0s autopkgtest [18:06:16]: starting date and time: 2025-01-17 18:06:16+0000 0s autopkgtest [18:06:16]: git checkout: 325255d2 Merge branch 'pin-any-arch' into 'ubuntu/production' 0s autopkgtest [18:06:16]: host juju-7f2275-prod-proposed-migration-environment-20; command line: /home/ubuntu/autopkgtest/runner/autopkgtest --output-dir /tmp/autopkgtest-work.2p5beg_c/out --timeout-copy=6000 --setup-commands /home/ubuntu/autopkgtest-cloud/worker-config-production/setup-canonical.sh --apt-pocket=proposed=src:openldap --apt-upgrade sssd --timeout-short=300 --timeout-copy=20000 --timeout-build=20000 '--env=ADT_TEST_TRIGGERS=openldap/2.6.9+dfsg-1~exp2ubuntu1' -- ssh -s /home/ubuntu/autopkgtest/ssh-setup/nova -- --flavor autopkgtest-ppc64el --security-groups autopkgtest-juju-7f2275-prod-proposed-migration-environment-20@bos03-ppc64el-26.secgroup --name adt-plucky-ppc64el-sssd-20250117-180616-juju-7f2275-prod-proposed-migration-environment-20-b61a6798-dce1-4823-9b4f-6a9068d4fd6c --image adt/ubuntu-plucky-ppc64el-server --keyname testbed-juju-7f2275-prod-proposed-migration-environment-20 --net-id=net_prod-proposed-migration-ppc64el -e TERM=linux -e ''"'"'http_proxy=http://squid.internal:3128'"'"'' -e ''"'"'https_proxy=http://squid.internal:3128'"'"'' -e ''"'"'no_proxy=127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,keyserver.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com,radosgw.ps5.canonical.com'"'"'' --mirror=http://ftpmaster.internal/ubuntu/ 69s autopkgtest [18:07:25]: testbed dpkg architecture: ppc64el 70s autopkgtest [18:07:26]: testbed apt version: 2.9.18 70s autopkgtest [18:07:26]: @@@@@@@@@@@@@@@@@@@@ test bed setup 70s autopkgtest [18:07:26]: testbed release detected to be: None 71s autopkgtest [18:07:27]: updating testbed package index (apt update) 72s Get:1 http://ftpmaster.internal/ubuntu plucky-proposed InRelease [73.9 kB] 72s Hit:2 http://ftpmaster.internal/ubuntu plucky InRelease 72s Hit:3 http://ftpmaster.internal/ubuntu plucky-updates InRelease 72s Hit:4 http://ftpmaster.internal/ubuntu plucky-security InRelease 72s Get:5 http://ftpmaster.internal/ubuntu plucky-proposed/multiverse Sources [14.7 kB] 72s Get:6 http://ftpmaster.internal/ubuntu plucky-proposed/restricted Sources [9708 B] 72s Get:7 http://ftpmaster.internal/ubuntu plucky-proposed/universe Sources [855 kB] 72s Get:8 http://ftpmaster.internal/ubuntu plucky-proposed/main Sources [177 kB] 72s Get:9 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el Packages [295 kB] 72s Get:10 http://ftpmaster.internal/ubuntu plucky-proposed/restricted ppc64el Packages [756 B] 72s Get:11 http://ftpmaster.internal/ubuntu plucky-proposed/universe ppc64el Packages [1040 kB] 72s Get:12 http://ftpmaster.internal/ubuntu plucky-proposed/multiverse ppc64el Packages [14.5 kB] 73s Fetched 2480 kB in 1s (1656 kB/s) 74s Reading package lists... 75s Reading package lists... 75s Building dependency tree... 75s Reading state information... 76s Calculating upgrade... 76s The following packages will be upgraded: 76s libgudev-1.0-0 rng-tools-debian usb.ids 76s 3 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 76s Need to get 285 kB of archives. 76s After this operation, 1024 B of additional disk space will be used. 76s Get:1 http://ftpmaster.internal/ubuntu plucky/universe ppc64el rng-tools-debian ppc64el 2.6 [46.3 kB] 77s Get:2 http://ftpmaster.internal/ubuntu plucky/main ppc64el usb.ids all 2025.01.14-1 [223 kB] 77s Get:3 http://ftpmaster.internal/ubuntu plucky/main ppc64el libgudev-1.0-0 ppc64el 1:238-6 [15.7 kB] 78s Fetched 285 kB in 0s (576 kB/s) 78s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74045 files and directories currently installed.) 78s Preparing to unpack .../rng-tools-debian_2.6_ppc64el.deb ... 78s Unpacking rng-tools-debian (2.6) over (2.5) ... 79s Preparing to unpack .../usb.ids_2025.01.14-1_all.deb ... 79s Unpacking usb.ids (2025.01.14-1) over (2024.12.04-1) ... 79s Preparing to unpack .../libgudev-1.0-0_1%3a238-6_ppc64el.deb ... 79s Unpacking libgudev-1.0-0:ppc64el (1:238-6) over (1:238-5ubuntu1) ... 79s Setting up rng-tools-debian (2.6) ... 80s Setting up usb.ids (2025.01.14-1) ... 80s Setting up libgudev-1.0-0:ppc64el (1:238-6) ... 80s Processing triggers for man-db (2.13.0-1) ... 83s Processing triggers for libc-bin (2.40-4ubuntu1) ... 83s Reading package lists... 84s Building dependency tree... 84s Reading state information... 84s 0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded. 84s autopkgtest [18:07:40]: upgrading testbed (apt dist-upgrade and autopurge) 85s Reading package lists... 85s Building dependency tree... 85s Reading state information... 85s Calculating upgrade...Starting pkgProblemResolver with broken count: 0 86s Starting 2 pkgProblemResolver with broken count: 0 86s Done 87s Entering ResolveByKeep 87s 88s The following packages will be upgraded: 88s libldap-common libldap2 88s 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 88s Need to get 269 kB of archives. 88s After this operation, 1024 B of additional disk space will be used. 88s Get:1 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libldap-common all 2.6.9+dfsg-1~exp2ubuntu1 [33.2 kB] 88s Get:2 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libldap2 ppc64el 2.6.9+dfsg-1~exp2ubuntu1 [236 kB] 89s Fetched 269 kB in 1s (519 kB/s) 89s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74045 files and directories currently installed.) 89s Preparing to unpack .../libldap-common_2.6.9+dfsg-1~exp2ubuntu1_all.deb ... 89s Unpacking libldap-common (2.6.9+dfsg-1~exp2ubuntu1) over (2.6.8+dfsg-1~exp4ubuntu3) ... 89s Preparing to unpack .../libldap2_2.6.9+dfsg-1~exp2ubuntu1_ppc64el.deb ... 89s Unpacking libldap2:ppc64el (2.6.9+dfsg-1~exp2ubuntu1) over (2.6.8+dfsg-1~exp4ubuntu3) ... 89s Setting up libldap-common (2.6.9+dfsg-1~exp2ubuntu1) ... 89s Installing new version of config file /etc/ldap/ldap.conf ... 89s Setting up libldap2:ppc64el (2.6.9+dfsg-1~exp2ubuntu1) ... 89s Processing triggers for man-db (2.13.0-1) ... 90s Processing triggers for libc-bin (2.40-4ubuntu1) ... 90s Reading package lists... 90s Building dependency tree... 90s Reading state information... 91s Starting pkgProblemResolver with broken count: 0 91s Starting 2 pkgProblemResolver with broken count: 0 91s Done 92s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 92s autopkgtest [18:07:48]: rebooting testbed after setup commands that affected boot 127s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 135s autopkgtest [18:08:31]: testbed running kernel: Linux 6.11.0-8-generic #8-Ubuntu SMP Mon Sep 16 13:49:23 UTC 2024 138s autopkgtest [18:08:34]: @@@@@@@@@@@@@@@@@@@@ apt-source sssd 160s Get:1 http://ftpmaster.internal/ubuntu plucky/main sssd 2.9.5-3ubuntu2 (dsc) [5048 B] 160s Get:2 http://ftpmaster.internal/ubuntu plucky/main sssd 2.9.5-3ubuntu2 (tar) [8002 kB] 160s Get:3 http://ftpmaster.internal/ubuntu plucky/main sssd 2.9.5-3ubuntu2 (diff) [49.2 kB] 161s gpgv: Signature made Wed Jul 3 23:54:05 2024 UTC 161s gpgv: using RSA key 8AFD08D3D1B817B2DF8982F501AC4B4083590A98 161s gpgv: Can't check signature: No public key 161s dpkg-source: warning: cannot verify inline signature for ./sssd_2.9.5-3ubuntu2.dsc: no acceptable signature found 162s autopkgtest [18:08:58]: testing package sssd version 2.9.5-3ubuntu2 167s autopkgtest [18:09:03]: build not needed 174s autopkgtest [18:09:10]: test ldap-user-group-ldap-auth: preparing testbed 174s Reading package lists... 174s Building dependency tree... 174s Reading state information... 175s Starting pkgProblemResolver with broken count: 1 175s Starting 2 pkgProblemResolver with broken count: 1 175s Investigating (0) slapd:ppc64el < none -> 2.6.9+dfsg-1~exp2ubuntu1 @un puN Ib > 175s Broken slapd:ppc64el Depends on libargon2-1:ppc64el < none | 0~20190702+dfsg-4build1 @un uH > (>= 0~20171227) 175s Considering libargon2-1:ppc64el 0 as a solution to slapd:ppc64el 0 175s Re-Instated libargon2-1:ppc64el 175s Broken slapd:ppc64el Depends on libltdl7:ppc64el < none | 2.4.7-8 @un uH > (>= 2.5.4) 175s Considering libltdl7:ppc64el 0 as a solution to slapd:ppc64el 0 175s Re-Instated libltdl7:ppc64el 175s Broken slapd:ppc64el Depends on libodbc2:ppc64el < none | 2.3.12-1ubuntu1 @un uH > (>= 2.3.1) 175s Considering libodbc2:ppc64el 0 as a solution to slapd:ppc64el 0 175s Re-Instated libodbc2:ppc64el 175s Done 175s Some packages could not be installed. This may mean that you have 175s requested an impossible situation or if you are using the unstable 175s distribution that some required packages have not yet been created 175s or been moved out of Incoming. 175s The following information may help to resolve the situation: 175s 175s The following packages have unmet dependencies: 175s slapd : Depends: libltdl7 (>= 2.5.4) but 2.4.7-8 is to be installed 175s E: Unable to correct problems, you have held broken packages. 175s autopkgtest: WARNING: Test dependencies are unsatisfiable with using apt pinning. Retrying with using all packages from plucky-proposed 175s Reading package lists... 176s Building dependency tree... 176s Reading state information... 176s Starting pkgProblemResolver with broken count: 0 176s Starting 2 pkgProblemResolver with broken count: 0 176s Done 177s The following packages were automatically installed and are no longer required: 177s python3.12 python3.12-minimal 177s Use 'sudo apt autoremove' to remove them. 177s The following NEW packages will be installed: 177s expect ldap-utils libargon2-1 libavahi-client3 libavahi-common-data 177s libavahi-common3 libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 177s libdhash1t64 libevent-2.1-7t64 libini-config5t64 libipa-hbac-dev 177s libipa-hbac0t64 libjose0 libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss 177s libnss-sudo libodbc2 libpam-pwquality libpam-sss libpath-utils1t64 177s libpwquality-common libpwquality1 libpython3.13-minimal libpython3.13-stdlib 177s libref-array1t64 libsmbclient0 libsss-certmap-dev libsss-certmap0 177s libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev libsss-nss-idmap0 177s libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0t64 libverto-libevent1t64 177s libverto1t64 libwbclient0 python3-libipa-hbac python3-libsss-nss-idmap 177s python3-sss python3.13 python3.13-minimal samba-libs slapd sssd sssd-ad 177s sssd-ad-common sssd-common sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 177s sssd-krb5-common sssd-ldap sssd-passkey sssd-proxy sssd-tools tcl-expect 177s tcl8.6 177s The following packages will be upgraded: 177s krb5-locales libgssapi-krb5-2 libk5crypto3 libkrb5-3 libkrb5support0 177s libpython3-stdlib python3 python3-minimal python3.13-gdbm 177s 9 upgraded, 69 newly installed, 0 to remove and 117 not upgraded. 177s Need to get 21.7 MB of archives. 177s After this operation, 96.8 MB of additional disk space will be used. 177s Get:1 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libpython3.13-minimal ppc64el 3.13.1-3 [883 kB] 178s Get:2 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el python3.13-minimal ppc64el 3.13.1-3 [2489 kB] 178s Get:3 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el python3-minimal ppc64el 3.13.1-1~exp2 [27.6 kB] 178s Get:4 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el python3 ppc64el 3.13.1-1~exp2 [24.0 kB] 178s Get:5 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libpython3.13-stdlib ppc64el 3.13.1-3 [2131 kB] 179s Get:6 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el python3.13 ppc64el 3.13.1-3 [729 kB] 179s Get:7 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libpython3-stdlib ppc64el 3.13.1-1~exp2 [10.2 kB] 179s Get:8 http://ftpmaster.internal/ubuntu plucky/main ppc64el libargon2-1 ppc64el 0~20190702+dfsg-4build1 [27.5 kB] 179s Get:9 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libltdl7 ppc64el 2.5.4-2 [50.1 kB] 179s Get:10 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libodbc2 ppc64el 2.3.12-2ubuntu1 [189 kB] 179s Get:11 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el slapd ppc64el 2.6.9+dfsg-1~exp2ubuntu1 [1775 kB] 179s Get:12 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el krb5-locales all 1.21.3-4 [14.5 kB] 179s Get:13 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libgssapi-krb5-2 ppc64el 1.21.3-4 [186 kB] 179s Get:14 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libkrb5-3 ppc64el 1.21.3-4 [435 kB] 179s Get:15 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libkrb5support0 ppc64el 1.21.3-4 [38.9 kB] 179s Get:16 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libk5crypto3 ppc64el 1.21.3-4 [107 kB] 179s Get:17 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libtcl8.6 ppc64el 8.6.16+dfsg-1 [1201 kB] 179s Get:18 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el tcl8.6 ppc64el 8.6.16+dfsg-1 [14.8 kB] 179s Get:19 http://ftpmaster.internal/ubuntu plucky/universe ppc64el tcl-expect ppc64el 5.45.4-3 [122 kB] 179s Get:20 http://ftpmaster.internal/ubuntu plucky/universe ppc64el expect ppc64el 5.45.4-3 [137 kB] 179s Get:21 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el ldap-utils ppc64el 2.6.9+dfsg-1~exp2ubuntu1 [154 kB] 179s Get:22 http://ftpmaster.internal/ubuntu plucky/main ppc64el libavahi-common-data ppc64el 0.8-14ubuntu1 [30.5 kB] 179s Get:23 http://ftpmaster.internal/ubuntu plucky/main ppc64el libavahi-common3 ppc64el 0.8-14ubuntu1 [26.0 kB] 179s Get:24 http://ftpmaster.internal/ubuntu plucky/main ppc64el libavahi-client3 ppc64el 0.8-14ubuntu1 [31.0 kB] 179s Get:25 http://ftpmaster.internal/ubuntu plucky/main ppc64el libbasicobjects0t64 ppc64el 0.6.2-3 [6070 B] 179s Get:26 http://ftpmaster.internal/ubuntu plucky/main ppc64el libcares2 ppc64el 1.34.4-2.1 [126 kB] 179s Get:27 http://ftpmaster.internal/ubuntu plucky/main ppc64el libcollection4t64 ppc64el 0.6.2-3 [35.1 kB] 179s Get:28 http://ftpmaster.internal/ubuntu plucky/main ppc64el libcrack2 ppc64el 2.9.6-5.2 [31.2 kB] 179s Get:29 http://ftpmaster.internal/ubuntu plucky/main ppc64el libdhash1t64 ppc64el 0.6.2-3 [10.1 kB] 179s Get:30 http://ftpmaster.internal/ubuntu plucky/main ppc64el libevent-2.1-7t64 ppc64el 2.1.12-stable-10 [172 kB] 179s Get:31 http://ftpmaster.internal/ubuntu plucky/main ppc64el libpath-utils1t64 ppc64el 0.6.2-3 [10.5 kB] 179s Get:32 http://ftpmaster.internal/ubuntu plucky/main ppc64el libref-array1t64 ppc64el 0.6.2-3 [8006 B] 179s Get:33 http://ftpmaster.internal/ubuntu plucky/main ppc64el libini-config5t64 ppc64el 0.6.2-3 [54.8 kB] 179s Get:34 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libipa-hbac0t64 ppc64el 2.10.1-2ubuntu1 [19.1 kB] 179s Get:35 http://ftpmaster.internal/ubuntu plucky/universe ppc64el libjose0 ppc64el 14-1 [52.4 kB] 179s Get:36 http://ftpmaster.internal/ubuntu plucky/main ppc64el libverto-libevent1t64 ppc64el 0.3.1-1.2ubuntu3 [6490 B] 179s Get:37 http://ftpmaster.internal/ubuntu plucky/main ppc64el libverto1t64 ppc64el 0.3.1-1.2ubuntu3 [12.1 kB] 179s Get:38 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libkrad0 ppc64el 1.21.3-4 [24.4 kB] 179s Get:39 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libtalloc2 ppc64el 2.4.2-2build1 [36.7 kB] 179s Get:40 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libtdb1 ppc64el 1.4.12-1build1 [63.0 kB] 179s Get:41 http://ftpmaster.internal/ubuntu plucky/main ppc64el libtevent0t64 ppc64el 0.16.1-3 [50.4 kB] 179s Get:42 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libldb2 ppc64el 2:2.9.1+samba4.20.4+dfsg-1ubuntu5 [223 kB] 179s Get:43 http://ftpmaster.internal/ubuntu plucky/main ppc64el libnfsidmap1 ppc64el 1:2.6.4-4ubuntu1 [54.3 kB] 179s Get:44 http://ftpmaster.internal/ubuntu plucky/universe ppc64el libnss-sudo all 1.9.15p5-3ubuntu5 [15.2 kB] 180s Get:45 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libpwquality-common all 1.4.5-3build2 [7820 B] 180s Get:46 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libpwquality1 ppc64el 1.4.5-3build2 [16.7 kB] 180s Get:47 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libpam-pwquality ppc64el 1.4.5-3build2 [12.6 kB] 180s Get:48 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libwbclient0 ppc64el 2:4.20.4+dfsg-1ubuntu5 [81.6 kB] 180s Get:49 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el samba-libs ppc64el 2:4.20.4+dfsg-1ubuntu5 [6866 kB] 180s Get:50 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libsmbclient0 ppc64el 2:4.20.4+dfsg-1ubuntu5 [70.7 kB] 180s Get:51 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el python3.13-gdbm ppc64el 3.13.1-3 [31.9 kB] 180s Get:52 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libnss-sss ppc64el 2.10.1-2ubuntu1 [37.4 kB] 180s Get:53 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libpam-sss ppc64el 2.10.1-2ubuntu1 [57.3 kB] 180s Get:54 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el python3-sss ppc64el 2.10.1-2ubuntu1 [47.3 kB] 180s Get:55 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libsss-certmap0 ppc64el 2.10.1-2ubuntu1 [55.2 kB] 180s Get:56 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libsss-idmap0 ppc64el 2.10.1-2ubuntu1 [25.9 kB] 180s Get:57 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libsss-nss-idmap0 ppc64el 2.10.1-2ubuntu1 [38.9 kB] 180s Get:58 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el sssd-common ppc64el 2.10.1-2ubuntu1 [1254 kB] 180s Get:59 http://ftpmaster.internal/ubuntu plucky-proposed/universe ppc64el sssd-idp ppc64el 2.10.1-2ubuntu1 [30.9 kB] 180s Get:60 http://ftpmaster.internal/ubuntu plucky-proposed/universe ppc64el sssd-passkey ppc64el 2.10.1-2ubuntu1 [35.4 kB] 180s Get:61 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libipa-hbac-dev ppc64el 2.10.1-2ubuntu1 [6670 B] 180s Get:62 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libsss-certmap-dev ppc64el 2.10.1-2ubuntu1 [5738 B] 180s Get:63 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libsss-idmap-dev ppc64el 2.10.1-2ubuntu1 [8388 B] 180s Get:64 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libsss-nss-idmap-dev ppc64el 2.10.1-2ubuntu1 [6714 B] 180s Get:65 http://ftpmaster.internal/ubuntu plucky-proposed/universe ppc64el libsss-sudo ppc64el 2.10.1-2ubuntu1 [23.4 kB] 180s Get:66 http://ftpmaster.internal/ubuntu plucky-proposed/universe ppc64el python3-libipa-hbac ppc64el 2.10.1-2ubuntu1 [19.2 kB] 180s Get:67 http://ftpmaster.internal/ubuntu plucky-proposed/universe ppc64el python3-libsss-nss-idmap ppc64el 2.10.1-2ubuntu1 [9572 B] 180s Get:68 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el sssd-ad-common ppc64el 2.10.1-2ubuntu1 [85.6 kB] 180s Get:69 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el sssd-krb5-common ppc64el 2.10.1-2ubuntu1 [104 kB] 180s Get:70 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el sssd-ad ppc64el 2.10.1-2ubuntu1 [148 kB] 180s Get:71 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el sssd-ipa ppc64el 2.10.1-2ubuntu1 [242 kB] 180s Get:72 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el sssd-krb5 ppc64el 2.10.1-2ubuntu1 [14.5 kB] 180s Get:73 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el sssd-ldap ppc64el 2.10.1-2ubuntu1 [31.9 kB] 180s Get:74 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el sssd-proxy ppc64el 2.10.1-2ubuntu1 [47.7 kB] 180s Get:75 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el sssd ppc64el 2.10.1-2ubuntu1 [4120 B] 180s Get:76 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el sssd-dbus ppc64el 2.10.1-2ubuntu1 [119 kB] 180s Get:77 http://ftpmaster.internal/ubuntu plucky-proposed/universe ppc64el sssd-kcm ppc64el 2.10.1-2ubuntu1 [157 kB] 180s Get:78 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el sssd-tools ppc64el 2.10.1-2ubuntu1 [107 kB] 181s Preconfiguring packages ... 182s Fetched 21.7 MB in 3s (6690 kB/s) 182s Selecting previously unselected package libpython3.13-minimal:ppc64el. 182s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74044 files and directories currently installed.) 182s Preparing to unpack .../libpython3.13-minimal_3.13.1-3_ppc64el.deb ... 182s Unpacking libpython3.13-minimal:ppc64el (3.13.1-3) ... 182s Selecting previously unselected package python3.13-minimal. 182s Preparing to unpack .../python3.13-minimal_3.13.1-3_ppc64el.deb ... 182s Unpacking python3.13-minimal (3.13.1-3) ... 183s Setting up libpython3.13-minimal:ppc64el (3.13.1-3) ... 183s Setting up python3.13-minimal (3.13.1-3) ... 184s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74365 files and directories currently installed.) 184s Preparing to unpack .../python3-minimal_3.13.1-1~exp2_ppc64el.deb ... 184s Unpacking python3-minimal (3.13.1-1~exp2) over (3.12.8-1) ... 184s Setting up python3-minimal (3.13.1-1~exp2) ... 185s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74365 files and directories currently installed.) 185s Preparing to unpack .../00-python3_3.13.1-1~exp2_ppc64el.deb ... 185s Unpacking python3 (3.13.1-1~exp2) over (3.12.8-1) ... 185s Selecting previously unselected package libpython3.13-stdlib:ppc64el. 185s Preparing to unpack .../01-libpython3.13-stdlib_3.13.1-3_ppc64el.deb ... 185s Unpacking libpython3.13-stdlib:ppc64el (3.13.1-3) ... 185s Selecting previously unselected package python3.13. 185s Preparing to unpack .../02-python3.13_3.13.1-3_ppc64el.deb ... 185s Unpacking python3.13 (3.13.1-3) ... 185s Preparing to unpack .../03-libpython3-stdlib_3.13.1-1~exp2_ppc64el.deb ... 185s Unpacking libpython3-stdlib:ppc64el (3.13.1-1~exp2) over (3.12.8-1) ... 185s Selecting previously unselected package libargon2-1:ppc64el. 185s Preparing to unpack .../04-libargon2-1_0~20190702+dfsg-4build1_ppc64el.deb ... 185s Unpacking libargon2-1:ppc64el (0~20190702+dfsg-4build1) ... 185s Selecting previously unselected package libltdl7:ppc64el. 185s Preparing to unpack .../05-libltdl7_2.5.4-2_ppc64el.deb ... 185s Unpacking libltdl7:ppc64el (2.5.4-2) ... 185s Selecting previously unselected package libodbc2:ppc64el. 185s Preparing to unpack .../06-libodbc2_2.3.12-2ubuntu1_ppc64el.deb ... 185s Unpacking libodbc2:ppc64el (2.3.12-2ubuntu1) ... 185s Selecting previously unselected package slapd. 185s Preparing to unpack .../07-slapd_2.6.9+dfsg-1~exp2ubuntu1_ppc64el.deb ... 186s Unpacking slapd (2.6.9+dfsg-1~exp2ubuntu1) ... 186s Preparing to unpack .../08-krb5-locales_1.21.3-4_all.deb ... 186s Unpacking krb5-locales (1.21.3-4) over (1.21.3-3) ... 186s Preparing to unpack .../09-libgssapi-krb5-2_1.21.3-4_ppc64el.deb ... 186s Unpacking libgssapi-krb5-2:ppc64el (1.21.3-4) over (1.21.3-3) ... 186s Preparing to unpack .../10-libkrb5-3_1.21.3-4_ppc64el.deb ... 186s Unpacking libkrb5-3:ppc64el (1.21.3-4) over (1.21.3-3) ... 186s Preparing to unpack .../11-libkrb5support0_1.21.3-4_ppc64el.deb ... 186s Unpacking libkrb5support0:ppc64el (1.21.3-4) over (1.21.3-3) ... 186s Preparing to unpack .../12-libk5crypto3_1.21.3-4_ppc64el.deb ... 186s Unpacking libk5crypto3:ppc64el (1.21.3-4) over (1.21.3-3) ... 186s Selecting previously unselected package libtcl8.6:ppc64el. 186s Preparing to unpack .../13-libtcl8.6_8.6.16+dfsg-1_ppc64el.deb ... 186s Unpacking libtcl8.6:ppc64el (8.6.16+dfsg-1) ... 186s Selecting previously unselected package tcl8.6. 186s Preparing to unpack .../14-tcl8.6_8.6.16+dfsg-1_ppc64el.deb ... 186s Unpacking tcl8.6 (8.6.16+dfsg-1) ... 186s Selecting previously unselected package tcl-expect:ppc64el. 186s Preparing to unpack .../15-tcl-expect_5.45.4-3_ppc64el.deb ... 186s Unpacking tcl-expect:ppc64el (5.45.4-3) ... 186s Selecting previously unselected package expect. 186s Preparing to unpack .../16-expect_5.45.4-3_ppc64el.deb ... 186s Unpacking expect (5.45.4-3) ... 186s Selecting previously unselected package ldap-utils. 186s Preparing to unpack .../17-ldap-utils_2.6.9+dfsg-1~exp2ubuntu1_ppc64el.deb ... 186s Unpacking ldap-utils (2.6.9+dfsg-1~exp2ubuntu1) ... 187s Selecting previously unselected package libavahi-common-data:ppc64el. 187s Preparing to unpack .../18-libavahi-common-data_0.8-14ubuntu1_ppc64el.deb ... 187s Unpacking libavahi-common-data:ppc64el (0.8-14ubuntu1) ... 187s Selecting previously unselected package libavahi-common3:ppc64el. 187s Preparing to unpack .../19-libavahi-common3_0.8-14ubuntu1_ppc64el.deb ... 187s Unpacking libavahi-common3:ppc64el (0.8-14ubuntu1) ... 187s Selecting previously unselected package libavahi-client3:ppc64el. 187s Preparing to unpack .../20-libavahi-client3_0.8-14ubuntu1_ppc64el.deb ... 187s Unpacking libavahi-client3:ppc64el (0.8-14ubuntu1) ... 187s Selecting previously unselected package libbasicobjects0t64:ppc64el. 187s Preparing to unpack .../21-libbasicobjects0t64_0.6.2-3_ppc64el.deb ... 187s Unpacking libbasicobjects0t64:ppc64el (0.6.2-3) ... 187s Selecting previously unselected package libcares2:ppc64el. 187s Preparing to unpack .../22-libcares2_1.34.4-2.1_ppc64el.deb ... 187s Unpacking libcares2:ppc64el (1.34.4-2.1) ... 187s Selecting previously unselected package libcollection4t64:ppc64el. 187s Preparing to unpack .../23-libcollection4t64_0.6.2-3_ppc64el.deb ... 187s Unpacking libcollection4t64:ppc64el (0.6.2-3) ... 187s Selecting previously unselected package libcrack2:ppc64el. 187s Preparing to unpack .../24-libcrack2_2.9.6-5.2_ppc64el.deb ... 187s Unpacking libcrack2:ppc64el (2.9.6-5.2) ... 187s Selecting previously unselected package libdhash1t64:ppc64el. 187s Preparing to unpack .../25-libdhash1t64_0.6.2-3_ppc64el.deb ... 187s Unpacking libdhash1t64:ppc64el (0.6.2-3) ... 187s Selecting previously unselected package libevent-2.1-7t64:ppc64el. 187s Preparing to unpack .../26-libevent-2.1-7t64_2.1.12-stable-10_ppc64el.deb ... 187s Unpacking libevent-2.1-7t64:ppc64el (2.1.12-stable-10) ... 187s Selecting previously unselected package libpath-utils1t64:ppc64el. 187s Preparing to unpack .../27-libpath-utils1t64_0.6.2-3_ppc64el.deb ... 187s Unpacking libpath-utils1t64:ppc64el (0.6.2-3) ... 187s Selecting previously unselected package libref-array1t64:ppc64el. 187s Preparing to unpack .../28-libref-array1t64_0.6.2-3_ppc64el.deb ... 187s Unpacking libref-array1t64:ppc64el (0.6.2-3) ... 187s Selecting previously unselected package libini-config5t64:ppc64el. 187s Preparing to unpack .../29-libini-config5t64_0.6.2-3_ppc64el.deb ... 187s Unpacking libini-config5t64:ppc64el (0.6.2-3) ... 187s Selecting previously unselected package libipa-hbac0t64. 187s Preparing to unpack .../30-libipa-hbac0t64_2.10.1-2ubuntu1_ppc64el.deb ... 187s Unpacking libipa-hbac0t64 (2.10.1-2ubuntu1) ... 187s Selecting previously unselected package libjose0:ppc64el. 187s Preparing to unpack .../31-libjose0_14-1_ppc64el.deb ... 187s Unpacking libjose0:ppc64el (14-1) ... 187s Selecting previously unselected package libverto-libevent1t64:ppc64el. 187s Preparing to unpack .../32-libverto-libevent1t64_0.3.1-1.2ubuntu3_ppc64el.deb ... 187s Unpacking libverto-libevent1t64:ppc64el (0.3.1-1.2ubuntu3) ... 187s Selecting previously unselected package libverto1t64:ppc64el. 187s Preparing to unpack .../33-libverto1t64_0.3.1-1.2ubuntu3_ppc64el.deb ... 187s Unpacking libverto1t64:ppc64el (0.3.1-1.2ubuntu3) ... 187s Selecting previously unselected package libkrad0:ppc64el. 187s Preparing to unpack .../34-libkrad0_1.21.3-4_ppc64el.deb ... 187s Unpacking libkrad0:ppc64el (1.21.3-4) ... 187s Selecting previously unselected package libtalloc2:ppc64el. 187s Preparing to unpack .../35-libtalloc2_2.4.2-2build1_ppc64el.deb ... 187s Unpacking libtalloc2:ppc64el (2.4.2-2build1) ... 187s Selecting previously unselected package libtdb1:ppc64el. 187s Preparing to unpack .../36-libtdb1_1.4.12-1build1_ppc64el.deb ... 187s Unpacking libtdb1:ppc64el (1.4.12-1build1) ... 187s Selecting previously unselected package libtevent0t64:ppc64el. 187s Preparing to unpack .../37-libtevent0t64_0.16.1-3_ppc64el.deb ... 187s Unpacking libtevent0t64:ppc64el (0.16.1-3) ... 187s Selecting previously unselected package libldb2:ppc64el. 187s Preparing to unpack .../38-libldb2_2%3a2.9.1+samba4.20.4+dfsg-1ubuntu5_ppc64el.deb ... 187s Unpacking libldb2:ppc64el (2:2.9.1+samba4.20.4+dfsg-1ubuntu5) ... 187s Selecting previously unselected package libnfsidmap1:ppc64el. 187s Preparing to unpack .../39-libnfsidmap1_1%3a2.6.4-4ubuntu1_ppc64el.deb ... 187s Unpacking libnfsidmap1:ppc64el (1:2.6.4-4ubuntu1) ... 187s Selecting previously unselected package libnss-sudo. 187s Preparing to unpack .../40-libnss-sudo_1.9.15p5-3ubuntu5_all.deb ... 187s Unpacking libnss-sudo (1.9.15p5-3ubuntu5) ... 187s Selecting previously unselected package libpwquality-common. 187s Preparing to unpack .../41-libpwquality-common_1.4.5-3build2_all.deb ... 187s Unpacking libpwquality-common (1.4.5-3build2) ... 187s Selecting previously unselected package libpwquality1:ppc64el. 187s Preparing to unpack .../42-libpwquality1_1.4.5-3build2_ppc64el.deb ... 187s Unpacking libpwquality1:ppc64el (1.4.5-3build2) ... 187s Selecting previously unselected package libpam-pwquality:ppc64el. 187s Preparing to unpack .../43-libpam-pwquality_1.4.5-3build2_ppc64el.deb ... 187s Unpacking libpam-pwquality:ppc64el (1.4.5-3build2) ... 187s Selecting previously unselected package libwbclient0:ppc64el. 187s Preparing to unpack .../44-libwbclient0_2%3a4.20.4+dfsg-1ubuntu5_ppc64el.deb ... 187s Unpacking libwbclient0:ppc64el (2:4.20.4+dfsg-1ubuntu5) ... 187s Selecting previously unselected package samba-libs:ppc64el. 187s Preparing to unpack .../45-samba-libs_2%3a4.20.4+dfsg-1ubuntu5_ppc64el.deb ... 187s Unpacking samba-libs:ppc64el (2:4.20.4+dfsg-1ubuntu5) ... 188s Selecting previously unselected package libsmbclient0:ppc64el. 188s Preparing to unpack .../46-libsmbclient0_2%3a4.20.4+dfsg-1ubuntu5_ppc64el.deb ... 188s Unpacking libsmbclient0:ppc64el (2:4.20.4+dfsg-1ubuntu5) ... 188s Preparing to unpack .../47-python3.13-gdbm_3.13.1-3_ppc64el.deb ... 188s Unpacking python3.13-gdbm (3.13.1-3) over (3.13.1-2) ... 188s Selecting previously unselected package libnss-sss:ppc64el. 188s Preparing to unpack .../48-libnss-sss_2.10.1-2ubuntu1_ppc64el.deb ... 188s Unpacking libnss-sss:ppc64el (2.10.1-2ubuntu1) ... 188s Selecting previously unselected package libpam-sss:ppc64el. 188s Preparing to unpack .../49-libpam-sss_2.10.1-2ubuntu1_ppc64el.deb ... 188s Unpacking libpam-sss:ppc64el (2.10.1-2ubuntu1) ... 188s Selecting previously unselected package python3-sss. 188s Preparing to unpack .../50-python3-sss_2.10.1-2ubuntu1_ppc64el.deb ... 188s Unpacking python3-sss (2.10.1-2ubuntu1) ... 188s Selecting previously unselected package libsss-certmap0. 188s Preparing to unpack .../51-libsss-certmap0_2.10.1-2ubuntu1_ppc64el.deb ... 188s Unpacking libsss-certmap0 (2.10.1-2ubuntu1) ... 188s Selecting previously unselected package libsss-idmap0. 188s Preparing to unpack .../52-libsss-idmap0_2.10.1-2ubuntu1_ppc64el.deb ... 188s Unpacking libsss-idmap0 (2.10.1-2ubuntu1) ... 188s Selecting previously unselected package libsss-nss-idmap0. 188s Preparing to unpack .../53-libsss-nss-idmap0_2.10.1-2ubuntu1_ppc64el.deb ... 188s Unpacking libsss-nss-idmap0 (2.10.1-2ubuntu1) ... 188s Selecting previously unselected package sssd-common. 188s Preparing to unpack .../54-sssd-common_2.10.1-2ubuntu1_ppc64el.deb ... 188s Unpacking sssd-common (2.10.1-2ubuntu1) ... 188s Selecting previously unselected package sssd-idp. 188s Preparing to unpack .../55-sssd-idp_2.10.1-2ubuntu1_ppc64el.deb ... 188s Unpacking sssd-idp (2.10.1-2ubuntu1) ... 188s Selecting previously unselected package sssd-passkey. 188s Preparing to unpack .../56-sssd-passkey_2.10.1-2ubuntu1_ppc64el.deb ... 188s Unpacking sssd-passkey (2.10.1-2ubuntu1) ... 188s Selecting previously unselected package libipa-hbac-dev. 188s Preparing to unpack .../57-libipa-hbac-dev_2.10.1-2ubuntu1_ppc64el.deb ... 188s Unpacking libipa-hbac-dev (2.10.1-2ubuntu1) ... 188s Selecting previously unselected package libsss-certmap-dev. 188s Preparing to unpack .../58-libsss-certmap-dev_2.10.1-2ubuntu1_ppc64el.deb ... 188s Unpacking libsss-certmap-dev (2.10.1-2ubuntu1) ... 188s Selecting previously unselected package libsss-idmap-dev. 188s Preparing to unpack .../59-libsss-idmap-dev_2.10.1-2ubuntu1_ppc64el.deb ... 188s Unpacking libsss-idmap-dev (2.10.1-2ubuntu1) ... 188s Selecting previously unselected package libsss-nss-idmap-dev. 188s Preparing to unpack .../60-libsss-nss-idmap-dev_2.10.1-2ubuntu1_ppc64el.deb ... 188s Unpacking libsss-nss-idmap-dev (2.10.1-2ubuntu1) ... 188s Selecting previously unselected package libsss-sudo. 188s Preparing to unpack .../61-libsss-sudo_2.10.1-2ubuntu1_ppc64el.deb ... 188s Unpacking libsss-sudo (2.10.1-2ubuntu1) ... 189s Selecting previously unselected package python3-libipa-hbac. 189s Preparing to unpack .../62-python3-libipa-hbac_2.10.1-2ubuntu1_ppc64el.deb ... 189s Unpacking python3-libipa-hbac (2.10.1-2ubuntu1) ... 189s Selecting previously unselected package python3-libsss-nss-idmap. 189s Preparing to unpack .../63-python3-libsss-nss-idmap_2.10.1-2ubuntu1_ppc64el.deb ... 189s Unpacking python3-libsss-nss-idmap (2.10.1-2ubuntu1) ... 189s Selecting previously unselected package sssd-ad-common. 189s Preparing to unpack .../64-sssd-ad-common_2.10.1-2ubuntu1_ppc64el.deb ... 189s Unpacking sssd-ad-common (2.10.1-2ubuntu1) ... 189s Selecting previously unselected package sssd-krb5-common. 189s Preparing to unpack .../65-sssd-krb5-common_2.10.1-2ubuntu1_ppc64el.deb ... 189s Unpacking sssd-krb5-common (2.10.1-2ubuntu1) ... 189s Selecting previously unselected package sssd-ad. 189s Preparing to unpack .../66-sssd-ad_2.10.1-2ubuntu1_ppc64el.deb ... 189s Unpacking sssd-ad (2.10.1-2ubuntu1) ... 189s Selecting previously unselected package sssd-ipa. 189s Preparing to unpack .../67-sssd-ipa_2.10.1-2ubuntu1_ppc64el.deb ... 189s Unpacking sssd-ipa (2.10.1-2ubuntu1) ... 189s Selecting previously unselected package sssd-krb5. 189s Preparing to unpack .../68-sssd-krb5_2.10.1-2ubuntu1_ppc64el.deb ... 189s Unpacking sssd-krb5 (2.10.1-2ubuntu1) ... 189s Selecting previously unselected package sssd-ldap. 189s Preparing to unpack .../69-sssd-ldap_2.10.1-2ubuntu1_ppc64el.deb ... 189s Unpacking sssd-ldap (2.10.1-2ubuntu1) ... 189s Selecting previously unselected package sssd-proxy. 189s Preparing to unpack .../70-sssd-proxy_2.10.1-2ubuntu1_ppc64el.deb ... 189s Unpacking sssd-proxy (2.10.1-2ubuntu1) ... 189s Selecting previously unselected package sssd. 189s Preparing to unpack .../71-sssd_2.10.1-2ubuntu1_ppc64el.deb ... 189s Unpacking sssd (2.10.1-2ubuntu1) ... 189s Selecting previously unselected package sssd-dbus. 189s Preparing to unpack .../72-sssd-dbus_2.10.1-2ubuntu1_ppc64el.deb ... 189s Unpacking sssd-dbus (2.10.1-2ubuntu1) ... 189s Selecting previously unselected package sssd-kcm. 189s Preparing to unpack .../73-sssd-kcm_2.10.1-2ubuntu1_ppc64el.deb ... 189s Unpacking sssd-kcm (2.10.1-2ubuntu1) ... 189s Selecting previously unselected package sssd-tools. 189s Preparing to unpack .../74-sssd-tools_2.10.1-2ubuntu1_ppc64el.deb ... 189s Unpacking sssd-tools (2.10.1-2ubuntu1) ... 189s Setting up libpwquality-common (1.4.5-3build2) ... 189s Setting up libnfsidmap1:ppc64el (1:2.6.4-4ubuntu1) ... 189s Setting up libsss-idmap0 (2.10.1-2ubuntu1) ... 189s Setting up libbasicobjects0t64:ppc64el (0.6.2-3) ... 189s Setting up libipa-hbac0t64 (2.10.1-2ubuntu1) ... 189s Setting up libsss-idmap-dev (2.10.1-2ubuntu1) ... 189s Setting up libref-array1t64:ppc64el (0.6.2-3) ... 189s Setting up libipa-hbac-dev (2.10.1-2ubuntu1) ... 189s Setting up libtdb1:ppc64el (1.4.12-1build1) ... 189s Setting up libargon2-1:ppc64el (0~20190702+dfsg-4build1) ... 189s Setting up libcollection4t64:ppc64el (0.6.2-3) ... 189s Setting up libevent-2.1-7t64:ppc64el (2.1.12-stable-10) ... 189s Setting up krb5-locales (1.21.3-4) ... 189s Setting up ldap-utils (2.6.9+dfsg-1~exp2ubuntu1) ... 189s Setting up libjose0:ppc64el (14-1) ... 189s Setting up libwbclient0:ppc64el (2:4.20.4+dfsg-1ubuntu5) ... 189s Setting up libkrb5support0:ppc64el (1.21.3-4) ... 189s Setting up libtalloc2:ppc64el (2.4.2-2build1) ... 189s Setting up libpath-utils1t64:ppc64el (0.6.2-3) ... 189s Setting up libavahi-common-data:ppc64el (0.8-14ubuntu1) ... 189s Setting up libcares2:ppc64el (1.34.4-2.1) ... 189s Setting up libdhash1t64:ppc64el (0.6.2-3) ... 189s Setting up libtcl8.6:ppc64el (8.6.16+dfsg-1) ... 189s Setting up libk5crypto3:ppc64el (1.21.3-4) ... 189s Setting up libltdl7:ppc64el (2.5.4-2) ... 189s Setting up libcrack2:ppc64el (2.9.6-5.2) ... 189s Setting up libodbc2:ppc64el (2.3.12-2ubuntu1) ... 189s Setting up libkrb5-3:ppc64el (1.21.3-4) ... 189s Setting up libnss-sudo (1.9.15p5-3ubuntu5) ... 189s Setting up libsss-nss-idmap0 (2.10.1-2ubuntu1) ... 189s Setting up libini-config5t64:ppc64el (0.6.2-3) ... 189s Setting up libpython3.13-stdlib:ppc64el (3.13.1-3) ... 189s Setting up libtevent0t64:ppc64el (0.16.1-3) ... 189s Setting up python3.13-gdbm (3.13.1-3) ... 189s Setting up libpython3-stdlib:ppc64el (3.13.1-1~exp2) ... 189s Setting up libnss-sss:ppc64el (2.10.1-2ubuntu1) ... 189s Setting up slapd (2.6.9+dfsg-1~exp2ubuntu1) ... 