521s Processing triggers for man-db (2.12.1-2) ... 523s (Reading database ... 55288 files and directories currently installed.) 523s Removing autopkgtest-satdep (0) ... 524s autopkgtest [19:12:59]: test sssd-smart-card-pam-auth-configs: env OFFLINE_MODE=1 bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 524s autopkgtest [19:12:59]: test sssd-smart-card-pam-auth-configs: [----------------------- 524s + '[' -z ubuntu ']' 524s + export DEBIAN_FRONTEND=noninteractive 524s + DEBIAN_FRONTEND=noninteractive 524s + required_tools=(pamtester softhsm2-util sssd) 524s + [[ ! -v OFFLINE_MODE ]] 524s + for cmd in "${required_tools[@]}" 524s + command -v pamtester 524s + for cmd in "${required_tools[@]}" 524s + command -v softhsm2-util 524s + for cmd in "${required_tools[@]}" 524s + command -v sssd 524s + PIN=123456 524s ++ mktemp -d -t sssd-softhsm2-certs-XXXXXX 524s + tmpdir=/tmp/sssd-softhsm2-certs-25eAz9 524s + backupsdir= 524s + alternative_pam_configs=(sss-smart-card-optional sss-smart-card-required) 524s + declare -a restore_paths 524s + declare -a delete_paths 524s + trap handle_exit EXIT 524s ++ dirname debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 524s + tester=debian/tests/sssd-softhism2-certificates-tests.sh 524s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 524s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 524s + export PIN TEST_TMPDIR=/tmp/sssd-softhsm2-certs-25eAz9 GENERATE_SMART_CARDS=1 KEEP_TEMPORARY_FILES=1 NO_SSSD_TESTS=1 524s + TEST_TMPDIR=/tmp/sssd-softhsm2-certs-25eAz9 524s + GENERATE_SMART_CARDS=1 524s + KEEP_TEMPORARY_FILES=1 524s + NO_SSSD_TESTS=1 524s + bash debian/tests/sssd-softhism2-certificates-tests.sh 524s + '[' -z ubuntu ']' 524s + required_tools=(p11tool openssl softhsm2-util) 524s + for cmd in "${required_tools[@]}" 524s + command -v p11tool 524s + for cmd in "${required_tools[@]}" 524s + command -v openssl 524s + for cmd in "${required_tools[@]}" 524s + command -v softhsm2-util 524s + PIN=123456 524s +++ find /usr/lib/softhsm/libsofthsm2.so 524s +++ head -n 1 524s ++ realpath /usr/lib/softhsm/libsofthsm2.so 524s + SOFTHSM2_MODULE=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so 524s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 524s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 524s + '[' '!' -v NO_SSSD_TESTS ']' 524s + '[' '!' -e /usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so ']' 524s + tmpdir=/tmp/sssd-softhsm2-certs-25eAz9 524s + keys_size=1024 524s + [[ ! -v KEEP_TEMPORARY_FILES ]] 524s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 524s + echo -n 01 524s + touch /tmp/sssd-softhsm2-certs-25eAz9/index.txt 524s + mkdir -p /tmp/sssd-softhsm2-certs-25eAz9/new_certs 524s + cat 524s + root_ca_key_pass=pass:random-root-CA-password-31285 524s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-key.pem -passout pass:random-root-CA-password-31285 1024 524s + openssl req -passin pass:random-root-CA-password-31285 -batch -config /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA.pem 524s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA.pem 524s + cat 524s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-14046 524s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-14046 1024 524s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-14046 -config /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-31285 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-certificate-request.pem 524s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-certificate-request.pem 524s Certificate Request: 524s Data: 524s Version: 1 (0x0) 524s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 524s Subject Public Key Info: 524s Public Key Algorithm: rsaEncryption 524s Public-Key: (1024 bit) 524s Modulus: 524s 00:d9:ad:ec:c2:5a:9d:24:6c:d0:85:9a:4c:a3:60: 524s a7:dd:98:24:ca:e3:4d:17:52:97:c4:cd:70:c5:c8: 524s eb:9e:cb:25:82:bf:27:83:04:7b:0d:24:2c:44:0c: 524s 1c:2b:59:15:4f:00:20:20:26:42:fd:50:ef:df:c8: 524s c7:e7:b2:d9:32:38:a9:1e:1a:83:5f:91:64:43:f6: 524s 46:fe:17:b8:7b:9d:87:0e:15:87:e4:ad:4c:b4:a1: 524s 78:13:24:54:61:95:ee:a6:9c:c0:1c:e7:59:d2:4f: 524s 0e:ba:1c:e6:8e:65:29:b7:8b:38:7a:0c:3b:12:e0: 524s e2:50:ba:86:51:c3:62:e9:23 524s Exponent: 65537 (0x10001) 524s Attributes: 524s (none) 524s Requested Extensions: 524s Signature Algorithm: sha256WithRSAEncryption 524s Signature Value: 524s 21:f4:60:f2:03:02:82:3d:1d:66:ee:32:15:1f:5e:d3:ed:66: 524s 5d:63:fc:4a:0a:e5:33:5b:a6:5d:37:07:f5:f3:df:2f:58:dc: 524s 61:92:52:54:c1:83:ba:75:ea:b1:5f:81:0d:bd:15:68:c9:7c: 524s 3e:08:8e:b0:25:6e:17:25:37:f4:00:9e:e9:f9:88:c3:a7:6f: 524s 8d:94:88:09:34:5b:91:ba:7f:c2:22:0b:bc:63:eb:9e:90:d6: 524s 28:a3:24:02:53:4d:af:c3:9b:2a:60:d3:04:72:3c:4f:c1:1b: 524s 00:2d:9d:1a:3f:e8:85:28:6a:79:65:75:d0:28:8c:00:1c:be: 524s 04:99 524s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA.config -passin pass:random-root-CA-password-31285 -keyfile /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem 524s Using configuration from /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA.config 524s Check that the request matches the signature 524s Signature ok 524s Certificate Details: 524s Serial Number: 1 (0x1) 524s Validity 524s Not Before: Jun 13 19:12:59 2024 GMT 524s Not After : Jun 13 19:12:59 2025 GMT 524s Subject: 524s organizationName = Test Organization 524s organizationalUnitName = Test Organization Unit 524s commonName = Test Organization Intermediate CA 524s X509v3 extensions: 524s X509v3 Subject Key Identifier: 524s 98:85:0F:D1:28:E8:27:59:97:1C:DE:A2:3D:98:EB:F5:5F:17:9E:62 524s X509v3 Authority Key Identifier: 524s keyid:D6:87:9C:AA:A4:1D:EE:49:30:EE:36:4A:86:A6:82:DA:3B:AB:03:C2 524s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 524s serial:00 524s X509v3 Basic Constraints: 524s CA:TRUE 524s X509v3 Key Usage: critical 524s Digital Signature, Certificate Sign, CRL Sign 524s Certificate is to be certified until Jun 13 19:12:59 2025 GMT (365 days) 524s 524s Write out database with 1 new entries 524s Database updated 524s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem 524s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem 524s /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem: OK 524s + cat 524s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-20316 524s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-20316 1024 524s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-20316 -config /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-14046 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-certificate-request.pem 524s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-certificate-request.pem 524s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-14046 -keyfile /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.pem 524s Certificate Request: 524s Data: 524s Version: 1 (0x0) 524s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 524s Subject Public Key Info: 524s Public Key Algorithm: rsaEncryption 524s Public-Key: (1024 bit) 524s Modulus: 524s 00:bb:c5:8c:6d:dd:5d:68:ac:1c:3d:05:eb:db:8d: 524s 9f:03:c0:ee:d5:4e:f9:18:56:c7:d3:7a:0d:55:78: 524s 59:66:67:aa:71:d5:34:ac:15:02:51:e6:54:44:04: 524s fc:70:a4:e1:db:75:55:f9:dd:14:c0:d4:db:87:18: 524s ab:e9:01:7a:1b:36:f3:a3:34:3c:dc:83:1d:45:9c: 524s 75:fd:3e:6b:04:63:b6:77:94:43:f9:23:f7:80:40: 524s 8d:fa:83:27:5d:24:19:1c:d6:7f:a1:56:74:33:34: 524s db:45:ac:80:1b:77:eb:d4:2d:3d:cf:15:91:72:fc: 524s f1:c5:b3:67:59:b2:9c:4c:a5 524s Exponent: 65537 (0x10001) 524s Attributes: 524s (none) 524s Requested Extensions: 524s Signature Algorithm: sha256WithRSAEncryption 524s Signature Value: 524s 83:75:0c:28:65:14:34:18:70:ab:79:46:c2:02:4b:9b:fa:37: 524s b8:e9:43:4a:cc:39:e6:77:6d:78:c2:60:51:11:87:e0:eb:5e: 524s d5:17:56:18:26:13:11:5b:ee:a5:89:3c:ef:9e:a2:41:e3:99: 524s 71:cc:81:f9:ce:8a:bb:d5:2f:ee:77:40:22:39:12:b1:cf:40: 524s a3:b9:99:6e:09:5c:c3:84:08:08:c3:6e:47:99:02:fa:1f:57: 524s 29:20:5a:c4:33:1b:2a:e5:c4:64:77:c4:97:b5:84:c7:f7:4a: 524s ff:dd:00:4f:10:00:bd:9f:bd:dc:01:16:13:4a:60:79:7d:24: 524s 78:b5 524s Using configuration from /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.config 524s Check that the request matches the signature 524s Signature ok 524s Certificate Details: 524s Serial Number: 2 (0x2) 524s Validity 524s Not Before: Jun 13 19:12:59 2024 GMT 524s Not After : Jun 13 19:12:59 2025 GMT 524s Subject: 524s organizationName = Test Organization 524s organizationalUnitName = Test Organization Unit 524s commonName = Test Organization Sub Intermediate CA 524s X509v3 extensions: 524s X509v3 Subject Key Identifier: 524s 12:5F:AF:A2:2A:62:05:68:04:AE:F6:50:98:A9:82:7E:58:FB:3A:21 524s X509v3 Authority Key Identifier: 524s keyid:98:85:0F:D1:28:E8:27:59:97:1C:DE:A2:3D:98:EB:F5:5F:17:9E:62 524s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 524s serial:01 524s X509v3 Basic Constraints: 524s CA:TRUE 524s X509v3 Key Usage: critical 524s Digital Signature, Certificate Sign, CRL Sign 524s Certificate is to be certified until Jun 13 19:12:59 2025 GMT (365 days) 524s 524s Write out database with 1 new entries 524s Database updated 524s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.pem 524s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.pem 524s /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.pem: OK 524s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.pem 524s + local cmd=openssl 524s + shift 524s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.pem 524s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 524s error 20 at 0 depth lookup: unable to get local issuer certificate 524s error /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.pem: verification failed 524s + cat 524s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-14732 524s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-14732 1024 524s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-14732 -key /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001-request.pem 524s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001-request.pem 524s Certificate Request: 524s Data: 524s Version: 1 (0x0) 524s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 524s Subject Public Key Info: 524s Public Key Algorithm: rsaEncryption 524s Public-Key: (1024 bit) 524s Modulus: 524s 00:b1:4b:9d:7f:df:a4:37:17:ec:ac:c3:8f:ea:41: 524s 43:e7:8f:a1:be:d0:7b:d6:f7:2e:2a:e1:72:35:85: 524s a8:3c:f5:d8:a2:86:93:4a:f9:3b:3e:fc:24:d0:35: 524s 56:5c:6d:e5:f0:ab:0d:9c:42:47:7b:f9:8b:48:1a: 524s d2:f9:76:e0:ac:16:6b:2d:fb:dd:dc:9a:0e:be:4b: 524s 45:99:d0:cf:31:26:54:ad:06:9c:a3:53:aa:88:fc: 524s e1:ad:ff:df:3c:2b:f0:f1:ea:a3:3d:27:8b:0f:c1: 524s f1:c1:66:61:b3:96:d0:36:8c:35:09:4d:68:01:4a: 524s 1b:0f:2e:5c:1e:a8:87:96:6f 524s Exponent: 65537 (0x10001) 524s Attributes: 524s Requested Extensions: 524s X509v3 Basic Constraints: 524s CA:FALSE 524s Netscape Cert Type: 524s SSL Client, S/MIME 524s Netscape Comment: 524s Test Organization Root CA trusted Certificate 524s X509v3 Subject Key Identifier: 524s F4:58:85:A3:2D:64:1D:C5:C5:86:B5:05:82:85:CA:76:DE:08:37:F9 524s X509v3 Key Usage: critical 524s Digital Signature, Non Repudiation, Key Encipherment 524s X509v3 Extended Key Usage: 524s TLS Web Client Authentication, E-mail Protection 524s X509v3 Subject Alternative Name: 524s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 524s Signature Algorithm: sha256WithRSAEncryption 524s Signature Value: 524s 3c:72:a2:21:c8:00:2c:e5:fe:5b:96:33:9a:81:ed:f2:60:ab: 524s 39:dd:64:3b:c9:97:8b:1b:bf:e8:72:57:1a:30:7b:2c:ae:53: 524s 6b:30:a7:ed:03:35:93:1e:52:6b:ea:02:3d:db:3f:0b:2c:f1: 524s 8f:f0:37:c6:08:f3:fb:a1:96:73:6c:fd:2b:5a:b7:30:9e:7f: 524s 0b:65:71:cf:9d:8a:8f:fb:81:e7:ae:ff:c2:5c:a1:2a:27:c6: 524s 8c:66:9a:5f:01:63:15:23:e5:23:fc:32:21:4a:b7:3f:d1:46: 524s 53:7c:9d:d4:f4:4e:79:b7:4b:ab:aa:97:25:61:03:2c:04:a0: 524s 36:06 524s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA.config -passin pass:random-root-CA-password-31285 -keyfile /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001.pem 524s Using configuration from /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA.config 524s Check that the request matches the signature 524s Signature ok 524s Certificate Details: 524s Serial Number: 3 (0x3) 524s Validity 524s Not Before: Jun 13 19:12:59 2024 GMT 524s Not After : Jun 13 19:12:59 2025 GMT 524s Subject: 524s organizationName = Test Organization 524s organizationalUnitName = Test Organization Unit 524s commonName = Test Organization Root Trusted Certificate 0001 524s X509v3 extensions: 524s X509v3 Authority Key Identifier: 524s D6:87:9C:AA:A4:1D:EE:49:30:EE:36:4A:86:A6:82:DA:3B:AB:03:C2 524s X509v3 Basic Constraints: 524s CA:FALSE 524s Netscape Cert Type: 524s SSL Client, S/MIME 524s Netscape Comment: 524s Test Organization Root CA trusted Certificate 524s X509v3 Subject Key Identifier: 524s F4:58:85:A3:2D:64:1D:C5:C5:86:B5:05:82:85:CA:76:DE:08:37:F9 524s X509v3 Key Usage: critical 524s Digital Signature, Non Repudiation, Key Encipherment 524s X509v3 Extended Key Usage: 524s TLS Web Client Authentication, E-mail Protection 524s X509v3 Subject Alternative Name: 524s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 524s Certificate is to be certified until Jun 13 19:12:59 2025 GMT (365 days) 524s 524s Write out database with 1 new entries 524s Database updated 524s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001.pem 524s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001.pem 524s /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001.pem: OK 524s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001.pem 524s + local cmd=openssl 524s + shift 524s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001.pem 524s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 524s error 20 at 0 depth lookup: unable to get local issuer certificate 524s error /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001.pem: verification failed 524s + cat 524s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-22125 524s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-22125 1024 524s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-22125 -key /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001-request.pem 524s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001-request.pem 524s Certificate Request: 524s Data: 524s Version: 1 (0x0) 524s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 524s Subject Public Key Info: 524s Public Key Algorithm: rsaEncryption 524s Public-Key: (1024 bit) 524s Modulus: 524s 00:df:fb:54:a6:81:a3:b1:ed:e2:ce:8d:ea:1a:6e: 524s 45:07:c8:f4:4c:ef:b7:7a:91:cc:bc:ab:13:ae:c9: 524s 0d:2e:50:66:d9:86:97:d3:18:da:4c:de:bc:b0:38: 524s 61:9c:71:04:c9:3f:5b:8f:57:01:0d:f6:47:a8:c7: 524s 63:7a:10:a8:41:6a:c9:c0:d7:c9:32:80:b0:ca:bf: 524s 47:ad:f3:58:f0:a5:2d:fb:be:0e:b9:39:4a:b5:42: 524s d8:d9:53:ea:31:76:c7:8a:bf:96:a5:fd:81:01:d7: 524s 2a:ed:d0:df:07:66:89:07:65:20:29:87:56:09:0f: 524s 5d:74:d7:43:8d:51:6e:6a:b1 524s Exponent: 65537 (0x10001) 524s Attributes: 524s Requested Extensions: 524s X509v3 Basic Constraints: 524s CA:FALSE 524s Netscape Cert Type: 524s SSL Client, S/MIME 524s Netscape Comment: 524s Test Organization Intermediate CA trusted Certificate 524s X509v3 Subject Key Identifier: 524s DF:06:AC:10:C8:B8:6A:E1:49:B6:54:58:BA:D6:2D:FF:1D:3B:63:FB 524s X509v3 Key Usage: critical 524s Digital Signature, Non Repudiation, Key Encipherment 524s X509v3 Extended Key Usage: 524s TLS Web Client Authentication, E-mail Protection 524s X509v3 Subject Alternative Name: 524s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 524s Signature Algorithm: sha256WithRSAEncryption 524s