190s [sss_cache] [sss_tool_confdb_init] (0x0010): Can't access '/var/lib/sss/db/config.ldb', probably SSSD isn't configured 190s Can't find configuration db, was SSSD configured and run? 190s [sss_cache] [sss_tool_confdb_init] (0x0010): Can't access '/var/lib/sss/db/config.ldb', probably SSSD isn't configured 190s Can't find configuration db, was SSSD configured and run? 190s Creating new user openldap... [sss_cache] [sss_tool_confdb_init] (0x0010): Can't access '/var/lib/sss/db/config.ldb', probably SSSD isn't configured 190s Can't find configuration db, was SSSD configured and run? 190s [sss_cache] [sss_tool_confdb_init] (0x0010): Can't access '/var/lib/sss/db/config.ldb', probably SSSD isn't configured 190s Can't find configuration db, was SSSD configured and run? 190s [sss_cache] [sss_tool_confdb_init] (0x0010): Can't access '/var/lib/sss/db/config.ldb', probably SSSD isn't configured 190s Can't find configuration db, was SSSD configured and run? 190s [sss_cache] [sss_tool_confdb_init] (0x0010): Can't access '/var/lib/sss/db/config.ldb', probably SSSD isn't configured 190s Can't find configuration db, was SSSD configured and run? 190s done. 190s Creating initial configuration... done. 190s Creating LDAP directory... done. 191s Created symlink '/etc/systemd/system/multi-user.target.wants/slapd.service' → '/usr/lib/systemd/system/slapd.service'. 192s Setting up tcl8.6 (8.6.16+dfsg-1) ... 192s Setting up libsss-sudo (2.10.1-2ubuntu1) ... 192s Setting up python3.13 (3.13.1-3) ... 193s Setting up libsss-nss-idmap-dev (2.10.1-2ubuntu1) ... 193s Setting up libavahi-common3:ppc64el (0.8-14ubuntu1) ... 193s Setting up tcl-expect:ppc64el (5.45.4-3) ... 193s Setting up python3 (3.13.1-1~exp2) ... 193s /usr/bin/py3clean:101: DeprecationWarning: glob.glob1 is deprecated and will be removed in Python 3.15. Use glob.glob and pass a directory to its root_dir argument instead. 193s for fn in glob1(directory, "%s.*" % fname): 194s Setting up libsss-certmap0 (2.10.1-2ubuntu1) ... 194s Setting up libpwquality1:ppc64el (1.4.5-3build2) ... 194s Setting up libgssapi-krb5-2:ppc64el (1.21.3-4) ... 194s Setting up python3-libsss-nss-idmap (2.10.1-2ubuntu1) ... 194s Setting up python3-libipa-hbac (2.10.1-2ubuntu1) ... 194s Setting up libldb2:ppc64el (2:2.9.1+samba4.20.4+dfsg-1ubuntu5) ... 194s Setting up libavahi-client3:ppc64el (0.8-14ubuntu1) ... 194s Setting up expect (5.45.4-3) ... 194s Setting up libpam-pwquality:ppc64el (1.4.5-3build2) ... 194s Setting up samba-libs:ppc64el (2:4.20.4+dfsg-1ubuntu5) ... 194s Setting up libsss-certmap-dev (2.10.1-2ubuntu1) ... 194s Setting up python3-sss (2.10.1-2ubuntu1) ... 194s Setting up libsmbclient0:ppc64el (2:4.20.4+dfsg-1ubuntu5) ... 194s Setting up libpam-sss:ppc64el (2.10.1-2ubuntu1) ... 195s Setting up sssd-common (2.10.1-2ubuntu1) ... 195s Creating SSSD system user & group... 195s [sss_cache] [sss_tool_confdb_init] (0x0010): Can't access '/var/lib/sss/db/config.ldb', probably SSSD isn't configured 195s Can't find configuration db, was SSSD configured and run? 195s [sss_cache] [sss_tool_confdb_init] (0x0010): Can't access '/var/lib/sss/db/config.ldb', probably SSSD isn't configured 195s Can't find configuration db, was SSSD configured and run? 195s [sss_cache] [sss_tool_confdb_init] (0x0010): Can't access '/var/lib/sss/db/config.ldb', probably SSSD isn't configured 195s Can't find configuration db, was SSSD configured and run? 195s [sss_cache] [sss_tool_confdb_init] (0x0010): Can't access '/var/lib/sss/db/config.ldb', probably SSSD isn't configured 195s Can't find configuration db, was SSSD configured and run? 195s [sss_cache] [sss_tool_confdb_init] (0x0010): Can't access '/var/lib/sss/db/config.ldb', probably SSSD isn't configured 195s Can't find configuration db, was SSSD configured and run? 195s [sss_cache] [sss_tool_confdb_init] (0x0010): Can't access '/var/lib/sss/db/config.ldb', probably SSSD isn't configured 195s Can't find configuration db, was SSSD configured and run? 195s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 195s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 195s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 195s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 196s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-autofs.socket' → '/usr/lib/systemd/system/sssd-autofs.socket'. 196s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-nss.socket' → '/usr/lib/systemd/system/sssd-nss.socket'. 197s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pam.socket' → '/usr/lib/systemd/system/sssd-pam.socket'. 197s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-ssh.socket' → '/usr/lib/systemd/system/sssd-ssh.socket'. 198s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-sudo.socket' → '/usr/lib/systemd/system/sssd-sudo.socket'. 198s Created symlink '/etc/systemd/system/multi-user.target.wants/sssd.service' → '/usr/lib/systemd/system/sssd.service'. 199s sssd-autofs.service is a disabled or a static unit, not starting it. 199s sssd-nss.service is a disabled or a static unit, not starting it. 199s sssd-pam.service is a disabled or a static unit, not starting it. 199s sssd-ssh.service is a disabled or a static unit, not starting it. 199s sssd-sudo.service is a disabled or a static unit, not starting it. 199s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 199s Setting up sssd-proxy (2.10.1-2ubuntu1) ... 199s Setting up sssd-kcm (2.10.1-2ubuntu1) ... 199s Created symlink '/etc/systemd/system/sockets.target.wants/sssd-kcm.socket' → '/usr/lib/systemd/system/sssd-kcm.socket'. 200s sssd-kcm.service is a disabled or a static unit, not starting it. 200s Setting up sssd-dbus (2.10.1-2ubuntu1) ... 201s sssd-ifp.service is a disabled or a static unit, not starting it. 201s Setting up sssd-ad-common (2.10.1-2ubuntu1) ... 201s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pac.socket' → '/usr/lib/systemd/system/sssd-pac.socket'. 202s sssd-pac.service is a disabled or a static unit, not starting it. 202s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 202s Setting up sssd-krb5-common (2.10.1-2ubuntu1) ... 202s Setting up sssd-krb5 (2.10.1-2ubuntu1) ... 202s Setting up sssd-ldap (2.10.1-2ubuntu1) ... 202s Setting up sssd-ad (2.10.1-2ubuntu1) ... 202s Setting up sssd-tools (2.10.1-2ubuntu1) ... 202s Setting up sssd-ipa (2.10.1-2ubuntu1) ... 202s Setting up sssd (2.10.1-2ubuntu1) ... 202s Setting up libverto1t64:ppc64el (0.3.1-1.2ubuntu3) ... 202s Setting up libkrad0:ppc64el (1.21.3-4) ... 202s Setting up libverto-libevent1t64:ppc64el (0.3.1-1.2ubuntu3) ... 202s Setting up sssd-passkey (2.10.1-2ubuntu1) ... 202s Setting up sssd-idp (2.10.1-2ubuntu1) ... 202s Processing triggers for libc-bin (2.40-4ubuntu1) ... 202s Processing triggers for systemd (257-2ubuntu1) ... 202s Processing triggers for man-db (2.13.0-1) ... 206s Processing triggers for dbus (1.14.10-4ubuntu5) ... 213s autopkgtest [18:09:49]: test ldap-user-group-ldap-auth: [----------------------- 214s + . debian/tests/util 214s + . debian/tests/common-tests 214s + mydomain=example.com 214s + myhostname=ldap.example.com 214s + mysuffix=dc=example,dc=com 214s + admin_dn=cn=admin,dc=example,dc=com 214s + admin_pw=secret 214s + ldap_user=testuser1 214s + ldap_user_pw=testuser1secret 214s + ldap_group=ldapusers 214s + adjust_hostname ldap.example.com 214s + local myhostname=ldap.example.com 214s + echo ldap.example.com 214s + hostname ldap.example.com 214s + grep -qE ldap.example.com /etc/hosts 214s + echo 127.0.1.10 ldap.example.com 214s + reconfigure_slapd 214s + debconf-set-selections 214s + rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb 214s + dpkg-reconfigure -fnoninteractive -pcritical slapd 214s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.9+dfsg-1~exp2ubuntu1... done. 214s Moving old database directory to /var/backups: 214s - directory unknown... done. 214s Creating initial configuration... done. 214s Creating LDAP directory... done. 216s + generate_certs ldap.example.com 216s + local cn=ldap.example.com 216s + local cert=/etc/ldap/server.pem 216s + local key=/etc/ldap/server.key 216s + local cnf=/etc/ldap/openssl.cnf 216s + cat 216s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 216s ......................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 216s ..........++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 216s ----- 216s + chmod 0640 /etc/ldap/server.key 216s + chgrp openldap /etc/ldap/server.key 216s + [ ! -f /etc/ldap/server.pem ] 216s + [ ! -f /etc/ldap/server.key ] 216s + enable_ldap_ssl 216s + cat 216s + cat 216s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 216s ldap_modify: Other (e.g., implementation specific) error (80) 216s modifying entry "cn=config" 216s 216s autopkgtest [18:09:52]: test ldap-user-group-ldap-auth: -----------------------] 217s ldap-user-group-ldap-auth FAIL non-zero exit status 80 217s autopkgtest [18:09:53]: test ldap-user-group-ldap-auth: - - - - - - - - - - results - - - - - - - - - - 217s autopkgtest [18:09:53]: test ldap-user-group-krb5-auth: preparing testbed 217s Reading package lists... 217s Building dependency tree... 217s Reading state information... 218s Starting pkgProblemResolver with broken count: 0 218s Starting 2 pkgProblemResolver with broken count: 0 218s Done 218s The following packages were automatically installed and are no longer required: 218s python3.12 python3.12-minimal 218s Use 'sudo apt autoremove' to remove them. 218s The following NEW packages will be installed: 218s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4t64 218s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10t64 218s 0 upgraded, 8 newly installed, 0 to remove and 117 not upgraded. 218s Need to get 684 kB of archives. 218s After this operation, 3188 kB of additional disk space will be used. 218s Get:1 http://ftpmaster.internal/ubuntu plucky/main ppc64el krb5-config all 2.7 [22.0 kB] 218s Get:2 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libgssrpc4t64 ppc64el 1.21.3-4 [64.9 kB] 218s Get:3 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libkadm5clnt-mit12 ppc64el 1.21.3-4 [44.0 kB] 218s Get:4 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libkdb5-10t64 ppc64el 1.21.3-4 [47.1 kB] 218s Get:5 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libkadm5srv-mit12 ppc64el 1.21.3-4 [61.5 kB] 219s Get:6 http://ftpmaster.internal/ubuntu plucky-proposed/universe ppc64el krb5-user ppc64el 1.21.3-4 [116 kB] 219s Get:7 http://ftpmaster.internal/ubuntu plucky-proposed/universe ppc64el krb5-kdc ppc64el 1.21.3-4 [221 kB] 219s Get:8 http://ftpmaster.internal/ubuntu plucky-proposed/universe ppc64el krb5-admin-server ppc64el 1.21.3-4 [107 kB] 219s Preconfiguring packages ... 220s Fetched 684 kB in 1s (1141 kB/s) 220s Selecting previously unselected package krb5-config. 220s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 76070 files and directories currently installed.) 220s Preparing to unpack .../0-krb5-config_2.7_all.deb ... 220s Unpacking krb5-config (2.7) ... 220s Selecting previously unselected package libgssrpc4t64:ppc64el. 220s Preparing to unpack .../1-libgssrpc4t64_1.21.3-4_ppc64el.deb ... 220s Unpacking libgssrpc4t64:ppc64el (1.21.3-4) ... 220s Selecting previously unselected package libkadm5clnt-mit12:ppc64el. 220s Preparing to unpack .../2-libkadm5clnt-mit12_1.21.3-4_ppc64el.deb ... 220s Unpacking libkadm5clnt-mit12:ppc64el (1.21.3-4) ... 220s Selecting previously unselected package libkdb5-10t64:ppc64el. 220s Preparing to unpack .../3-libkdb5-10t64_1.21.3-4_ppc64el.deb ... 220s Unpacking libkdb5-10t64:ppc64el (1.21.3-4) ... 220s Selecting previously unselected package libkadm5srv-mit12:ppc64el. 220s Preparing to unpack .../4-libkadm5srv-mit12_1.21.3-4_ppc64el.deb ... 220s Unpacking libkadm5srv-mit12:ppc64el (1.21.3-4) ... 220s Selecting previously unselected package krb5-user. 220s Preparing to unpack .../5-krb5-user_1.21.3-4_ppc64el.deb ... 220s Unpacking krb5-user (1.21.3-4) ... 220s Selecting previously unselected package krb5-kdc. 220s Preparing to unpack .../6-krb5-kdc_1.21.3-4_ppc64el.deb ... 220s Unpacking krb5-kdc (1.21.3-4) ... 220s Selecting previously unselected package krb5-admin-server. 220s Preparing to unpack .../7-krb5-admin-server_1.21.3-4_ppc64el.deb ... 220s Unpacking krb5-admin-server (1.21.3-4) ... 220s Setting up libgssrpc4t64:ppc64el (1.21.3-4) ... 220s Setting up krb5-config (2.7) ... 220s Setting up libkadm5clnt-mit12:ppc64el (1.21.3-4) ... 220s Setting up libkdb5-10t64:ppc64el (1.21.3-4) ... 220s Setting up libkadm5srv-mit12:ppc64el (1.21.3-4) ... 220s Setting up krb5-user (1.21.3-4) ... 220s update-alternatives: using /usr/bin/kinit.mit to provide /usr/bin/kinit (kinit) in auto mode 220s update-alternatives: using /usr/bin/klist.mit to provide /usr/bin/klist (klist) in auto mode 220s update-alternatives: using /usr/bin/kswitch.mit to provide /usr/bin/kswitch (kswitch) in auto mode 220s update-alternatives: using /usr/bin/ksu.mit to provide /usr/bin/ksu (ksu) in auto mode 220s update-alternatives: using /usr/bin/kpasswd.mit to provide /usr/bin/kpasswd (kpasswd) in auto mode 220s update-alternatives: using /usr/bin/kdestroy.mit to provide /usr/bin/kdestroy (kdestroy) in auto mode 220s update-alternatives: using /usr/bin/kadmin.mit to provide /usr/bin/kadmin (kadmin) in auto mode 220s update-alternatives: using /usr/bin/ktutil.mit to provide /usr/bin/ktutil (ktutil) in auto mode 220s Setting up krb5-kdc (1.21.3-4) ... 221s Created symlink '/etc/systemd/system/multi-user.target.wants/krb5-kdc.service' → '/usr/lib/systemd/system/krb5-kdc.service'. 222s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 222s Setting up krb5-admin-server (1.21.3-4) ... 223s Created symlink '/etc/systemd/system/multi-user.target.wants/krb5-admin-server.service' → '/usr/lib/systemd/system/krb5-admin-server.service'. 224s Processing triggers for man-db (2.13.0-1) ... 224s Processing triggers for libc-bin (2.40-4ubuntu1) ... 231s autopkgtest [18:10:07]: test ldap-user-group-krb5-auth: [----------------------- 232s + . debian/tests/util 232s + . debian/tests/common-tests 232s + mydomain=example.com 232s + myhostname=ldap.example.com 232s + mysuffix=dc=example,dc=com 232s + myrealm=EXAMPLE.COM 232s + admin_dn=cn=admin,dc=example,dc=com 232s + admin_pw=secret 232s + ldap_user=testuser1 232s + ldap_user_pw=testuser1secret 232s + kerberos_principal_pw=testuser1kerberos 232s + ldap_group=ldapusers 232s + adjust_hostname ldap.example.com 232s + local myhostname=ldap.example.com 232s + echo ldap.example.com 232s + hostname ldap.example.com 232s + grep -qE ldap.example.com /etc/hosts 232s + reconfigure_slapd 232s + debconf-set-selections 232s + rm -rf /var/backups/slapd-2.6.9+dfsg-1~exp2ubuntu1 /var/backups/unknown-2.6.9+dfsg-1~exp2ubuntu1-20250117-180950.ldapdb 232s + dpkg-reconfigure -fnoninteractive -pcritical slapd 232s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.9+dfsg-1~exp2ubuntu1... done. 232s Moving old database directory to /var/backups: 232s - directory unknown... done. 232s Creating initial configuration... done. 232s Creating LDAP directory... done. 234s + generate_certs ldap.example.com 234s + local cn=ldap.example.com 234s + local cert=/etc/ldap/server.pem 234s + local key=/etc/ldap/server.key 234s + local cnf=/etc/ldap/openssl.cnf 234s + cat 234s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 234s .............++++++++++++++++++++++++++++++++++++++++++++++modifying entry "cn=config" 234s 234s ++++++++++++++++++ 234s .++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 234s ----- 234s + chmod 0640 /etc/ldap/server.key 234s + chgrp openldap /etc/ldap/server.key 234s + [ ! -f /etc/ldap/server.pem ] 234s + [ ! -f /etc/ldap/server.key ] 234s + enable_ldap_ssl 234s + cat 234s + cat 234s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 234s ldap_modify: Other (e.g., implementation specific) error (80) 235s autopkgtest [18:10:10]: test ldap-user-group-krb5-auth: -----------------------] 235s ldap-user-group-krb5-auth FAIL non-zero exit status 80 235s autopkgtest [18:10:11]: test ldap-user-group-krb5-auth: - - - - - - - - - - results - - - - - - - - - - 236s autopkgtest [18:10:12]: test sssd-softhism2-certificates-tests.sh: preparing testbed 320s autopkgtest [18:11:36]: testbed dpkg architecture: ppc64el 320s autopkgtest [18:11:36]: testbed apt version: 2.9.18 320s autopkgtest [18:11:36]: @@@@@@@@@@@@@@@@@@@@ test bed setup 321s autopkgtest [18:11:37]: testbed release detected to be: plucky 321s autopkgtest [18:11:37]: updating testbed package index (apt update) 322s Get:1 http://ftpmaster.internal/ubuntu plucky-proposed InRelease [73.9 kB] 322s Hit:2 http://ftpmaster.internal/ubuntu plucky InRelease 322s Hit:3 http://ftpmaster.internal/ubuntu plucky-updates InRelease 322s Hit:4 http://ftpmaster.internal/ubuntu plucky-security InRelease 322s Get:5 http://ftpmaster.internal/ubuntu plucky-proposed/restricted Sources [9708 B] 322s Get:6 http://ftpmaster.internal/ubuntu plucky-proposed/universe Sources [855 kB] 323s Get:7 http://ftpmaster.internal/ubuntu plucky-proposed/main Sources [177 kB] 323s Get:8 http://ftpmaster.internal/ubuntu plucky-proposed/multiverse Sources [14.7 kB] 323s Get:9 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el Packages [295 kB] 323s Get:10 http://ftpmaster.internal/ubuntu plucky-proposed/restricted ppc64el Packages [756 B] 323s Get:11 http://ftpmaster.internal/ubuntu plucky-proposed/universe ppc64el Packages [1040 kB] 323s Get:12 http://ftpmaster.internal/ubuntu plucky-proposed/multiverse ppc64el Packages [14.5 kB] 323s Fetched 2480 kB in 1s (1962 kB/s) 325s Reading package lists... 326s Reading package lists... 326s Building dependency tree... 326s Reading state information... 326s Calculating upgrade... 327s The following packages will be upgraded: 327s libgudev-1.0-0 rng-tools-debian usb.ids 327s 3 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 327s Need to get 285 kB of archives. 327s After this operation, 1024 B of additional disk space will be used. 327s Get:1 http://ftpmaster.internal/ubuntu plucky/universe ppc64el rng-tools-debian ppc64el 2.6 [46.3 kB] 327s Get:2 http://ftpmaster.internal/ubuntu plucky/main ppc64el usb.ids all 2025.01.14-1 [223 kB] 327s Get:3 http://ftpmaster.internal/ubuntu plucky/main ppc64el libgudev-1.0-0 ppc64el 1:238-6 [15.7 kB] 328s Fetched 285 kB in 1s (564 kB/s) 329s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74045 files and directories currently installed.) 329s Preparing to unpack .../rng-tools-debian_2.6_ppc64el.deb ... 329s Unpacking rng-tools-debian (2.6) over (2.5) ... 329s Preparing to unpack .../usb.ids_2025.01.14-1_all.deb ... 329s Unpacking usb.ids (2025.01.14-1) over (2024.12.04-1) ... 329s Preparing to unpack .../libgudev-1.0-0_1%3a238-6_ppc64el.deb ... 329s Unpacking libgudev-1.0-0:ppc64el (1:238-6) over (1:238-5ubuntu1) ... 329s Setting up rng-tools-debian (2.6) ... 331s Setting up usb.ids (2025.01.14-1) ... 331s Setting up libgudev-1.0-0:ppc64el (1:238-6) ... 331s Processing triggers for man-db (2.13.0-1) ... 334s Processing triggers for libc-bin (2.40-4ubuntu1) ... 334s Reading package lists... 335s Building dependency tree... 335s Reading state information... 335s 0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded. 336s autopkgtest [18:11:52]: upgrading testbed (apt dist-upgrade and autopurge) 336s Reading package lists... 336s Building dependency tree... 336s Reading state information... 337s Calculating upgrade...Starting pkgProblemResolver with broken count: 0 337s Starting 2 pkgProblemResolver with broken count: 0 337s Done 338s Entering ResolveByKeep 339s 339s The following packages will be upgraded: 339s libldap-common libldap2 339s 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 339s Need to get 269 kB of archives. 339s After this operation, 1024 B of additional disk space will be used. 339s Get:1 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libldap-common all 2.6.9+dfsg-1~exp2ubuntu1 [33.2 kB] 339s Get:2 http://ftpmaster.internal/ubuntu plucky-proposed/main ppc64el libldap2 ppc64el 2.6.9+dfsg-1~exp2ubuntu1 [236 kB] 340s Fetched 269 kB in 0s (582 kB/s) 340s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74045 files and directories currently installed.) 340s Preparing to unpack .../libldap-common_2.6.9+dfsg-1~exp2ubuntu1_all.deb ... 340s Unpacking libldap-common (2.6.9+dfsg-1~exp2ubuntu1) over (2.6.8+dfsg-1~exp4ubuntu3) ... 340s Preparing to unpack .../libldap2_2.6.9+dfsg-1~exp2ubuntu1_ppc64el.deb ... 340s Unpacking libldap2:ppc64el (2.6.9+dfsg-1~exp2ubuntu1) over (2.6.8+dfsg-1~exp4ubuntu3) ... 340s Setting up libldap-common (2.6.9+dfsg-1~exp2ubuntu1) ... 340s Installing new version of config file /etc/ldap/ldap.conf ... 340s Setting up libldap2:ppc64el (2.6.9+dfsg-1~exp2ubuntu1) ... 340s Processing triggers for man-db (2.13.0-1) ... 341s Processing triggers for libc-bin (2.40-4ubuntu1) ... 341s Reading package lists... 342s Building dependency tree... 342s Reading state information... 342s Starting pkgProblemResolver with broken count: 0 342s Starting 2 pkgProblemResolver with broken count: 0 342s Done 343s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 343s autopkgtest [18:11:59]: rebooting testbed after setup commands that affected boot 377s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 389s Reading package lists... 389s Building dependency tree... 389s Reading state information... 389s Starting pkgProblemResolver with broken count: 0 390s Starting 2 pkgProblemResolver with broken count: 0 390s Done 391s The following NEW packages will be installed: 391s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 391s libbasicobjects0t64 libcares2 libcollection4t64 libcrack2 libdhash1t64 391s libevent-2.1-7t64 libgnutls-dane0t64 libini-config5t64 libipa-hbac0t64 391s libldb2 libnfsidmap1 libnss-sss libpam-pwquality libpam-sss 391s libpath-utils1t64 libpwquality-common libpwquality1 libref-array1t64 391s libsmbclient0 libsofthsm2 libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 391s libtalloc2 libtdb1 libtevent0t64 libunbound8 libwbclient0 python3-sss 391s samba-libs softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common 391s sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy 391s 0 upgraded, 45 newly installed, 0 to remove and 0 not upgraded. 391s Need to get 11.6 MB of archives. 391s After this operation, 57.8 MB of additional disk space will be used. 391s Get:1 http://ftpmaster.internal/ubuntu plucky/main ppc64el libevent-2.1-7t64 ppc64el 2.1.12-stable-10 [172 kB] 391s Get:2 http://ftpmaster.internal/ubuntu plucky/main ppc64el libunbound8 ppc64el 1.20.0-1ubuntu2.1 [546 kB] 391s Get:3 http://ftpmaster.internal/ubuntu plucky/main ppc64el libgnutls-dane0t64 ppc64el 3.8.8-2ubuntu1 [25.1 kB] 391s Get:4 http://ftpmaster.internal/ubuntu plucky/universe ppc64el gnutls-bin ppc64el 3.8.8-2ubuntu1 [296 kB] 391s Get:5 http://ftpmaster.internal/ubuntu plucky/main ppc64el libavahi-common-data ppc64el 0.8-14ubuntu1 [30.5 kB] 391s Get:6 http://ftpmaster.internal/ubuntu plucky/main ppc64el libavahi-common3 ppc64el 0.8-14ubuntu1 [26.0 kB] 391s Get:7 http://ftpmaster.internal/ubuntu plucky/main ppc64el libavahi-client3 ppc64el 0.8-14ubuntu1 [31.0 kB] 391s Get:8 http://ftpmaster.internal/ubuntu plucky/main ppc64el libbasicobjects0t64 ppc64el 0.6.2-3 [6070 B] 391s Get:9 http://ftpmaster.internal/ubuntu plucky/main ppc64el libcares2 ppc64el 1.34.4-2.1 [126 kB] 391s Get:10 http://ftpmaster.internal/ubuntu plucky/main ppc64el libcollection4t64 ppc64el 0.6.2-3 [35.1 kB] 391s Get:11 http://ftpmaster.internal/ubuntu plucky/main ppc64el libcrack2 ppc64el 2.9.6-5.2 [31.2 kB] 391s Get:12 http://ftpmaster.internal/ubuntu plucky/main ppc64el libdhash1t64 ppc64el 0.6.2-3 [10.1 kB] 391s Get:13 http://ftpmaster.internal/ubuntu plucky/main ppc64el libpath-utils1t64 ppc64el 0.6.2-3 [10.5 kB] 391s Get:14 http://ftpmaster.internal/ubuntu plucky/main ppc64el libref-array1t64 ppc64el 0.6.2-3 [8006 B] 391s Get:15 http://ftpmaster.internal/ubuntu plucky/main ppc64el libini-config5t64 ppc64el 0.6.2-3 [54.8 kB] 391s Get:16 http://ftpmaster.internal/ubuntu plucky/main ppc64el libipa-hbac0t64 ppc64el 2.9.5-3ubuntu2 [18.4 kB] 391s Get:17 http://ftpmaster.internal/ubuntu plucky/main ppc64el libtalloc2 ppc64el 2.4.2-1build2 [36.7 kB] 391s Get:18 http://ftpmaster.internal/ubuntu plucky/main ppc64el libtdb1 ppc64el 1.4.12-1 [63.0 kB] 391s Get:19 http://ftpmaster.internal/ubuntu plucky/main ppc64el libtevent0t64 ppc64el 0.16.1-3 [50.4 kB] 391s Get:20 http://ftpmaster.internal/ubuntu plucky/main ppc64el libldb2 ppc64el 2:2.9.1+samba4.20.4+dfsg-1ubuntu3 [223 kB] 391s Get:21 http://ftpmaster.internal/ubuntu plucky/main ppc64el libnfsidmap1 ppc64el 1:2.6.4-4ubuntu1 [54.3 kB] 391s Get:22 http://ftpmaster.internal/ubuntu plucky/main ppc64el libpwquality-common all 1.4.5-3build1 [7748 B] 391s Get:23 http://ftpmaster.internal/ubuntu plucky/main ppc64el libpwquality1 ppc64el 1.4.5-3build1 [17.0 kB] 391s Get:24 http://ftpmaster.internal/ubuntu plucky/main ppc64el libpam-pwquality ppc64el 1.4.5-3build1 [12.5 kB] 391s Get:25 http://ftpmaster.internal/ubuntu plucky/main ppc64el libwbclient0 ppc64el 2:4.20.4+dfsg-1ubuntu3 [81.5 kB] 391s Get:26 http://ftpmaster.internal/ubuntu plucky/main ppc64el samba-libs ppc64el 2:4.20.4+dfsg-1ubuntu3 [6867 kB] 392s Get:27 http://ftpmaster.internal/ubuntu plucky/main ppc64el libsmbclient0 ppc64el 2:4.20.4+dfsg-1ubuntu3 [70.7 kB] 392s Get:28 http://ftpmaster.internal/ubuntu plucky/main ppc64el libnss-sss ppc64el 2.9.5-3ubuntu2 [37.0 kB] 392s Get:29 http://ftpmaster.internal/ubuntu plucky/main ppc64el libpam-sss ppc64el 2.9.5-3ubuntu2 [57.0 kB] 392s Get:30 http://ftpmaster.internal/ubuntu plucky/universe ppc64el softhsm2-common ppc64el 2.6.1-2.2ubuntu3 [6198 B] 392s Get:31 http://ftpmaster.internal/ubuntu plucky/universe ppc64el libsofthsm2 ppc64el 2.6.1-2.2ubuntu3 [296 kB] 392s Get:32 http://ftpmaster.internal/ubuntu plucky/main ppc64el libsss-certmap0 ppc64el 2.9.5-3ubuntu2 [54.2 kB] 392s Get:33 http://ftpmaster.internal/ubuntu plucky/main ppc64el libsss-idmap0 ppc64el 2.9.5-3ubuntu2 [25.2 kB] 392s Get:34 http://ftpmaster.internal/ubuntu plucky/main ppc64el libsss-nss-idmap0 ppc64el 2.9.5-3ubuntu2 [38.0 kB] 392s Get:35 http://ftpmaster.internal/ubuntu plucky/main ppc64el python3-sss ppc64el 2.9.5-3ubuntu2 [48.8 kB] 392s Get:36 http://ftpmaster.internal/ubuntu plucky/universe ppc64el softhsm2 ppc64el 2.6.1-2.2ubuntu3 [200 kB] 392s Get:37 http://ftpmaster.internal/ubuntu plucky/main ppc64el sssd-common ppc64el 2.9.5-3ubuntu2 [1276 kB] 392s Get:38 http://ftpmaster.internal/ubuntu plucky/main ppc64el sssd-ad-common ppc64el 2.9.5-3ubuntu2 [87.6 kB] 392s Get:39 http://ftpmaster.internal/ubuntu plucky/main ppc64el sssd-krb5-common ppc64el 2.9.5-3ubuntu2 [103 kB] 392s Get:40 http://ftpmaster.internal/ubuntu plucky/main ppc64el sssd-ad ppc64el 2.9.5-3ubuntu2 [148 kB] 392s Get:41 http://ftpmaster.internal/ubuntu plucky/main ppc64el sssd-ipa ppc64el 2.9.5-3ubuntu2 [238 kB] 392s Get:42 http://ftpmaster.internal/ubuntu plucky/main ppc64el sssd-krb5 ppc64el 2.9.5-3ubuntu2 [14.5 kB] 392s Get:43 http://ftpmaster.internal/ubuntu plucky/main ppc64el sssd-ldap ppc64el 2.9.5-3ubuntu2 [31.7 kB] 392s Get:44 http://ftpmaster.internal/ubuntu plucky/main ppc64el sssd-proxy ppc64el 2.9.5-3ubuntu2 [47.9 kB] 392s Get:45 http://ftpmaster.internal/ubuntu plucky/main ppc64el sssd ppc64el 2.9.5-3ubuntu2 [4122 B] 393s Fetched 11.6 MB in 1s (9622 kB/s) 393s Selecting previously unselected package libevent-2.1-7t64:ppc64el. 393s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74044 files and directories currently installed.) 393s Preparing to unpack .../00-libevent-2.1-7t64_2.1.12-stable-10_ppc64el.deb ... 393s Unpacking libevent-2.1-7t64:ppc64el (2.1.12-stable-10) ... 393s Selecting previously unselected package libunbound8:ppc64el. 393s Preparing to unpack .../01-libunbound8_1.20.0-1ubuntu2.1_ppc64el.deb ... 393s Unpacking libunbound8:ppc64el (1.20.0-1ubuntu2.1) ... 394s Selecting previously unselected package libgnutls-dane0t64:ppc64el. 394s Preparing to unpack .../02-libgnutls-dane0t64_3.8.8-2ubuntu1_ppc64el.deb ... 394s Unpacking libgnutls-dane0t64:ppc64el (3.8.8-2ubuntu1) ... 394s Selecting previously unselected package gnutls-bin. 394s Preparing to unpack .../03-gnutls-bin_3.8.8-2ubuntu1_ppc64el.deb ... 394s Unpacking gnutls-bin (3.8.8-2ubuntu1) ... 394s Selecting previously unselected package libavahi-common-data:ppc64el. 394s Preparing to unpack .../04-libavahi-common-data_0.8-14ubuntu1_ppc64el.deb ... 394s Unpacking libavahi-common-data:ppc64el (0.8-14ubuntu1) ... 394s Selecting previously unselected package libavahi-common3:ppc64el. 394s Preparing to unpack .../05-libavahi-common3_0.8-14ubuntu1_ppc64el.deb ... 394s Unpacking libavahi-common3:ppc64el (0.8-14ubuntu1) ... 394s Selecting previously unselected package libavahi-client3:ppc64el. 394s Preparing to unpack .../06-libavahi-client3_0.8-14ubuntu1_ppc64el.deb ... 394s Unpacking libavahi-client3:ppc64el (0.8-14ubuntu1) ... 394s Selecting previously unselected package libbasicobjects0t64:ppc64el. 394s Preparing to unpack .../07-libbasicobjects0t64_0.6.2-3_ppc64el.deb ... 394s Unpacking libbasicobjects0t64:ppc64el (0.6.2-3) ... 394s Selecting previously unselected package libcares2:ppc64el. 394s Preparing to unpack .../08-libcares2_1.34.4-2.1_ppc64el.deb ... 394s Unpacking libcares2:ppc64el (1.34.4-2.1) ... 394s Selecting previously unselected package libcollection4t64:ppc64el. 394s Preparing to unpack .../09-libcollection4t64_0.6.2-3_ppc64el.deb ... 394s Unpacking libcollection4t64:ppc64el (0.6.2-3) ... 394s Selecting previously unselected package libcrack2:ppc64el. 394s Preparing to unpack .../10-libcrack2_2.9.6-5.2_ppc64el.deb ... 394s Unpacking libcrack2:ppc64el (2.9.6-5.2) ... 394s Selecting previously unselected package libdhash1t64:ppc64el. 394s Preparing to unpack .../11-libdhash1t64_0.6.2-3_ppc64el.deb ... 394s Unpacking libdhash1t64:ppc64el (0.6.2-3) ... 394s Selecting previously unselected package libpath-utils1t64:ppc64el. 394s Preparing to unpack .../12-libpath-utils1t64_0.6.2-3_ppc64el.deb ... 394s Unpacking libpath-utils1t64:ppc64el (0.6.2-3) ... 394s Selecting previously unselected package libref-array1t64:ppc64el. 394s Preparing to unpack .../13-libref-array1t64_0.6.2-3_ppc64el.deb ... 394s Unpacking libref-array1t64:ppc64el (0.6.2-3) ... 394s Selecting previously unselected package libini-config5t64:ppc64el. 394s Preparing to unpack .../14-libini-config5t64_0.6.2-3_ppc64el.deb ... 394s Unpacking libini-config5t64:ppc64el (0.6.2-3) ... 394s Selecting previously unselected package libipa-hbac0t64. 394s Preparing to unpack .../15-libipa-hbac0t64_2.9.5-3ubuntu2_ppc64el.deb ... 394s Unpacking libipa-hbac0t64 (2.9.5-3ubuntu2) ... 394s Selecting previously unselected package libtalloc2:ppc64el. 394s Preparing to unpack .../16-libtalloc2_2.4.2-1build2_ppc64el.deb ... 394s Unpacking libtalloc2:ppc64el (2.4.2-1build2) ... 394s Selecting previously unselected package libtdb1:ppc64el. 394s Preparing to unpack .../17-libtdb1_1.4.12-1_ppc64el.deb ... 394s Unpacking libtdb1:ppc64el (1.4.12-1) ... 394s Selecting previously unselected package libtevent0t64:ppc64el. 394s Preparing to unpack .../18-libtevent0t64_0.16.1-3_ppc64el.deb ... 394s Unpacking libtevent0t64:ppc64el (0.16.1-3) ... 394s Selecting previously unselected package libldb2:ppc64el. 394s Preparing to unpack .../19-libldb2_2%3a2.9.1+samba4.20.4+dfsg-1ubuntu3_ppc64el.deb ... 394s Unpacking libldb2:ppc64el (2:2.9.1+samba4.20.4+dfsg-1ubuntu3) ... 394s Selecting previously unselected package libnfsidmap1:ppc64el. 394s Preparing to unpack .../20-libnfsidmap1_1%3a2.6.4-4ubuntu1_ppc64el.deb ... 394s Unpacking libnfsidmap1:ppc64el (1:2.6.4-4ubuntu1) ... 394s Selecting previously unselected package libpwquality-common. 394s Preparing to unpack .../21-libpwquality-common_1.4.5-3build1_all.deb ... 394s Unpacking libpwquality-common (1.4.5-3build1) ... 394s Selecting previously unselected package libpwquality1:ppc64el. 394s Preparing to unpack .../22-libpwquality1_1.4.5-3build1_ppc64el.deb ... 394s Unpacking libpwquality1:ppc64el (1.4.5-3build1) ... 394s Selecting previously unselected package libpam-pwquality:ppc64el. 394s Preparing to unpack .../23-libpam-pwquality_1.4.5-3build1_ppc64el.deb ... 394s Unpacking libpam-pwquality:ppc64el (1.4.5-3build1) ... 394s Selecting previously unselected package libwbclient0:ppc64el. 394s Preparing to unpack .../24-libwbclient0_2%3a4.20.4+dfsg-1ubuntu3_ppc64el.deb ... 394s Unpacking libwbclient0:ppc64el (2:4.20.4+dfsg-1ubuntu3) ... 394s Selecting previously unselected package samba-libs:ppc64el. 394s Preparing to unpack .../25-samba-libs_2%3a4.20.4+dfsg-1ubuntu3_ppc64el.deb ... 394s Unpacking samba-libs:ppc64el (2:4.20.4+dfsg-1ubuntu3) ... 395s Selecting previously unselected package libsmbclient0:ppc64el. 395s Preparing to unpack .../26-libsmbclient0_2%3a4.20.4+dfsg-1ubuntu3_ppc64el.deb ... 395s Unpacking libsmbclient0:ppc64el (2:4.20.4+dfsg-1ubuntu3) ... 395s Selecting previously unselected package libnss-sss:ppc64el. 395s Preparing to unpack .../27-libnss-sss_2.9.5-3ubuntu2_ppc64el.deb ... 395s Unpacking libnss-sss:ppc64el (2.9.5-3ubuntu2) ... 395s Selecting previously unselected package libpam-sss:ppc64el. 395s Preparing to unpack .../28-libpam-sss_2.9.5-3ubuntu2_ppc64el.deb ... 395s Unpacking libpam-sss:ppc64el (2.9.5-3ubuntu2) ... 395s Selecting previously unselected package softhsm2-common. 395s Preparing to unpack .../29-softhsm2-common_2.6.1-2.2ubuntu3_ppc64el.deb ... 395s Unpacking softhsm2-common (2.6.1-2.2ubuntu3) ... 395s Selecting previously unselected package libsofthsm2. 395s Preparing to unpack .../30-libsofthsm2_2.6.1-2.2ubuntu3_ppc64el.deb ... 395s Unpacking libsofthsm2 (2.6.1-2.2ubuntu3) ... 395s Selecting previously unselected package libsss-certmap0. 395s Preparing to unpack .../31-libsss-certmap0_2.9.5-3ubuntu2_ppc64el.deb ... 395s Unpacking libsss-certmap0 (2.9.5-3ubuntu2) ... 395s Selecting previously unselected package libsss-idmap0. 395s Preparing to unpack .../32-libsss-idmap0_2.9.5-3ubuntu2_ppc64el.deb ... 395s Unpacking libsss-idmap0 (2.9.5-3ubuntu2) ... 395s Selecting previously unselected package libsss-nss-idmap0. 395s Preparing to unpack .../33-libsss-nss-idmap0_2.9.5-3ubuntu2_ppc64el.deb ... 395s Unpacking libsss-nss-idmap0 (2.9.5-3ubuntu2) ... 395s Selecting previously unselected package python3-sss. 395s Preparing to unpack .../34-python3-sss_2.9.5-3ubuntu2_ppc64el.deb ... 395s Unpacking python3-sss (2.9.5-3ubuntu2) ... 395s Selecting previously unselected package softhsm2. 395s Preparing to unpack .../35-softhsm2_2.6.1-2.2ubuntu3_ppc64el.deb ... 395s Unpacking softhsm2 (2.6.1-2.2ubuntu3) ... 396s Selecting previously unselected package sssd-common. 396s Preparing to unpack .../36-sssd-common_2.9.5-3ubuntu2_ppc64el.deb ... 396s Unpacking sssd-common (2.9.5-3ubuntu2) ... 396s Selecting previously unselected package sssd-ad-common. 396s Preparing to unpack .../37-sssd-ad-common_2.9.5-3ubuntu2_ppc64el.deb ... 396s Unpacking sssd-ad-common (2.9.5-3ubuntu2) ... 396s Selecting previously unselected package sssd-krb5-common. 396s Preparing to unpack .../38-sssd-krb5-common_2.9.5-3ubuntu2_ppc64el.deb ... 396s Unpacking sssd-krb5-common (2.9.5-3ubuntu2) ... 396s Selecting previously unselected package sssd-ad. 396s Preparing to unpack .../39-sssd-ad_2.9.5-3ubuntu2_ppc64el.deb ... 396s Unpacking sssd-ad (2.9.5-3ubuntu2) ... 396s Selecting previously unselected package sssd-ipa. 396s Preparing to unpack .../40-sssd-ipa_2.9.5-3ubuntu2_ppc64el.deb ... 396s Unpacking sssd-ipa (2.9.5-3ubuntu2) ... 396s Selecting previously unselected package sssd-krb5. 396s Preparing to unpack .../41-sssd-krb5_2.9.5-3ubuntu2_ppc64el.deb ... 396s Unpacking sssd-krb5 (2.9.5-3ubuntu2) ... 396s Selecting previously unselected package sssd-ldap. 396s Preparing to unpack .../42-sssd-ldap_2.9.5-3ubuntu2_ppc64el.deb ... 396s Unpacking sssd-ldap (2.9.5-3ubuntu2) ... 396s Selecting previously unselected package sssd-proxy. 396s Preparing to unpack .../43-sssd-proxy_2.9.5-3ubuntu2_ppc64el.deb ... 396s Unpacking sssd-proxy (2.9.5-3ubuntu2) ... 396s Selecting previously unselected package sssd. 396s Preparing to unpack .../44-sssd_2.9.5-3ubuntu2_ppc64el.deb ... 396s Unpacking sssd (2.9.5-3ubuntu2) ... 396s Setting up libpwquality-common (1.4.5-3build1) ... 396s Setting up softhsm2-common (2.6.1-2.2ubuntu3) ... 396s Creating config file /etc/softhsm/softhsm2.conf with new version 397s Setting up libnfsidmap1:ppc64el (1:2.6.4-4ubuntu1) ... 397s Setting up libsss-idmap0 (2.9.5-3ubuntu2) ... 397s Setting up libbasicobjects0t64:ppc64el (0.6.2-3) ... 397s Setting up libipa-hbac0t64 (2.9.5-3ubuntu2) ... 397s Setting up libref-array1t64:ppc64el (0.6.2-3) ... 397s Setting up libtdb1:ppc64el (1.4.12-1) ... 397s Setting up libcollection4t64:ppc64el (0.6.2-3) ... 397s Setting up libevent-2.1-7t64:ppc64el (2.1.12-stable-10) ... 397s Setting up libwbclient0:ppc64el (2:4.20.4+dfsg-1ubuntu3) ... 397s Setting up libtalloc2:ppc64el (2.4.2-1build2) ... 397s Setting up libpath-utils1t64:ppc64el (0.6.2-3) ... 397s Setting up libunbound8:ppc64el (1.20.0-1ubuntu2.1) ... 397s Setting up libgnutls-dane0t64:ppc64el (3.8.8-2ubuntu1) ... 397s Setting up libavahi-common-data:ppc64el (0.8-14ubuntu1) ... 397s Setting up libcares2:ppc64el (1.34.4-2.1) ... 397s Setting up libdhash1t64:ppc64el (0.6.2-3) ... 397s Setting up libcrack2:ppc64el (2.9.6-5.2) ... 397s Setting up libsss-nss-idmap0 (2.9.5-3ubuntu2) ... 397s Setting up libini-config5t64:ppc64el (0.6.2-3) ... 397s Setting up libtevent0t64:ppc64el (0.16.1-3) ... 397s Setting up libnss-sss:ppc64el (2.9.5-3ubuntu2) ... 397s Setting up gnutls-bin (3.8.8-2ubuntu1) ... 397s Setting up libsofthsm2 (2.6.1-2.2ubuntu3) ... 397s Setting up softhsm2 (2.6.1-2.2ubuntu3) ... 397s Setting up libavahi-common3:ppc64el (0.8-14ubuntu1) ... 