Signature Value: 524s 32:12:73:2c:07:71:67:0f:05:32:df:f8:2d:80:07:f5:42:76: 524s b2:23:2d:41:e4:ee:29:9a:06:69:bc:f0:d4:ec:c0:61:f2:34: 524s 01:7d:17:95:2b:d6:4a:9e:78:8f:65:6c:5e:9a:ed:09:ff:0b: 524s 79:40:1e:06:37:cd:f4:5c:2f:06:fa:70:51:14:c0:e4:db:d4: 524s 02:1a:bb:89:50:ff:55:0c:d5:7b:4a:cb:20:02:8d:75:a3:12: 524s f0:07:ea:e9:48:96:fd:05:18:ff:b3:d9:fb:dd:92:30:2b:a5: 524s 2c:98:5a:88:56:51:c8:f6:b8:93:1a:6f:d4:2e:07:52:a9:6a: 524s f4:35 524s + openssl ca -passin pass:random-intermediate-CA-password-14046 -config /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001.pem 524s Using configuration from /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.config 524s Check that the request matches the signature 524s Signature ok 524s Certificate Details: 524s Serial Number: 4 (0x4) 524s Validity 524s Not Before: Jun 13 19:12:59 2024 GMT 524s Not After : Jun 13 19:12:59 2025 GMT 524s Subject: 524s organizationName = Test Organization 524s organizationalUnitName = Test Organization Unit 524s commonName = Test Organization Intermediate Trusted Certificate 0001 524s X509v3 extensions: 524s X509v3 Authority Key Identifier: 524s 98:85:0F:D1:28:E8:27:59:97:1C:DE:A2:3D:98:EB:F5:5F:17:9E:62 524s X509v3 Basic Constraints: 524s CA:FALSE 524s Netscape Cert Type: 524s SSL Client, S/MIME 524s Netscape Comment: 524s Test Organization Intermediate CA trusted Certificate 524s X509v3 Subject Key Identifier: 524s DF:06:AC:10:C8:B8:6A:E1:49:B6:54:58:BA:D6:2D:FF:1D:3B:63:FB 524s X509v3 Key Usage: critical 524s Digital Signature, Non Repudiation, Key Encipherment 524s X509v3 Extended Key Usage: 524s TLS Web Client Authentication, E-mail Protection 524s X509v3 Subject Alternative Name: 524s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 524s Certificate is to be certified until Jun 13 19:12:59 2025 GMT (365 days) 524s 524s Write out database with 1 new entries 524s Database updated 524s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001.pem 524s + echo 'This certificate should not be trusted fully' 524s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001.pem 524s + local cmd=openssl 524s + shift 524s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001.pem 524s This certificate should not be trusted fully 524s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 524s error 2 at 1 depth lookup: unable to get issuer certificate 524s error /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 524s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001.pem 524s /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001.pem: OK 524s + cat 524s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-11496 524s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-11496 1024 524s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-11496 -key /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 524s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 524s Certificate Request: 524s Data: 524s Version: 1 (0x0) 524s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 524s Subject Public Key Info: 524s Public Key Algorithm: rsaEncryption 524s Public-Key: (1024 bit) 524s Modulus: 524s 00:d8:c1:de:29:a4:4a:e7:3b:63:63:3e:c4:b2:0e: 524s 66:69:83:e3:ce:aa:e3:07:fc:70:6b:e6:a2:67:3e: 524s 03:ba:0e:73:4f:14:57:fa:dd:6f:d6:ef:3a:5e:0d: 524s 93:d5:33:00:c2:96:7c:da:1c:6f:c8:67:2f:7a:bb: 524s 43:0d:d1:22:ef:0d:af:71:fb:7b:6c:22:be:c5:2c: 524s 84:cc:25:f1:8c:ac:b4:2d:9a:9e:83:46:19:6b:fc: 524s 60:ac:18:59:83:7c:92:65:9d:c1:4b:d2:ef:3b:86: 524s bb:83:ec:a8:60:66:0e:f0:42:e1:bd:86:59:b2:85: 524s de:db:4c:2c:84:ce:88:b3:25 524s Exponent: 65537 (0x10001) 524s Attributes: 524s Requested Extensions: 524s X509v3 Basic Constraints: 524s CA:FALSE 524s Netscape Cert Type: 524s SSL Client, S/MIME 524s Netscape Comment: 524s Test Organization Sub Intermediate CA trusted Certificate 524s X509v3 Subject Key Identifier: 524s 72:66:98:6E:EB:F1:A7:52:92:E4:73:86:66:EE:FA:5A:A9:DF:40:64 524s X509v3 Key Usage: critical 524s Digital Signature, Non Repudiation, Key Encipherment 524s X509v3 Extended Key Usage: 524s TLS Web Client Authentication, E-mail Protection 524s X509v3 Subject Alternative Name: 524s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 524s Signature Algorithm: sha256WithRSAEncryption 524s Signature Value: 524s 9b:4e:bb:0a:b2:f9:a8:f5:64:57:99:ed:9b:89:3a:90:c4:4e: 524s 87:6c:8b:31:95:22:40:ad:2f:f5:21:cc:ec:08:25:05:12:3d: 524s 26:ef:fd:ce:f6:a3:07:87:b6:a8:f8:ad:8d:46:ec:d1:95:cf: 524s 03:ab:f1:cb:c2:db:3f:9f:1a:66:00:82:f6:40:66:fa:3e:c3: 524s 84:8f:d0:73:86:27:24:b4:f8:ed:f3:78:e6:99:48:c2:cc:c9: 524s 39:c5:b7:dc:b7:00:ee:ea:57:be:ff:3a:6e:6d:23:6f:fd:1b: 524s bc:9d:13:31:16:6a:1e:01:e6:52:9d:93:8d:50:a2:4a:31:b3: 524s 64:ea 524s + openssl ca -passin pass:random-sub-intermediate-CA-password-20316 -config /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem 524s Using configuration from /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.config 524s Check that the request matches the signature 524s Signature ok 524s Certificate Details: 524s Serial Number: 5 (0x5) 524s Validity 524s Not Before: Jun 13 19:12:59 2024 GMT 524s Not After : Jun 13 19:12:59 2025 GMT 524s Subject: 524s organizationName = Test Organization 524s organizationalUnitName = Test Organization Unit 524s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 524s X509v3 extensions: 524s X509v3 Authority Key Identifier: 524s 12:5F:AF:A2:2A:62:05:68:04:AE:F6:50:98:A9:82:7E:58:FB:3A:21 524s X509v3 Basic Constraints: 524s CA:FALSE 524s Netscape Cert Type: 524s SSL Client, S/MIME 524s Netscape Comment: 524s Test Organization Sub Intermediate CA trusted Certificate 524s X509v3 Subject Key Identifier: 524s 72:66:98:6E:EB:F1:A7:52:92:E4:73:86:66:EE:FA:5A:A9:DF:40:64 524s X509v3 Key Usage: critical 524s Digital Signature, Non Repudiation, Key Encipherment 524s X509v3 Extended Key Usage: 524s TLS Web Client Authentication, E-mail Protection 524s X509v3 Subject Alternative Name: 524s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 524s Certificate is to be certified until Jun 13 19:12:59 2025 GMT (365 days) 524s 524s Write out database with 1 new entries 524s Database updated 524s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem 524s This certificate should not be trusted fully 524s + echo 'This certificate should not be trusted fully' 524s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem 524s + local cmd=openssl 524s + shift 524s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem 524s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 524s error 2 at 1 depth lookup: unable to get issuer certificate 524s error /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 524s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem 524s + local cmd=openssl 524s + shift 524s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem 524s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 524s error 20 at 0 depth lookup: unable to get local issuer certificate 524s error /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 524s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem 524s /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 524s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem 524s + local cmd=openssl 524s + shift 524s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem 524s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 524s error 20 at 0 depth lookup: unable to get local issuer certificate 524s error /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 524s + echo 'Building a the full-chain CA file...' 524s + cat /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.pem 524s Building a the full-chain CA file... 524s + cat /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem 524s + cat /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.pem 