397s Setting up libsss-certmap0 (2.9.5-3ubuntu2) ... 397s Setting up libpwquality1:ppc64el (1.4.5-3build1) ... 397s Setting up libldb2:ppc64el (2:2.9.1+samba4.20.4+dfsg-1ubuntu3) ... 397s Setting up libavahi-client3:ppc64el (0.8-14ubuntu1) ... 397s Setting up libpam-pwquality:ppc64el (1.4.5-3build1) ... 397s Setting up samba-libs:ppc64el (2:4.20.4+dfsg-1ubuntu3) ... 397s Setting up python3-sss (2.9.5-3ubuntu2) ... 397s Setting up libsmbclient0:ppc64el (2:4.20.4+dfsg-1ubuntu3) ... 397s Setting up libpam-sss:ppc64el (2.9.5-3ubuntu2) ... 398s Setting up sssd-common (2.9.5-3ubuntu2) ... 398s Creating SSSD system user & group... 398s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 398s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 398s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 398s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 399s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-autofs.socket' → '/usr/lib/systemd/system/sssd-autofs.socket'. 400s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-nss.socket' → '/usr/lib/systemd/system/sssd-nss.socket'. 400s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket' → '/usr/lib/systemd/system/sssd-pam-priv.socket'. 401s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pam.socket' → '/usr/lib/systemd/system/sssd-pam.socket'. 401s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-ssh.socket' → '/usr/lib/systemd/system/sssd-ssh.socket'. 402s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-sudo.socket' → '/usr/lib/systemd/system/sssd-sudo.socket'. 402s Created symlink '/etc/systemd/system/multi-user.target.wants/sssd.service' → '/usr/lib/systemd/system/sssd.service'. 403s sssd-autofs.service is a disabled or a static unit, not starting it. 403s sssd-nss.service is a disabled or a static unit, not starting it. 403s sssd-pam.service is a disabled or a static unit, not starting it. 403s sssd-ssh.service is a disabled or a static unit, not starting it. 403s sssd-sudo.service is a disabled or a static unit, not starting it. 403s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 403s Setting up sssd-proxy (2.9.5-3ubuntu2) ... 403s Setting up sssd-ad-common (2.9.5-3ubuntu2) ... 404s Created symlink '/etc/systemd/system/sssd.service.wants/sssd-pac.socket' → '/usr/lib/systemd/system/sssd-pac.socket'. 404s sssd-pac.service is a disabled or a static unit, not starting it. 404s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 404s Setting up sssd-krb5-common (2.9.5-3ubuntu2) ... 404s Setting up sssd-krb5 (2.9.5-3ubuntu2) ... 404s Setting up sssd-ldap (2.9.5-3ubuntu2) ... 404s Setting up sssd-ad (2.9.5-3ubuntu2) ... 404s Setting up sssd-ipa (2.9.5-3ubuntu2) ... 405s Setting up sssd (2.9.5-3ubuntu2) ... 405s Processing triggers for man-db (2.13.0-1) ... 408s Processing triggers for libc-bin (2.40-4ubuntu1) ... 416s autopkgtest [18:13:12]: test sssd-softhism2-certificates-tests.sh: [----------------------- 416s + '[' -z ubuntu ']' 416s + required_tools=(p11tool openssl softhsm2-util) 416s + for cmd in "${required_tools[@]}" 416s + command -v p11tool 416s + for cmd in "${required_tools[@]}" 416s + command -v openssl 416s + for cmd in "${required_tools[@]}" 416s + command -v softhsm2-util 416s + PIN=053350 416s +++ find /usr/lib/softhsm/libsofthsm2.so 416s +++ head -n 1 416s ++ realpath /usr/lib/softhsm/libsofthsm2.so 416s + SOFTHSM2_MODULE=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 416s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 416s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 416s + '[' '!' -v NO_SSSD_TESTS ']' 416s + '[' '!' -x /usr/libexec/sssd/p11_child ']' 416s + ca_db_arg=ca_db 416s ++ /usr/libexec/sssd/p11_child --help 416s + p11_child_help='Usage: p11_child [OPTION...] 416s -d, --debug-level=INT Debug level 416s --debug-timestamps=INT Add debug timestamps 416s --debug-microseconds=INT Show timestamps with microseconds 416s --dumpable=INT Allow core dumps 416s --debug-fd=INT An open file descriptor for the debug 416s logs 416s --logger=stderr|files|journald Set logger 416s --auth Run in auth mode 416s --pre Run in pre-auth mode 416s --wait_for_card Wait until card is available 416s --verification Run in verification mode 416s --pin Expect PIN on stdin 416s --keypad Expect PIN on keypad 416s --verify=STRING Tune validation 416s --ca_db=STRING CA DB to use 416s --module_name=STRING Module name for authentication 416s --token_name=STRING Token name for authentication 416s --key_id=STRING Key ID for authentication 416s --label=STRING Label for authentication 416s --certificate=STRING certificate to verify, base64 encoded 416s --uri=STRING PKCS#11 URI to restrict selection 416s --chain-id=LONG Tevent chain ID used for logging 416s purposes 416s 416s Help options: 416s -?, --help Show this help message 416s --usage Display brief usage message' 416s + echo 'Usage: p11_child [OPTION...] 416s -d, --debug-level=INT Debug level 416s --debug-timestamps=INT Add debug timestamps 416s --debug-microseconds=INT Show timestamps with microseconds 416s --dumpable=INT Allow core dumps 416s --debug-fd=INT An open file descriptor for the debug 416s logs 416s --logger=stderr|files|journald Set logger 416s --auth Run in auth mode 416s --pre Run in pre-auth mode 416s --wait_for_card Wait until card is available 416s --verification Run in verification mode 416s --pin Expect PIN on stdin 416s --keypad Expect PIN on keypad 416s --verify=STRING Tune validation 416s --ca_db=STRING CA DB to use 416s --module_name=STRING Module name for authentication 416s --token_name=STRING Token name for authentication 416s --key_id=STRING Key ID for authentication 416s --label=STRING Label for authentication 416s --certificate=STRING certificate to verify, base64 encoded 416s --uri=STRING PKCS#11 URI to restrict selection 416s --chain-id=LONG Tevent chain ID used for logging 416s purposes 416s 416s Help options: 416s -?, --help Show this help message 416s --usage Display brief usage message' 416s + grep nssdb -qs 416s + echo 'Usage: p11_child [OPTION...] 416s -d, --debug-level=INT Debug level 416s --debug-timestamps=INT Add debug timestamps 416s --debug-microseconds=INT Show timestamps with microseconds 416s --dumpable=INT Allow core dumps 416s --debug-fd=INT An open file descriptor for the debug 416s logs 416s --logger=stderr|files|journald Set logger 416s --auth Run in auth mode 416s --pre Run in pre-auth mode 416s --wait_for_card Wait until card is available 416s --verification Run in verification mode 416s --pin Expect PIN on stdin 416s --keypad Expect PIN on keypad 416s --verify=STRING Tune validation 416s --ca_db=STRING CA DB to use 416s --module_name=STRING Module name for authentication 416s --token_name=STRING Token name for authentication 416s --key_id=STRING Key ID for authentication 416s --label=STRING Label for authentication 416s --certificate=STRING certificate to verify, base64 encoded 416s --uri=STRING PKCS#11 URI to restrict selection 416s --chain-id=LONG Tevent chain ID used for logging 416s purposes 416s 416s Help options: 416s -?, --help Show this help message 416s --usage Display brief usage message' 416s + grep -qs -- --ca_db 416s + '[' '!' -e /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so ']' 416s ++ mktemp -d -t sssd-softhsm2-XXXXXX 416s + tmpdir=/tmp/sssd-softhsm2-xBJWcZ 416s + keys_size=1024 416s + [[ ! -v KEEP_TEMPORARY_FILES ]] 416s + trap 'rm -rf "$tmpdir"' EXIT 416s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 416s + echo -n 01 416s + touch /tmp/sssd-softhsm2-xBJWcZ/index.txt 416s + mkdir -p /tmp/sssd-softhsm2-xBJWcZ/new_certs 416s + cat 416s + root_ca_key_pass=pass:random-root-CA-password-24052 416s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-key.pem -passout pass:random-root-CA-password-24052 1024 416s + openssl req -passin pass:random-root-CA-password-24052 -batch -config /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 416s + openssl x509 -noout -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 416s + cat 416s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-7092 416s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-7092 1024 416s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-7092 -config /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.config -key /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-24052 -sha256 -out /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-certificate-request.pem 416s + openssl req -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-certificate-request.pem 416s Certificate Request: 416s Data: 416s Version: 1 (0x0) 416s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate CA 416s Subject Public Key Info: 416s Public Key Algorithm: rsaEncryption 416s Public-Key: (1024 bit) 416s Modulus: 416s 00:c9:07:f3:81:4b:86:8d:11:d1:80:5a:9a:a4:18: 416s 29:81:e4:d7:91:fc:5c:ea:06:2c:67:f2:f0:a5:f4: 416s 27:ea:38:1c:0f:4f:b0:42:53:d9:a6:02:9e:26:41: 416s 83:28:32:07:c9:01:5d:aa:de:59:bd:b9:c8:c0:d3: 416s 6d:e7:d3:0e:dc:7b:4b:1b:54:8b:dc:0c:49:ef:91: 416s 2d:2d:df:b8:85:67:cb:24:d8:ec:8a:f8:76:86:d2: 416s 58:95:43:7b:cc:7b:8b:66:30:a1:37:b0:b8:07:80: 416s f2:60:e5:0e:6c:60:1e:71:e4:48:2f:f5:83:a9:0f: 416s 7e:c7:61:e8:3b:0b:3a:f1:9d 416s Exponent: 65537 (0x10001) 416s Attributes: 416s (none) 416s Requested Extensions: 416s Signature Algorithm: sha256WithRSAEncryption 416s Signature Value: 416s bd:25:03:c1:81:f1:e0:2f:76:d4:b9:4e:7e:7b:86:a5:f7:c9: 416s de:b6:78:81:2f:9a:c5:c9:ff:8d:7b:4c:a4:c3:19:19:5e:8c: 416s b0:4a:7f:f7:9f:55:2a:5d:06:99:32:9a:d8:5c:0d:31:ea:19: 416s a3:81:40:06:56:48:1e:56:8e:75:05:fa:9a:9e:e9:de:3d:6a: 416s ea:cf:90:09:ec:8d:8a:27:fe:46:0a:b0:e8:b1:02:7b:0d:cc: 416s 10:f8:ba:9a:b6:ae:70:8e:3a:b6:53:ce:a6:b7:aa:35:10:80: 416s 26:7d:17:35:d5:6e:f4:2a:7e:9e:cf:a4:ec:6e:42:98:1c:70: 416s 5c:36 416s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.config -passin pass:random-root-CA-password-24052 -keyfile /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-key.pem -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem 416s Using configuration from /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.config 416s Check that the request matches the signature 416s Signature ok 416s Certificate Details: 416s Serial Number: 1 (0x1) 416s Validity 416s Not Before: Jan 17 18:13:12 2025 GMT 416s Not After : Jan 17 18:13:12 2026 GMT 416s Subject: 416s organizationName = Test Organization 416s organizationalUnitName = Test Organization Unit 416s commonName = Test Organization Intermediate CA 416s X509v3 extensions: 416s X509v3 Subject Key Identifier: 416s D6:45:A0:D2:F3:22:1F:83:2D:9C:D3:DE:19:BA:48:BE:7C:9E:88:B2 416s X509v3 Authority Key Identifier: 416s keyid:22:E3:34:DD:70:8C:B2:72:64:D1:3F:60:B6:24:87:F3:C2:55:0E:87 416s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 416s serial:00 416s X509v3 Basic Constraints: 416s CA:TRUE 416s X509v3 Key Usage: critical 416s Digital Signature, Certificate Sign, CRL Sign 416s Certificate is to be certified until Jan 17 18:13:12 2026 GMT (365 days) 416s 416s Write out database with 1 new entries 416s Database updated 416s + openssl x509 -noout -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem 416s + openssl verify -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem 417s /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem: OK 417s + cat 417s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-2978 417s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-2978 1024 417s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-2978 -config /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-7092 -sha256 -out /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-certificate-request.pem 417s + openssl req -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-certificate-request.pem 417s Certificate Request: 417s Data: 417s Version: 1 (0x0) 417s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate CA 417s Subject Public Key Info: 417s Public Key Algorithm: rsaEncryption 417s Public-Key: (1024 bit) 417s Modulus: 417s 00:be:db:f2:37:7e:5a:f7:da:e9:f9:97:40:d4:35: 417s 99:05:4b:18:98:81:7e:a7:94:bd:38:6d:7b:8f:ea: 417s ad:b2:77:cf:f3:f6:05:0e:04:02:dd:32:27:66:ee: 417s c6:8d:69:7a:d9:9a:75:d7:91:de:2b:ff:d7:ae:85: 417s a6:7e:ef:02:21:7a:46:25:d7:93:de:aa:12:20:cc: 417s 23:28:95:c9:bb:82:0b:51:a4:5a:e3:fd:a6:e6:8b: 417s e9:a9:d0:85:8e:27:d7:a8:86:e0:2e:52:b2:5b:31: 417s 0b:0f:64:30:95:d1:51:b3:80:c6:2c:3b:91:15:b2: 417s 96:c1:82:d0:1e:eb:13:f2:3d 417s Exponent: 65537 (0x10001) 417s Attributes: 417s (none) 417s Requested Extensions: 417s Signature Algorithm: sha256WithRSAEncryption 417s Signature Value: 417s a0:2e:38:72:ab:a9:ae:05:97:18:35:17:7d:2b:86:5d:99:8d: 417s bc:18:06:87:cf:3a:f6:7b:f1:04:df:e2:2d:c1:d9:11:8f:ee: 417s 2c:18:14:1e:43:3e:f6:7c:7b:58:78:00:a6:2b:01:d0:1c:1c: 417s 50:88:98:44:aa:23:3b:6e:7a:9e:03:af:c9:51:d5:b5:8c:30: 417s 60:6f:a9:7d:de:6a:f2:86:72:04:26:68:2c:ca:d8:83:a3:78: 417s 29:56:6d:19:04:57:f6:ab:64:f0:6f:62:45:f0:a0:b5:b2:c3: 417s e8:9f:cb:f3:84:f0:0d:c6:43:8e:5f:b5:62:4b:25:38:87:d1: 417s cd:62 417s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-7092 -keyfile /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem 417s Using configuration from /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.config 417s Check that the request matches the signature 417s Signature ok 417s Certificate Details: 417s Serial Number: 2 (0x2) 417s Validity 417s Not Before: Jan 17 18:13:13 2025 GMT 417s Not After : Jan 17 18:13:13 2026 GMT 417s Subject: 417s organizationName = Test Organization 417s organizationalUnitName = Test Organization Unit 417s commonName = Test Organization Sub Intermediate CA 417s X509v3 extensions: 417s X509v3 Subject Key Identifier: 417s FE:B3:AC:55:BA:A7:ED:0C:EF:D3:88:24:B4:D6:AB:54:7A:9C:72:DE 417s X509v3 Authority Key Identifier: 417s keyid:D6:45:A0:D2:F3:22:1F:83:2D:9C:D3:DE:19:BA:48:BE:7C:9E:88:B2 417s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 417s serial:01 417s X509v3 Basic Constraints: 417s CA:TRUE 417s X509v3 Key Usage: critical 417s Digital Signature, Certificate Sign, CRL Sign 417s Certificate is to be certified until Jan 17 18:13:13 2026 GMT (365 days) 417s 417s Write out database with 1 new entries 417s Database updated 417s + openssl x509 -noout -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem 417s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem 417s /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem: OK 417s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem 417s + local cmd=openssl 417s + shift 417s + openssl verify -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem 417s O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate CA 417s error 20 at 0 depth lookup: unable to get local issuer certificate 417s error /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem: verification failed 417s + cat 417s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-4408 417s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-4408 1024 417s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-4408 -key /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001-request.pem 417s + openssl req -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001-request.pem 417s Certificate Request: 417s Data: 417s Version: 1 (0x0) 417s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root Trusted Certificate 0001 417s Subject Public Key Info: 417s Public Key Algorithm: rsaEncryption 417s Public-Key: (1024 bit) 417s Modulus: 417s 00:b7:08:69:a0:72:a7:83:eb:8a:e8:28:98:a6:d4: 417s 51:fb:7b:7b:94:ae:a4:de:00:c9:fd:7d:42:6d:4d: 417s 33:ba:db:b8:38:a6:eb:9f:da:ff:34:2c:79:c6:51: 417s be:f3:b7:64:aa:a2:26:c3:0c:03:a6:c9:33:80:b8: 417s 53:c1:86:a2:ed:d7:e1:7d:28:c8:9a:4f:36:8d:e7: 417s 5b:4f:bd:9f:42:b2:59:16:c6:c7:58:6b:24:bd:27: 417s 76:51:66:23:e8:db:5e:1d:86:78:fd:43:0a:d2:10: 417s d8:66:b0:c4:72:fe:8c:bd:26:7c:8b:1d:6a:ba:2b: 417s 03:6f:33:cc:b6:78:b6:23:41 417s Exponent: 65537 (0x10001) 417s Attributes: 417s Requested Extensions: 417s X509v3 Basic Constraints: 417s CA:FALSE 417s Netscape Cert Type: 417s SSL Client, S/MIME 417s Netscape Comment: 417s Test Organization Root CA trusted Certificate 417s X509v3 Subject Key Identifier: 417s 37:EE:08:14:84:4D:D7:4D:21:54:1C:C9:6C:10:6C:44:5A:DB:77:1C 417s X509v3 Key Usage: critical 417s Digital Signature, Non Repudiation, Key Encipherment 417s X509v3 Extended Key Usage: 417s TLS Web Client Authentication, E-mail Protection 417s X509v3 Subject Alternative Name: 417s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 417s Signature Algorithm: sha256WithRSAEncryption 417s Signature Value: 417s 04:3a:26:10:bc:43:a6:3f:ed:c3:df:a5:39:9d:1b:d9:69:8a: 417s 86:b6:7f:0d:6e:7e:1c:bf:d5:2b:29:7d:06:6a:a8:ad:4a:09: 417s b7:e6:53:d6:99:d6:5c:03:12:8d:df:6e:ff:a9:23:80:58:ad: 417s 4f:0c:16:38:79:ca:f1:db:68:2b:2e:65:71:74:86:98:8d:e0: 417s 5c:d6:f5:7b:88:eb:ef:7a:cd:94:3d:93:be:8b:87:de:7e:1d: 417s 6f:51:04:da:83:af:b9:b6:f9:36:f1:2a:87:f2:16:8d:d6:97: 417s 05:05:18:f9:df:bb:a8:7d:98:2e:39:89:1f:fe:32:3a:59:86: 417s df:9f 417s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.config -passin pass:random-root-CA-password-24052 -keyfile /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-key.pem -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 417s Using configuration from /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.config 417s Check that the request matches the signature 417s Signature ok 417s Certificate Details: 417s Serial Number: 3 (0x3) 417s Validity 417s Not Before: Jan 17 18:13:13 2025 GMT 417s Not After : Jan 17 18:13:13 2026 GMT 417s Subject: 417s organizationName = Test Organization 417s organizationalUnitName = Test Organization Unit 417s commonName = Test Organization Root Trusted Certificate 0001 417s X509v3 extensions: 417s X509v3 Authority Key Identifier: 417s 22:E3:34:DD:70:8C:B2:72:64:D1:3F:60:B6:24:87:F3:C2:55:0E:87 417s X509v3 Basic Constraints: 417s CA:FALSE 417s Netscape Cert Type: 417s SSL Client, S/MIME 417s Netscape Comment: 417s Test Organization Root CA trusted Certificate 417s X509v3 Subject Key Identifier: 417s 37:EE:08:14:84:4D:D7:4D:21:54:1C:C9:6C:10:6C:44:5A:DB:77:1C 417s X509v3 Key Usage: critical 417s Digital Signature, Non Repudiation, Key Encipherment 417s X509v3 Extended Key Usage: 417s TLS Web Client Authentication, E-mail Protection 417s X509v3 Subject Alternative Name: 417s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 417s Certificate is to be certified until Jan 17 18:13:13 2026 GMT (365 days) 417s 417s Write out database with 1 new entries 417s Database updated 417s + openssl x509 -noout -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 417s + openssl verify -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 417s /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem: OK 417s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 417s + local cmd=openssl 417s + shift 417s + openssl verify -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 417s O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root Trusted Certificate 0001 417s error 20 at 0 depth lookup: unable to get local issuer certificate 417s error /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem: verification failed 417s + cat 417s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-27330 417s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-27330 1024 417s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-27330 -key /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001-request.pem 417s + openssl req -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001-request.pem 417s Certificate Request: 417s Data: 417s Version: 1 (0x0) 417s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate Trusted Certificate 0001 417s Subject Public Key Info: 417s Public Key Algorithm: rsaEncryption 417s Public-Key: (1024 bit) 417s Modulus: 417s 00:a3:a6:e7:53:00:bd:b3:08:3f:20:2f:42:2e:10: 417s 5b:88:4f:16:48:11:a4:a0:75:46:91:09:79:1d:a5: 417s 2a:b8:65:10:55:48:9e:70:a1:16:dd:68:a2:b7:91: 417s 8b:9d:86:03:47:ea:a6:d1:92:3d:ab:18:b3:fe:a9: 417s 15:3a:7f:f1:c7:e9:f4:a5:e9:b6:9f:31:c8:b5:54: 417s 76:24:78:04:6b:aa:19:2e:93:1f:49:94:1c:c1:58: 417s 5c:b3:f6:a0:c3:94:67:c8:e1:32:6d:2c:50:50:78: 417s c4:7d:d7:f7:0b:a3:7a:a1:a6:da:7b:ca:04:49:2d: 417s 16:b1:72:49:e7:ad:e3:d1:59 417s Exponent: 65537 (0x10001) 417s Attributes: 417s Requested Extensions: 417s X509v3 Basic Constraints: 417s CA:FALSE 417s Netscape Cert Type: 417s SSL Client, S/MIME 417s Netscape Comment: 417s Test Organization Intermediate CA trusted Certificate 417s X509v3 Subject Key Identifier: 417s 67:A0:11:61:E5:33:05:8F:DA:91:17:33:40:69:9C:87:4F:34:C4:59 417s X509v3 Key Usage: critical 417s Digital Signature, Non Repudiation, Key Encipherment 417s X509v3 Extended Key Usage: 417s TLS Web Client Authentication, E-mail Protection 417s X509v3 Subject Alternative Name: 417s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 417s Signature Algorithm: sha256WithRSAEncryption 417s Signature Value: 417s a0:bd:88:d2:6e:8d:96:31:b7:78:df:38:a8:f1:ce:fb:40:b2: 417s 71:24:2b:69:54:d2:e9:49:79:6f:f6:63:5c:97:ac:11:94:bc: 417s f5:b3:21:ec:a5:cc:55:7d:f9:65:d9:75:6b:7a:3d:77:75:fb: 417s 9a:2c:d1:ae:90:c9:ad:cb:e4:87:c7:3f:35:01:8c:eb:28:3d: 417s 27:df:e7:d6:45:9e:e4:ed:4e:f6:cc:df:87:a4:52:a8:be:e3: 417s d7:5d:7e:7a:4e:dc:72:13:32:df:36:c6:44:79:88:5d:8e:ce: 417s 1c:b7:55:51:71:0e:e8:0c:01:b3:fe:3a:bc:fc:55:e1:58:c9: 417s cb:b5 417s + openssl ca -passin pass:random-intermediate-CA-password-7092 -config /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 417s Using configuration from /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.config 417s Check that the request matches the signature 417s Signature ok 417s Certificate Details: 417s Serial Number: 4 (0x4) 417s Validity 417s Not Before: Jan 17 18:13:13 2025 GMT 417s Not After : Jan 17 18:13:13 2026 GMT 417s Subject: 417s organizationName = Test Organization 417s organizationalUnitName = Test Organization Unit 417s commonName = Test Organization Intermediate Trusted Certificate 0001 417s X509v3 extensions: 417s X509v3 Authority Key Identifier: 417s D6:45:A0:D2:F3:22:1F:83:2D:9C:D3:DE:19:BA:48:BE:7C:9E:88:B2 417s X509v3 Basic Constraints: 417s CA:FALSE 417s Netscape Cert Type: 417s SSL Client, S/MIME 417s Netscape Comment: 417s Test Organization Intermediate CA trusted Certificate 417s X509v3 Subject Key Identifier: 417s 67:A0:11:61:E5:33:05:8F:DA:91:17:33:40:69:9C:87:4F:34:C4:59 417s X509v3 Key Usage: critical 417s Digital Signature, Non Repudiation, Key Encipherment 417s X509v3 Extended Key Usage: 417s TLS Web Client Authentication, E-mail Protection 417s X509v3 Subject Alternative Name: 417s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 417s Certificate is to be certified until Jan 17 18:13:13 2026 GMT (365 days) 417s 417s Write out database with 1 new entries 417s Database updated 417s + openssl x509 -noout -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 417s + echo 'This certificate should not be trusted fully' 417s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 417s + local cmd=openssl 417s + shift 417s This certificate should not be trusted fully 417s + openssl verify -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 417s O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate CA 417s error 2 at 1 depth lookup: unable to get issuer certificate 417s error /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 417s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 417s /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem: OK 417s + cat 417s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29418 417s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-29418 1024 417s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-29418 -key /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 417s + openssl req -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 417s Certificate Request: 417s Data: 417s Version: 1 (0x0) 417s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate Trusted Certificate 0001 417s Subject Public Key Info: 417s Public Key Algorithm: rsaEncryption 417s Public-Key: (1024 bit) 417s Modulus: 417s 00:b8:b6:75:25:8d:12:fd:5e:77:0f:bf:bf:71:c9: 417s ce:23:27:c5:23:40:80:d7:58:51:1c:54:7e:3e:49: 417s fd:b5:5a:cb:d6:98:4a:26:3e:f1:ca:e0:89:f1:14: 417s 15:66:bb:f0:d5:05:9c:8a:0d:f4:fb:10:f3:04:b3: 417s a0:d6:6e:c3:ff:8f:c9:e1:b2:59:a1:e6:44:2a:a8: 417s 1a:e6:ad:77:a6:94:10:bc:68:ef:1e:c1:e1:ec:03: 417s 88:7d:a1:78:c5:e5:cd:15:4a:d2:64:de:e9:29:69: 417s 67:2c:11:ff:79:ef:29:86:d3:27:bc:3b:a4:f1:7b: 417s 27:d5:0d:d1:1f:05:cc:44:af 417s Exponent: 65537 (0x10001) 417s Attributes: 417s Requested Extensions: 417s X509v3 Basic Constraints: 417s CA:FALSE 417s Netscape Cert Type: 417s SSL Client, S/MIME 417s Netscape Comment: 417s Test Organization Sub Intermediate CA trusted Certificate 417s X509v3 Subject Key Identifier: 417s 59:4A:25:05:3C:93:97:1E:FF:A2:57:0A:8F:06:E3:6F:5F:3C:51:87 417s X509v3 Key Usage: critical 417s Digital Signature, Non Repudiation, Key Encipherment 417s X509v3 Extended Key Usage: 417s TLS Web Client Authentication, E-mail Protection 417s X509v3 Subject Alternative Name: 417s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 417s Signature Algorithm: sha256WithRSAEncryption 417s Signature Value: 417s 32:50:cc:10:c8:ae:f0:c7:8a:c5:7d:88:34:b8:1b:18:fd:e4: 417s 5f:8f:02:5c:1e:99:d4:2c:1f:fa:86:4d:36:2e:b6:f0:8f:34: 417s 38:a1:3d:ae:ae:63:0f:b6:9e:6f:4d:c6:e7:a7:34:31:55:a1: 417s 45:62:7e:85:0e:7d:5f:b1:84:ed:8c:20:70:eb:90:3a:87:07: 417s d6:b1:00:bd:d9:01:69:de:b7:d1:73:63:75:64:ac:6b:2c:4e: 417s 13:14:f3:1d:0f:cd:ff:43:92:b8:8c:62:95:1c:47:e6:5a:1a: 417s ad:39:02:53:3b:8b:86:f5:b5:2e:65:2c:b5:be:d5:49:11:6b: 417s 76:0f 417s + openssl ca -passin pass:random-sub-intermediate-CA-password-2978 -config /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s Using configuration from /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.config 417s Check that the request matches the signature 417s Signature ok 417s Certificate Details: 417s Serial Number: 5 (0x5) 417s Validity 417s Not Before: Jan 17 18:13:13 2025 GMT 417s Not After : Jan 17 18:13:13 2026 GMT 417s Subject: 417s organizationName = Test Organization 417s organizationalUnitName = Test Organization Unit 417s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 417s X509v3 extensions: 417s X509v3 Authority Key Identifier: 417s FE:B3:AC:55:BA:A7:ED:0C:EF:D3:88:24:B4:D6:AB:54:7A:9C:72:DE 417s X509v3 Basic Constraints: 417s CA:FALSE 417s Netscape Cert Type: 417s SSL Client, S/MIME 417s Netscape Comment: 417s Test Organization Sub Intermediate CA trusted Certificate 417s X509v3 Subject Key Identifier: 417s 59:4A:25:05:3C:93:97:1E:FF:A2:57:0A:8F:06:E3:6F:5F:3C:51:87 417s X509v3 Key Usage: critical 417s Digital Signature, Non Repudiation, Key Encipherment 417s X509v3 Extended Key Usage: 417s TLS Web Client Authentication, E-mail Protection 417s X509v3 Subject Alternative Name: 417s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 417s Certificate is to be certified until Jan 17 18:13:13 2026 GMT (365 days) 417s 417s Write out database with 1 new entries 417s Database updated 417s + openssl x509 -noout -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s This certificate should not be trusted fully 417s + echo 'This certificate should not be trusted fully' 417s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local cmd=openssl 417s + shift 417s + openssl verify -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate CA 417s error 2 at 1 depth lookup: unable to get issuer certificate 417s error /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 417s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local cmd=openssl 417s + shift 417s + openssl verify -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate Trusted Certificate 0001 417s error 20 at 0 depth lookup: unable to get local issuer certificate 417s error /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 417s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 417s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s + local cmd=openssl 417s + shift 417s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s Building a the full-chain CA file... 417s O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate Trusted Certificate 0001 417s error 20 at 0 depth lookup: unable to get local issuer certificate 417s error /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 417s + echo 'Building a the full-chain CA file...' 417s + cat /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem 417s + cat /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem 417s + cat /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem 417s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 417s + openssl pkcs7 -print_certs -noout 417s subject=O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root CA 417s issuer=O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root CA 417s 417s subject=O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate CA 417s issuer=O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root CA 417s 417s subject=O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate CA 417s issuer=O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate CA 417s 417s + openssl verify -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem 417s /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem: OK 417s + openssl verify -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 417s /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem: OK 417s + openssl verify -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 417s /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem: OK 417s + openssl verify -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-root-intermediate-chain-CA.pem 417s /tmp/sssd-softhsm2-xBJWcZ/test-root-intermediate-chain-CA.pem: OK 417s + openssl verify -CAfile /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 417s /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 417s Certificates generation completed! 417s + echo 'Certificates generation completed!' 417s + [[ -v NO_SSSD_TESTS ]] 417s + invalid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 /dev/null 417s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 /dev/null 417s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-root-ca-trusted-cert-0001-4408 417s + local key_ring=/dev/null 417s + local verify_option= 417s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 417s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 417s + local key_pass=pass:random-root-ca-trusted-cert-0001-4408 417s + local key_cn 417s + local key_name 417s + local tokens_dir 417s + local output_cert_file 417s + token_name= 417s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem .pem 417s + key_name=test-root-CA-trusted-certificate-0001 417s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 417s ++ sed -n 's/ *commonName *= //p' 417s + key_cn='Test Organization Root Trusted Certificate 0001' 417s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 417s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf 417s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf 417s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 417s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001 417s + token_name='Test Organization Root Tr Token' 417s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 417s + local key_file 417s + local decrypted_key 417s + mkdir -p /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001 417s + key_file=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001-key.pem 417s + decrypted_key=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001-key-decrypted.pem 417s + cat 417s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 053350 --so-pin 053350 --free 417s Slot 0 has a free/uninitialized token. 417s The token has been initialized and is reassigned to slot 1342709861 417s + softhsm2-util --show-slots 417s Available slots: 417s Slot 1342709861 417s Slot info: 417s Description: SoftHSM slot ID 0x50082065 417s Manufacturer ID: SoftHSM project 417s Hardware version: 2.6 417s Firmware version: 2.6 417s Token present: yes 417s Token info: 417s Manufacturer ID: SoftHSM project 417s Model: SoftHSM v2 417s Hardware version: 2.6 417s Firmware version: 2.6 417s Serial number: 28a6eb8650082065 417s Initialized: yes 417s User PIN init.: yes 417s Label: Test Organization Root Tr Token 417s Slot 1 417s Slot info: 417s Description: SoftHSM slot ID 0x1 417s Manufacturer ID: SoftHSM project 417s Hardware version: 2.6 417s Firmware version: 2.6 417s Token present: yes 417s Token info: 417s Manufacturer ID: SoftHSM project 417s Model: SoftHSM v2 417s Hardware version: 2.6 417s Firmware version: 2.6 417s Serial number: 417s Initialized: no 417s User PIN init.: no 417s Label: 417s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 417s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-4408 -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001-key-decrypted.pem 417s writing RSA key 417s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 417s + rm /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001-key-decrypted.pem 417s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 417s Object 0: 417s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=28a6eb8650082065;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 417s Type: X.509 Certificate (RSA-1024) 417s Expires: Sat Jan 17 18:13:13 2026 417s Label: Test Organization Root Trusted Certificate 0001 417s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 417s 417s Test Organization Root Tr Token 417s + echo 'Test Organization Root Tr Token' 417s + '[' -n '' ']' 417s + local output_base_name=SSSD-child-18335 417s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-18335.output 417s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-18335.pem 417s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 417s [p11_child[2268]] [main] (0x0400): p11_child started. 417s [p11_child[2268]] [main] (0x2000): Running in [pre-auth] mode. 417s [p11_child[2268]] [main] (0x2000): Running with effective IDs: [0][0]. 417s [p11_child[2268]] [main] (0x2000): Running with real IDs [0][0]. 417s [p11_child[2268]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 417s [p11_child[2268]] [do_work] (0x0040): init_verification failed. 417s [p11_child[2268]] [main] (0x0020): p11_child failed (5) 417s + return 2 418s + valid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 /dev/null no_verification 418s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 /dev/null no_verification 418s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 418s + local key_pass=pass:random-root-ca-trusted-cert-0001-4408 418s + local key_ring=/dev/null 418s + local verify_option=no_verification 418s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 418s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 418s + local key_pass=pass:random-root-ca-trusted-cert-0001-4408 418s + local key_cn 418s + local key_name 418s + local tokens_dir 418s + local output_cert_file 418s + token_name= 418s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem .pem 418s + key_name=test-root-CA-trusted-certificate-0001 418s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 418s ++ sed -n 's/ *commonName *= //p' 418s + key_cn='Test Organization Root Trusted Certificate 0001' 418s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 418s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf 418s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf 418s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 418s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001 418s Test Organization Root Tr Token 418s + token_name='Test Organization Root Tr Token' 418s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 418s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001 ']' 418s + echo 'Test Organization Root Tr Token' 418s + '[' -n no_verification ']' 418s + local verify_arg=--verify=no_verification 418s + local output_base_name=SSSD-child-23642 418s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-23642.output 418s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-23642.pem 418s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 418s [p11_child[2274]] [main] (0x0400): p11_child started. 418s [p11_child[2274]] [main] (0x2000): Running in [pre-auth] mode. 418s [p11_child[2274]] [main] (0x2000): Running with effective IDs: [0][0]. 418s [p11_child[2274]] [main] (0x2000): Running with real IDs [0][0]. 418s [p11_child[2274]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 418s [p11_child[2274]] [do_card] (0x4000): Module List: 418s [p11_child[2274]] [do_card] (0x4000): common name: [softhsm2]. 418s [p11_child[2274]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 418s [p11_child[2274]] [do_card] (0x4000): Description [SoftHSM slot ID 0x50082065] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 418s [p11_child[2274]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 418s [p11_child[2274]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x50082065][1342709861] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 418s [p11_child[2274]] [do_card] (0x4000): Login NOT required. 418s [p11_child[2274]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 418s [p11_child[2274]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 418s [p11_child[2274]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x50082065;slot-manufacturer=SoftHSM%20project;slot-id=1342709861;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=28a6eb8650082065;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 418s [p11_child[2274]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 418s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-23642.output 418s + echo '-----BEGIN CERTIFICATE-----' 418s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-23642.output 418s + echo '-----END CERTIFICATE-----' 418s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-23642.pem 418s Certificate: 418s Data: 418s Version: 3 (0x2) 418s Serial Number: 3 (0x3) 418s Signature Algorithm: sha256WithRSAEncryption 418s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root CA 418s Validity 418s Not Before: Jan 17 18:13:13 2025 GMT 418s Not After : Jan 17 18:13:13 2026 GMT 418s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root Trusted Certificate 0001 418s Subject Public Key Info: 418s Public Key Algorithm: rsaEncryption 418s Public-Key: (1024 bit) 418s Modulus: 418s 00:b7:08:69:a0:72:a7:83:eb:8a:e8:28:98:a6:d4: 418s 51:fb:7b:7b:94:ae:a4:de:00:c9:fd:7d:42:6d:4d: 418s 33:ba:db:b8:38:a6:eb:9f:da:ff:34:2c:79:c6:51: 418s be:f3:b7:64:aa:a2:26:c3:0c:03:a6:c9:33:80:b8: 418s 53:c1:86:a2:ed:d7:e1:7d:28:c8:9a:4f:36:8d:e7: 418s 5b:4f:bd:9f:42:b2:59:16:c6:c7:58:6b:24:bd:27: 418s 76:51:66:23:e8:db:5e:1d:86:78:fd:43:0a:d2:10: 418s d8:66:b0:c4:72:fe:8c:bd:26:7c:8b:1d:6a:ba:2b: 418s 03:6f:33:cc:b6:78:b6:23:41 418s Exponent: 65537 (0x10001) 418s X509v3 extensions: 418s X509v3 Authority Key Identifier: 418s 22:E3:34:DD:70:8C:B2:72:64:D1:3F:60:B6:24:87:F3:C2:55:0E:87 418s X509v3 Basic Constraints: 418s CA:FALSE 418s Netscape Cert Type: 418s SSL Client, S/MIME 418s Netscape Comment: 418s Test Organization Root CA trusted Certificate 418s X509v3 Subject Key Identifier: 418s 37:EE:08:14:84:4D:D7:4D:21:54:1C:C9:6C:10:6C:44:5A:DB:77:1C 418s X509v3 Key Usage: critical 418s Digital Signature, Non Repudiation, Key Encipherment 418s X509v3 Extended Key Usage: 418s TLS Web Client Authentication, E-mail Protection 418s X509v3 Subject Alternative Name: 418s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 418s Signature Algorithm: sha256WithRSAEncryption 418s Signature Value: 418s 12:3f:f7:1f:7b:56:31:dc:77:eb:84:4e:4b:df:04:44:51:11: 418s 05:7b:21:5c:14:b7:86:df:00:c6:bf:ea:ac:4d:25:a9:34:63: 418s f1:55:01:76:a2:61:75:68:aa:5e:35:fc:e2:80:d4:fb:5b:3e: 418s 5a:79:51:9e:e2:75:33:2f:d0:af:7b:06:69:dc:38:54:fb:c1: 418s dd:39:d3:56:27:32:cd:e4:41:3c:e3:2f:cb:d7:71:07:b2:6d: 418s 13:01:a7:5d:3e:67:23:61:00:03:90:0f:be:29:0b:6c:52:85: 418s f6:cb:a3:3a:37:c9:d1:c8:e6:99:d3:4b:98:5d:6a:ac:29:fb: 418s 79:b4 418s + local found_md5 expected_md5 418s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 418s + expected_md5=Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 418s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-23642.pem 418s + found_md5=Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 418s + '[' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 '!=' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 ']' 418s + output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-23642-auth.output 418s ++ basename /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-23642-auth.output .output 418s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-23642-auth.pem 418s + echo -n 053350 418s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 418s [p11_child[2282]] [main] (0x0400): p11_child started. 418s [p11_child[2282]] [main] (0x2000): Running in [auth] mode. 418s [p11_child[2282]] [main] (0x2000): Running with effective IDs: [0][0]. 418s [p11_child[2282]] [main] (0x2000): Running with real IDs [0][0]. 418s [p11_child[2282]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 418s [p11_child[2282]] [do_card] (0x4000): Module List: 418s [p11_child[2282]] [do_card] (0x4000): common name: [softhsm2]. 418s [p11_child[2282]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 418s [p11_child[2282]] [do_card] (0x4000): Description [SoftHSM slot ID 0x50082065] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 418s [p11_child[2282]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 418s [p11_child[2282]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x50082065][1342709861] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 418s [p11_child[2282]] [do_card] (0x4000): Login required. 418s [p11_child[2282]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 418s [p11_child[2282]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 418s [p11_child[2282]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x50082065;slot-manufacturer=SoftHSM%20project;slot-id=1342709861;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=28a6eb8650082065;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 418s [p11_child[2282]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 418s [p11_child[2282]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 418s [p11_child[2282]] [do_card] (0x4000): Certificate verified and validated. 418s [p11_child[2282]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 418s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-23642-auth.output 418s + echo '-----BEGIN CERTIFICATE-----' 418s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-23642-auth.output 418s + echo '-----END CERTIFICATE-----' 418s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-23642-auth.pem 418s Certificate: 418s Data: 418s Version: 3 (0x2) 418s Serial Number: 3 (0x3) 418s Signature Algorithm: sha256WithRSAEncryption 418s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root CA 418s Validity 418s Not Before: Jan 17 18:13:13 2025 GMT 418s Not After : Jan 17 18:13:13 2026 GMT 418s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root Trusted Certificate 0001 418s Subject Public Key Info: 418s Public Key Algorithm: rsaEncryption 418s Public-Key: (1024 bit) 418s Modulus: 418s 00:b7:08:69:a0:72:a7:83:eb:8a:e8:28:98:a6:d4: 418s 51:fb:7b:7b:94:ae:a4:de:00:c9:fd:7d:42:6d:4d: 418s 33:ba:db:b8:38:a6:eb:9f:da:ff:34:2c:79:c6:51: 418s be:f3:b7:64:aa:a2:26:c3:0c:03:a6:c9:33:80:b8: 418s 53:c1:86:a2:ed:d7:e1:7d:28:c8:9a:4f:36:8d:e7: 418s 5b:4f:bd:9f:42:b2:59:16:c6:c7:58:6b:24:bd:27: 418s 76:51:66:23:e8:db:5e:1d:86:78:fd:43:0a:d2:10: 418s d8:66:b0:c4:72:fe:8c:bd:26:7c:8b:1d:6a:ba:2b: 418s 03:6f:33:cc:b6:78:b6:23:41 418s Exponent: 65537 (0x10001) 418s X509v3 extensions: 418s X509v3 Authority Key Identifier: 418s 22:E3:34:DD:70:8C:B2:72:64:D1:3F:60:B6:24:87:F3:C2:55:0E:87 418s X509v3 Basic Constraints: 418s CA:FALSE 418s Netscape Cert Type: 418s SSL Client, S/MIME 418s Netscape Comment: 418s Test Organization Root CA trusted Certificate 418s X509v3 Subject Key Identifier: 418s 37:EE:08:14:84:4D:D7:4D:21:54:1C:C9:6C:10:6C:44:5A:DB:77:1C 418s X509v3 Key Usage: critical 418s Digital Signature, Non Repudiation, Key Encipherment 418s X509v3 Extended Key Usage: 418s TLS Web Client Authentication, E-mail Protection 418s X509v3 Subject Alternative Name: 418s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 418s Signature Algorithm: sha256WithRSAEncryption 418s Signature Value: 418s 12:3f:f7:1f:7b:56:31:dc:77:eb:84:4e:4b:df:04:44:51:11: 418s 05:7b:21:5c:14:b7:86:df:00:c6:bf:ea:ac:4d:25:a9:34:63: 418s f1:55:01:76:a2:61:75:68:aa:5e:35:fc:e2:80:d4:fb:5b:3e: 418s 5a:79:51:9e:e2:75:33:2f:d0:af:7b:06:69:dc:38:54:fb:c1: 418s dd:39:d3:56:27:32:cd:e4:41:3c:e3:2f:cb:d7:71:07:b2:6d: 418s 13:01:a7:5d:3e:67:23:61:00:03:90:0f:be:29:0b:6c:52:85: 418s f6:cb:a3:3a:37:c9:d1:c8:e6:99:d3:4b:98:5d:6a:ac:29:fb: 418s 79:b4 418s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-23642-auth.pem 418s + found_md5=Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 418s + '[' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 '!=' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 ']' 418s + valid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 418s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 418s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 418s + local key_pass=pass:random-root-ca-trusted-cert-0001-4408 418s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 418s + local verify_option= 418s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 418s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 418s + local key_pass=pass:random-root-ca-trusted-cert-0001-4408 418s + local key_cn 418s + local key_name 418s + local tokens_dir 418s + local output_cert_file 418s + token_name= 418s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem .pem 418s + key_name=test-root-CA-trusted-certificate-0001 418s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 418s ++ sed -n 's/ *commonName *= //p' 418s + key_cn='Test Organization Root Trusted Certificate 0001' 418s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 418s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf 418s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf 418s Test Organization Root Tr Token 418s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 418s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001 418s + token_name='Test Organization Root Tr Token' 418s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 418s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001 ']' 418s + echo 'Test Organization Root Tr Token' 418s + '[' -n '' ']' 418s + local output_base_name=SSSD-child-18339 418s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-18339.output 418s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-18339.pem 418s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 418s [p11_child[2292]] [main] (0x0400): p11_child started. 418s [p11_child[2292]] [main] (0x2000): Running in [pre-auth] mode. 418s [p11_child[2292]] [main] (0x2000): Running with effective IDs: [0][0]. 418s [p11_child[2292]] [main] (0x2000): Running with real IDs [0][0]. 418s [p11_child[2292]] [do_card] (0x4000): Module List: 418s [p11_child[2292]] [do_card] (0x4000): common name: [softhsm2]. 418s [p11_child[2292]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 418s [p11_child[2292]] [do_card] (0x4000): Description [SoftHSM slot ID 0x50082065] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 418s [p11_child[2292]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 418s [p11_child[2292]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x50082065][1342709861] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 418s [p11_child[2292]] [do_card] (0x4000): Login NOT required. 418s [p11_child[2292]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 418s [p11_child[2292]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 418s [p11_child[2292]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 418s [p11_child[2292]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x50082065;slot-manufacturer=SoftHSM%20project;slot-id=1342709861;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=28a6eb8650082065;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 418s [p11_child[2292]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 418s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-18339.output 418s + echo '-----BEGIN CERTIFICATE-----' 418s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-18339.output 418s + echo '-----END CERTIFICATE-----' 418s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-18339.pem 418s Certificate: 418s Data: 418s Version: 3 (0x2) 418s Serial Number: 3 (0x3) 418s Signature Algorithm: sha256WithRSAEncryption 418s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root CA 418s Validity 418s Not Before: Jan 17 18:13:13 2025 GMT 418s Not After : Jan 17 18:13:13 2026 GMT 418s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root Trusted Certificate 0001 418s Subject Public Key Info: 418s Public Key Algorithm: rsaEncryption 418s Public-Key: (1024 bit) 418s Modulus: 418s 00:b7:08:69:a0:72:a7:83:eb:8a:e8:28:98:a6:d4: 418s 51:fb:7b:7b:94:ae:a4:de:00:c9:fd:7d:42:6d:4d: 418s 33:ba:db:b8:38:a6:eb:9f:da:ff:34:2c:79:c6:51: 418s be:f3:b7:64:aa:a2:26:c3:0c:03:a6:c9:33:80:b8: 418s 53:c1:86:a2:ed:d7:e1:7d:28:c8:9a:4f:36:8d:e7: 418s 5b:4f:bd:9f:42:b2:59:16:c6:c7:58:6b:24:bd:27: 418s 76:51:66:23:e8:db:5e:1d:86:78:fd:43:0a:d2:10: 418s d8:66:b0:c4:72:fe:8c:bd:26:7c:8b:1d:6a:ba:2b: 418s 03:6f:33:cc:b6:78:b6:23:41 418s Exponent: 65537 (0x10001) 418s X509v3 extensions: 418s X509v3 Authority Key Identifier: 418s 22:E3:34:DD:70:8C:B2:72:64:D1:3F:60:B6:24:87:F3:C2:55:0E:87 418s X509v3 Basic Constraints: 418s CA:FALSE 418s Netscape Cert Type: 418s SSL Client, S/MIME 418s Netscape Comment: 418s Test Organization Root CA trusted Certificate 418s X509v3 Subject Key Identifier: 418s 37:EE:08:14:84:4D:D7:4D:21:54:1C:C9:6C:10:6C:44:5A:DB:77:1C 418s X509v3 Key Usage: critical 418s Digital Signature, Non Repudiation, Key Encipherment 418s X509v3 Extended Key Usage: 418s TLS Web Client Authentication, E-mail Protection 418s X509v3 Subject Alternative Name: 418s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 418s Signature Algorithm: sha256WithRSAEncryption 418s Signature Value: 418s 12:3f:f7:1f:7b:56:31:dc:77:eb:84:4e:4b:df:04:44:51:11: 418s 05:7b:21:5c:14:b7:86:df:00:c6:bf:ea:ac:4d:25:a9:34:63: 418s f1:55:01:76:a2:61:75:68:aa:5e:35:fc:e2:80:d4:fb:5b:3e: 418s 5a:79:51:9e:e2:75:33:2f:d0:af:7b:06:69:dc:38:54:fb:c1: 418s dd:39:d3:56:27:32:cd:e4:41:3c:e3:2f:cb:d7:71:07:b2:6d: 418s 13:01:a7:5d:3e:67:23:61:00:03:90:0f:be:29:0b:6c:52:85: 418s f6:cb:a3:3a:37:c9:d1:c8:e6:99:d3:4b:98:5d:6a:ac:29:fb: 418s 79:b4 418s + local found_md5 expected_md5 418s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 418s + expected_md5=Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 418s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-18339.pem 418s + found_md5=Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 418s + '[' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 '!=' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 ']' 418s + output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-18339-auth.output 418s ++ basename /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-18339-auth.output .output 418s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-18339-auth.pem 418s + echo -n 053350 418s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 418s [p11_child[2300]] [main] (0x0400): p11_child started. 418s [p11_child[2300]] [main] (0x2000): Running in [auth] mode. 418s [p11_child[2300]] [main] (0x2000): Running with effective IDs: [0][0]. 418s [p11_child[2300]] [main] (0x2000): Running with real IDs [0][0]. 418s [p11_child[2300]] [do_card] (0x4000): Module List: 418s [p11_child[2300]] [do_card] (0x4000): common name: [softhsm2]. 418s [p11_child[2300]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 418s [p11_child[2300]] [do_card] (0x4000): Description [SoftHSM slot ID 0x50082065] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 418s [p11_child[2300]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 418s [p11_child[2300]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x50082065][1342709861] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 418s [p11_child[2300]] [do_card] (0x4000): Login required. 418s [p11_child[2300]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 418s [p11_child[2300]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 418s [p11_child[2300]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 418s [p11_child[2300]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x50082065;slot-manufacturer=SoftHSM%20project;slot-id=1342709861;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=28a6eb8650082065;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 418s [p11_child[2300]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 418s [p11_child[2300]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 418s [p11_child[2300]] [do_card] (0x4000): Certificate verified and validated. 418s [p11_child[2300]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 418s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-18339-auth.output 418s + echo '-----BEGIN CERTIFICATE-----' 418s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-18339-auth.output 418s + echo '-----END CERTIFICATE-----' 418s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-18339-auth.pem 418s Certificate: 418s Data: 418s Version: 3 (0x2) 418s Serial Number: 3 (0x3) 418s Signature Algorithm: sha256WithRSAEncryption 418s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root CA 418s Validity 418s Not Before: Jan 17 18:13:13 2025 GMT 418s Not After : Jan 17 18:13:13 2026 GMT 418s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root Trusted Certificate 0001 418s Subject Public Key Info: 418s Public Key Algorithm: rsaEncryption 418s Public-Key: (1024 bit) 418s Modulus: 418s 00:b7:08:69:a0:72:a7:83:eb:8a:e8:28:98:a6:d4: 418s 51:fb:7b:7b:94:ae:a4:de:00:c9:fd:7d:42:6d:4d: 418s 33:ba:db:b8:38:a6:eb:9f:da:ff:34:2c:79:c6:51: 418s be:f3:b7:64:aa:a2:26:c3:0c:03:a6:c9:33:80:b8: 418s 53:c1:86:a2:ed:d7:e1:7d:28:c8:9a:4f:36:8d:e7: 418s 5b:4f:bd:9f:42:b2:59:16:c6:c7:58:6b:24:bd:27: 418s 76:51:66:23:e8:db:5e:1d:86:78:fd:43:0a:d2:10: 418s d8:66:b0:c4:72:fe:8c:bd:26:7c:8b:1d:6a:ba:2b: 418s 03:6f:33:cc:b6:78:b6:23:41 418s Exponent: 65537 (0x10001) 418s X509v3 extensions: 418s X509v3 Authority Key Identifier: 418s 22:E3:34:DD:70:8C:B2:72:64:D1:3F:60:B6:24:87:F3:C2:55:0E:87 418s X509v3 Basic Constraints: 418s CA:FALSE 418s Netscape Cert Type: 418s SSL Client, S/MIME 418s Netscape Comment: 418s Test Organization Root CA trusted Certificate 418s X509v3 Subject Key Identifier: 418s 37:EE:08:14:84:4D:D7:4D:21:54:1C:C9:6C:10:6C:44:5A:DB:77:1C 418s X509v3 Key Usage: critical 418s Digital Signature, Non Repudiation, Key Encipherment 418s X509v3 Extended Key Usage: 418s TLS Web Client Authentication, E-mail Protection 418s X509v3 Subject Alternative Name: 418s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 418s Signature Algorithm: sha256WithRSAEncryption 418s Signature Value: 418s 12:3f:f7:1f:7b:56:31:dc:77:eb:84:4e:4b:df:04:44:51:11: 418s 05:7b:21:5c:14:b7:86:df:00:c6:bf:ea:ac:4d:25:a9:34:63: 418s f1:55:01:76:a2:61:75:68:aa:5e:35:fc:e2:80:d4:fb:5b:3e: 418s 5a:79:51:9e:e2:75:33:2f:d0:af:7b:06:69:dc:38:54:fb:c1: 418s dd:39:d3:56:27:32:cd:e4:41:3c:e3:2f:cb:d7:71:07:b2:6d: 418s 13:01:a7:5d:3e:67:23:61:00:03:90:0f:be:29:0b:6c:52:85: 418s f6:cb:a3:3a:37:c9:d1:c8:e6:99:d3:4b:98:5d:6a:ac:29:fb: 418s 79:b4 418s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-18339-auth.pem 418s + found_md5=Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 418s + '[' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 '!=' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 ']' 418s + valid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem partial_chain 418s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem partial_chain 418s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 418s + local key_pass=pass:random-root-ca-trusted-cert-0001-4408 418s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 418s + local verify_option=partial_chain 418s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 418s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 418s + local key_pass=pass:random-root-ca-trusted-cert-0001-4408 418s + local key_cn 418s + local key_name 418s + local tokens_dir 418s + local output_cert_file 418s + token_name= 418s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem .pem 418s + key_name=test-root-CA-trusted-certificate-0001 418s ++ sed -n 's/ *commonName *= //p' 418s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 418s + key_cn='Test Organization Root Trusted Certificate 0001' 418s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 418s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf 418s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf 418s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 418s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001 418s + token_name='Test Organization Root Tr Token' 418s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 418s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001 ']' 418s + echo 'Test Organization Root Tr Token' 418s + '[' -n partial_chain ']' 418s + local verify_arg=--verify=partial_chain 418s + local output_base_name=SSSD-child-6300 418s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-6300.output 418s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-6300.pem 418s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 418s Test Organization Root Tr Token 418s [p11_child[2310]] [main] (0x0400): p11_child started. 418s [p11_child[2310]] [main] (0x2000): Running in [pre-auth] mode. 418s [p11_child[2310]] [main] (0x2000): Running with effective IDs: [0][0]. 418s [p11_child[2310]] [main] (0x2000): Running with real IDs [0][0]. 418s [p11_child[2310]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 418s [p11_child[2310]] [do_card] (0x4000): Module List: 418s [p11_child[2310]] [do_card] (0x4000): common name: [softhsm2]. 418s [p11_child[2310]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 418s [p11_child[2310]] [do_card] (0x4000): Description [SoftHSM slot ID 0x50082065] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 418s [p11_child[2310]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 418s [p11_child[2310]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x50082065][1342709861] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 418s [p11_child[2310]] [do_card] (0x4000): Login NOT required. 418s [p11_child[2310]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 418s [p11_child[2310]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 418s [p11_child[2310]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 418s [p11_child[2310]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x50082065;slot-manufacturer=SoftHSM%20project;slot-id=1342709861;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=28a6eb8650082065;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 418s [p11_child[2310]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 418s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-6300.output 418s + echo '-----BEGIN CERTIFICATE-----' 418s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-6300.output 418s + echo '-----END CERTIFICATE-----' 418s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-6300.pem 418s Certificate: 418s Data: 418s Version: 3 (0x2) 418s Serial Number: 3 (0x3) 418s Signature Algorithm: sha256WithRSAEncryption 418s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root CA 418s Validity 418s Not Before: Jan 17 18:13:13 2025 GMT 418s Not After : Jan 17 18:13:13 2026 GMT 418s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root Trusted Certificate 0001 418s Subject Public Key Info: 418s Public Key Algorithm: rsaEncryption 418s Public-Key: (1024 bit) 418s Modulus: 418s 00:b7:08:69:a0:72:a7:83:eb:8a:e8:28:98:a6:d4: 418s 51:fb:7b:7b:94:ae:a4:de:00:c9:fd:7d:42:6d:4d: 418s 33:ba:db:b8:38:a6:eb:9f:da:ff:34:2c:79:c6:51: 418s be:f3:b7:64:aa:a2:26:c3:0c:03:a6:c9:33:80:b8: 418s 53:c1:86:a2:ed:d7:e1:7d:28:c8:9a:4f:36:8d:e7: 418s 5b:4f:bd:9f:42:b2:59:16:c6:c7:58:6b:24:bd:27: 418s 76:51:66:23:e8:db:5e:1d:86:78:fd:43:0a:d2:10: 418s d8:66:b0:c4:72:fe:8c:bd:26:7c:8b:1d:6a:ba:2b: 418s 03:6f:33:cc:b6:78:b6:23:41 418s Exponent: 65537 (0x10001) 418s X509v3 extensions: 418s X509v3 Authority Key Identifier: 418s 22:E3:34:DD:70:8C:B2:72:64:D1:3F:60:B6:24:87:F3:C2:55:0E:87 418s X509v3 Basic Constraints: 418s CA:FALSE 418s Netscape Cert Type: 418s SSL Client, S/MIME 418s Netscape Comment: 418s Test Organization Root CA trusted Certificate 418s X509v3 Subject Key Identifier: 418s 37:EE:08:14:84:4D:D7:4D:21:54:1C:C9:6C:10:6C:44:5A:DB:77:1C 418s X509v3 Key Usage: critical 418s Digital Signature, Non Repudiation, Key Encipherment 418s X509v3 Extended Key Usage: 418s TLS Web Client Authentication, E-mail Protection 418s X509v3 Subject Alternative Name: 418s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 418s Signature Algorithm: sha256WithRSAEncryption 418s Signature Value: 418s 12:3f:f7:1f:7b:56:31:dc:77:eb:84:4e:4b:df:04:44:51:11: 418s 05:7b:21:5c:14:b7:86:df:00:c6:bf:ea:ac:4d:25:a9:34:63: 418s f1:55:01:76:a2:61:75:68:aa:5e:35:fc:e2:80:d4:fb:5b:3e: 418s 5a:79:51:9e:e2:75:33:2f:d0:af:7b:06:69:dc:38:54:fb:c1: 418s dd:39:d3:56:27:32:cd:e4:41:3c:e3:2f:cb:d7:71:07:b2:6d: 418s 13:01:a7:5d:3e:67:23:61:00:03:90:0f:be:29:0b:6c:52:85: 418s f6:cb:a3:3a:37:c9:d1:c8:e6:99:d3:4b:98:5d:6a:ac:29:fb: 418s 79:b4 418s + local found_md5 expected_md5 418s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 418s + expected_md5=Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 418s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-6300.pem 418s + found_md5=Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 418s + '[' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 '!=' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 ']' 418s + output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-6300-auth.output 418s ++ basename /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-6300-auth.output .output 418s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-6300-auth.pem 418s + echo -n 053350 418s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 418s [p11_child[2318]] [main] (0x0400): p11_child started. 418s [p11_child[2318]] [main] (0x2000): Running in [auth] mode. 418s [p11_child[2318]] [main] (0x2000): Running with effective IDs: [0][0]. 418s [p11_child[2318]] [main] (0x2000): Running with real IDs [0][0]. 418s [p11_child[2318]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 418s [p11_child[2318]] [do_card] (0x4000): Module List: 418s [p11_child[2318]] [do_card] (0x4000): common name: [softhsm2]. 418s [p11_child[2318]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 418s [p11_child[2318]] [do_card] (0x4000): Description [SoftHSM slot ID 0x50082065] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 418s [p11_child[2318]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 418s [p11_child[2318]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x50082065][1342709861] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 418s [p11_child[2318]] [do_card] (0x4000): Login required. 418s [p11_child[2318]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 418s [p11_child[2318]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 418s [p11_child[2318]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 418s [p11_child[2318]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x50082065;slot-manufacturer=SoftHSM%20project;slot-id=1342709861;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=28a6eb8650082065;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 418s [p11_child[2318]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 418s [p11_child[2318]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 418s [p11_child[2318]] [do_card] (0x4000): Certificate verified and validated. 418s [p11_child[2318]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 418s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-6300-auth.output 418s + echo '-----BEGIN CERTIFICATE-----' 418s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-6300-auth.output 418s + echo '-----END CERTIFICATE-----' 418s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-6300-auth.pem 418s Certificate: 418s Data: 418s Version: 3 (0x2) 418s Serial Number: 3 (0x3) 418s Signature Algorithm: sha256WithRSAEncryption 418s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root CA 418s Validity 418s Not Before: Jan 17 18:13:13 2025 GMT 418s Not After : Jan 17 18:13:13 2026 GMT 418s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root Trusted Certificate 0001 418s Subject Public Key Info: 418s Public Key Algorithm: rsaEncryption 418s Public-Key: (1024 bit) 418s Modulus: 418s 00:b7:08:69:a0:72:a7:83:eb:8a:e8:28:98:a6:d4: 418s 51:fb:7b:7b:94:ae:a4:de:00:c9:fd:7d:42:6d:4d: 418s 33:ba:db:b8:38:a6:eb:9f:da:ff:34:2c:79:c6:51: 418s be:f3:b7:64:aa:a2:26:c3:0c:03:a6:c9:33:80:b8: 418s 53:c1:86:a2:ed:d7:e1:7d:28:c8:9a:4f:36:8d:e7: 418s 5b:4f:bd:9f:42:b2:59:16:c6:c7:58:6b:24:bd:27: 418s 76:51:66:23:e8:db:5e:1d:86:78:fd:43:0a:d2:10: 418s d8:66:b0:c4:72:fe:8c:bd:26:7c:8b:1d:6a:ba:2b: 418s 03:6f:33:cc:b6:78:b6:23:41 418s Exponent: 65537 (0x10001) 418s X509v3 extensions: 418s X509v3 Authority Key Identifier: 418s 22:E3:34:DD:70:8C:B2:72:64:D1:3F:60:B6:24:87:F3:C2:55:0E:87 418s X509v3 Basic Constraints: 418s CA:FALSE 418s Netscape Cert Type: 418s SSL Client, S/MIME 418s Netscape Comment: 418s Test Organization Root CA trusted Certificate 418s X509v3 Subject Key Identifier: 418s 37:EE:08:14:84:4D:D7:4D:21:54:1C:C9:6C:10:6C:44:5A:DB:77:1C 418s X509v3 Key Usage: critical 418s Digital Signature, Non Repudiation, Key Encipherment 418s X509v3 Extended Key Usage: 418s TLS Web Client Authentication, E-mail Protection 418s X509v3 Subject Alternative Name: 418s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 418s Signature Algorithm: sha256WithRSAEncryption 418s Signature Value: 418s 12:3f:f7:1f:7b:56:31:dc:77:eb:84:4e:4b:df:04:44:51:11: 418s 05:7b:21:5c:14:b7:86:df:00:c6:bf:ea:ac:4d:25:a9:34:63: 418s f1:55:01:76:a2:61:75:68:aa:5e:35:fc:e2:80:d4:fb:5b:3e: 418s 5a:79:51:9e:e2:75:33:2f:d0:af:7b:06:69:dc:38:54:fb:c1: 418s dd:39:d3:56:27:32:cd:e4:41:3c:e3:2f:cb:d7:71:07:b2:6d: 418s 13:01:a7:5d:3e:67:23:61:00:03:90:0f:be:29:0b:6c:52:85: 418s f6:cb:a3:3a:37:c9:d1:c8:e6:99:d3:4b:98:5d:6a:ac:29:fb: 418s 79:b4 418s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-6300-auth.pem 418s + found_md5=Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 418s + '[' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 '!=' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 ']' 418s + valid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 418s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 418s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 418s + local key_pass=pass:random-root-ca-trusted-cert-0001-4408 418s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 418s + local verify_option= 418s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 418s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 418s + local key_pass=pass:random-root-ca-trusted-cert-0001-4408 418s + local key_cn 418s + local key_name 418s + local tokens_dir 418s + local output_cert_file 418s + token_name= 418s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem .pem 418s + key_name=test-root-CA-trusted-certificate-0001 418s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 418s ++ sed -n 's/ *commonName *= //p' 418s + key_cn='Test Organization Root Trusted Certificate 0001' 418s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 418s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf 418s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf 418s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 418s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001 418s + token_name='Test Organization Root Tr Token' 418s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 418s Test Organization Root Tr Token 418s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001 ']' 418s + echo 'Test Organization Root Tr Token' 418s + '[' -n '' ']' 418s + local output_base_name=SSSD-child-4235 418s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-4235.output 418s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-4235.pem 418s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 418s [p11_child[2328]] [main] (0x0400): p11_child started. 418s [p11_child[2328]] [main] (0x2000): Running in [pre-auth] mode. 418s [p11_child[2328]] [main] (0x2000): Running with effective IDs: [0][0]. 418s [p11_child[2328]] [main] (0x2000): Running with real IDs [0][0]. 418s [p11_child[2328]] [do_card] (0x4000): Module List: 418s [p11_child[2328]] [do_card] (0x4000): common name: [softhsm2]. 418s [p11_child[2328]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 418s [p11_child[2328]] [do_card] (0x4000): Description [SoftHSM slot ID 0x50082065] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 418s [p11_child[2328]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 418s [p11_child[2328]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x50082065][1342709861] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 418s [p11_child[2328]] [do_card] (0x4000): Login NOT required. 418s [p11_child[2328]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 418s [p11_child[2328]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 418s [p11_child[2328]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 418s [p11_child[2328]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x50082065;slot-manufacturer=SoftHSM%20project;slot-id=1342709861;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=28a6eb8650082065;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 418s [p11_child[2328]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 418s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-4235.output 418s + echo '-----BEGIN CERTIFICATE-----' 418s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-4235.output 418s + echo '-----END CERTIFICATE-----' 418s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-4235.pem 418s Certificate: 418s Data: 418s Version: 3 (0x2) 418s Serial Number: 3 (0x3) 418s Signature Algorithm: sha256WithRSAEncryption 418s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root CA 418s Validity 418s Not Before: Jan 17 18:13:13 2025 GMT 418s Not After : Jan 17 18:13:13 2026 GMT 418s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root Trusted Certificate 0001 418s Subject Public Key Info: 418s Public Key Algorithm: rsaEncryption 418s Public-Key: (1024 bit) 418s Modulus: 418s 00:b7:08:69:a0:72:a7:83:eb:8a:e8:28:98:a6:d4: 418s 51:fb:7b:7b:94:ae:a4:de:00:c9:fd:7d:42:6d:4d: 418s 33:ba:db:b8:38:a6:eb:9f:da:ff:34:2c:79:c6:51: 418s be:f3:b7:64:aa:a2:26:c3:0c:03:a6:c9:33:80:b8: 418s 53:c1:86:a2:ed:d7:e1:7d:28:c8:9a:4f:36:8d:e7: 418s 5b:4f:bd:9f:42:b2:59:16:c6:c7:58:6b:24:bd:27: 418s 76:51:66:23:e8:db:5e:1d:86:78:fd:43:0a:d2:10: 418s d8:66:b0:c4:72:fe:8c:bd:26:7c:8b:1d:6a:ba:2b: 418s 03:6f:33:cc:b6:78:b6:23:41 418s Exponent: 65537 (0x10001) 418s X509v3 extensions: 418s X509v3 Authority Key Identifier: 418s 22:E3:34:DD:70:8C:B2:72:64:D1:3F:60:B6:24:87:F3:C2:55:0E:87 418s X509v3 Basic Constraints: 418s CA:FALSE 418s Netscape Cert Type: 418s SSL Client, S/MIME 418s Netscape Comment: 418s Test Organization Root CA trusted Certificate 418s X509v3 Subject Key Identifier: 418s 37:EE:08:14:84:4D:D7:4D:21:54:1C:C9:6C:10:6C:44:5A:DB:77:1C 418s X509v3 Key Usage: critical 418s Digital Signature, Non Repudiation, Key Encipherment 418s X509v3 Extended Key Usage: 418s TLS Web Client Authentication, E-mail Protection 418s X509v3 Subject Alternative Name: 418s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 418s Signature Algorithm: sha256WithRSAEncryption 418s Signature Value: 418s 12:3f:f7:1f:7b:56:31:dc:77:eb:84:4e:4b:df:04:44:51:11: 418s 05:7b:21:5c:14:b7:86:df:00:c6:bf:ea:ac:4d:25:a9:34:63: 418s f1:55:01:76:a2:61:75:68:aa:5e:35:fc:e2:80:d4:fb:5b:3e: 418s 5a:79:51:9e:e2:75:33:2f:d0:af:7b:06:69:dc:38:54:fb:c1: 418s dd:39:d3:56:27:32:cd:e4:41:3c:e3:2f:cb:d7:71:07:b2:6d: 418s 13:01:a7:5d:3e:67:23:61:00:03:90:0f:be:29:0b:6c:52:85: 418s f6:cb:a3:3a:37:c9:d1:c8:e6:99:d3:4b:98:5d:6a:ac:29:fb: 418s 79:b4 418s + local found_md5 expected_md5 418s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 418s + expected_md5=Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 418s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-4235.pem 419s + found_md5=Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 419s + '[' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 '!=' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 ']' 419s + output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-4235-auth.output 419s ++ basename /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-4235-auth.output .output 419s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-4235-auth.pem 419s + echo -n 053350 419s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 419s [p11_child[2336]] [main] (0x0400): p11_child started. 419s [p11_child[2336]] [main] (0x2000): Running in [auth] mode. 419s [p11_child[2336]] [main] (0x2000): Running with effective IDs: [0][0]. 419s [p11_child[2336]] [main] (0x2000): Running with real IDs [0][0]. 419s [p11_child[2336]] [do_card] (0x4000): Module List: 419s [p11_child[2336]] [do_card] (0x4000): common name: [softhsm2]. 419s [p11_child[2336]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 419s [p11_child[2336]] [do_card] (0x4000): Description [SoftHSM slot ID 0x50082065] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 419s [p11_child[2336]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 419s [p11_child[2336]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x50082065][1342709861] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 419s [p11_child[2336]] [do_card] (0x4000): Login required. 