524s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-certs-25eAz9/test-full-chain-CA.pem 524s + openssl pkcs7 -print_certs -noout 524s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 524s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 524s 524s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 524s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 524s 524s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 524s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 524s 524s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem 524s /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA.pem: OK 524s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001.pem 524s /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001.pem: OK 524s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001.pem 524s /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001.pem: OK 524s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-root-intermediate-chain-CA.pem 524s /tmp/sssd-softhsm2-certs-25eAz9/test-root-intermediate-chain-CA.pem: OK 524s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-25eAz9/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem 524s /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 524s Certificates generation completed! 524s + echo 'Certificates generation completed!' 524s + [[ -v NO_SSSD_TESTS ]] 524s + [[ -v GENERATE_SMART_CARDS ]] 524s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-14732 524s + local certificate=/tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001.pem 524s + local key_pass=pass:random-root-ca-trusted-cert-0001-14732 524s + local key_cn 524s + local key_name 524s + local tokens_dir 524s + local output_cert_file 524s + token_name= 524s ++ basename /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001.pem .pem 524s + key_name=test-root-CA-trusted-certificate-0001 524s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001.pem 524s ++ sed -n 's/ *commonName *= //p' 524s + key_cn='Test Organization Root Trusted Certificate 0001' 524s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 524s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-root-CA-trusted-certificate-0001.conf 524s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-root-CA-trusted-certificate-0001.conf 524s ++ basename /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 524s + tokens_dir=/tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-root-CA-trusted-certificate-0001 524s + token_name='Test Organization Root Tr Token' 524s + '[' '!' -e /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 524s + local key_file 524s + local decrypted_key 524s + mkdir -p /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-root-CA-trusted-certificate-0001 524s + key_file=/tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001-key.pem 524s + decrypted_key=/tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001-key-decrypted.pem 524s + cat 524s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 123456 --so-pin 123456 --free 524s Slot 0 has a free/uninitialized token. 524s The token has been initialized and is reassigned to slot 1756900868 524s + softhsm2-util --show-slots 524s Available slots: 524s Slot 1756900868 524s Slot info: 524s Description: SoftHSM slot ID 0x68b82e04 524s Manufacturer ID: SoftHSM project 524s Hardware version: 2.6 524s Firmware version: 2.6 524s Token present: yes 524s Token info: 524s Manufacturer ID: SoftHSM project 524s Model: SoftHSM v2 524s Hardware version: 2.6 524s Firmware version: 2.6 524s Serial number: 9f2de63ae8b82e04 524s Initialized: yes 524s User PIN init.: yes 524s Label: Test Organization Root Tr Token 524s Slot 1 524s Slot info: 524s Description: SoftHSM slot ID 0x1 524s Manufacturer ID: SoftHSM project 524s Hardware version: 2.6 524s Firmware version: 2.6 524s Token present: yes 524s Token info: 524s Manufacturer ID: SoftHSM project 524s Model: SoftHSM v2 524s Hardware version: 2.6 524s Firmware version: 2.6 524s Serial number: 524s Initialized: no 524s User PIN init.: no 524s Label: 524s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 524s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-14732 -in /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001-key-decrypted.pem 525s writing RSA key 525s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 525s + rm /tmp/sssd-softhsm2-certs-25eAz9/test-root-CA-trusted-certificate-0001-key-decrypted.pem 525s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 525s Object 0: 525s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=9f2de63ae8b82e04;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 525s Type: X.509 Certificate (RSA-1024) 525s Expires: Fri Jun 13 19:12:59 2025 525s Label: Test Organization Root Trusted Certificate 0001 525s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 525s 525s Test Organization Root Tr Token 525s + echo 'Test Organization Root Tr Token' 525s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-22125 525s + local certificate=/tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001.pem 525s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-22125 525s + local key_cn 525s + local key_name 525s + local tokens_dir 525s + local output_cert_file 525s + token_name= 525s ++ basename /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001.pem .pem 525s + key_name=test-intermediate-CA-trusted-certificate-0001 525s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001.pem 525s ++ sed -n 's/ *commonName *= //p' 525s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 525s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 525s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 525s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 525s ++ basename /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 525s + tokens_dir=/tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-intermediate-CA-trusted-certificate-0001 525s + token_name='Test Organization Interme Token' 525s + '[' '!' -e /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 525s + local key_file 525s + local decrypted_key 525s + mkdir -p /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-intermediate-CA-trusted-certificate-0001 525s + key_file=/tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001-key.pem 525s + decrypted_key=/tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 525s + cat 525s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 123456 --so-pin 123456 --free 525s Slot 0 has a free/uninitialized token. 525s The token has been initialized and is reassigned to slot 1269161952 525s + softhsm2-util --show-slots 525s Available slots: 525s Slot 1269161952 525s Slot info: 525s Description: SoftHSM slot ID 0x4ba5dfe0 525s Manufacturer ID: SoftHSM project 525s Hardware version: 2.6 525s Firmware version: 2.6 525s Token present: yes 525s Token info: 525s Manufacturer ID: SoftHSM project 525s Model: SoftHSM v2 525s Hardware version: 2.6 525s Firmware version: 2.6 525s Serial number: 701858894ba5dfe0 525s Initialized: yes 525s User PIN init.: yes 525s Label: Test Organization Interme Token 525s Slot 1 525s Slot info: 525s Description: SoftHSM slot ID 0x1 525s Manufacturer ID: SoftHSM project 525s Hardware version: 2.6 525s Firmware version: 2.6 525s Token present: yes 525s Token info: 525s Manufacturer ID: SoftHSM project 525s Model: SoftHSM v2 525s Hardware version: 2.6 525s Firmware version: 2.6 525s Serial number: 525s Initialized: no 525s User PIN init.: no 525s Label: 525s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 525s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-22125 -in /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 525s writing RSA key 525s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 525s + rm /tmp/sssd-softhsm2-certs-25eAz9/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 