419s [p11_child[2336]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 419s [p11_child[2336]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 419s [p11_child[2336]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 419s [p11_child[2336]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x50082065;slot-manufacturer=SoftHSM%20project;slot-id=1342709861;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=28a6eb8650082065;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 419s [p11_child[2336]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 419s [p11_child[2336]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 419s [p11_child[2336]] [do_card] (0x4000): Certificate verified and validated. 419s [p11_child[2336]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 419s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-4235-auth.output 419s + echo '-----BEGIN CERTIFICATE-----' 419s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-4235-auth.output 419s + echo '-----END CERTIFICATE-----' 419s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-4235-auth.pem 419s Certificate: 419s Data: 419s Version: 3 (0x2) 419s Serial Number: 3 (0x3) 419s Signature Algorithm: sha256WithRSAEncryption 419s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root CA 419s Validity 419s Not Before: Jan 17 18:13:13 2025 GMT 419s Not After : Jan 17 18:13:13 2026 GMT 419s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root Trusted Certificate 0001 419s Subject Public Key Info: 419s Public Key Algorithm: rsaEncryption 419s Public-Key: (1024 bit) 419s Modulus: 419s 00:b7:08:69:a0:72:a7:83:eb:8a:e8:28:98:a6:d4: 419s 51:fb:7b:7b:94:ae:a4:de:00:c9:fd:7d:42:6d:4d: 419s 33:ba:db:b8:38:a6:eb:9f:da:ff:34:2c:79:c6:51: 419s be:f3:b7:64:aa:a2:26:c3:0c:03:a6:c9:33:80:b8: 419s 53:c1:86:a2:ed:d7:e1:7d:28:c8:9a:4f:36:8d:e7: 419s 5b:4f:bd:9f:42:b2:59:16:c6:c7:58:6b:24:bd:27: 419s 76:51:66:23:e8:db:5e:1d:86:78:fd:43:0a:d2:10: 419s d8:66:b0:c4:72:fe:8c:bd:26:7c:8b:1d:6a:ba:2b: 419s 03:6f:33:cc:b6:78:b6:23:41 419s Exponent: 65537 (0x10001) 419s X509v3 extensions: 419s X509v3 Authority Key Identifier: 419s 22:E3:34:DD:70:8C:B2:72:64:D1:3F:60:B6:24:87:F3:C2:55:0E:87 419s X509v3 Basic Constraints: 419s CA:FALSE 419s Netscape Cert Type: 419s SSL Client, S/MIME 419s Netscape Comment: 419s Test Organization Root CA trusted Certificate 419s X509v3 Subject Key Identifier: 419s 37:EE:08:14:84:4D:D7:4D:21:54:1C:C9:6C:10:6C:44:5A:DB:77:1C 419s X509v3 Key Usage: critical 419s Digital Signature, Non Repudiation, Key Encipherment 419s X509v3 Extended Key Usage: 419s TLS Web Client Authentication, E-mail Protection 419s X509v3 Subject Alternative Name: 419s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 419s Signature Algorithm: sha256WithRSAEncryption 419s Signature Value: 419s 12:3f:f7:1f:7b:56:31:dc:77:eb:84:4e:4b:df:04:44:51:11: 419s 05:7b:21:5c:14:b7:86:df:00:c6:bf:ea:ac:4d:25:a9:34:63: 419s f1:55:01:76:a2:61:75:68:aa:5e:35:fc:e2:80:d4:fb:5b:3e: 419s 5a:79:51:9e:e2:75:33:2f:d0:af:7b:06:69:dc:38:54:fb:c1: 419s dd:39:d3:56:27:32:cd:e4:41:3c:e3:2f:cb:d7:71:07:b2:6d: 419s 13:01:a7:5d:3e:67:23:61:00:03:90:0f:be:29:0b:6c:52:85: 419s f6:cb:a3:3a:37:c9:d1:c8:e6:99:d3:4b:98:5d:6a:ac:29:fb: 419s 79:b4 419s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-4235-auth.pem 419s + found_md5=Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 419s + '[' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 '!=' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 ']' 419s + valid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem partial_chain 419s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem partial_chain 419s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 419s + local key_pass=pass:random-root-ca-trusted-cert-0001-4408 419s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 419s + local verify_option=partial_chain 419s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 419s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 419s + local key_pass=pass:random-root-ca-trusted-cert-0001-4408 419s + local key_cn 419s + local key_name 419s + local tokens_dir 419s + local output_cert_file 419s + token_name= 419s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem .pem 419s + key_name=test-root-CA-trusted-certificate-0001 419s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 419s ++ sed -n 's/ *commonName *= //p' 419s + key_cn='Test Organization Root Trusted Certificate 0001' 419s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 419s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf 419s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf 419s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 419s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001 419s + token_name='Test Organization Root Tr Token' 419s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 419s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001 ']' 419s + echo 'Test Organization Root Tr Token' 419s + '[' -n partial_chain ']' 419s + local verify_arg=--verify=partial_chain 419s + local output_base_name=SSSD-child-21874 419s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-21874.output 419s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-21874.pem 419s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 419s Test Organization Root Tr Token 419s [p11_child[2346]] [main] (0x0400): p11_child started. 419s [p11_child[2346]] [main] (0x2000): Running in [pre-auth] mode. 419s [p11_child[2346]] [main] (0x2000): Running with effective IDs: [0][0]. 419s [p11_child[2346]] [main] (0x2000): Running with real IDs [0][0]. 419s [p11_child[2346]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 419s [p11_child[2346]] [do_card] (0x4000): Module List: 419s [p11_child[2346]] [do_card] (0x4000): common name: [softhsm2]. 419s [p11_child[2346]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 419s [p11_child[2346]] [do_card] (0x4000): Description [SoftHSM slot ID 0x50082065] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 419s [p11_child[2346]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 419s [p11_child[2346]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x50082065][1342709861] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 419s [p11_child[2346]] [do_card] (0x4000): Login NOT required. 419s [p11_child[2346]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 419s [p11_child[2346]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 419s [p11_child[2346]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 419s [p11_child[2346]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x50082065;slot-manufacturer=SoftHSM%20project;slot-id=1342709861;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=28a6eb8650082065;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 419s [p11_child[2346]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 419s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-21874.output 419s + echo '-----BEGIN CERTIFICATE-----' 419s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-21874.output 419s + echo '-----END CERTIFICATE-----' 419s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-21874.pem 419s Certificate: 419s Data: 419s Version: 3 (0x2) 419s Serial Number: 3 (0x3) 419s Signature Algorithm: sha256WithRSAEncryption 419s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root CA 419s Validity 419s Not Before: Jan 17 18:13:13 2025 GMT 419s Not After : Jan 17 18:13:13 2026 GMT 419s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root Trusted Certificate 0001 419s Subject Public Key Info: 419s Public Key Algorithm: rsaEncryption 419s Public-Key: (1024 bit) 419s Modulus: 419s 00:b7:08:69:a0:72:a7:83:eb:8a:e8:28:98:a6:d4: 419s 51:fb:7b:7b:94:ae:a4:de:00:c9:fd:7d:42:6d:4d: 419s 33:ba:db:b8:38:a6:eb:9f:da:ff:34:2c:79:c6:51: 419s be:f3:b7:64:aa:a2:26:c3:0c:03:a6:c9:33:80:b8: 419s 53:c1:86:a2:ed:d7:e1:7d:28:c8:9a:4f:36:8d:e7: 419s 5b:4f:bd:9f:42:b2:59:16:c6:c7:58:6b:24:bd:27: 419s 76:51:66:23:e8:db:5e:1d:86:78:fd:43:0a:d2:10: 419s d8:66:b0:c4:72:fe:8c:bd:26:7c:8b:1d:6a:ba:2b: 419s 03:6f:33:cc:b6:78:b6:23:41 419s Exponent: 65537 (0x10001) 419s X509v3 extensions: 419s X509v3 Authority Key Identifier: 419s 22:E3:34:DD:70:8C:B2:72:64:D1:3F:60:B6:24:87:F3:C2:55:0E:87 419s X509v3 Basic Constraints: 419s CA:FALSE 419s Netscape Cert Type: 419s SSL Client, S/MIME 419s Netscape Comment: 419s Test Organization Root CA trusted Certificate 419s X509v3 Subject Key Identifier: 419s 37:EE:08:14:84:4D:D7:4D:21:54:1C:C9:6C:10:6C:44:5A:DB:77:1C 419s X509v3 Key Usage: critical 419s Digital Signature, Non Repudiation, Key Encipherment 419s X509v3 Extended Key Usage: 419s TLS Web Client Authentication, E-mail Protection 419s X509v3 Subject Alternative Name: 419s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 419s Signature Algorithm: sha256WithRSAEncryption 419s Signature Value: 419s 12:3f:f7:1f:7b:56:31:dc:77:eb:84:4e:4b:df:04:44:51:11: 419s 05:7b:21:5c:14:b7:86:df:00:c6:bf:ea:ac:4d:25:a9:34:63: 419s f1:55:01:76:a2:61:75:68:aa:5e:35:fc:e2:80:d4:fb:5b:3e: 419s 5a:79:51:9e:e2:75:33:2f:d0:af:7b:06:69:dc:38:54:fb:c1: 419s dd:39:d3:56:27:32:cd:e4:41:3c:e3:2f:cb:d7:71:07:b2:6d: 419s 13:01:a7:5d:3e:67:23:61:00:03:90:0f:be:29:0b:6c:52:85: 419s f6:cb:a3:3a:37:c9:d1:c8:e6:99:d3:4b:98:5d:6a:ac:29:fb: 419s 79:b4 419s + local found_md5 expected_md5 419s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 419s + expected_md5=Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 419s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-21874.pem 419s + found_md5=Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 419s + '[' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 '!=' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 ']' 419s + output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-21874-auth.output 419s ++ basename /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-21874-auth.output .output 419s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-21874-auth.pem 419s + echo -n 053350 419s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 419s [p11_child[2354]] [main] (0x0400): p11_child started. 419s [p11_child[2354]] [main] (0x2000): Running in [auth] mode. 419s [p11_child[2354]] [main] (0x2000): Running with effective IDs: [0][0]. 419s [p11_child[2354]] [main] (0x2000): Running with real IDs [0][0]. 419s [p11_child[2354]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 419s [p11_child[2354]] [do_card] (0x4000): Module List: 419s [p11_child[2354]] [do_card] (0x4000): common name: [softhsm2]. 419s [p11_child[2354]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 419s [p11_child[2354]] [do_card] (0x4000): Description [SoftHSM slot ID 0x50082065] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 419s [p11_child[2354]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 419s [p11_child[2354]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x50082065][1342709861] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 419s [p11_child[2354]] [do_card] (0x4000): Login required. 419s [p11_child[2354]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 419s [p11_child[2354]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 419s [p11_child[2354]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 419s [p11_child[2354]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x50082065;slot-manufacturer=SoftHSM%20project;slot-id=1342709861;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=28a6eb8650082065;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 419s [p11_child[2354]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 419s [p11_child[2354]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 419s [p11_child[2354]] [do_card] (0x4000): Certificate verified and validated. 419s [p11_child[2354]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 419s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-21874-auth.output 419s + echo '-----BEGIN CERTIFICATE-----' 419s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-21874-auth.output 419s + echo '-----END CERTIFICATE-----' 419s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-21874-auth.pem 419s Certificate: 419s Data: 419s Version: 3 (0x2) 419s Serial Number: 3 (0x3) 419s Signature Algorithm: sha256WithRSAEncryption 419s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root CA 419s Validity 419s Not Before: Jan 17 18:13:13 2025 GMT 419s Not After : Jan 17 18:13:13 2026 GMT 419s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root Trusted Certificate 0001 419s Subject Public Key Info: 419s Public Key Algorithm: rsaEncryption 419s Public-Key: (1024 bit) 419s Modulus: 419s 00:b7:08:69:a0:72:a7:83:eb:8a:e8:28:98:a6:d4: 419s 51:fb:7b:7b:94:ae:a4:de:00:c9:fd:7d:42:6d:4d: 419s 33:ba:db:b8:38:a6:eb:9f:da:ff:34:2c:79:c6:51: 419s be:f3:b7:64:aa:a2:26:c3:0c:03:a6:c9:33:80:b8: 419s 53:c1:86:a2:ed:d7:e1:7d:28:c8:9a:4f:36:8d:e7: 419s 5b:4f:bd:9f:42:b2:59:16:c6:c7:58:6b:24:bd:27: 419s 76:51:66:23:e8:db:5e:1d:86:78:fd:43:0a:d2:10: 419s d8:66:b0:c4:72:fe:8c:bd:26:7c:8b:1d:6a:ba:2b: 419s 03:6f:33:cc:b6:78:b6:23:41 419s Exponent: 65537 (0x10001) 419s X509v3 extensions: 419s X509v3 Authority Key Identifier: 419s 22:E3:34:DD:70:8C:B2:72:64:D1:3F:60:B6:24:87:F3:C2:55:0E:87 419s X509v3 Basic Constraints: 419s CA:FALSE 419s Netscape Cert Type: 419s SSL Client, S/MIME 419s Netscape Comment: 419s Test Organization Root CA trusted Certificate 419s X509v3 Subject Key Identifier: 419s 37:EE:08:14:84:4D:D7:4D:21:54:1C:C9:6C:10:6C:44:5A:DB:77:1C 419s X509v3 Key Usage: critical 419s Digital Signature, Non Repudiation, Key Encipherment 419s X509v3 Extended Key Usage: 419s TLS Web Client Authentication, E-mail Protection 419s X509v3 Subject Alternative Name: 419s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 419s Signature Algorithm: sha256WithRSAEncryption 419s Signature Value: 419s 12:3f:f7:1f:7b:56:31:dc:77:eb:84:4e:4b:df:04:44:51:11: 419s 05:7b:21:5c:14:b7:86:df:00:c6:bf:ea:ac:4d:25:a9:34:63: 419s f1:55:01:76:a2:61:75:68:aa:5e:35:fc:e2:80:d4:fb:5b:3e: 419s 5a:79:51:9e:e2:75:33:2f:d0:af:7b:06:69:dc:38:54:fb:c1: 419s dd:39:d3:56:27:32:cd:e4:41:3c:e3:2f:cb:d7:71:07:b2:6d: 419s 13:01:a7:5d:3e:67:23:61:00:03:90:0f:be:29:0b:6c:52:85: 419s f6:cb:a3:3a:37:c9:d1:c8:e6:99:d3:4b:98:5d:6a:ac:29:fb: 419s 79:b4 419s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-21874-auth.pem 419s + found_md5=Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 419s + '[' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 '!=' Modulus=B70869A072A783EB8AE82898A6D451FB7B7B94AEA4DE00C9FD7D426D4D33BADBB838A6EB9FDAFF342C79C651BEF3B764AAA226C30C03A6C93380B853C186A2EDD7E17D28C89A4F368DE75B4FBD9F42B25916C6C7586B24BD2776516623E8DB5E1D8678FD430AD210D866B0C472FE8CBD267C8B1D6ABA2B036F33CCB678B62341 ']' 419s + invalid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem 419s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem 419s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 419s + local key_pass=pass:random-root-ca-trusted-cert-0001-4408 419s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem 419s + local verify_option= 419s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 419s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 419s + local key_pass=pass:random-root-ca-trusted-cert-0001-4408 419s + local key_cn 419s + local key_name 419s + local tokens_dir 419s + local output_cert_file 419s + token_name= 419s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem .pem 419s + key_name=test-root-CA-trusted-certificate-0001 419s ++ sed -n 's/ *commonName *= //p' 419s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 419s + key_cn='Test Organization Root Trusted Certificate 0001' 419s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 419s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf 419s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf 419s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 419s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001 419s + token_name='Test Organization Root Tr Token' 419s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 419s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001 ']' 419s + echo 'Test Organization Root Tr Token' 419s Test Organization Root Tr Token 419s + '[' -n '' ']' 419s + local output_base_name=SSSD-child-27527 419s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-27527.output 419s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-27527.pem 419s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem 419s [p11_child[2364]] [main] (0x0400): p11_child started. 419s [p11_child[2364]] [main] (0x2000): Running in [pre-auth] mode. 419s [p11_child[2364]] [main] (0x2000): Running with effective IDs: [0][0]. 419s [p11_child[2364]] [main] (0x2000): Running with real IDs [0][0]. 419s [p11_child[2364]] [do_card] (0x4000): Module List: 419s [p11_child[2364]] [do_card] (0x4000): common name: [softhsm2]. 419s [p11_child[2364]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 419s [p11_child[2364]] [do_card] (0x4000): Description [SoftHSM slot ID 0x50082065] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 419s [p11_child[2364]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 419s [p11_child[2364]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x50082065][1342709861] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 419s [p11_child[2364]] [do_card] (0x4000): Login NOT required. 419s [p11_child[2364]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 419s [p11_child[2364]] [do_verification] (0x0040): X509_verify_cert failed [0]. 419s [p11_child[2364]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 419s [p11_child[2364]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 419s [p11_child[2364]] [do_card] (0x4000): No certificate found. 419s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-27527.output 419s + return 2 419s + invalid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem partial_chain 419s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem partial_chain 419s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 419s + local key_pass=pass:random-root-ca-trusted-cert-0001-4408 419s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem 419s + local verify_option=partial_chain 419s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-4408 419s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 419s + local key_pass=pass:random-root-ca-trusted-cert-0001-4408 419s + local key_cn 419s + local key_name 419s + local tokens_dir 419s + local output_cert_file 419s + token_name= 419s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem .pem 419s + key_name=test-root-CA-trusted-certificate-0001 419s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-root-CA-trusted-certificate-0001.pem 419s ++ sed -n 's/ *commonName *= //p' 419s + key_cn='Test Organization Root Trusted Certificate 0001' 419s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 419s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf 419s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf 419s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 419s Test Organization Root Tr Token 419s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001 419s + token_name='Test Organization Root Tr Token' 419s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 419s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-root-CA-trusted-certificate-0001 ']' 419s + echo 'Test Organization Root Tr Token' 419s + '[' -n partial_chain ']' 419s + local verify_arg=--verify=partial_chain 419s + local output_base_name=SSSD-child-9665 419s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-9665.output 419s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-9665.pem 419s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem 419s [p11_child[2371]] [main] (0x0400): p11_child started. 419s [p11_child[2371]] [main] (0x2000): Running in [pre-auth] mode. 419s [p11_child[2371]] [main] (0x2000): Running with effective IDs: [0][0]. 419s [p11_child[2371]] [main] (0x2000): Running with real IDs [0][0]. 419s [p11_child[2371]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 419s [p11_child[2371]] [do_card] (0x4000): Module List: 419s [p11_child[2371]] [do_card] (0x4000): common name: [softhsm2]. 419s [p11_child[2371]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 419s [p11_child[2371]] [do_card] (0x4000): Description [SoftHSM slot ID 0x50082065] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 419s [p11_child[2371]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 419s [p11_child[2371]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x50082065][1342709861] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 419s [p11_child[2371]] [do_card] (0x4000): Login NOT required. 419s [p11_child[2371]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 419s [p11_child[2371]] [do_verification] (0x0040): X509_verify_cert failed [0]. 419s [p11_child[2371]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 419s [p11_child[2371]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 419s [p11_child[2371]] [do_card] (0x4000): No certificate found. 419s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-9665.output 419s + return 2 419s + invalid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 /dev/null 419s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 /dev/null 419s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 419s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27330 419s + local key_ring=/dev/null 419s + local verify_option= 419s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 419s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 419s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27330 419s + local key_cn 419s + local key_name 419s + local tokens_dir 419s + local output_cert_file 419s + token_name= 419s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem .pem 419s + key_name=test-intermediate-CA-trusted-certificate-0001 419s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 419s ++ sed -n 's/ *commonName *= //p' 419s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 419s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 419s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 419s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 419s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 419s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001 419s + token_name='Test Organization Interme Token' 419s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 419s + local key_file 419s + local decrypted_key 419s + mkdir -p /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001 419s + key_file=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001-key.pem 419s + decrypted_key=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 419s + cat 419s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 053350 --so-pin 053350 --free 419s Slot 0 has a free/uninitialized token. 419s The token has been initialized and is reassigned to slot 823021204 419s + softhsm2-util --show-slots 419s Available slots: 419s Slot 823021204 419s Slot info: 419s Description: SoftHSM slot ID 0x310e4e94 419s Manufacturer ID: SoftHSM project 419s Hardware version: 2.6 419s Firmware version: 2.6 419s Token present: yes 419s Token info: 419s Manufacturer ID: SoftHSM project 419s Model: SoftHSM v2 419s Hardware version: 2.6 419s Firmware version: 2.6 419s Serial number: 7ac44fedb10e4e94 419s Initialized: yes 419s User PIN init.: yes 419s Label: Test Organization Interme Token 419s Slot 1 419s Slot info: 419s Description: SoftHSM slot ID 0x1 419s Manufacturer ID: SoftHSM project 419s Hardware version: 2.6 419s Firmware version: 2.6 419s Token present: yes 419s Token info: 419s Manufacturer ID: SoftHSM project 419s Model: SoftHSM v2 419s Hardware version: 2.6 419s Firmware version: 2.6 419s Serial number: 419s Initialized: no 419s User PIN init.: no 419s Label: 419s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 419s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-27330 -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 419s writing RSA key 419s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 419s + rm /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 419s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 419s Object 0: 419s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=7ac44fedb10e4e94;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 419s Type: X.509 Certificate (RSA-1024) 419s Expires: Sat Jan 17 18:13:13 2026 419s Label: Test Organization Intermediate Trusted Certificate 0001 419s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 419s 419s Test Organization Interme Token 419s + echo 'Test Organization Interme Token' 419s + '[' -n '' ']' 419s + local output_base_name=SSSD-child-13345 419s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-13345.output 419s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-13345.pem 419s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 419s [p11_child[2387]] [main] (0x0400): p11_child started. 419s [p11_child[2387]] [main] (0x2000): Running in [pre-auth] mode. 419s [p11_child[2387]] [main] (0x2000): Running with effective IDs: [0][0]. 419s [p11_child[2387]] [main] (0x2000): Running with real IDs [0][0]. 419s [p11_child[2387]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 419s [p11_child[2387]] [do_work] (0x0040): init_verification failed. 419s [p11_child[2387]] [main] (0x0020): p11_child failed (5) 419s + return 2 419s + valid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 /dev/null no_verification 419s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 /dev/null no_verification 419s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 419s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27330 419s + local key_ring=/dev/null 419s + local verify_option=no_verification 419s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 419s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 419s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27330 419s + local key_cn 419s + local key_name 419s + local tokens_dir 419s + local output_cert_file 419s + token_name= 419s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem .pem 419s + key_name=test-intermediate-CA-trusted-certificate-0001 419s ++ sed -n 's/ *commonName *= //p' 419s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 419s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 419s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 419s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 419s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 420s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 420s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001 420s + token_name='Test Organization Interme Token' 420s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 420s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 420s + echo 'Test Organization Interme Token' 420s + '[' -n no_verification ']' 420s + local verify_arg=--verify=no_verification 420s + local output_base_name=SSSD-child-20845 420s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-20845.output 420s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-20845.pem 420s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 420s Test Organization Interme Token 420s [p11_child[2393]] [main] (0x0400): p11_child started. 420s [p11_child[2393]] [main] (0x2000): Running in [pre-auth] mode. 420s [p11_child[2393]] [main] (0x2000): Running with effective IDs: [0][0]. 420s [p11_child[2393]] [main] (0x2000): Running with real IDs [0][0]. 420s [p11_child[2393]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 420s [p11_child[2393]] [do_card] (0x4000): Module List: 420s [p11_child[2393]] [do_card] (0x4000): common name: [softhsm2]. 420s [p11_child[2393]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2393]] [do_card] (0x4000): Description [SoftHSM slot ID 0x310e4e94] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 420s [p11_child[2393]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 420s [p11_child[2393]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x310e4e94][823021204] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2393]] [do_card] (0x4000): Login NOT required. 420s [p11_child[2393]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 420s [p11_child[2393]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 420s [p11_child[2393]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x310e4e94;slot-manufacturer=SoftHSM%20project;slot-id=823021204;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=7ac44fedb10e4e94;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 420s [p11_child[2393]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 420s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-20845.output 420s + echo '-----BEGIN CERTIFICATE-----' 420s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-20845.output 420s + echo '-----END CERTIFICATE-----' 420s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-20845.pem 420s Certificate: 420s Data: 420s Version: 3 (0x2) 420s Serial Number: 4 (0x4) 420s Signature Algorithm: sha256WithRSAEncryption 420s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate CA 420s Validity 420s Not Before: Jan 17 18:13:13 2025 GMT 420s Not After : Jan 17 18:13:13 2026 GMT 420s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate Trusted Certificate 0001 420s Subject Public Key Info: 420s Public Key Algorithm: rsaEncryption 420s Public-Key: (1024 bit) 420s Modulus: 420s 00:a3:a6:e7:53:00:bd:b3:08:3f:20:2f:42:2e:10: 420s 5b:88:4f:16:48:11:a4:a0:75:46:91:09:79:1d:a5: 420s 2a:b8:65:10:55:48:9e:70:a1:16:dd:68:a2:b7:91: 420s 8b:9d:86:03:47:ea:a6:d1:92:3d:ab:18:b3:fe:a9: 420s 15:3a:7f:f1:c7:e9:f4:a5:e9:b6:9f:31:c8:b5:54: 420s 76:24:78:04:6b:aa:19:2e:93:1f:49:94:1c:c1:58: 420s 5c:b3:f6:a0:c3:94:67:c8:e1:32:6d:2c:50:50:78: 420s c4:7d:d7:f7:0b:a3:7a:a1:a6:da:7b:ca:04:49:2d: 420s 16:b1:72:49:e7:ad:e3:d1:59 420s Exponent: 65537 (0x10001) 420s X509v3 extensions: 420s X509v3 Authority Key Identifier: 420s D6:45:A0:D2:F3:22:1F:83:2D:9C:D3:DE:19:BA:48:BE:7C:9E:88:B2 420s X509v3 Basic Constraints: 420s CA:FALSE 420s Netscape Cert Type: 420s SSL Client, S/MIME 420s Netscape Comment: 420s Test Organization Intermediate CA trusted Certificate 420s X509v3 Subject Key Identifier: 420s 67:A0:11:61:E5:33:05:8F:DA:91:17:33:40:69:9C:87:4F:34:C4:59 420s X509v3 Key Usage: critical 420s Digital Signature, Non Repudiation, Key Encipherment 420s X509v3 Extended Key Usage: 420s TLS Web Client Authentication, E-mail Protection 420s X509v3 Subject Alternative Name: 420s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 420s Signature Algorithm: sha256WithRSAEncryption 420s Signature Value: 420s bf:cf:f1:d5:36:65:0d:85:d5:47:a6:85:e9:3d:6c:4d:58:c2: 420s b9:63:97:f9:ae:28:9f:d9:cb:b1:ae:23:60:de:e7:90:a4:4b: 420s af:68:1d:ae:cb:8c:73:98:6d:70:e3:5a:0e:3f:94:3d:a7:18: 420s 61:8a:96:7f:10:fb:2f:d2:b7:3f:bd:f2:46:59:ef:66:42:d8: 420s 6c:a5:08:9f:08:f6:bf:a6:b1:2c:05:bf:c7:54:ca:a7:b0:e7: 420s 8e:36:fc:63:21:1c:40:0c:8a:1c:cb:a4:73:bd:fe:b9:59:32: 420s 73:57:36:e5:9f:b5:30:b7:b0:62:e9:e6:85:14:20:91:3d:84: 420s ac:84 420s + local found_md5 expected_md5 420s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s + expected_md5=Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 420s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-20845.pem 420s + found_md5=Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 420s + '[' Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 '!=' Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 ']' 420s + output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-20845-auth.output 420s ++ basename /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-20845-auth.output .output 420s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-20845-auth.pem 420s + echo -n 053350 420s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 420s [p11_child[2401]] [main] (0x0400): p11_child started. 420s [p11_child[2401]] [main] (0x2000): Running in [auth] mode. 420s [p11_child[2401]] [main] (0x2000): Running with effective IDs: [0][0]. 420s [p11_child[2401]] [main] (0x2000): Running with real IDs [0][0]. 420s [p11_child[2401]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 420s [p11_child[2401]] [do_card] (0x4000): Module List: 420s [p11_child[2401]] [do_card] (0x4000): common name: [softhsm2]. 420s [p11_child[2401]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2401]] [do_card] (0x4000): Description [SoftHSM slot ID 0x310e4e94] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 420s [p11_child[2401]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 420s [p11_child[2401]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x310e4e94][823021204] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2401]] [do_card] (0x4000): Login required. 420s [p11_child[2401]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 420s [p11_child[2401]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 420s [p11_child[2401]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x310e4e94;slot-manufacturer=SoftHSM%20project;slot-id=823021204;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=7ac44fedb10e4e94;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 420s [p11_child[2401]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 420s [p11_child[2401]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 420s [p11_child[2401]] [do_card] (0x4000): Certificate verified and validated. 420s [p11_child[2401]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 420s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-20845-auth.output 420s + echo '-----BEGIN CERTIFICATE-----' 420s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-20845-auth.output 420s + echo '-----END CERTIFICATE-----' 420s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-20845-auth.pem 420s Certificate: 420s Data: 420s Version: 3 (0x2) 420s Serial Number: 4 (0x4) 420s Signature Algorithm: sha256WithRSAEncryption 420s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate CA 420s Validity 420s Not Before: Jan 17 18:13:13 2025 GMT 420s Not After : Jan 17 18:13:13 2026 GMT 420s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate Trusted Certificate 0001 420s Subject Public Key Info: 420s Public Key Algorithm: rsaEncryption 420s Public-Key: (1024 bit) 420s Modulus: 420s 00:a3:a6:e7:53:00:bd:b3:08:3f:20:2f:42:2e:10: 420s 5b:88:4f:16:48:11:a4:a0:75:46:91:09:79:1d:a5: 420s 2a:b8:65:10:55:48:9e:70:a1:16:dd:68:a2:b7:91: 420s 8b:9d:86:03:47:ea:a6:d1:92:3d:ab:18:b3:fe:a9: 420s 15:3a:7f:f1:c7:e9:f4:a5:e9:b6:9f:31:c8:b5:54: 420s 76:24:78:04:6b:aa:19:2e:93:1f:49:94:1c:c1:58: 420s 5c:b3:f6:a0:c3:94:67:c8:e1:32:6d:2c:50:50:78: 420s c4:7d:d7:f7:0b:a3:7a:a1:a6:da:7b:ca:04:49:2d: 420s 16:b1:72:49:e7:ad:e3:d1:59 420s Exponent: 65537 (0x10001) 420s X509v3 extensions: 420s X509v3 Authority Key Identifier: 420s D6:45:A0:D2:F3:22:1F:83:2D:9C:D3:DE:19:BA:48:BE:7C:9E:88:B2 420s X509v3 Basic Constraints: 420s CA:FALSE 420s Netscape Cert Type: 420s SSL Client, S/MIME 420s Netscape Comment: 420s Test Organization Intermediate CA trusted Certificate 420s X509v3 Subject Key Identifier: 420s 67:A0:11:61:E5:33:05:8F:DA:91:17:33:40:69:9C:87:4F:34:C4:59 420s X509v3 Key Usage: critical 420s Digital Signature, Non Repudiation, Key Encipherment 420s X509v3 Extended Key Usage: 420s TLS Web Client Authentication, E-mail Protection 420s X509v3 Subject Alternative Name: 420s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 420s Signature Algorithm: sha256WithRSAEncryption 420s Signature Value: 420s bf:cf:f1:d5:36:65:0d:85:d5:47:a6:85:e9:3d:6c:4d:58:c2: 420s b9:63:97:f9:ae:28:9f:d9:cb:b1:ae:23:60:de:e7:90:a4:4b: 420s af:68:1d:ae:cb:8c:73:98:6d:70:e3:5a:0e:3f:94:3d:a7:18: 420s 61:8a:96:7f:10:fb:2f:d2:b7:3f:bd:f2:46:59:ef:66:42:d8: 420s 6c:a5:08:9f:08:f6:bf:a6:b1:2c:05:bf:c7:54:ca:a7:b0:e7: 420s 8e:36:fc:63:21:1c:40:0c:8a:1c:cb:a4:73:bd:fe:b9:59:32: 420s 73:57:36:e5:9f:b5:30:b7:b0:62:e9:e6:85:14:20:91:3d:84: 420s ac:84 420s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-20845-auth.pem 420s + found_md5=Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 420s + '[' Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 '!=' Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 ']' 420s + invalid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 420s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 420s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 420s + local verify_option= 420s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local key_cn 420s + local key_name 420s + local tokens_dir 420s + local output_cert_file 420s + token_name= 420s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem .pem 420s + key_name=test-intermediate-CA-trusted-certificate-0001 420s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s ++ sed -n 's/ *commonName *= //p' 420s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 420s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 420s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 420s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 420s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 420s Test Organization Interme Token 420s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001 420s + token_name='Test Organization Interme Token' 420s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 420s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 420s + echo 'Test Organization Interme Token' 420s + '[' -n '' ']' 420s + local output_base_name=SSSD-child-15271 420s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-15271.output 420s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-15271.pem 420s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 420s [p11_child[2411]] [main] (0x0400): p11_child started. 420s [p11_child[2411]] [main] (0x2000): Running in [pre-auth] mode. 420s [p11_child[2411]] [main] (0x2000): Running with effective IDs: [0][0]. 420s [p11_child[2411]] [main] (0x2000): Running with real IDs [0][0]. 420s [p11_child[2411]] [do_card] (0x4000): Module List: 420s [p11_child[2411]] [do_card] (0x4000): common name: [softhsm2]. 420s [p11_child[2411]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2411]] [do_card] (0x4000): Description [SoftHSM slot ID 0x310e4e94] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 420s [p11_child[2411]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 420s [p11_child[2411]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x310e4e94][823021204] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2411]] [do_card] (0x4000): Login NOT required. 420s [p11_child[2411]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 420s [p11_child[2411]] [do_verification] (0x0040): X509_verify_cert failed [0]. 420s [p11_child[2411]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 420s [p11_child[2411]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 420s [p11_child[2411]] [do_card] (0x4000): No certificate found. 420s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-15271.output 420s + return 2 420s + invalid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem partial_chain 420s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem partial_chain 420s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 420s + local verify_option=partial_chain 420s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local key_cn 420s + local key_name 420s + local tokens_dir 420s + local output_cert_file 420s + token_name= 420s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem .pem 420s + key_name=test-intermediate-CA-trusted-certificate-0001 420s ++ sed -n 's/ *commonName *= //p' 420s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 420s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 420s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 420s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 420s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 420s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001 420s Test Organization Interme Token 420s + token_name='Test Organization Interme Token' 420s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 420s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 420s + echo 'Test Organization Interme Token' 420s + '[' -n partial_chain ']' 420s + local verify_arg=--verify=partial_chain 420s + local output_base_name=SSSD-child-30134 420s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-30134.output 420s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-30134.pem 420s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 420s [p11_child[2418]] [main] (0x0400): p11_child started. 420s [p11_child[2418]] [main] (0x2000): Running in [pre-auth] mode. 420s [p11_child[2418]] [main] (0x2000): Running with effective IDs: [0][0]. 420s [p11_child[2418]] [main] (0x2000): Running with real IDs [0][0]. 420s [p11_child[2418]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 420s [p11_child[2418]] [do_card] (0x4000): Module List: 420s [p11_child[2418]] [do_card] (0x4000): common name: [softhsm2]. 420s [p11_child[2418]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2418]] [do_card] (0x4000): Description [SoftHSM slot ID 0x310e4e94] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 420s [p11_child[2418]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 420s [p11_child[2418]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x310e4e94][823021204] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2418]] [do_card] (0x4000): Login NOT required. 420s [p11_child[2418]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 420s [p11_child[2418]] [do_verification] (0x0040): X509_verify_cert failed [0]. 420s [p11_child[2418]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 420s [p11_child[2418]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 420s [p11_child[2418]] [do_card] (0x4000): No certificate found. 420s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-30134.output 420s + return 2 420s + valid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 420s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 420s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 420s + local verify_option= 420s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local key_cn 420s + local key_name 420s + local tokens_dir 420s + local output_cert_file 420s + token_name= 420s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem .pem 420s + key_name=test-intermediate-CA-trusted-certificate-0001 420s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s ++ sed -n 's/ *commonName *= //p' 420s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 420s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 420s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 420s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 420s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 420s Test Organization Interme Token 420s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001 420s + token_name='Test Organization Interme Token' 420s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 420s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 420s + echo 'Test Organization Interme Token' 420s + '[' -n '' ']' 420s + local output_base_name=SSSD-child-10933 420s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10933.output 420s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10933.pem 420s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 420s [p11_child[2425]] [main] (0x0400): p11_child started. 420s [p11_child[2425]] [main] (0x2000): Running in [pre-auth] mode. 420s [p11_child[2425]] [main] (0x2000): Running with effective IDs: [0][0]. 420s [p11_child[2425]] [main] (0x2000): Running with real IDs [0][0]. 420s [p11_child[2425]] [do_card] (0x4000): Module List: 420s [p11_child[2425]] [do_card] (0x4000): common name: [softhsm2]. 420s [p11_child[2425]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2425]] [do_card] (0x4000): Description [SoftHSM slot ID 0x310e4e94] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 420s [p11_child[2425]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 420s [p11_child[2425]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x310e4e94][823021204] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2425]] [do_card] (0x4000): Login NOT required. 420s [p11_child[2425]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 420s [p11_child[2425]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 420s [p11_child[2425]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 420s [p11_child[2425]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x310e4e94;slot-manufacturer=SoftHSM%20project;slot-id=823021204;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=7ac44fedb10e4e94;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 420s [p11_child[2425]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 420s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10933.output 420s + echo '-----BEGIN CERTIFICATE-----' 420s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10933.output 420s + echo '-----END CERTIFICATE-----' 420s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10933.pem 420s Certificate: 420s Data: 420s Version: 3 (0x2) 420s Serial Number: 4 (0x4) 420s Signature Algorithm: sha256WithRSAEncryption 420s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate CA 420s Validity 420s Not Before: Jan 17 18:13:13 2025 GMT 420s Not After : Jan 17 18:13:13 2026 GMT 420s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate Trusted Certificate 0001 420s Subject Public Key Info: 420s Public Key Algorithm: rsaEncryption 420s Public-Key: (1024 bit) 420s Modulus: 420s 00:a3:a6:e7:53:00:bd:b3:08:3f:20:2f:42:2e:10: 420s 5b:88:4f:16:48:11:a4:a0:75:46:91:09:79:1d:a5: 420s 2a:b8:65:10:55:48:9e:70:a1:16:dd:68:a2:b7:91: 420s 8b:9d:86:03:47:ea:a6:d1:92:3d:ab:18:b3:fe:a9: 420s 15:3a:7f:f1:c7:e9:f4:a5:e9:b6:9f:31:c8:b5:54: 420s 76:24:78:04:6b:aa:19:2e:93:1f:49:94:1c:c1:58: 420s 5c:b3:f6:a0:c3:94:67:c8:e1:32:6d:2c:50:50:78: 420s c4:7d:d7:f7:0b:a3:7a:a1:a6:da:7b:ca:04:49:2d: 420s 16:b1:72:49:e7:ad:e3:d1:59 420s Exponent: 65537 (0x10001) 420s X509v3 extensions: 420s X509v3 Authority Key Identifier: 420s D6:45:A0:D2:F3:22:1F:83:2D:9C:D3:DE:19:BA:48:BE:7C:9E:88:B2 420s X509v3 Basic Constraints: 420s CA:FALSE 420s Netscape Cert Type: 420s SSL Client, S/MIME 420s Netscape Comment: 420s Test Organization Intermediate CA trusted Certificate 420s X509v3 Subject Key Identifier: 420s 67:A0:11:61:E5:33:05:8F:DA:91:17:33:40:69:9C:87:4F:34:C4:59 420s X509v3 Key Usage: critical 420s Digital Signature, Non Repudiation, Key Encipherment 420s X509v3 Extended Key Usage: 420s TLS Web Client Authentication, E-mail Protection 420s X509v3 Subject Alternative Name: 420s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 420s Signature Algorithm: sha256WithRSAEncryption 420s Signature Value: 420s bf:cf:f1:d5:36:65:0d:85:d5:47:a6:85:e9:3d:6c:4d:58:c2: 420s b9:63:97:f9:ae:28:9f:d9:cb:b1:ae:23:60:de:e7:90:a4:4b: 420s af:68:1d:ae:cb:8c:73:98:6d:70:e3:5a:0e:3f:94:3d:a7:18: 420s 61:8a:96:7f:10:fb:2f:d2:b7:3f:bd:f2:46:59:ef:66:42:d8: 420s 6c:a5:08:9f:08:f6:bf:a6:b1:2c:05:bf:c7:54:ca:a7:b0:e7: 420s 8e:36:fc:63:21:1c:40:0c:8a:1c:cb:a4:73:bd:fe:b9:59:32: 420s 73:57:36:e5:9f:b5:30:b7:b0:62:e9:e6:85:14:20:91:3d:84: 420s ac:84 420s + local found_md5 expected_md5 420s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s + expected_md5=Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 420s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10933.pem 420s + found_md5=Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 420s + '[' Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 '!=' Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 ']' 420s + output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10933-auth.output 420s ++ basename /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10933-auth.output .output 420s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10933-auth.pem 420s + echo -n 053350 420s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 420s [p11_child[2433]] [main] (0x0400): p11_child started. 420s [p11_child[2433]] [main] (0x2000): Running in [auth] mode. 420s [p11_child[2433]] [main] (0x2000): Running with effective IDs: [0][0]. 420s [p11_child[2433]] [main] (0x2000): Running with real IDs [0][0]. 420s [p11_child[2433]] [do_card] (0x4000): Module List: 420s [p11_child[2433]] [do_card] (0x4000): common name: [softhsm2]. 420s [p11_child[2433]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2433]] [do_card] (0x4000): Description [SoftHSM slot ID 0x310e4e94] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 420s [p11_child[2433]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 420s [p11_child[2433]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x310e4e94][823021204] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2433]] [do_card] (0x4000): Login required. 420s [p11_child[2433]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 420s [p11_child[2433]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 420s [p11_child[2433]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 420s [p11_child[2433]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x310e4e94;slot-manufacturer=SoftHSM%20project;slot-id=823021204;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=7ac44fedb10e4e94;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 420s [p11_child[2433]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 420s [p11_child[2433]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 420s [p11_child[2433]] [do_card] (0x4000): Certificate verified and validated. 420s [p11_child[2433]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 420s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10933-auth.output 420s + echo '-----BEGIN CERTIFICATE-----' 420s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10933-auth.output 420s + echo '-----END CERTIFICATE-----' 420s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10933-auth.pem 420s Certificate: 420s Data: 420s Version: 3 (0x2) 420s Serial Number: 4 (0x4) 420s Signature Algorithm: sha256WithRSAEncryption 420s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate CA 420s Validity 420s Not Before: Jan 17 18:13:13 2025 GMT 420s Not After : Jan 17 18:13:13 2026 GMT 420s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate Trusted Certificate 0001 420s Subject Public Key Info: 420s Public Key Algorithm: rsaEncryption 420s Public-Key: (1024 bit) 420s Modulus: 420s 00:a3:a6:e7:53:00:bd:b3:08:3f:20:2f:42:2e:10: 420s 5b:88:4f:16:48:11:a4:a0:75:46:91:09:79:1d:a5: 420s 2a:b8:65:10:55:48:9e:70:a1:16:dd:68:a2:b7:91: 420s 8b:9d:86:03:47:ea:a6:d1:92:3d:ab:18:b3:fe:a9: 420s 15:3a:7f:f1:c7:e9:f4:a5:e9:b6:9f:31:c8:b5:54: 420s 76:24:78:04:6b:aa:19:2e:93:1f:49:94:1c:c1:58: 420s 5c:b3:f6:a0:c3:94:67:c8:e1:32:6d:2c:50:50:78: 420s c4:7d:d7:f7:0b:a3:7a:a1:a6:da:7b:ca:04:49:2d: 420s 16:b1:72:49:e7:ad:e3:d1:59 420s Exponent: 65537 (0x10001) 420s X509v3 extensions: 420s X509v3 Authority Key Identifier: 420s D6:45:A0:D2:F3:22:1F:83:2D:9C:D3:DE:19:BA:48:BE:7C:9E:88:B2 420s X509v3 Basic Constraints: 420s CA:FALSE 420s Netscape Cert Type: 420s SSL Client, S/MIME 420s Netscape Comment: 420s Test Organization Intermediate CA trusted Certificate 420s X509v3 Subject Key Identifier: 420s 67:A0:11:61:E5:33:05:8F:DA:91:17:33:40:69:9C:87:4F:34:C4:59 420s X509v3 Key Usage: critical 420s Digital Signature, Non Repudiation, Key Encipherment 420s X509v3 Extended Key Usage: 420s TLS Web Client Authentication, E-mail Protection 420s X509v3 Subject Alternative Name: 420s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 420s Signature Algorithm: sha256WithRSAEncryption 420s Signature Value: 420s bf:cf:f1:d5:36:65:0d:85:d5:47:a6:85:e9:3d:6c:4d:58:c2: 420s b9:63:97:f9:ae:28:9f:d9:cb:b1:ae:23:60:de:e7:90:a4:4b: 420s af:68:1d:ae:cb:8c:73:98:6d:70:e3:5a:0e:3f:94:3d:a7:18: 420s 61:8a:96:7f:10:fb:2f:d2:b7:3f:bd:f2:46:59:ef:66:42:d8: 420s 6c:a5:08:9f:08:f6:bf:a6:b1:2c:05:bf:c7:54:ca:a7:b0:e7: 420s 8e:36:fc:63:21:1c:40:0c:8a:1c:cb:a4:73:bd:fe:b9:59:32: 420s 73:57:36:e5:9f:b5:30:b7:b0:62:e9:e6:85:14:20:91:3d:84: 420s ac:84 420s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10933-auth.pem 420s + found_md5=Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 420s + '[' Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 '!=' Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 ']' 420s + valid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem partial_chain 420s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem partial_chain 420s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 420s + local verify_option=partial_chain 420s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local key_cn 420s + local key_name 420s + local tokens_dir 420s + local output_cert_file 420s + token_name= 420s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem .pem 420s + key_name=test-intermediate-CA-trusted-certificate-0001 420s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s ++ sed -n 's/ *commonName *= //p' 420s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 420s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 420s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 420s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 420s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 420s Test Organization Interme Token 420s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001 420s + token_name='Test Organization Interme Token' 420s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 420s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 420s + echo 'Test Organization Interme Token' 420s + '[' -n partial_chain ']' 420s + local verify_arg=--verify=partial_chain 420s + local output_base_name=SSSD-child-29161 420s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-29161.output 420s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-29161.pem 420s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 420s [p11_child[2443]] [main] (0x0400): p11_child started. 420s [p11_child[2443]] [main] (0x2000): Running in [pre-auth] mode. 420s [p11_child[2443]] [main] (0x2000): Running with effective IDs: [0][0]. 420s [p11_child[2443]] [main] (0x2000): Running with real IDs [0][0]. 420s [p11_child[2443]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 420s [p11_child[2443]] [do_card] (0x4000): Module List: 420s [p11_child[2443]] [do_card] (0x4000): common name: [softhsm2]. 420s [p11_child[2443]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2443]] [do_card] (0x4000): Description [SoftHSM slot ID 0x310e4e94] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 420s [p11_child[2443]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 420s [p11_child[2443]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x310e4e94][823021204] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2443]] [do_card] (0x4000): Login NOT required. 420s [p11_child[2443]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 420s [p11_child[2443]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 420s [p11_child[2443]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 420s [p11_child[2443]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x310e4e94;slot-manufacturer=SoftHSM%20project;slot-id=823021204;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=7ac44fedb10e4e94;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 420s [p11_child[2443]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 420s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-29161.output 420s + echo '-----BEGIN CERTIFICATE-----' 420s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-29161.output 420s + echo '-----END CERTIFICATE-----' 420s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-29161.pem 420s Certificate: 420s Data: 420s Version: 3 (0x2) 420s Serial Number: 4 (0x4) 420s Signature Algorithm: sha256WithRSAEncryption 420s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate CA 420s Validity 420s Not Before: Jan 17 18:13:13 2025 GMT 420s Not After : Jan 17 18:13:13 2026 GMT 420s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate Trusted Certificate 0001 420s Subject Public Key Info: 420s Public Key Algorithm: rsaEncryption 420s Public-Key: (1024 bit) 420s Modulus: 420s 00:a3:a6:e7:53:00:bd:b3:08:3f:20:2f:42:2e:10: 420s 5b:88:4f:16:48:11:a4:a0:75:46:91:09:79:1d:a5: 420s 2a:b8:65:10:55:48:9e:70:a1:16:dd:68:a2:b7:91: 420s 8b:9d:86:03:47:ea:a6:d1:92:3d:ab:18:b3:fe:a9: 420s 15:3a:7f:f1:c7:e9:f4:a5:e9:b6:9f:31:c8:b5:54: 420s 76:24:78:04:6b:aa:19:2e:93:1f:49:94:1c:c1:58: 420s 5c:b3:f6:a0:c3:94:67:c8:e1:32:6d:2c:50:50:78: 420s c4:7d:d7:f7:0b:a3:7a:a1:a6:da:7b:ca:04:49:2d: 420s 16:b1:72:49:e7:ad:e3:d1:59 420s Exponent: 65537 (0x10001) 420s X509v3 extensions: 420s X509v3 Authority Key Identifier: 420s D6:45:A0:D2:F3:22:1F:83:2D:9C:D3:DE:19:BA:48:BE:7C:9E:88:B2 420s X509v3 Basic Constraints: 420s CA:FALSE 420s Netscape Cert Type: 420s SSL Client, S/MIME 420s Netscape Comment: 420s Test Organization Intermediate CA trusted Certificate 420s X509v3 Subject Key Identifier: 420s 67:A0:11:61:E5:33:05:8F:DA:91:17:33:40:69:9C:87:4F:34:C4:59 420s X509v3 Key Usage: critical 420s Digital Signature, Non Repudiation, Key Encipherment 420s X509v3 Extended Key Usage: 420s TLS Web Client Authentication, E-mail Protection 420s X509v3 Subject Alternative Name: 420s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 420s Signature Algorithm: sha256WithRSAEncryption 420s Signature Value: 420s bf:cf:f1:d5:36:65:0d:85:d5:47:a6:85:e9:3d:6c:4d:58:c2: 420s b9:63:97:f9:ae:28:9f:d9:cb:b1:ae:23:60:de:e7:90:a4:4b: 420s af:68:1d:ae:cb:8c:73:98:6d:70:e3:5a:0e:3f:94:3d:a7:18: 420s 61:8a:96:7f:10:fb:2f:d2:b7:3f:bd:f2:46:59:ef:66:42:d8: 420s 6c:a5:08:9f:08:f6:bf:a6:b1:2c:05:bf:c7:54:ca:a7:b0:e7: 420s 8e:36:fc:63:21:1c:40:0c:8a:1c:cb:a4:73:bd:fe:b9:59:32: 420s 73:57:36:e5:9f:b5:30:b7:b0:62:e9:e6:85:14:20:91:3d:84: 420s ac:84 420s + local found_md5 expected_md5 420s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s + expected_md5=Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 420s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-29161.pem 420s + found_md5=Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 420s + '[' Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 '!=' Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 ']' 420s + output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-29161-auth.output 420s ++ basename /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-29161-auth.output .output 420s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-29161-auth.pem 420s + echo -n 053350 420s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 420s [p11_child[2451]] [main] (0x0400): p11_child started. 420s [p11_child[2451]] [main] (0x2000): Running in [auth] mode. 420s [p11_child[2451]] [main] (0x2000): Running with effective IDs: [0][0]. 420s [p11_child[2451]] [main] (0x2000): Running with real IDs [0][0]. 420s [p11_child[2451]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 420s [p11_child[2451]] [do_card] (0x4000): Module List: 420s [p11_child[2451]] [do_card] (0x4000): common name: [softhsm2]. 420s [p11_child[2451]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2451]] [do_card] (0x4000): Description [SoftHSM slot ID 0x310e4e94] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 420s [p11_child[2451]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 420s [p11_child[2451]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x310e4e94][823021204] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2451]] [do_card] (0x4000): Login required. 420s [p11_child[2451]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 420s [p11_child[2451]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 420s [p11_child[2451]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 420s [p11_child[2451]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x310e4e94;slot-manufacturer=SoftHSM%20project;slot-id=823021204;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=7ac44fedb10e4e94;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 420s [p11_child[2451]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 420s [p11_child[2451]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 420s [p11_child[2451]] [do_card] (0x4000): Certificate verified and validated. 420s [p11_child[2451]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 420s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-29161-auth.output 420s + echo '-----BEGIN CERTIFICATE-----' 420s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-29161-auth.output 420s + echo '-----END CERTIFICATE-----' 420s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-29161-auth.pem 420s Certificate: 420s Data: 420s Version: 3 (0x2) 420s Serial Number: 4 (0x4) 420s Signature Algorithm: sha256WithRSAEncryption 420s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate CA 420s Validity 420s Not Before: Jan 17 18:13:13 2025 GMT 420s Not After : Jan 17 18:13:13 2026 GMT 420s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate Trusted Certificate 0001 420s Subject Public Key Info: 420s Public Key Algorithm: rsaEncryption 420s Public-Key: (1024 bit) 420s Modulus: 420s 00:a3:a6:e7:53:00:bd:b3:08:3f:20:2f:42:2e:10: 420s 5b:88:4f:16:48:11:a4:a0:75:46:91:09:79:1d:a5: 420s 2a:b8:65:10:55:48:9e:70:a1:16:dd:68:a2:b7:91: 420s 8b:9d:86:03:47:ea:a6:d1:92:3d:ab:18:b3:fe:a9: 420s 15:3a:7f:f1:c7:e9:f4:a5:e9:b6:9f:31:c8:b5:54: 420s 76:24:78:04:6b:aa:19:2e:93:1f:49:94:1c:c1:58: 420s 5c:b3:f6:a0:c3:94:67:c8:e1:32:6d:2c:50:50:78: 420s c4:7d:d7:f7:0b:a3:7a:a1:a6:da:7b:ca:04:49:2d: 420s 16:b1:72:49:e7:ad:e3:d1:59 420s Exponent: 65537 (0x10001) 420s X509v3 extensions: 420s X509v3 Authority Key Identifier: 420s D6:45:A0:D2:F3:22:1F:83:2D:9C:D3:DE:19:BA:48:BE:7C:9E:88:B2 420s X509v3 Basic Constraints: 420s CA:FALSE 420s Netscape Cert Type: 420s SSL Client, S/MIME 420s Netscape Comment: 420s Test Organization Intermediate CA trusted Certificate 420s X509v3 Subject Key Identifier: 420s 67:A0:11:61:E5:33:05:8F:DA:91:17:33:40:69:9C:87:4F:34:C4:59 420s X509v3 Key Usage: critical 420s Digital Signature, Non Repudiation, Key Encipherment 420s X509v3 Extended Key Usage: 420s TLS Web Client Authentication, E-mail Protection 420s X509v3 Subject Alternative Name: 420s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 420s Signature Algorithm: sha256WithRSAEncryption 420s Signature Value: 420s bf:cf:f1:d5:36:65:0d:85:d5:47:a6:85:e9:3d:6c:4d:58:c2: 420s b9:63:97:f9:ae:28:9f:d9:cb:b1:ae:23:60:de:e7:90:a4:4b: 420s af:68:1d:ae:cb:8c:73:98:6d:70:e3:5a:0e:3f:94:3d:a7:18: 420s 61:8a:96:7f:10:fb:2f:d2:b7:3f:bd:f2:46:59:ef:66:42:d8: 420s 6c:a5:08:9f:08:f6:bf:a6:b1:2c:05:bf:c7:54:ca:a7:b0:e7: 420s 8e:36:fc:63:21:1c:40:0c:8a:1c:cb:a4:73:bd:fe:b9:59:32: 420s 73:57:36:e5:9f:b5:30:b7:b0:62:e9:e6:85:14:20:91:3d:84: 420s ac:84 420s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-29161-auth.pem 420s + found_md5=Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 420s + '[' Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 '!=' Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 ']' 420s + invalid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem 420s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem 420s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem 420s + local verify_option= 420s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local key_cn 420s + local key_name 420s + local tokens_dir 420s + local output_cert_file 420s + token_name= 420s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem .pem 420s + key_name=test-intermediate-CA-trusted-certificate-0001 420s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s ++ sed -n 's/ *commonName *= //p' 420s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 420s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 420s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 420s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 420s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 420s Test Organization Interme Token 420s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001 420s + token_name='Test Organization Interme Token' 420s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 420s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 420s + echo 'Test Organization Interme Token' 420s + '[' -n '' ']' 420s + local output_base_name=SSSD-child-12250 420s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12250.output 420s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12250.pem 420s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem 420s [p11_child[2461]] [main] (0x0400): p11_child started. 420s [p11_child[2461]] [main] (0x2000): Running in [pre-auth] mode. 420s [p11_child[2461]] [main] (0x2000): Running with effective IDs: [0][0]. 420s [p11_child[2461]] [main] (0x2000): Running with real IDs [0][0]. 420s [p11_child[2461]] [do_card] (0x4000): Module List: 420s [p11_child[2461]] [do_card] (0x4000): common name: [softhsm2]. 420s [p11_child[2461]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2461]] [do_card] (0x4000): Description [SoftHSM slot ID 0x310e4e94] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 420s [p11_child[2461]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 420s [p11_child[2461]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x310e4e94][823021204] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 420s [p11_child[2461]] [do_card] (0x4000): Login NOT required. 420s [p11_child[2461]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 420s [p11_child[2461]] [do_verification] (0x0040): X509_verify_cert failed [0]. 420s [p11_child[2461]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 420s [p11_child[2461]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 420s [p11_child[2461]] [do_card] (0x4000): No certificate found. 420s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12250.output 420s + return 2 420s + valid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem partial_chain 420s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem partial_chain 420s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem 420s + local verify_option=partial_chain 420s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 420s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-27330 420s + local key_cn 420s + local key_name 420s + local tokens_dir 420s + local output_cert_file 420s + token_name= 420s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem .pem 420s + key_name=test-intermediate-CA-trusted-certificate-0001 421s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 421s ++ sed -n 's/ *commonName *= //p' 421s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 421s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 421s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 421s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 421s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 421s Test Organization Interme Token 421s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001 421s + token_name='Test Organization Interme Token' 421s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 421s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 421s + echo 'Test Organization Interme Token' 421s + '[' -n partial_chain ']' 421s + local verify_arg=--verify=partial_chain 421s + local output_base_name=SSSD-child-12990 421s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12990.output 421s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12990.pem 421s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem 421s [p11_child[2468]] [main] (0x0400): p11_child started. 421s [p11_child[2468]] [main] (0x2000): Running in [pre-auth] mode. 421s [p11_child[2468]] [main] (0x2000): Running with effective IDs: [0][0]. 421s [p11_child[2468]] [main] (0x2000): Running with real IDs [0][0]. 421s [p11_child[2468]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 421s [p11_child[2468]] [do_card] (0x4000): Module List: 421s [p11_child[2468]] [do_card] (0x4000): common name: [softhsm2]. 421s [p11_child[2468]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 421s [p11_child[2468]] [do_card] (0x4000): Description [SoftHSM slot ID 0x310e4e94] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 421s [p11_child[2468]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 421s [p11_child[2468]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x310e4e94][823021204] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 421s [p11_child[2468]] [do_card] (0x4000): Login NOT required. 421s [p11_child[2468]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 421s [p11_child[2468]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 421s [p11_child[2468]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 421s [p11_child[2468]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x310e4e94;slot-manufacturer=SoftHSM%20project;slot-id=823021204;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=7ac44fedb10e4e94;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 421s [p11_child[2468]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 421s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12990.output 421s + echo '-----BEGIN CERTIFICATE-----' 421s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12990.output 421s + echo '-----END CERTIFICATE-----' 421s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12990.pem 421s Certificate: 421s Data: 421s Version: 3 (0x2) 421s Serial Number: 4 (0x4) 421s Signature Algorithm: sha256WithRSAEncryption 421s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate CA 421s Validity 421s Not Before: Jan 17 18:13:13 2025 GMT 421s Not After : Jan 17 18:13:13 2026 GMT 421s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate Trusted Certificate 0001 421s Subject Public Key Info: 421s Public Key Algorithm: rsaEncryption 421s Public-Key: (1024 bit) 421s Modulus: 421s 00:a3:a6:e7:53:00:bd:b3:08:3f:20:2f:42:2e:10: 421s 5b:88:4f:16:48:11:a4:a0:75:46:91:09:79:1d:a5: 421s 2a:b8:65:10:55:48:9e:70:a1:16:dd:68:a2:b7:91: 421s 8b:9d:86:03:47:ea:a6:d1:92:3d:ab:18:b3:fe:a9: 421s 15:3a:7f:f1:c7:e9:f4:a5:e9:b6:9f:31:c8:b5:54: 421s 76:24:78:04:6b:aa:19:2e:93:1f:49:94:1c:c1:58: 421s 5c:b3:f6:a0:c3:94:67:c8:e1:32:6d:2c:50:50:78: 421s c4:7d:d7:f7:0b:a3:7a:a1:a6:da:7b:ca:04:49:2d: 421s 16:b1:72:49:e7:ad:e3:d1:59 421s Exponent: 65537 (0x10001) 421s X509v3 extensions: 421s X509v3 Authority Key Identifier: 421s D6:45:A0:D2:F3:22:1F:83:2D:9C:D3:DE:19:BA:48:BE:7C:9E:88:B2 421s X509v3 Basic Constraints: 421s CA:FALSE 421s Netscape Cert Type: 421s SSL Client, S/MIME 421s Netscape Comment: 421s Test Organization Intermediate CA trusted Certificate 421s X509v3 Subject Key Identifier: 421s 67:A0:11:61:E5:33:05:8F:DA:91:17:33:40:69:9C:87:4F:34:C4:59 421s X509v3 Key Usage: critical 421s Digital Signature, Non Repudiation, Key Encipherment 421s X509v3 Extended Key Usage: 421s TLS Web Client Authentication, E-mail Protection 421s X509v3 Subject Alternative Name: 421s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 421s Signature Algorithm: sha256WithRSAEncryption 421s Signature Value: 421s bf:cf:f1:d5:36:65:0d:85:d5:47:a6:85:e9:3d:6c:4d:58:c2: 421s b9:63:97:f9:ae:28:9f:d9:cb:b1:ae:23:60:de:e7:90:a4:4b: 421s af:68:1d:ae:cb:8c:73:98:6d:70:e3:5a:0e:3f:94:3d:a7:18: 421s 61:8a:96:7f:10:fb:2f:d2:b7:3f:bd:f2:46:59:ef:66:42:d8: 421s 6c:a5:08:9f:08:f6:bf:a6:b1:2c:05:bf:c7:54:ca:a7:b0:e7: 421s 8e:36:fc:63:21:1c:40:0c:8a:1c:cb:a4:73:bd:fe:b9:59:32: 421s 73:57:36:e5:9f:b5:30:b7:b0:62:e9:e6:85:14:20:91:3d:84: 421s ac:84 421s + local found_md5 expected_md5 421s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA-trusted-certificate-0001.pem 421s + expected_md5=Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 421s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12990.pem 421s + found_md5=Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 421s + '[' Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 '!=' Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 ']' 421s + output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12990-auth.output 421s ++ basename /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12990-auth.output .output 421s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12990-auth.pem 421s + echo -n 053350 421s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 421s [p11_child[2476]] [main] (0x0400): p11_child started. 421s [p11_child[2476]] [main] (0x2000): Running in [auth] mode. 421s [p11_child[2476]] [main] (0x2000): Running with effective IDs: [0][0]. 421s [p11_child[2476]] [main] (0x2000): Running with real IDs [0][0]. 421s [p11_child[2476]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 421s [p11_child[2476]] [do_card] (0x4000): Module List: 421s [p11_child[2476]] [do_card] (0x4000): common name: [softhsm2]. 421s [p11_child[2476]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 421s [p11_child[2476]] [do_card] (0x4000): Description [SoftHSM slot ID 0x310e4e94] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 421s [p11_child[2476]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 421s [p11_child[2476]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x310e4e94][823021204] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 421s [p11_child[2476]] [do_card] (0x4000): Login required. 421s [p11_child[2476]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 421s [p11_child[2476]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 421s [p11_child[2476]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 421s [p11_child[2476]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x310e4e94;slot-manufacturer=SoftHSM%20project;slot-id=823021204;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=7ac44fedb10e4e94;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 421s [p11_child[2476]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 421s [p11_child[2476]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 421s [p11_child[2476]] [do_card] (0x4000): Certificate verified and validated. 