525s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 525s Object 0: 525s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=701858894ba5dfe0;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 525s Type: X.509 Certificate (RSA-1024) 525s Expires: Fri Jun 13 19:12:59 2025 525s Label: Test Organization Intermediate Trusted Certificate 0001 525s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 525s 525s Test Organization Interme Token 525s + echo 'Test Organization Interme Token' 525s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-11496 525s + local certificate=/tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem 525s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-11496 525s + local key_cn 525s + local key_name 525s + local tokens_dir 525s + local output_cert_file 525s + token_name= 525s ++ basename /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 525s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 525s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem 525s ++ sed -n 's/ *commonName *= //p' 525s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 525s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 525s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 525s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 525s ++ basename /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 525s + tokens_dir=/tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 525s + token_name='Test Organization Sub Int Token' 525s + '[' '!' -e /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 525s + local key_file 525s + local decrypted_key 525s + mkdir -p /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 525s + key_file=/tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 525s + decrypted_key=/tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 525s + cat 525s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 123456 --so-pin 123456 --free 525s Slot 0 has a free/uninitialized token. 525s The token has been initialized and is reassigned to slot 1402319818 525s + softhsm2-util --show-slots 525s Available slots: 525s Slot 1402319818 525s Slot info: 525s Description: SoftHSM slot ID 0x5395b3ca 525s Manufacturer ID: SoftHSM project 525s Hardware version: 2.6 525s Firmware version: 2.6 525s Token present: yes 525s Token info: 525s Manufacturer ID: SoftHSM project 525s Model: SoftHSM v2 525s Hardware version: 2.6 525s Firmware version: 2.6 525s Serial number: 6062496a5395b3ca 525s Initialized: yes 525s User PIN init.: yes 525s Label: Test Organization Sub Int Token 525s Slot 1 525s Slot info: 525s Description: SoftHSM slot ID 0x1 525s Manufacturer ID: SoftHSM project 525s Hardware version: 2.6 525s Firmware version: 2.6 525s Token present: yes 525s Token info: 525s Manufacturer ID: SoftHSM project 525s Model: SoftHSM v2 525s Hardware version: 2.6 525s Firmware version: 2.6 525s Serial number: 525s Initialized: no 525s User PIN init.: no 525s Label: 525s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 525s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-11496 -in /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 525s writing RSA key 525s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 525s + rm /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 525s + p11tool --provider=/usr/lib/s390x-linux-gnu/softhsm/libsofthsm2.so --list-all 525s Object 0: 525s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=6062496a5395b3ca;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 525s Type: X.509 Certificate (RSA-1024) 525s Expires: Fri Jun 13 19:12:59 2025 525s Label: Test Organization Sub Intermediate Trusted Certificate 0001 525s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 525s 525s + echo 'Test Organization Sub Int Token' 525s Test Organization Sub Int Token 525s Certificates generation completed! 525s + echo 'Certificates generation completed!' 525s + exit 0 525s + find /tmp/sssd-softhsm2-certs-25eAz9 -type d -exec chmod 777 '{}' ';' 525s + find /tmp/sssd-softhsm2-certs-25eAz9 -type f -exec chmod 666 '{}' ';' 525s + backup_file /etc/sssd/sssd.conf 525s + '[' -z '' ']' 525s ++ mktemp -d -t sssd-softhsm2-backups-XXXXXX 525s + backupsdir=/tmp/sssd-softhsm2-backups-pyxUEI 525s + '[' -e /etc/sssd/sssd.conf ']' 525s + delete_paths+=("$1") 525s + rm -f /etc/sssd/sssd.conf 525s ++ runuser -u ubuntu -- sh -c 'echo ~' 525s + user_home=/home/ubuntu 525s + mkdir -p /home/ubuntu 525s + chown ubuntu:ubuntu /home/ubuntu 525s ++ runuser -u ubuntu -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}' 525s + user_config=/home/ubuntu/.config 525s + system_config=/etc 525s + softhsm2_conf_paths=("${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf" "root:$system_config/softhsm/softhsm2.conf") 525s + for path_pair in "${softhsm2_conf_paths[@]}" 525s + IFS=: 525s + read -r -a path 525s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 525s + backup_file /home/ubuntu/.config/softhsm2/softhsm2.conf 525s + '[' -z /tmp/sssd-softhsm2-backups-pyxUEI ']' 525s + '[' -e /home/ubuntu/.config/softhsm2/softhsm2.conf ']' 525s + delete_paths+=("$1") 525s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 525s + for path_pair in "${softhsm2_conf_paths[@]}" 525s + IFS=: 525s + read -r -a path 525s + path=/etc/softhsm/softhsm2.conf 525s + backup_file /etc/softhsm/softhsm2.conf 525s + '[' -z /tmp/sssd-softhsm2-backups-pyxUEI ']' 525s + '[' -e /etc/softhsm/softhsm2.conf ']' 525s ++ dirname /etc/softhsm/softhsm2.conf 525s + local back_dir=/tmp/sssd-softhsm2-backups-pyxUEI//etc/softhsm 525s ++ basename /etc/softhsm/softhsm2.conf 525s + local back_path=/tmp/sssd-softhsm2-backups-pyxUEI//etc/softhsm/softhsm2.conf 525s + '[' '!' -e /tmp/sssd-softhsm2-backups-pyxUEI//etc/softhsm/softhsm2.conf ']' 525s + mkdir -p /tmp/sssd-softhsm2-backups-pyxUEI//etc/softhsm 525s + cp -a /etc/softhsm/softhsm2.conf /tmp/sssd-softhsm2-backups-pyxUEI//etc/softhsm/softhsm2.conf 525s + restore_paths+=("$back_path") 525s + rm -f /etc/softhsm/softhsm2.conf 525s + test_authentication login /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-root-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-25eAz9/test-full-chain-CA.pem 525s + pam_service=login 525s + certificate_config=/tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-root-CA-trusted-certificate-0001.conf 525s + ca_db=/tmp/sssd-softhsm2-certs-25eAz9/test-full-chain-CA.pem 525s + verification_options= 525s + mkdir -p -m 700 /etc/sssd 525s Using CA DB '/tmp/sssd-softhsm2-certs-25eAz9/test-full-chain-CA.pem' with verification options: '' 525s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-25eAz9/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 525s + cat 525s + chmod 600 /etc/sssd/sssd.conf 525s + for path_pair in "${softhsm2_conf_paths[@]}" 525s + IFS=: 525s + read -r -a path 525s + user=ubuntu 525s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 525s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 525s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 525s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-root-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 525s + runuser -u ubuntu -- softhsm2-util --show-slots 525s + grep 'Test Organization' 525s + for path_pair in "${softhsm2_conf_paths[@]}" 525s + IFS=: 525s + read -r -a path 525s + user=root 525s + path=/etc/softhsm/softhsm2.conf 525s Label: Test Organization Root Tr Token 525s ++ dirname /etc/softhsm/softhsm2.conf 525s + runuser -u root -- mkdir -p /etc/softhsm 525s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-root-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 525s + runuser -u root -- softhsm2-util --show-slots 525s + grep 'Test Organization' 525s + systemctl restart sssd 525s Label: Test Organization Root Tr Token 525s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 525s + for alternative in "${alternative_pam_configs[@]}" 525s + pam-auth-update --enable sss-smart-card-optional 525s # 525s # /etc/pam.d/common-auth - authentication settings common to all services 525s # 525s # This file is included from other service-specific PAM config files, 525s # and should contain a list of the authentication modules that define 525s # the central authentication scheme for use on the system 525s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 525s # traditional Unix authentication mechanisms. 