421s [p11_child[2476]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 421s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12990-auth.output 421s + echo '-----BEGIN CERTIFICATE-----' 421s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12990-auth.output 421s + echo '-----END CERTIFICATE-----' 421s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12990-auth.pem 421s Certificate: 421s Data: 421s Version: 3 (0x2) 421s Serial Number: 4 (0x4) 421s Signature Algorithm: sha256WithRSAEncryption 421s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate CA 421s Validity 421s Not Before: Jan 17 18:13:13 2025 GMT 421s Not After : Jan 17 18:13:13 2026 GMT 421s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate Trusted Certificate 0001 421s Subject Public Key Info: 421s Public Key Algorithm: rsaEncryption 421s Public-Key: (1024 bit) 421s Modulus: 421s 00:a3:a6:e7:53:00:bd:b3:08:3f:20:2f:42:2e:10: 421s 5b:88:4f:16:48:11:a4:a0:75:46:91:09:79:1d:a5: 421s 2a:b8:65:10:55:48:9e:70:a1:16:dd:68:a2:b7:91: 421s 8b:9d:86:03:47:ea:a6:d1:92:3d:ab:18:b3:fe:a9: 421s 15:3a:7f:f1:c7:e9:f4:a5:e9:b6:9f:31:c8:b5:54: 421s 76:24:78:04:6b:aa:19:2e:93:1f:49:94:1c:c1:58: 421s 5c:b3:f6:a0:c3:94:67:c8:e1:32:6d:2c:50:50:78: 421s c4:7d:d7:f7:0b:a3:7a:a1:a6:da:7b:ca:04:49:2d: 421s 16:b1:72:49:e7:ad:e3:d1:59 421s Exponent: 65537 (0x10001) 421s X509v3 extensions: 421s X509v3 Authority Key Identifier: 421s D6:45:A0:D2:F3:22:1F:83:2D:9C:D3:DE:19:BA:48:BE:7C:9E:88:B2 421s X509v3 Basic Constraints: 421s CA:FALSE 421s Netscape Cert Type: 421s SSL Client, S/MIME 421s Netscape Comment: 421s Test Organization Intermediate CA trusted Certificate 421s X509v3 Subject Key Identifier: 421s 67:A0:11:61:E5:33:05:8F:DA:91:17:33:40:69:9C:87:4F:34:C4:59 421s X509v3 Key Usage: critical 421s Digital Signature, Non Repudiation, Key Encipherment 421s X509v3 Extended Key Usage: 421s TLS Web Client Authentication, E-mail Protection 421s X509v3 Subject Alternative Name: 421s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 421s Signature Algorithm: sha256WithRSAEncryption 421s Signature Value: 421s bf:cf:f1:d5:36:65:0d:85:d5:47:a6:85:e9:3d:6c:4d:58:c2: 421s b9:63:97:f9:ae:28:9f:d9:cb:b1:ae:23:60:de:e7:90:a4:4b: 421s af:68:1d:ae:cb:8c:73:98:6d:70:e3:5a:0e:3f:94:3d:a7:18: 421s 61:8a:96:7f:10:fb:2f:d2:b7:3f:bd:f2:46:59:ef:66:42:d8: 421s 6c:a5:08:9f:08:f6:bf:a6:b1:2c:05:bf:c7:54:ca:a7:b0:e7: 421s 8e:36:fc:63:21:1c:40:0c:8a:1c:cb:a4:73:bd:fe:b9:59:32: 421s 73:57:36:e5:9f:b5:30:b7:b0:62:e9:e6:85:14:20:91:3d:84: 421s ac:84 421s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12990-auth.pem 421s + found_md5=Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 421s + '[' Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 '!=' Modulus=A3A6E75300BDB3083F202F422E105B884F164811A4A075469109791DA52AB8651055489E70A116DD68A2B7918B9D860347EAA6D1923DAB18B3FEA9153A7FF1C7E9F4A5E9B69F31C8B554762478046BAA192E931F49941CC1585CB3F6A0C39467C8E1326D2C505078C47DD7F70BA37AA1A6DA7BCA04492D16B17249E7ADE3D159 ']' 421s + invalid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 421s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 421s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 421s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29418 421s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 421s + local verify_option= 421s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 421s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 421s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29418 421s + local key_cn 421s + local key_name 421s + local tokens_dir 421s + local output_cert_file 421s + token_name= 421s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 421s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 421s ++ sed -n 's/ *commonName *= //p' 421s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 421s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 421s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 421s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 421s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 421s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 421s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 421s + token_name='Test Organization Sub Int Token' 421s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 421s + local key_file 421s + local decrypted_key 421s + mkdir -p /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 421s + key_file=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 421s + decrypted_key=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 421s + cat 421s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 053350 --so-pin 053350 --free 421s Slot 0 has a free/uninitialized token. 421s The token has been initialized and is reassigned to slot 1443233025 421s + softhsm2-util --show-slots 421s Available slots: 421s Slot 1443233025 421s Slot info: 421s Description: SoftHSM slot ID 0x5605fd01 421s Manufacturer ID: SoftHSM project 421s Hardware version: 2.6 421s Firmware version: 2.6 421s Token present: yes 421s Token info: 421s Manufacturer ID: SoftHSM project 421s Model: SoftHSM v2 421s Hardware version: 2.6 421s Firmware version: 2.6 421s Serial number: bff37e37d605fd01 421s Initialized: yes 421s User PIN init.: yes 421s Label: Test Organization Sub Int Token 421s Slot 1 421s Slot info: 421s Description: SoftHSM slot ID 0x1 421s Manufacturer ID: SoftHSM project 421s Hardware version: 2.6 421s Firmware version: 2.6 421s Token present: yes 421s Token info: 421s Manufacturer ID: SoftHSM project 421s Model: SoftHSM v2 421s Hardware version: 2.6 421s Firmware version: 2.6 421s Serial number: 421s Initialized: no 421s User PIN init.: no 421s Label: 421s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 421s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-29418 -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 421s writing RSA key 421s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 421s + rm /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 421s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 421s Object 0: 421s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bff37e37d605fd01;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 421s Type: X.509 Certificate (RSA-1024) 421s Expires: Sat Jan 17 18:13:13 2026 421s Label: Test Organization Sub Intermediate Trusted Certificate 0001 421s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 421s 421s Test Organization Sub Int Token 421s + echo 'Test Organization Sub Int Token' 421s + '[' -n '' ']' 421s + local output_base_name=SSSD-child-29166 421s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-29166.output 421s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-29166.pem 421s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 421s [p11_child[2495]] [main] (0x0400): p11_child started. 421s [p11_child[2495]] [main] (0x2000): Running in [pre-auth] mode. 421s [p11_child[2495]] [main] (0x2000): Running with effective IDs: [0][0]. 421s [p11_child[2495]] [main] (0x2000): Running with real IDs [0][0]. 421s [p11_child[2495]] [do_card] (0x4000): Module List: 421s [p11_child[2495]] [do_card] (0x4000): common name: [softhsm2]. 421s [p11_child[2495]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 421s [p11_child[2495]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5605fd01] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 421s [p11_child[2495]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 421s [p11_child[2495]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x5605fd01][1443233025] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 421s [p11_child[2495]] [do_card] (0x4000): Login NOT required. 421s [p11_child[2495]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 421s [p11_child[2495]] [do_verification] (0x0040): X509_verify_cert failed [0]. 421s [p11_child[2495]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 421s [p11_child[2495]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 421s [p11_child[2495]] [do_card] (0x4000): No certificate found. 421s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-29166.output 421s + return 2 421s + invalid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem partial_chain 421s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 /tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem partial_chain 421s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 421s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29418 421s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 421s + local verify_option=partial_chain 421s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 421s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 421s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29418 421s + local key_cn 421s + local key_name 421s + local tokens_dir 421s + local output_cert_file 421s + token_name= 421s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 421s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 421s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 421s ++ sed -n 's/ *commonName *= //p' 421s Test Organization Sub Int Token 421s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 421s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 421s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 421s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 421s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 421s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 421s + token_name='Test Organization Sub Int Token' 421s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 421s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 421s + echo 'Test Organization Sub Int Token' 421s + '[' -n partial_chain ']' 421s + local verify_arg=--verify=partial_chain 421s + local output_base_name=SSSD-child-10891 421s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10891.output 421s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10891.pem 421s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-root-CA.pem 421s [p11_child[2502]] [main] (0x0400): p11_child started. 421s [p11_child[2502]] [main] (0x2000): Running in [pre-auth] mode. 421s [p11_child[2502]] [main] (0x2000): Running with effective IDs: [0][0]. 421s [p11_child[2502]] [main] (0x2000): Running with real IDs [0][0]. 421s [p11_child[2502]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 421s [p11_child[2502]] [do_card] (0x4000): Module List: 421s [p11_child[2502]] [do_card] (0x4000): common name: [softhsm2]. 421s [p11_child[2502]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 421s [p11_child[2502]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5605fd01] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 421s [p11_child[2502]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 421s [p11_child[2502]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x5605fd01][1443233025] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 421s [p11_child[2502]] [do_card] (0x4000): Login NOT required. 421s [p11_child[2502]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 421s [p11_child[2502]] [do_verification] (0x0040): X509_verify_cert failed [0]. 421s [p11_child[2502]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 421s [p11_child[2502]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 421s [p11_child[2502]] [do_card] (0x4000): No certificate found. 421s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10891.output 421s + return 2 421s + valid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 421s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 421s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 421s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29418 421s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 421s + local verify_option= 421s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 421s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 421s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29418 421s + local key_cn 421s + local key_name 421s + local tokens_dir 421s + local output_cert_file 421s + token_name= 421s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 421s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 421s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 421s ++ sed -n 's/ *commonName *= //p' 421s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 421s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 421s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 421s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 421s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 421s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 421s + token_name='Test Organization Sub Int Token' 421s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 421s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 421s + echo 'Test Organization Sub Int Token' 421s Test Organization Sub Int Token 421s + '[' -n '' ']' 421s + local output_base_name=SSSD-child-17728 421s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-17728.output 421s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-17728.pem 421s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 421s [p11_child[2509]] [main] (0x0400): p11_child started. 421s [p11_child[2509]] [main] (0x2000): Running in [pre-auth] mode. 421s [p11_child[2509]] [main] (0x2000): Running with effective IDs: [0][0]. 421s [p11_child[2509]] [main] (0x2000): Running with real IDs [0][0]. 421s [p11_child[2509]] [do_card] (0x4000): Module List: 421s [p11_child[2509]] [do_card] (0x4000): common name: [softhsm2]. 421s [p11_child[2509]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 421s [p11_child[2509]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5605fd01] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 421s [p11_child[2509]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 421s [p11_child[2509]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x5605fd01][1443233025] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 421s [p11_child[2509]] [do_card] (0x4000): Login NOT required. 421s [p11_child[2509]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 421s [p11_child[2509]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 421s [p11_child[2509]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 421s [p11_child[2509]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5605fd01;slot-manufacturer=SoftHSM%20project;slot-id=1443233025;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bff37e37d605fd01;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 421s [p11_child[2509]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 421s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-17728.output 421s + echo '-----BEGIN CERTIFICATE-----' 421s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-17728.output 421s + echo '-----END CERTIFICATE-----' 421s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-17728.pem 421s Certificate: 421s Data: 421s Version: 3 (0x2) 421s Serial Number: 5 (0x5) 421s Signature Algorithm: sha256WithRSAEncryption 421s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate CA 421s Validity 421s Not Before: Jan 17 18:13:13 2025 GMT 421s Not After : Jan 17 18:13:13 2026 GMT 421s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate Trusted Certificate 0001 421s Subject Public Key Info: 421s Public Key Algorithm: rsaEncryption 421s Public-Key: (1024 bit) 421s Modulus: 421s 00:b8:b6:75:25:8d:12:fd:5e:77:0f:bf:bf:71:c9: 421s ce:23:27:c5:23:40:80:d7:58:51:1c:54:7e:3e:49: 421s fd:b5:5a:cb:d6:98:4a:26:3e:f1:ca:e0:89:f1:14: 421s 15:66:bb:f0:d5:05:9c:8a:0d:f4:fb:10:f3:04:b3: 421s a0:d6:6e:c3:ff:8f:c9:e1:b2:59:a1:e6:44:2a:a8: 421s 1a:e6:ad:77:a6:94:10:bc:68:ef:1e:c1:e1:ec:03: 421s 88:7d:a1:78:c5:e5:cd:15:4a:d2:64:de:e9:29:69: 421s 67:2c:11:ff:79:ef:29:86:d3:27:bc:3b:a4:f1:7b: 421s 27:d5:0d:d1:1f:05:cc:44:af 421s Exponent: 65537 (0x10001) 421s X509v3 extensions: 421s X509v3 Authority Key Identifier: 421s FE:B3:AC:55:BA:A7:ED:0C:EF:D3:88:24:B4:D6:AB:54:7A:9C:72:DE 421s X509v3 Basic Constraints: 421s CA:FALSE 421s Netscape Cert Type: 421s SSL Client, S/MIME 421s Netscape Comment: 421s Test Organization Sub Intermediate CA trusted Certificate 421s X509v3 Subject Key Identifier: 421s 59:4A:25:05:3C:93:97:1E:FF:A2:57:0A:8F:06:E3:6F:5F:3C:51:87 421s X509v3 Key Usage: critical 421s Digital Signature, Non Repudiation, Key Encipherment 421s X509v3 Extended Key Usage: 421s TLS Web Client Authentication, E-mail Protection 421s X509v3 Subject Alternative Name: 421s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 421s Signature Algorithm: sha256WithRSAEncryption 421s Signature Value: 421s 58:ae:86:58:3c:39:c7:70:06:2c:83:f7:25:0f:6d:52:f0:b8: 421s ce:49:d5:94:5c:84:24:cf:c2:fa:e9:36:2d:35:b2:99:11:15: 421s 83:3d:6b:4d:fd:4c:9f:8e:da:fb:62:7b:1b:5d:0d:a3:8e:1a: 421s cf:68:40:3e:98:a1:2b:2f:ef:d1:54:0a:b5:28:af:44:f9:d1: 421s 0d:a1:e0:ec:bd:e6:e5:ec:08:f3:99:2d:9a:30:3d:53:bc:7f: 421s e5:a1:9d:41:2c:8c:fe:99:2c:2d:67:78:e2:15:ce:4c:8e:ff: 421s 52:16:8c:8a:47:8c:06:84:cf:56:e1:16:fd:ba:3c:99:29:68: 421s f7:fd 421s + local found_md5 expected_md5 421s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 421s + expected_md5=Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF 421s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-17728.pem 421s + found_md5=Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF 421s + '[' Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF '!=' Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF ']' 421s + output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-17728-auth.output 421s ++ basename /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-17728-auth.output .output 421s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-17728-auth.pem 421s + echo -n 053350 421s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 421s [p11_child[2517]] [main] (0x0400): p11_child started. 421s [p11_child[2517]] [main] (0x2000): Running in [auth] mode. 421s [p11_child[2517]] [main] (0x2000): Running with effective IDs: [0][0]. 421s [p11_child[2517]] [main] (0x2000): Running with real IDs [0][0]. 421s [p11_child[2517]] [do_card] (0x4000): Module List: 421s [p11_child[2517]] [do_card] (0x4000): common name: [softhsm2]. 421s [p11_child[2517]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 421s [p11_child[2517]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5605fd01] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 421s [p11_child[2517]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 421s [p11_child[2517]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x5605fd01][1443233025] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 421s [p11_child[2517]] [do_card] (0x4000): Login required. 421s [p11_child[2517]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 421s [p11_child[2517]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 421s [p11_child[2517]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 421s [p11_child[2517]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5605fd01;slot-manufacturer=SoftHSM%20project;slot-id=1443233025;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bff37e37d605fd01;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 421s [p11_child[2517]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 421s [p11_child[2517]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 421s [p11_child[2517]] [do_card] (0x4000): Certificate verified and validated. 421s [p11_child[2517]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 421s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-17728-auth.output 421s + echo '-----BEGIN CERTIFICATE-----' 421s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-17728-auth.output 421s + echo '-----END CERTIFICATE-----' 421s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-17728-auth.pem 421s Certificate: 421s Data: 421s Version: 3 (0x2) 421s Serial Number: 5 (0x5) 421s Signature Algorithm: sha256WithRSAEncryption 421s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate CA 421s Validity 421s Not Before: Jan 17 18:13:13 2025 GMT 421s Not After : Jan 17 18:13:13 2026 GMT 421s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate Trusted Certificate 0001 421s Subject Public Key Info: 421s Public Key Algorithm: rsaEncryption 421s Public-Key: (1024 bit) 421s Modulus: 421s 00:b8:b6:75:25:8d:12:fd:5e:77:0f:bf:bf:71:c9: 421s ce:23:27:c5:23:40:80:d7:58:51:1c:54:7e:3e:49: 421s fd:b5:5a:cb:d6:98:4a:26:3e:f1:ca:e0:89:f1:14: 421s 15:66:bb:f0:d5:05:9c:8a:0d:f4:fb:10:f3:04:b3: 421s a0:d6:6e:c3:ff:8f:c9:e1:b2:59:a1:e6:44:2a:a8: 421s 1a:e6:ad:77:a6:94:10:bc:68:ef:1e:c1:e1:ec:03: 421s 88:7d:a1:78:c5:e5:cd:15:4a:d2:64:de:e9:29:69: 421s 67:2c:11:ff:79:ef:29:86:d3:27:bc:3b:a4:f1:7b: 421s 27:d5:0d:d1:1f:05:cc:44:af 421s Exponent: 65537 (0x10001) 421s X509v3 extensions: 421s X509v3 Authority Key Identifier: 421s FE:B3:AC:55:BA:A7:ED:0C:EF:D3:88:24:B4:D6:AB:54:7A:9C:72:DE 421s X509v3 Basic Constraints: 421s CA:FALSE 421s Netscape Cert Type: 421s SSL Client, S/MIME 421s Netscape Comment: 421s Test Organization Sub Intermediate CA trusted Certificate 421s X509v3 Subject Key Identifier: 421s 59:4A:25:05:3C:93:97:1E:FF:A2:57:0A:8F:06:E3:6F:5F:3C:51:87 421s X509v3 Key Usage: critical 421s Digital Signature, Non Repudiation, Key Encipherment 421s X509v3 Extended Key Usage: 421s TLS Web Client Authentication, E-mail Protection 421s X509v3 Subject Alternative Name: 421s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 421s Signature Algorithm: sha256WithRSAEncryption 421s Signature Value: 421s 58:ae:86:58:3c:39:c7:70:06:2c:83:f7:25:0f:6d:52:f0:b8: 421s ce:49:d5:94:5c:84:24:cf:c2:fa:e9:36:2d:35:b2:99:11:15: 421s 83:3d:6b:4d:fd:4c:9f:8e:da:fb:62:7b:1b:5d:0d:a3:8e:1a: 421s cf:68:40:3e:98:a1:2b:2f:ef:d1:54:0a:b5:28:af:44:f9:d1: 421s 0d:a1:e0:ec:bd:e6:e5:ec:08:f3:99:2d:9a:30:3d:53:bc:7f: 421s e5:a1:9d:41:2c:8c:fe:99:2c:2d:67:78:e2:15:ce:4c:8e:ff: 421s 52:16:8c:8a:47:8c:06:84:cf:56:e1:16:fd:ba:3c:99:29:68: 421s f7:fd 421s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-17728-auth.pem 421s + found_md5=Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF 421s + '[' Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF '!=' Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF ']' 421s + valid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem partial_chain 421s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 /tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem partial_chain 421s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 421s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29418 421s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 421s + local verify_option=partial_chain 421s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 421s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 421s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29418 421s + local key_cn 421s + local key_name 421s + local tokens_dir 421s + local output_cert_file 421s + token_name= 421s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 421s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 421s ++ sed -n 's/ *commonName *= //p' 421s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 421s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 421s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 421s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 421s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 421s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 421s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 421s + token_name='Test Organization Sub Int Token' 421s Test Organization Sub Int Token 421s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 421s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 421s + echo 'Test Organization Sub Int Token' 421s + '[' -n partial_chain ']' 421s + local verify_arg=--verify=partial_chain 421s + local output_base_name=SSSD-child-12085 421s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12085.output 421s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12085.pem 421s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem 421s [p11_child[2527]] [main] (0x0400): p11_child started. 421s [p11_child[2527]] [main] (0x2000): Running in [pre-auth] mode. 421s [p11_child[2527]] [main] (0x2000): Running with effective IDs: [0][0]. 421s [p11_child[2527]] [main] (0x2000): Running with real IDs [0][0]. 421s [p11_child[2527]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 421s [p11_child[2527]] [do_card] (0x4000): Module List: 421s [p11_child[2527]] [do_card] (0x4000): common name: [softhsm2]. 421s [p11_child[2527]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 421s [p11_child[2527]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5605fd01] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 421s [p11_child[2527]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 421s [p11_child[2527]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x5605fd01][1443233025] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 421s [p11_child[2527]] [do_card] (0x4000): Login NOT required. 421s [p11_child[2527]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 421s [p11_child[2527]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 421s [p11_child[2527]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 421s [p11_child[2527]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5605fd01;slot-manufacturer=SoftHSM%20project;slot-id=1443233025;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bff37e37d605fd01;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 421s [p11_child[2527]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 421s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12085.output 422s + echo '-----BEGIN CERTIFICATE-----' 422s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12085.output 422s + echo '-----END CERTIFICATE-----' 422s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12085.pem 422s Certificate: 422s Data: 422s Version: 3 (0x2) 422s Serial Number: 5 (0x5) 422s Signature Algorithm: sha256WithRSAEncryption 422s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate CA 422s Validity 422s Not Before: Jan 17 18:13:13 2025 GMT 422s Not After : Jan 17 18:13:13 2026 GMT 422s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate Trusted Certificate 0001 422s Subject Public Key Info: 422s Public Key Algorithm: rsaEncryption 422s Public-Key: (1024 bit) 422s Modulus: 422s 00:b8:b6:75:25:8d:12:fd:5e:77:0f:bf:bf:71:c9: 422s ce:23:27:c5:23:40:80:d7:58:51:1c:54:7e:3e:49: 422s fd:b5:5a:cb:d6:98:4a:26:3e:f1:ca:e0:89:f1:14: 422s 15:66:bb:f0:d5:05:9c:8a:0d:f4:fb:10:f3:04:b3: 422s a0:d6:6e:c3:ff:8f:c9:e1:b2:59:a1:e6:44:2a:a8: 422s 1a:e6:ad:77:a6:94:10:bc:68:ef:1e:c1:e1:ec:03: 422s 88:7d:a1:78:c5:e5:cd:15:4a:d2:64:de:e9:29:69: 422s 67:2c:11:ff:79:ef:29:86:d3:27:bc:3b:a4:f1:7b: 422s 27:d5:0d:d1:1f:05:cc:44:af 422s Exponent: 65537 (0x10001) 422s X509v3 extensions: 422s X509v3 Authority Key Identifier: 422s FE:B3:AC:55:BA:A7:ED:0C:EF:D3:88:24:B4:D6:AB:54:7A:9C:72:DE 422s X509v3 Basic Constraints: 422s CA:FALSE 422s Netscape Cert Type: 422s SSL Client, S/MIME 422s Netscape Comment: 422s Test Organization Sub Intermediate CA trusted Certificate 422s X509v3 Subject Key Identifier: 422s 59:4A:25:05:3C:93:97:1E:FF:A2:57:0A:8F:06:E3:6F:5F:3C:51:87 422s X509v3 Key Usage: critical 422s Digital Signature, Non Repudiation, Key Encipherment 422s X509v3 Extended Key Usage: 422s TLS Web Client Authentication, E-mail Protection 422s X509v3 Subject Alternative Name: 422s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 422s Signature Algorithm: sha256WithRSAEncryption 422s Signature Value: 422s 58:ae:86:58:3c:39:c7:70:06:2c:83:f7:25:0f:6d:52:f0:b8: 422s ce:49:d5:94:5c:84:24:cf:c2:fa:e9:36:2d:35:b2:99:11:15: 422s 83:3d:6b:4d:fd:4c:9f:8e:da:fb:62:7b:1b:5d:0d:a3:8e:1a: 422s cf:68:40:3e:98:a1:2b:2f:ef:d1:54:0a:b5:28:af:44:f9:d1: 422s 0d:a1:e0:ec:bd:e6:e5:ec:08:f3:99:2d:9a:30:3d:53:bc:7f: 422s e5:a1:9d:41:2c:8c:fe:99:2c:2d:67:78:e2:15:ce:4c:8e:ff: 422s 52:16:8c:8a:47:8c:06:84:cf:56:e1:16:fd:ba:3c:99:29:68: 422s f7:fd 422s + local found_md5 expected_md5 422s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 422s + expected_md5=Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF 422s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12085.pem 422s + found_md5=Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF 422s + '[' Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF '!=' Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF ']' 422s + output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12085-auth.output 422s ++ basename /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12085-auth.output .output 422s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12085-auth.pem 422s + echo -n 053350 422s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 422s [p11_child[2535]] [main] (0x0400): p11_child started. 422s [p11_child[2535]] [main] (0x2000): Running in [auth] mode. 422s [p11_child[2535]] [main] (0x2000): Running with effective IDs: [0][0]. 422s [p11_child[2535]] [main] (0x2000): Running with real IDs [0][0]. 422s [p11_child[2535]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 422s [p11_child[2535]] [do_card] (0x4000): Module List: 422s [p11_child[2535]] [do_card] (0x4000): common name: [softhsm2]. 422s [p11_child[2535]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 422s [p11_child[2535]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5605fd01] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 422s [p11_child[2535]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 422s [p11_child[2535]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x5605fd01][1443233025] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 422s [p11_child[2535]] [do_card] (0x4000): Login required. 422s [p11_child[2535]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 422s [p11_child[2535]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 422s [p11_child[2535]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 422s [p11_child[2535]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5605fd01;slot-manufacturer=SoftHSM%20project;slot-id=1443233025;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bff37e37d605fd01;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 422s [p11_child[2535]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 422s [p11_child[2535]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 422s [p11_child[2535]] [do_card] (0x4000): Certificate verified and validated. 422s [p11_child[2535]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 422s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12085-auth.output 422s + echo '-----BEGIN CERTIFICATE-----' 422s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12085-auth.output 422s + echo '-----END CERTIFICATE-----' 422s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12085-auth.pem 422s Certificate: 422s Data: 422s Version: 3 (0x2) 422s Serial Number: 5 (0x5) 422s Signature Algorithm: sha256WithRSAEncryption 422s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate CA 422s Validity 422s Not Before: Jan 17 18:13:13 2025 GMT 422s Not After : Jan 17 18:13:13 2026 GMT 422s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate Trusted Certificate 0001 422s Subject Public Key Info: 422s Public Key Algorithm: rsaEncryption 422s Public-Key: (1024 bit) 422s Modulus: 422s 00:b8:b6:75:25:8d:12:fd:5e:77:0f:bf:bf:71:c9: 422s ce:23:27:c5:23:40:80:d7:58:51:1c:54:7e:3e:49: 422s fd:b5:5a:cb:d6:98:4a:26:3e:f1:ca:e0:89:f1:14: 422s 15:66:bb:f0:d5:05:9c:8a:0d:f4:fb:10:f3:04:b3: 422s a0:d6:6e:c3:ff:8f:c9:e1:b2:59:a1:e6:44:2a:a8: 422s 1a:e6:ad:77:a6:94:10:bc:68:ef:1e:c1:e1:ec:03: 422s 88:7d:a1:78:c5:e5:cd:15:4a:d2:64:de:e9:29:69: 422s 67:2c:11:ff:79:ef:29:86:d3:27:bc:3b:a4:f1:7b: 422s 27:d5:0d:d1:1f:05:cc:44:af 422s Exponent: 65537 (0x10001) 422s X509v3 extensions: 422s X509v3 Authority Key Identifier: 422s FE:B3:AC:55:BA:A7:ED:0C:EF:D3:88:24:B4:D6:AB:54:7A:9C:72:DE 422s X509v3 Basic Constraints: 422s CA:FALSE 422s Netscape Cert Type: 422s SSL Client, S/MIME 422s Netscape Comment: 422s Test Organization Sub Intermediate CA trusted Certificate 422s X509v3 Subject Key Identifier: 422s 59:4A:25:05:3C:93:97:1E:FF:A2:57:0A:8F:06:E3:6F:5F:3C:51:87 422s X509v3 Key Usage: critical 422s Digital Signature, Non Repudiation, Key Encipherment 422s X509v3 Extended Key Usage: 422s TLS Web Client Authentication, E-mail Protection 422s X509v3 Subject Alternative Name: 422s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 422s Signature Algorithm: sha256WithRSAEncryption 422s Signature Value: 422s 58:ae:86:58:3c:39:c7:70:06:2c:83:f7:25:0f:6d:52:f0:b8: 422s ce:49:d5:94:5c:84:24:cf:c2:fa:e9:36:2d:35:b2:99:11:15: 422s 83:3d:6b:4d:fd:4c:9f:8e:da:fb:62:7b:1b:5d:0d:a3:8e:1a: 422s cf:68:40:3e:98:a1:2b:2f:ef:d1:54:0a:b5:28:af:44:f9:d1: 422s 0d:a1:e0:ec:bd:e6:e5:ec:08:f3:99:2d:9a:30:3d:53:bc:7f: 422s e5:a1:9d:41:2c:8c:fe:99:2c:2d:67:78:e2:15:ce:4c:8e:ff: 422s 52:16:8c:8a:47:8c:06:84:cf:56:e1:16:fd:ba:3c:99:29:68: 422s f7:fd 422s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-12085-auth.pem 422s + found_md5=Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF 422s + '[' Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF '!=' Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF ']' 422s + invalid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem 422s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem 422s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 422s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29418 422s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem 422s + local verify_option= 422s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 422s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 422s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29418 422s + local key_cn 422s + local key_name 422s + local tokens_dir 422s + local output_cert_file 422s + token_name= 422s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 422s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 422s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 422s ++ sed -n 's/ *commonName *= //p' 422s Test Organization Sub Int Token 422s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 422s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 422s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 422s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 422s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 422s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 422s + token_name='Test Organization Sub Int Token' 422s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 422s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 422s + echo 'Test Organization Sub Int Token' 422s + '[' -n '' ']' 422s + local output_base_name=SSSD-child-7587 422s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-7587.output 422s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-7587.pem 422s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem 422s [p11_child[2545]] [main] (0x0400): p11_child started. 422s [p11_child[2545]] [main] (0x2000): Running in [pre-auth] mode. 422s [p11_child[2545]] [main] (0x2000): Running with effective IDs: [0][0]. 422s [p11_child[2545]] [main] (0x2000): Running with real IDs [0][0]. 422s [p11_child[2545]] [do_card] (0x4000): Module List: 422s [p11_child[2545]] [do_card] (0x4000): common name: [softhsm2]. 422s [p11_child[2545]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 422s [p11_child[2545]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5605fd01] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 422s [p11_child[2545]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 422s [p11_child[2545]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x5605fd01][1443233025] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 422s [p11_child[2545]] [do_card] (0x4000): Login NOT required. 422s [p11_child[2545]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 422s [p11_child[2545]] [do_verification] (0x0040): X509_verify_cert failed [0]. 422s [p11_child[2545]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 422s [p11_child[2545]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 422s [p11_child[2545]] [do_card] (0x4000): No certificate found. 422s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-7587.output 422s + return 2 422s + invalid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 /tmp/sssd-softhsm2-xBJWcZ/test-root-intermediate-chain-CA.pem partial_chain 422s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 /tmp/sssd-softhsm2-xBJWcZ/test-root-intermediate-chain-CA.pem partial_chain 422s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 422s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29418 422s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-root-intermediate-chain-CA.pem 422s + local verify_option=partial_chain 422s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 422s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 422s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29418 422s + local key_cn 422s + local key_name 422s + local tokens_dir 422s + local output_cert_file 422s + token_name= 422s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 422s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 422s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 422s ++ sed -n 's/ *commonName *= //p' 422s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 422s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 422s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 422s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 422s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 422s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 422s + token_name='Test Organization Sub Int Token' 422s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 422s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 422s + echo 'Test Organization Sub Int Token' 422s + '[' -n partial_chain ']' 422s + local verify_arg=--verify=partial_chain 422s + local output_base_name=SSSD-child-17611 422s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-17611.output 422s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-17611.pem 422s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-root-intermediate-chain-CA.pem 422s [p11_child[2552]] [main] (0x0400): p11_child started. 