525s # 525s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 525s # To take advantage of this, it is recommended that you configure any 525s # local modules either before or after the default block, and use 525s # pam-auth-update to manage selection of other modules. See 525s # pam-auth-update(8) for details. 525s 525s # here are the per-package modules (the "Primary" block) 525s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 525s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 525s auth [success=1 default=ignore] pam_sss.so use_first_pass 525s # here's the fallback if no module succeeds 525s auth requisite pam_deny.so 525s # prime the stack with a positive return value if there isn't one already; 525s # this avoids us returning an error just because nothing sets a success code 525s # since the modules above will each just jump around 525s auth required pam_permit.so 525s # and here are more per-package modules (the "Additional" block) 525s auth optional pam_cap.so 525s # end of pam-auth-update config 525s + cat /etc/pam.d/common-auth 525s + echo -n -e 123456 525s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 525s pamtester: invoking pam_start(login, ubuntu, ...) 525s pamtester: performing operation - authenticate 525s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 525s + echo -n -e 123456 525s + runuser -u ubuntu -- pamtester -v login '' authenticate 525s pamtester: invoking pam_start(login, , ...) 525s pamtester: performing operation - authenticate 525s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 525s + echo -n -e wrong123456 525s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 525s pamtester: invoking pam_start(login, ubuntu, ...) 525s pamtester: performing operation - authenticate 529s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 529s + echo -n -e wrong123456 529s + runuser -u ubuntu -- pamtester -v login '' authenticate 529s pamtester: invoking pam_start(login, , ...) 529s pamtester: performing operation - authenticate 531s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 531s + echo -n -e 123456 531s + pamtester -v login root authenticate 531s pamtester: invoking pam_start(login, root, ...) 531s pamtester: performing operation - authenticate 535s Password: pamtester: Authentication failure 535s + for alternative in "${alternative_pam_configs[@]}" 535s + pam-auth-update --enable sss-smart-card-required 535s PAM configuration 535s ----------------- 535s 535s Incompatible PAM profiles selected. 535s 535s The following PAM profiles cannot be used together: 535s 535s SSS required smart card authentication, SSS optional smart card 535s authentication 535s 535s Please select a different set of modules to enable. 535s 535s # 535s # /etc/pam.d/common-auth - authentication settings common to all services 535s # 535s # This file is included from other service-specific PAM config files, 535s # and should contain a list of the authentication modules that define 535s # the central authentication scheme for use on the system 535s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 535s # traditional Unix authentication mechanisms. 535s # 535s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 535s # To take advantage of this, it is recommended that you configure any 535s # local modules either before or after the default block, and use 535s # pam-auth-update to manage selection of other modules. See 535s # pam-auth-update(8) for details. 535s 535s # here are the per-package modules (the "Primary" block) 535s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 535s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 535s auth [success=1 default=ignore] pam_sss.so use_first_pass 535s # here's the fallback if no module succeeds 535s auth requisite pam_deny.so 535s # prime the stack with a positive return value if there isn't one already; 535s # this avoids us returning an error just because nothing sets a success code 535s # since the modules above will each just jump around 535s auth required pam_permit.so 535s # and here are more per-package modules (the "Additional" block) 535s auth optional pam_cap.so 535s # end of pam-auth-update config 535s + cat /etc/pam.d/common-auth 535s + echo -n -e 123456 535s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 535s pamtester: invoking pam_start(login, ubuntu, ...) 535s pamtester: performing operation - authenticate 535s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 535s + echo -n -e 123456 535s + runuser -u ubuntu -- pamtester -v login '' authenticate 535s pamtester: invoking pam_start(login, , ...) 535s pamtester: performing operation - authenticate 535s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 535s + echo -n -e wrong123456 535s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 535s pamtester: invoking pam_start(login, ubuntu, ...) 535s pamtester: performing operation - authenticate 539s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 539s + echo -n -e wrong123456 539s + runuser -u ubuntu -- pamtester -v login '' authenticate 539s pamtester: invoking pam_start(login, , ...) 539s pamtester: performing operation - authenticate 541s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 541s + echo -n -e 123456 541s + pamtester -v login root authenticate 541s pamtester: invoking pam_start(login, root, ...) 541s pamtester: performing operation - authenticate 544s pamtester: Authentication service cannot retrieve authentication info 544s + test_authentication login /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-25eAz9/test-full-chain-CA.pem 544s + pam_service=login 544s + certificate_config=/tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 544s + ca_db=/tmp/sssd-softhsm2-certs-25eAz9/test-full-chain-CA.pem 544s + verification_options= 544s + mkdir -p -m 700 /etc/sssd 544s Using CA DB '/tmp/sssd-softhsm2-certs-25eAz9/test-full-chain-CA.pem' with verification options: '' 544s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-25eAz9/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 544s + cat 544s Label: Test Organization Sub Int Token 544s Label: Test Organization Sub Int Token 544s + chmod 600 /etc/sssd/sssd.conf 544s + for path_pair in "${softhsm2_conf_paths[@]}" 544s + IFS=: 544s + read -r -a path 544s + user=ubuntu 544s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 544s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 544s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 544s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 544s + runuser -u ubuntu -- softhsm2-util --show-slots 544s + grep 'Test Organization' 544s + for path_pair in "${softhsm2_conf_paths[@]}" 544s + IFS=: 544s + read -r -a path 544s + user=root 544s + path=/etc/softhsm/softhsm2.conf 544s ++ dirname /etc/softhsm/softhsm2.conf 544s + runuser -u root -- mkdir -p /etc/softhsm 544s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 544s + runuser -u root -- softhsm2-util --show-slots 544s + grep 'Test Organization' 544s + systemctl restart sssd 544s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 545s + for alternative in "${alternative_pam_configs[@]}" 545s + pam-auth-update --enable sss-smart-card-optional 545s + cat /etc/pam.d/common-auth 545s # 545s # /etc/pam.d/common-auth - authentication settings common to all services 545s # 545s # This file is included from other service-specific PAM config files, 545s # and should contain a list of the authentication modules that define 545s # the central authentication scheme for use on the system 545s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 545s # traditional Unix authentication mechanisms. 545s # 545s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 545s # To take advantage of this, it is recommended that you configure any 545s # local modules either before or after the default block, and use 545s # pam-auth-update to manage selection of other modules. See 545s # pam-auth-update(8) for details. 545s 545s # here are the per-package modules (the "Primary" block) 545s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 545s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 545s auth [success=1 default=ignore] pam_sss.so use_first_pass 545s # here's the fallback if no module succeeds 545s auth requisite pam_deny.so 545s # prime the stack with a positive return value if there isn't one already; 545s # this avoids us returning an error just because nothing sets a success code 545s # since the modules above will each just jump around 545s auth required pam_permit.so 545s # and here are more per-package modules (the "Additional" block) 545s auth optional pam_cap.so 545s # end of pam-auth-update config 545s + echo -n -e 123456 545s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 545s pamtester: invoking pam_start(login, ubuntu, ...) 545s pamtester: performing operation - authenticate 545s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 545s + echo -n -e 123456 545s + runuser -u ubuntu -- pamtester -v login '' authenticate 545s pamtester: invoking pam_start(login, , ...) 545s pamtester: performing operation - authenticate 545s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 545s + echo -n -e wrong123456 545s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 545s pamtester: invoking pam_start(login, ubuntu, ...) 545s pamtester: performing operation - authenticate 548s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 548s + echo -n -e wrong123456 548s + runuser -u ubuntu -- pamtester -v login '' authenticate 548s pamtester: invoking pam_start(login, , ...) 548s pamtester: performing operation - authenticate 551s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 551s + echo -n -e 123456 551s + pamtester -v login root authenticate 551s pamtester: invoking pam_start(login, root, ...) 551s pamtester: performing operation - authenticate 554s Password: pamtester: Authentication failure 554s + for alternative in "${alternative_pam_configs[@]}" 554s + pam-auth-update --enable sss-smart-card-required 554s PAM configuration 554s ----------------- 554s 554s Incompatible PAM profiles selected. 554s 554s The following PAM profiles cannot be used together: 554s 554s SSS required smart card authentication, SSS optional smart card 554s authentication 554s 554s Please select a different set of modules to enable. 554s 554s + cat /etc/pam.d/common-auth 554s # 554s # /etc/pam.d/common-auth - authentication settings common to all services 554s # 554s # This file is included from other service-specific PAM config files, 554s # and should contain a list of the authentication modules that define 554s # the central authentication scheme for use on the system 554s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 554s # traditional Unix authentication mechanisms. 554s # 554s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 554s # To take advantage of this, it is recommended that you configure any 554s # local modules either before or after the default block, and use 554s # pam-auth-update to manage selection of other modules. See 554s # pam-auth-update(8) for details. 554s 554s # here are the per-package modules (the "Primary" block) 554s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 554s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 554s auth [success=1 default=ignore] pam_sss.so use_first_pass 554s # here's the fallback if no module succeeds 554s auth requisite pam_deny.so 554s # prime the stack with a positive return value if there isn't one already; 554s # this avoids us returning an error just because nothing sets a success code 554s # since the modules above will each just jump around 554s auth required pam_permit.so 554s # and here are more per-package modules (the "Additional" block) 554s auth optional pam_cap.so 554s # end of pam-auth-update config 554s + echo -n -e 123456 554s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 554s pamtester: invoking pam_start(login, ubuntu, ...) 554s pamtester: performing operation - authenticate 554s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 554s + echo -n -e 123456 554s + runuser -u ubuntu -- pamtester -v login '' authenticate 554s pamtester: invoking pam_start(login, , ...) 554s pamtester: performing operation - authenticate 554s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 554s + echo -n -e wrong123456 554s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 554s pamtester: invoking pam_start(login, ubuntu, ...) 554s pamtester: performing operation - authenticate 558s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 558s + echo -n -e wrong123456 558s + runuser -u ubuntu -- pamtester -v login '' authenticate 558s pamtester: invoking pam_start(login, , ...) 558s pamtester: performing operation - authenticate 561s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 561s + echo -n -e 123456 561s + pamtester -v login root authenticate 561s pamtester: invoking pam_start(login, root, ...) 561s pamtester: performing operation - authenticate 564s pamtester: Authentication service cannot retrieve authentication info 564s + test_authentication login /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.pem partial_chain 564s + pam_service=login 564s + certificate_config=/tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 564s + ca_db=/tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.pem 564s + verification_options=partial_chain 564s + mkdir -p -m 700 /etc/sssd 564s Using CA DB '/tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.pem' with verification options: 'partial_chain' 564s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-25eAz9/test-sub-intermediate-CA.pem'\'' with verification options: '\''partial_chain'\''' 564s + cat 565s Label: Test Organization Sub Int Token 565s Label: Test Organization Sub Int Token 565s + chmod 600 /etc/sssd/sssd.conf 565s + for path_pair in "${softhsm2_conf_paths[@]}" 565s + IFS=: 565s + read -r -a path 565s + user=ubuntu 565s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 565s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 565s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 565s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 565s + runuser -u ubuntu -- softhsm2-util --show-slots 565s + grep 'Test Organization' 565s + for path_pair in "${softhsm2_conf_paths[@]}" 565s + IFS=: 565s + read -r -a path 565s + user=root 565s + path=/etc/softhsm/softhsm2.conf 565s ++ dirname /etc/softhsm/softhsm2.conf 565s + runuser -u root -- mkdir -p /etc/softhsm 565s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-25eAz9/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 565s + runuser -u root -- softhsm2-util --show-slots 565s + grep 'Test Organization' 565s + systemctl restart sssd 565s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 565s + for alternative in "${alternative_pam_configs[@]}" 565s + pam-auth-update --enable sss-smart-card-optional 565s + cat /etc/pam.d/common-auth 565s # 565s # /etc/pam.d/common-auth - authentication settings common to all services 565s # 565s # This file is included from other service-specific PAM config files, 565s # and should contain a list of the authentication modules that define 565s # the central authentication scheme for use on the system 565s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 565s # traditional Unix authentication mechanisms. 565s # 565s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 565s # To take advantage of this, it is recommended that you configure any 565s # local modules either before or after the default block, and use 565s # pam-auth-update to manage selection of other modules. See 565s # pam-auth-update(8) for details. 565s 565s # here are the per-package modules (the "Primary" block) 565s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 565s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 565s auth [success=1 default=ignore] pam_sss.so use_first_pass 565s # here's the fallback if no module succeeds 565s auth requisite pam_deny.so 565s # prime the stack with a positive return value if there isn't one already; 565s # this avoids us returning an error just because nothing sets a success code 565s # since the modules above will each just jump around 565s auth required pam_permit.so 565s # and here are more per-package modules (the "Additional" block) 565s auth optional pam_cap.so 565s # end of pam-auth-update config 565s + echo -n -e 123456 565s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 565s pamtester: invoking pam_start(login, ubuntu, ...) 565s pamtester: performing operation - authenticate 565s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 565s + echo -n -e 123456 565s + runuser -u ubuntu -- pamtester -v login '' authenticate 565s pamtester: invoking pam_start(login, , ...) 565s pamtester: performing operation - authenticate 565s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 565s + echo -n -e wrong123456 565s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 565s pamtester: invoking pam_start(login, ubuntu, ...) 565s pamtester: performing operation - authenticate 568s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 568s + echo -n -e wrong123456 568s + runuser -u ubuntu -- pamtester -v login '' authenticate 568s pamtester: invoking pam_start(login, , ...) 568s pamtester: performing operation - authenticate 572s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 572s + echo -n -e 123456 572s + pamtester -v login root authenticate 572s pamtester: invoking pam_start(login, root, ...) 572s pamtester: performing operation - authenticate 574s Password: pamtester: Authentication failure 574s + for alternative in "${alternative_pam_configs[@]}" 574s + pam-auth-update --enable sss-smart-card-required 574s PAM configuration 574s ----------------- 574s 574s Incompatible PAM profiles selected. 574s 574s The following PAM profiles cannot be used together: 574s 574s SSS required smart card authentication, SSS optional smart card 574s authentication 574s 574s Please select a different set of modules to enable. 574s 574s + cat /etc/pam.d/common-auth 574s # 574s # /etc/pam.d/common-auth - authentication settings common to all services 574s # 574s # This file is included from other service-specific PAM config files, 574s # and should contain a list of the authentication modules that define 574s # the central authentication scheme for use on the system 574s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 574s # traditional Unix authentication mechanisms. 574s # 574s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 574s # To take advantage of this, it is recommended that you configure any 574s # local modules either before or after the default block, and use 574s # pam-auth-update to manage selection of other modules. See 574s # pam-auth-update(8) for details. 574s 574s # here are the per-package modules (the "Primary" block) 574s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 574s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 574s auth [success=1 default=ignore] pam_sss.so use_first_pass 574s # here's the fallback if no module succeeds 574s auth requisite pam_deny.so 574s # prime the stack with a positive return value if there isn't one already; 574s # this avoids us returning an error just because nothing sets a success code 574s # since the modules above will each just jump around 574s auth required pam_permit.so 574s # and here are more per-package modules (the "Additional" block) 574s auth optional pam_cap.so 574s # end of pam-auth-update config 574s + echo -n -e 123456 574s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 574s pamtester: invoking pam_start(login, ubuntu, ...) 574s pamtester: performing operation - authenticate 574s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 574s + echo -n -e 123456 574s + runuser -u ubuntu -- pamtester -v login '' authenticate 574s pamtester: invoking pam_start(login, , ...) 574s pamtester: performing operation - authenticate 575s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 575s + echo -n -e wrong123456 575s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 575s pamtester: invoking pam_start(login, ubuntu, ...) 575s pamtester: performing operation - authenticate 577s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 577s + echo -n -e wrong123456 577s + runuser -u ubuntu -- pamtester -v login '' authenticate 577s pamtester: invoking pam_start(login, , ...) 577s pamtester: performing operation - authenticate 581s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 581s + echo -n -e 123456 581s + pamtester -v login root authenticate 581s pamtester: invoking pam_start(login, root, ...) 581s pamtester: performing operation - authenticate 584s pamtester: Authentication service cannot retrieve authentication info 584s + handle_exit 584s + exit_code=0 584s + restore_changes 584s + for path in "${restore_paths[@]}" 584s + local original_path 584s ++ realpath --strip --relative-base=/tmp/sssd-softhsm2-backups-pyxUEI /tmp/sssd-softhsm2-backups-pyxUEI//etc/softhsm/softhsm2.conf 584s + original_path=/etc/softhsm/softhsm2.conf 584s + rm /etc/softhsm/softhsm2.conf 584s + mv /tmp/sssd-softhsm2-backups-pyxUEI//etc/softhsm/softhsm2.conf /etc/softhsm/softhsm2.conf 584s + for path in "${delete_paths[@]}" 584s + rm -f /etc/sssd/sssd.conf 584s + for path in "${delete_paths[@]}" 584s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 584s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 584s + '[' -e /etc/sssd/sssd.conf ']' 584s + systemctl stop sssd 584s + '[' -e /etc/softhsm/softhsm2.conf ']' 584s + chmod 600 /etc/softhsm/softhsm2.conf 584s + rm -rf /tmp/sssd-softhsm2-certs-25eAz9 584s + '[' 0 = 0 ']' 584s + rm -rf /tmp/sssd-softhsm2-backups-pyxUEI 584s + set +x 584s Script completed successfully! 584s autopkgtest [19:13:59]: test sssd-smart-card-pam-auth-configs: -----------------------] 585s autopkgtest [19:14:00]: test sssd-smart-card-pam-auth-configs: - - - - - - - - - - results - - - - - - - - - - 585s sssd-smart-card-pam-auth-configs PASS 585s autopkgtest [19:14:00]: @@@@@@@@@@@@@@@@@@@@ summary 585s ldap-user-group-ldap-auth PASS 585s ldap-user-group-krb5-auth PASS 585s sssd-softhism2-certificates-tests.sh PASS 585s sssd-smart-card-pam-auth-configs PASS 596s nova [W] Using flock in scalingstack-bos02-s390x 596s Creating nova instance adt-oracular-s390x-sssd-20240613-190414-juju-7f2275-prod-proposed-migration-environment-3-20eb78c9-01ec-4318-be48-d64daf557beb from image adt/ubuntu-oracular-s390x-server-20240612.img (UUID f9c88ccf-b930-4a84-9e20-b7918caa705f)... 596s nova [W] Using flock in scalingstack-bos02-s390x 596s Creating nova instance adt-oracular-s390x-sssd-20240613-190414-juju-7f2275-prod-proposed-migration-environment-3-20eb78c9-01ec-4318-be48-d64daf557beb from image adt/ubuntu-oracular-s390x-server-20240612.img (UUID f9c88ccf-b930-4a84-9e20-b7918caa705f)...