422s [p11_child[2552]] [main] (0x2000): Running in [pre-auth] mode. 422s [p11_child[2552]] [main] (0x2000): Running with effective IDs: [0][0]. 422s [p11_child[2552]] [main] (0x2000): Running with real IDs [0][0]. 422s [p11_child[2552]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 422s Test Organization Sub Int Token 422s [p11_child[2552]] [do_card] (0x4000): Module List: 422s [p11_child[2552]] [do_card] (0x4000): common name: [softhsm2]. 422s [p11_child[2552]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 422s [p11_child[2552]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5605fd01] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 422s [p11_child[2552]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 422s [p11_child[2552]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x5605fd01][1443233025] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 422s [p11_child[2552]] [do_card] (0x4000): Login NOT required. 422s [p11_child[2552]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 422s [p11_child[2552]] [do_verification] (0x0040): X509_verify_cert failed [0]. 422s [p11_child[2552]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 422s [p11_child[2552]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 422s [p11_child[2552]] [do_card] (0x4000): No certificate found. 422s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-17611.output 422s + return 2 422s + valid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem partial_chain 422s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem partial_chain 422s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 422s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29418 422s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem 422s + local verify_option=partial_chain 422s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 422s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 422s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29418 422s + local key_cn 422s + local key_name 422s + local tokens_dir 422s + local output_cert_file 422s + token_name= 422s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 422s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 422s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 422s ++ sed -n 's/ *commonName *= //p' 422s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 422s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 422s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 422s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 422s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 422s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 422s + token_name='Test Organization Sub Int Token' 422s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 422s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 422s + echo 'Test Organization Sub Int Token' 422s + '[' -n partial_chain ']' 422s + local verify_arg=--verify=partial_chain 422s + local output_base_name=SSSD-child-3348 422s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-3348.output 422s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-3348.pem 422s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem 422s [p11_child[2559]] [main] (0x0400): p11_child started. 422s [p11_child[2559]] [main] (0x2000): Running in [pre-auth] mode. 422s [p11_child[2559]] [main] (0x2000): Running with effective IDs: [0][0]. 422s [p11_child[2559]] [main] (0x2000): Running with real IDs [0][0]. 422s [p11_child[2559]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 422s Test Organization Sub Int Token 422s [p11_child[2559]] [do_card] (0x4000): Module List: 422s [p11_child[2559]] [do_card] (0x4000): common name: [softhsm2]. 422s [p11_child[2559]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 422s [p11_child[2559]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5605fd01] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 422s [p11_child[2559]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 422s [p11_child[2559]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x5605fd01][1443233025] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 422s [p11_child[2559]] [do_card] (0x4000): Login NOT required. 422s [p11_child[2559]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 422s [p11_child[2559]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 422s [p11_child[2559]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 422s [p11_child[2559]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5605fd01;slot-manufacturer=SoftHSM%20project;slot-id=1443233025;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bff37e37d605fd01;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 422s [p11_child[2559]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 422s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-3348.output 422s + echo '-----BEGIN CERTIFICATE-----' 422s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-3348.output 422s + echo '-----END CERTIFICATE-----' 422s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-3348.pem 422s Certificate: 422s Data: 422s Version: 3 (0x2) 422s Serial Number: 5 (0x5) 422s Signature Algorithm: sha256WithRSAEncryption 422s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate CA 422s Validity 422s Not Before: Jan 17 18:13:13 2025 GMT 422s Not After : Jan 17 18:13:13 2026 GMT 422s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate Trusted Certificate 0001 422s Subject Public Key Info: 422s Public Key Algorithm: rsaEncryption 422s Public-Key: (1024 bit) 422s Modulus: 422s 00:b8:b6:75:25:8d:12:fd:5e:77:0f:bf:bf:71:c9: 422s ce:23:27:c5:23:40:80:d7:58:51:1c:54:7e:3e:49: 422s fd:b5:5a:cb:d6:98:4a:26:3e:f1:ca:e0:89:f1:14: 422s 15:66:bb:f0:d5:05:9c:8a:0d:f4:fb:10:f3:04:b3: 422s a0:d6:6e:c3:ff:8f:c9:e1:b2:59:a1:e6:44:2a:a8: 422s 1a:e6:ad:77:a6:94:10:bc:68:ef:1e:c1:e1:ec:03: 422s 88:7d:a1:78:c5:e5:cd:15:4a:d2:64:de:e9:29:69: 422s 67:2c:11:ff:79:ef:29:86:d3:27:bc:3b:a4:f1:7b: 422s 27:d5:0d:d1:1f:05:cc:44:af 422s Exponent: 65537 (0x10001) 422s X509v3 extensions: 422s X509v3 Authority Key Identifier: 422s FE:B3:AC:55:BA:A7:ED:0C:EF:D3:88:24:B4:D6:AB:54:7A:9C:72:DE 422s X509v3 Basic Constraints: 422s CA:FALSE 422s Netscape Cert Type: 422s SSL Client, S/MIME 422s Netscape Comment: 422s Test Organization Sub Intermediate CA trusted Certificate 422s X509v3 Subject Key Identifier: 422s 59:4A:25:05:3C:93:97:1E:FF:A2:57:0A:8F:06:E3:6F:5F:3C:51:87 422s X509v3 Key Usage: critical 422s Digital Signature, Non Repudiation, Key Encipherment 422s X509v3 Extended Key Usage: 422s TLS Web Client Authentication, E-mail Protection 422s X509v3 Subject Alternative Name: 422s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 422s Signature Algorithm: sha256WithRSAEncryption 422s Signature Value: 422s 58:ae:86:58:3c:39:c7:70:06:2c:83:f7:25:0f:6d:52:f0:b8: 422s ce:49:d5:94:5c:84:24:cf:c2:fa:e9:36:2d:35:b2:99:11:15: 422s 83:3d:6b:4d:fd:4c:9f:8e:da:fb:62:7b:1b:5d:0d:a3:8e:1a: 422s cf:68:40:3e:98:a1:2b:2f:ef:d1:54:0a:b5:28:af:44:f9:d1: 422s 0d:a1:e0:ec:bd:e6:e5:ec:08:f3:99:2d:9a:30:3d:53:bc:7f: 422s e5:a1:9d:41:2c:8c:fe:99:2c:2d:67:78:e2:15:ce:4c:8e:ff: 422s 52:16:8c:8a:47:8c:06:84:cf:56:e1:16:fd:ba:3c:99:29:68: 422s f7:fd 422s + local found_md5 expected_md5 422s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 422s + expected_md5=Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF 422s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-3348.pem 422s + found_md5=Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF 422s + '[' Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF '!=' Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF ']' 422s + output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-3348-auth.output 422s ++ basename /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-3348-auth.output .output 422s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-3348-auth.pem 422s + echo -n 053350 422s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 422s [p11_child[2567]] [main] (0x0400): p11_child started. 422s [p11_child[2567]] [main] (0x2000): Running in [auth] mode. 422s [p11_child[2567]] [main] (0x2000): Running with effective IDs: [0][0]. 422s [p11_child[2567]] [main] (0x2000): Running with real IDs [0][0]. 422s [p11_child[2567]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 422s [p11_child[2567]] [do_card] (0x4000): Module List: 422s [p11_child[2567]] [do_card] (0x4000): common name: [softhsm2]. 422s [p11_child[2567]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 422s [p11_child[2567]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5605fd01] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 422s [p11_child[2567]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 422s [p11_child[2567]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x5605fd01][1443233025] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 422s [p11_child[2567]] [do_card] (0x4000): Login required. 422s [p11_child[2567]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 422s [p11_child[2567]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 422s [p11_child[2567]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 422s [p11_child[2567]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5605fd01;slot-manufacturer=SoftHSM%20project;slot-id=1443233025;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bff37e37d605fd01;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 422s [p11_child[2567]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 422s [p11_child[2567]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 422s [p11_child[2567]] [do_card] (0x4000): Certificate verified and validated. 422s [p11_child[2567]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 422s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-3348-auth.output 422s + echo '-----BEGIN CERTIFICATE-----' 422s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-3348-auth.output 422s + echo '-----END CERTIFICATE-----' 422s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-3348-auth.pem 422s Certificate: 422s Data: 422s Version: 3 (0x2) 422s Serial Number: 5 (0x5) 422s Signature Algorithm: sha256WithRSAEncryption 422s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate CA 422s Validity 422s Not Before: Jan 17 18:13:13 2025 GMT 422s Not After : Jan 17 18:13:13 2026 GMT 422s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate Trusted Certificate 0001 422s Subject Public Key Info: 422s Public Key Algorithm: rsaEncryption 422s Public-Key: (1024 bit) 422s Modulus: 422s 00:b8:b6:75:25:8d:12:fd:5e:77:0f:bf:bf:71:c9: 422s ce:23:27:c5:23:40:80:d7:58:51:1c:54:7e:3e:49: 422s fd:b5:5a:cb:d6:98:4a:26:3e:f1:ca:e0:89:f1:14: 422s 15:66:bb:f0:d5:05:9c:8a:0d:f4:fb:10:f3:04:b3: 422s a0:d6:6e:c3:ff:8f:c9:e1:b2:59:a1:e6:44:2a:a8: 422s 1a:e6:ad:77:a6:94:10:bc:68:ef:1e:c1:e1:ec:03: 422s 88:7d:a1:78:c5:e5:cd:15:4a:d2:64:de:e9:29:69: 422s 67:2c:11:ff:79:ef:29:86:d3:27:bc:3b:a4:f1:7b: 422s 27:d5:0d:d1:1f:05:cc:44:af 422s Exponent: 65537 (0x10001) 422s X509v3 extensions: 422s X509v3 Authority Key Identifier: 422s FE:B3:AC:55:BA:A7:ED:0C:EF:D3:88:24:B4:D6:AB:54:7A:9C:72:DE 422s X509v3 Basic Constraints: 422s CA:FALSE 422s Netscape Cert Type: 422s SSL Client, S/MIME 422s Netscape Comment: 422s Test Organization Sub Intermediate CA trusted Certificate 422s X509v3 Subject Key Identifier: 422s 59:4A:25:05:3C:93:97:1E:FF:A2:57:0A:8F:06:E3:6F:5F:3C:51:87 422s X509v3 Key Usage: critical 422s Digital Signature, Non Repudiation, Key Encipherment 422s X509v3 Extended Key Usage: 422s TLS Web Client Authentication, E-mail Protection 422s X509v3 Subject Alternative Name: 422s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 422s Signature Algorithm: sha256WithRSAEncryption 422s Signature Value: 422s 58:ae:86:58:3c:39:c7:70:06:2c:83:f7:25:0f:6d:52:f0:b8: 422s ce:49:d5:94:5c:84:24:cf:c2:fa:e9:36:2d:35:b2:99:11:15: 422s 83:3d:6b:4d:fd:4c:9f:8e:da:fb:62:7b:1b:5d:0d:a3:8e:1a: 422s cf:68:40:3e:98:a1:2b:2f:ef:d1:54:0a:b5:28:af:44:f9:d1: 422s 0d:a1:e0:ec:bd:e6:e5:ec:08:f3:99:2d:9a:30:3d:53:bc:7f: 422s e5:a1:9d:41:2c:8c:fe:99:2c:2d:67:78:e2:15:ce:4c:8e:ff: 422s 52:16:8c:8a:47:8c:06:84:cf:56:e1:16:fd:ba:3c:99:29:68: 422s f7:fd 422s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-3348-auth.pem 422s + found_md5=Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF 422s + '[' Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF '!=' Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF ']' 422s + valid_certificate /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-sub-chain-CA.pem partial_chain 422s + check_certificate /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 /tmp/sssd-softhsm2-xBJWcZ/test-intermediate-sub-chain-CA.pem partial_chain 422s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 422s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29418 422s + local key_ring=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-sub-chain-CA.pem 422s + local verify_option=partial_chain 422s + prepare_softhsm2_card /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29418 422s + local certificate=/tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 422s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29418 422s + local key_cn 422s + local key_name 422s + local tokens_dir 422s + local output_cert_file 422s + token_name= 422s ++ basename /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 422s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 422s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 422s ++ sed -n 's/ *commonName *= //p' 422s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 422s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 422s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 422s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 422s ++ basename /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 422s Test Organization Sub Int Token 422s + tokens_dir=/tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 422s + token_name='Test Organization Sub Int Token' 422s + '[' '!' -e /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 422s + '[' '!' -d /tmp/sssd-softhsm2-xBJWcZ/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 422s + echo 'Test Organization Sub Int Token' 422s + '[' -n partial_chain ']' 422s + local verify_arg=--verify=partial_chain 422s + local output_base_name=SSSD-child-10457 422s + local output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10457.output 422s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10457.pem 422s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-sub-chain-CA.pem 422s [p11_child[2577]] [main] (0x0400): p11_child started. 422s [p11_child[2577]] [main] (0x2000): Running in [pre-auth] mode. 422s [p11_child[2577]] [main] (0x2000): Running with effective IDs: [0][0]. 422s [p11_child[2577]] [main] (0x2000): Running with real IDs [0][0]. 422s [p11_child[2577]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 422s [p11_child[2577]] [do_card] (0x4000): Module List: 422s [p11_child[2577]] [do_card] (0x4000): common name: [softhsm2]. 422s [p11_child[2577]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 422s [p11_child[2577]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5605fd01] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 422s [p11_child[2577]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 422s [p11_child[2577]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x5605fd01][1443233025] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 422s [p11_child[2577]] [do_card] (0x4000): Login NOT required. 422s [p11_child[2577]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 422s [p11_child[2577]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 422s [p11_child[2577]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 422s [p11_child[2577]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5605fd01;slot-manufacturer=SoftHSM%20project;slot-id=1443233025;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bff37e37d605fd01;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 422s [p11_child[2577]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 422s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10457.output 422s + echo '-----BEGIN CERTIFICATE-----' 422s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10457.output 422s + echo '-----END CERTIFICATE-----' 422s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10457.pem 422s Certificate: 422s Data: 422s Version: 3 (0x2) 422s Serial Number: 5 (0x5) 422s Signature Algorithm: sha256WithRSAEncryption 422s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate CA 422s Validity 422s Not Before: Jan 17 18:13:13 2025 GMT 422s Not After : Jan 17 18:13:13 2026 GMT 422s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate Trusted Certificate 0001 422s Subject Public Key Info: 422s Public Key Algorithm: rsaEncryption 422s Public-Key: (1024 bit) 422s Modulus: 422s 00:b8:b6:75:25:8d:12:fd:5e:77:0f:bf:bf:71:c9: 422s ce:23:27:c5:23:40:80:d7:58:51:1c:54:7e:3e:49: 422s fd:b5:5a:cb:d6:98:4a:26:3e:f1:ca:e0:89:f1:14: 422s 15:66:bb:f0:d5:05:9c:8a:0d:f4:fb:10:f3:04:b3: 422s a0:d6:6e:c3:ff:8f:c9:e1:b2:59:a1:e6:44:2a:a8: 422s 1a:e6:ad:77:a6:94:10:bc:68:ef:1e:c1:e1:ec:03: 422s 88:7d:a1:78:c5:e5:cd:15:4a:d2:64:de:e9:29:69: 422s 67:2c:11:ff:79:ef:29:86:d3:27:bc:3b:a4:f1:7b: 422s 27:d5:0d:d1:1f:05:cc:44:af 422s Exponent: 65537 (0x10001) 422s X509v3 extensions: 422s X509v3 Authority Key Identifier: 422s FE:B3:AC:55:BA:A7:ED:0C:EF:D3:88:24:B4:D6:AB:54:7A:9C:72:DE 422s X509v3 Basic Constraints: 422s CA:FALSE 422s Netscape Cert Type: 422s SSL Client, S/MIME 422s Netscape Comment: 422s Test Organization Sub Intermediate CA trusted Certificate 422s X509v3 Subject Key Identifier: 422s 59:4A:25:05:3C:93:97:1E:FF:A2:57:0A:8F:06:E3:6F:5F:3C:51:87 422s X509v3 Key Usage: critical 422s Digital Signature, Non Repudiation, Key Encipherment 422s X509v3 Extended Key Usage: 422s TLS Web Client Authentication, E-mail Protection 422s X509v3 Subject Alternative Name: 422s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 422s Signature Algorithm: sha256WithRSAEncryption 422s Signature Value: 422s 58:ae:86:58:3c:39:c7:70:06:2c:83:f7:25:0f:6d:52:f0:b8: 422s ce:49:d5:94:5c:84:24:cf:c2:fa:e9:36:2d:35:b2:99:11:15: 422s 83:3d:6b:4d:fd:4c:9f:8e:da:fb:62:7b:1b:5d:0d:a3:8e:1a: 422s cf:68:40:3e:98:a1:2b:2f:ef:d1:54:0a:b5:28:af:44:f9:d1: 422s 0d:a1:e0:ec:bd:e6:e5:ec:08:f3:99:2d:9a:30:3d:53:bc:7f: 422s e5:a1:9d:41:2c:8c:fe:99:2c:2d:67:78:e2:15:ce:4c:8e:ff: 422s 52:16:8c:8a:47:8c:06:84:cf:56:e1:16:fd:ba:3c:99:29:68: 422s f7:fd 422s + local found_md5 expected_md5 422s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/test-sub-intermediate-CA-trusted-certificate-0001.pem 422s + expected_md5=Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF 422s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10457.pem 422s + found_md5=Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF 422s + '[' Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF '!=' Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF ']' 422s + output_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10457-auth.output 422s ++ basename /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10457-auth.output .output 422s + output_cert_file=/tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10457-auth.pem 422s + echo -n 053350 422s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-xBJWcZ/test-intermediate-sub-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 422s [p11_child[2585]] [main] (0x0400): p11_child started. 422s [p11_child[2585]] [main] (0x2000): Running in [auth] mode. 422s [p11_child[2585]] [main] (0x2000): Running with effective IDs: [0][0]. 422s [p11_child[2585]] [main] (0x2000): Running with real IDs [0][0]. 422s [p11_child[2585]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 422s [p11_child[2585]] [do_card] (0x4000): Module List: 422s [p11_child[2585]] [do_card] (0x4000): common name: [softhsm2]. 422s [p11_child[2585]] [do_card] (0x4000): dll name: [/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 422s [p11_child[2585]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5605fd01] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 422s [p11_child[2585]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 422s [p11_child[2585]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x5605fd01][1443233025] of module [0][/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so]. 422s [p11_child[2585]] [do_card] (0x4000): Login required. 422s [p11_child[2585]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 422s [p11_child[2585]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 422s [p11_child[2585]] [do_card] (0x4000): /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 422s [p11_child[2585]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5605fd01;slot-manufacturer=SoftHSM%20project;slot-id=1443233025;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bff37e37d605fd01;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 422s [p11_child[2585]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 422s [p11_child[2585]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 422s [p11_child[2585]] [do_card] (0x4000): Certificate verified and validated. 422s [p11_child[2585]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 422s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10457-auth.output 422s + echo '-----BEGIN CERTIFICATE-----' 422s + tail -n1 /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10457-auth.output 422s + echo '-----END CERTIFICATE-----' 422s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10457-auth.pem 422s Certificate: 422s Data: 422s Version: 3 (0x2) 422s Serial Number: 5 (0x5) 422s Signature Algorithm: sha256WithRSAEncryption 422s Issuer: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate CA 422s Validity 422s Not Before: Jan 17 18:13:13 2025 GMT 422s Not After : Jan 17 18:13:13 2026 GMT 422s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate Trusted Certificate 0001 422s Subject Public Key Info: 422s Public Key Algorithm: rsaEncryption 422s Public-Key: (1024 bit) 422s Modulus: 422s 00:b8:b6:75:25:8d:12:fd:5e:77:0f:bf:bf:71:c9: 422s ce:23:27:c5:23:40:80:d7:58:51:1c:54:7e:3e:49: 422s fd:b5:5a:cb:d6:98:4a:26:3e:f1:ca:e0:89:f1:14: 422s 15:66:bb:f0:d5:05:9c:8a:0d:f4:fb:10:f3:04:b3: 422s a0:d6:6e:c3:ff:8f:c9:e1:b2:59:a1:e6:44:2a:a8: 422s 1a:e6:ad:77:a6:94:10:bc:68:ef:1e:c1:e1:ec:03: 422s 88:7d:a1:78:c5:e5:cd:15:4a:d2:64:de:e9:29:69: 422s 67:2c:11:ff:79:ef:29:86:d3:27:bc:3b:a4:f1:7b: 422s 27:d5:0d:d1:1f:05:cc:44:af 422s Exponent: 65537 (0x10001) 422s X509v3 extensions: 422s X509v3 Authority Key Identifier: 422s FE:B3:AC:55:BA:A7:ED:0C:EF:D3:88:24:B4:D6:AB:54:7A:9C:72:DE 422s X509v3 Basic Constraints: 422s CA:FALSE 422s Netscape Cert Type: 422s SSL Client, S/MIME 422s Netscape Comment: 422s Test Organization Sub Intermediate CA trusted Certificate 422s X509v3 Subject Key Identifier: 422s 59:4A:25:05:3C:93:97:1E:FF:A2:57:0A:8F:06:E3:6F:5F:3C:51:87 422s X509v3 Key Usage: critical 422s Digital Signature, Non Repudiation, Key Encipherment 422s X509v3 Extended Key Usage: 422s TLS Web Client Authentication, E-mail Protection 422s X509v3 Subject Alternative Name: 422s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 422s Signature Algorithm: sha256WithRSAEncryption 422s Signature Value: 422s 58:ae:86:58:3c:39:c7:70:06:2c:83:f7:25:0f:6d:52:f0:b8: 422s ce:49:d5:94:5c:84:24:cf:c2:fa:e9:36:2d:35:b2:99:11:15: 422s 83:3d:6b:4d:fd:4c:9f:8e:da:fb:62:7b:1b:5d:0d:a3:8e:1a: 422s cf:68:40:3e:98:a1:2b:2f:ef:d1:54:0a:b5:28:af:44:f9:d1: 422s 0d:a1:e0:ec:bd:e6:e5:ec:08:f3:99:2d:9a:30:3d:53:bc:7f: 422s e5:a1:9d:41:2c:8c:fe:99:2c:2d:67:78:e2:15:ce:4c:8e:ff: 422s 52:16:8c:8a:47:8c:06:84:cf:56:e1:16:fd:ba:3c:99:29:68: 422s f7:fd 422s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-xBJWcZ/SSSD-child-10457-auth.pem 423s 423s Test completed, Root CA and intermediate issued certificates verified! 423s + found_md5=Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF 423s + '[' Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF '!=' Modulus=B8B675258D12FD5E770FBFBF71C9CE2327C5234080D758511C547E3E49FDB55ACBD6984A263EF1CAE089F1141566BBF0D5059C8A0DF4FB10F304B3A0D66EC3FF8FC9E1B259A1E6442AA81AE6AD77A69410BC68EF1EC1E1EC03887DA178C5E5CD154AD264DEE92969672C11FF79EF2986D327BC3BA4F17B27D50DD11F05CC44AF ']' 423s + set +x 423s autopkgtest [18:13:19]: test sssd-softhism2-certificates-tests.sh: -----------------------] 424s autopkgtest [18:13:20]: test sssd-softhism2-certificates-tests.sh: - - - - - - - - - - results - - - - - - - - - - 424s sssd-softhism2-certificates-tests.sh PASS 424s autopkgtest [18:13:20]: test sssd-smart-card-pam-auth-configs: preparing testbed 424s Reading package lists... 425s Building dependency tree... 425s Reading state information... 425s Starting pkgProblemResolver with broken count: 0 425s Starting 2 pkgProblemResolver with broken count: 0 425s Done 426s The following NEW packages will be installed: 426s pamtester 427s 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. 427s Need to get 14.6 kB of archives. 427s After this operation, 86.0 kB of additional disk space will be used. 427s Get:1 http://ftpmaster.internal/ubuntu plucky/universe ppc64el pamtester ppc64el 0.1.2-4 [14.6 kB] 427s Fetched 14.6 kB in 0s (49.7 kB/s) 427s Selecting previously unselected package pamtester. 427s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74632 files and directories currently installed.) 427s Preparing to unpack .../pamtester_0.1.2-4_ppc64el.deb ... 427s Unpacking pamtester (0.1.2-4) ... 428s Setting up pamtester (0.1.2-4) ... 428s Processing triggers for man-db (2.13.0-1) ... 430s autopkgtest [18:13:26]: test sssd-smart-card-pam-auth-configs: env OFFLINE_MODE=1 bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 430s autopkgtest [18:13:26]: test sssd-smart-card-pam-auth-configs: [----------------------- 430s + '[' -z ubuntu ']' 430s + export DEBIAN_FRONTEND=noninteractive 430s + DEBIAN_FRONTEND=noninteractive 430s + required_tools=(pamtester softhsm2-util sssd) 430s + [[ ! -v OFFLINE_MODE ]] 430s + for cmd in "${required_tools[@]}" 430s + command -v pamtester 430s + for cmd in "${required_tools[@]}" 430s + command -v softhsm2-util 430s + for cmd in "${required_tools[@]}" 430s + command -v sssd 430s + PIN=123456 430s ++ mktemp -d -t sssd-softhsm2-certs-XXXXXX 430s + tmpdir=/tmp/sssd-softhsm2-certs-6jut3G 430s + backupsdir= 430s + alternative_pam_configs=(sss-smart-card-optional sss-smart-card-required) 430s + declare -a restore_paths 430s + declare -a delete_paths 430s + trap handle_exit EXIT 430s ++ dirname debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 430s + tester=debian/tests/sssd-softhism2-certificates-tests.sh 430s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 430s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 430s + export PIN TEST_TMPDIR=/tmp/sssd-softhsm2-certs-6jut3G GENERATE_SMART_CARDS=1 KEEP_TEMPORARY_FILES=1 NO_SSSD_TESTS=1 430s + TEST_TMPDIR=/tmp/sssd-softhsm2-certs-6jut3G 430s + GENERATE_SMART_CARDS=1 430s + KEEP_TEMPORARY_FILES=1 430s + NO_SSSD_TESTS=1 430s + bash debian/tests/sssd-softhism2-certificates-tests.sh 430s + '[' -z ubuntu ']' 430s + required_tools=(p11tool openssl softhsm2-util) 430s + for cmd in "${required_tools[@]}" 430s + command -v p11tool 430s + for cmd in "${required_tools[@]}" 430s + command -v openssl 430s + for cmd in "${required_tools[@]}" 430s + command -v softhsm2-util 430s + PIN=123456 430s +++ head -n 1 430s +++ find /usr/lib/softhsm/libsofthsm2.so 430s ++ realpath /usr/lib/softhsm/libsofthsm2.so 430s + SOFTHSM2_MODULE=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so 430s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 430s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 430s + '[' '!' -v NO_SSSD_TESTS ']' 430s + '[' '!' -e /usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so ']' 430s + tmpdir=/tmp/sssd-softhsm2-certs-6jut3G 430s + keys_size=1024 430s + [[ ! -v KEEP_TEMPORARY_FILES ]] 430s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 430s + echo -n 01 430s + touch /tmp/sssd-softhsm2-certs-6jut3G/index.txt 430s + mkdir -p /tmp/sssd-softhsm2-certs-6jut3G/new_certs 430s + cat 430s + root_ca_key_pass=pass:random-root-CA-password-26218 430s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-key.pem -passout pass:random-root-CA-password-26218 1024 430s + openssl req -passin pass:random-root-CA-password-26218 -batch -config /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA.pem 430s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA.pem 430s + cat 430s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-21826 430s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-21826 1024 430s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-21826 -config /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-26218 -sha256 -out /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-certificate-request.pem 430s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-certificate-request.pem 430s Certificate Request: 430s Data: 430s Version: 1 (0x0) 430s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate CA 430s Subject Public Key Info: 430s Public Key Algorithm: rsaEncryption 430s Public-Key: (1024 bit) 430s Modulus: 430s 00:f1:d0:a9:70:fe:e1:43:e6:3b:60:1b:10:44:50: 430s 58:8b:04:7b:d9:2b:6b:5b:ac:dc:06:4f:63:bc:04: 430s 7d:75:72:de:b3:61:53:a6:92:68:91:de:30:49:f4: 430s 97:71:6c:5f:78:3f:b3:ce:c2:4c:4d:21:83:92:cc: 430s 6d:dd:32:a3:99:19:28:2b:25:5c:9a:f0:e3:9a:43: 430s fe:2b:36:f2:95:ac:02:ff:bb:79:eb:32:14:e9:10: 430s a8:6c:db:0f:c6:63:0e:28:29:38:eb:cf:2e:2e:61: 430s 95:a1:19:d5:0f:fb:21:81:34:25:84:9b:74:1c:c7: 430s a5:7d:36:37:8c:e3:f2:78:4f 430s Exponent: 65537 (0x10001) 430s Attributes: 430s (none) 430s Requested Extensions: 430s Signature Algorithm: sha256WithRSAEncryption 430s Signature Value: 430s 64:f4:c9:4a:e3:34:b2:4a:82:bc:37:5a:8c:97:7f:d5:68:b0: 430s 21:3d:68:7b:87:69:6c:eb:c5:29:cf:ca:ab:01:51:57:aa:7e: 430s 90:81:04:7e:f9:ce:1d:95:6e:8b:58:d5:ee:a3:8c:85:a4:8b: 430s 8b:a2:f5:c5:d7:98:5f:85:8f:02:1d:d8:99:7b:23:a5:44:7c: 430s 57:a7:67:c5:ad:fa:b7:1a:41:ac:9a:d4:d6:8b:a1:70:ec:03: 430s 34:b1:05:a7:21:6b:5c:7d:34:57:3e:9c:81:e7:f4:b9:c1:d2: 430s c7:3f:d8:82:b6:0b:cf:4a:4d:8b:63:5b:8a:85:15:bb:1e:dd: 430s 4a:6f 430s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA.config -passin pass:random-root-CA-password-26218 -keyfile /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem 430s Using configuration from /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA.config 430s Check that the request matches the signature 430s Signature ok 430s Certificate Details: 430s Serial Number: 1 (0x1) 430s Validity 430s Not Before: Jan 17 18:13:26 2025 GMT 430s Not After : Jan 17 18:13:26 2026 GMT 430s Subject: 430s organizationName = Test Organization 430s organizationalUnitName = Test Organization Unit 430s commonName = Test Organization Intermediate CA 430s X509v3 extensions: 430s X509v3 Subject Key Identifier: 430s 74:22:B6:4C:EC:A4:DC:2C:DC:20:D0:3D:70:48:13:B2:D7:32:98:F0 430s X509v3 Authority Key Identifier: 430s keyid:8E:B5:EA:D2:7A:97:99:4B:AE:C1:6D:35:D7:2A:1F:65:60:FB:07:C9 430s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 430s serial:00 430s X509v3 Basic Constraints: 430s CA:TRUE 430s X509v3 Key Usage: critical 430s Digital Signature, Certificate Sign, CRL Sign 430s Certificate is to be certified until Jan 17 18:13:26 2026 GMT (365 days) 430s 430s Write out database with 1 new entries 430s Database updated 430s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem 430s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem 430s /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem: OK 430s + cat 430s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-17983 430s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-17983 1024 430s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-17983 -config /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-21826 -sha256 -out /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-certificate-request.pem 430s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-certificate-request.pem 430s Certificate Request: 430s Data: 430s Version: 1 (0x0) 430s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate CA 430s Subject Public Key Info: 430s Public Key Algorithm: rsaEncryption 430s Public-Key: (1024 bit) 430s Modulus: 430s 00:a3:07:54:60:80:2f:a7:32:3d:7b:b7:ea:d3:25: 430s 96:4b:49:71:c7:97:3b:a1:da:e0:21:e3:95:4a:51: 430s 6c:1a:18:cd:f9:24:46:24:80:db:b8:de:cf:8d:7b: 430s 75:e8:81:71:5f:d7:7e:dd:9a:bf:84:46:4e:a2:c8: 430s 31:bf:54:6a:9f:3d:32:1d:4e:0f:71:7c:df:71:dc: 430s 6e:aa:b2:d2:b1:8e:0e:53:34:cd:64:2f:99:e1:52: 430s 3c:af:3f:53:d4:a9:b2:8f:6f:b8:8f:86:75:9e:72: 430s 0f:1f:cc:5b:05:4b:9d:84:16:b5:4b:c8:ee:ff:53: 430s ff:70:02:7f:28:45:92:8b:89 430s Exponent: 65537 (0x10001) 430s Attributes: 430s (none) 430s Requested Extensions: 430s Signature Algorithm: sha256WithRSAEncryption 430s Signature Value: 430s 4e:67:ce:7e:16:30:6c:e5:57:30:ae:af:e3:ae:4d:0d:e3:50: 430s 78:7d:d0:ef:33:b6:da:0b:bc:dd:4c:8b:59:e6:f7:8f:ff:1b: 430s e1:52:be:32:90:c3:a6:10:b8:bb:8d:3b:4d:d3:45:e3:65:54: 430s e4:e0:2e:cf:95:a6:6d:33:d5:ba:7b:22:98:12:eb:c0:4f:85: 430s 12:a6:c3:44:fa:ee:81:66:8c:45:8f:0a:c3:cb:5e:c1:3c:f8: 430s c6:b6:68:40:03:7a:bb:12:9d:74:43:19:08:8a:f7:81:bd:f7: 430s a0:c9:2b:2c:b7:48:53:51:a6:ad:94:d5:c5:51:48:1c:5c:2c: 430s 0b:9d 430s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-21826 -keyfile /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.pem 430s Using configuration from /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.config 430s Check that the request matches the signature 430s Signature ok 430s Certificate Details: 430s Serial Number: 2 (0x2) 430s Validity 430s Not Before: Jan 17 18:13:26 2025 GMT 430s Not After : Jan 17 18:13:26 2026 GMT 430s Subject: 430s organizationName = Test Organization 430s organizationalUnitName = Test Organization Unit 430s commonName = Test Organization Sub Intermediate CA 430s X509v3 extensions: 430s X509v3 Subject Key Identifier: 430s 73:22:21:ED:62:26:85:7B:65:D3:D8:5F:75:80:F3:52:2D:15:D5:5A 430s X509v3 Authority Key Identifier: 430s keyid:74:22:B6:4C:EC:A4:DC:2C:DC:20:D0:3D:70:48:13:B2:D7:32:98:F0 430s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 430s serial:01 430s X509v3 Basic Constraints: 430s CA:TRUE 430s X509v3 Key Usage: critical 430s Digital Signature, Certificate Sign, CRL Sign 430s Certificate is to be certified until Jan 17 18:13:26 2026 GMT (365 days) 430s 430s Write out database with 1 new entries 430s Database updated 430s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.pem 430s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.pem 430s /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.pem: OK 430s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.pem 430s + local cmd=openssl 430s + shift 430s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.pem 430s O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate CA 430s error 20 at 0 depth lookup: unable to get local issuer certificate 430s error /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.pem: verification failed 430s + cat 430s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-18692 430s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-18692 1024 430s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-18692 -key /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001-request.pem 430s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001-request.pem 430s Certificate Request: 430s Data: 430s Version: 1 (0x0) 430s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root Trusted Certificate 0001 430s Subject Public Key Info: 430s Public Key Algorithm: rsaEncryption 430s Public-Key: (1024 bit) 430s Modulus: 430s 00:c0:9d:16:66:c2:4e:0e:a0:04:e8:71:c2:17:59: 430s fb:21:c7:0f:e6:6d:e3:53:2b:8f:c5:02:42:8c:2d: 430s 33:32:ca:0d:a7:02:89:8c:72:4c:1c:e2:c3:77:c6: 430s f1:9e:83:0c:6e:09:18:e1:a7:95:92:50:a9:c4:fd: 430s 96:d0:8c:0b:df:91:88:5d:11:52:1a:1b:97:26:64: 430s 7b:af:25:d3:a7:9e:eb:55:a5:b6:75:54:3e:c7:da: 430s 0f:db:e9:0d:1f:b1:60:36:53:70:a5:4a:81:58:20: 430s 66:45:97:ab:b7:6b:17:a7:90:72:15:11:b5:df:9d: 430s 71:0a:1d:5c:46:6f:16:d2:05 430s Exponent: 65537 (0x10001) 430s Attributes: 430s Requested Extensions: 430s X509v3 Basic Constraints: 430s CA:FALSE 430s Netscape Cert Type: 430s SSL Client, S/MIME 430s Netscape Comment: 430s Test Organization Root CA trusted Certificate 430s X509v3 Subject Key Identifier: 430s 32:EE:28:B4:1F:52:B7:C7:2F:A2:35:86:EE:C9:C5:65:DB:3D:B2:0F 430s X509v3 Key Usage: critical 430s Digital Signature, Non Repudiation, Key Encipherment 430s X509v3 Extended Key Usage: 430s TLS Web Client Authentication, E-mail Protection 430s X509v3 Subject Alternative Name: 430s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 430s Signature Algorithm: sha256WithRSAEncryption 430s Signature Value: 430s b4:c0:c8:5c:20:c2:00:2f:b2:97:85:a0:d2:2a:85:c3:58:bf: 430s 29:98:e4:bf:3e:73:cd:d8:44:1e:c5:37:99:02:38:a8:53:27: 430s 2f:5f:5f:e8:93:c3:d5:89:36:7d:b9:20:e4:f3:88:ea:2f:3d: 430s e6:81:dd:9c:a0:40:72:d1:77:fd:c8:db:6f:74:fd:c2:95:1e: 430s c2:ad:e6:65:e2:36:98:dc:69:12:60:53:07:1d:7a:82:78:1e: 430s 84:55:3c:40:ec:03:5d:5f:16:bc:32:2d:d8:39:34:0f:e3:4f: 430s 2b:71:39:3a:c8:76:27:44:38:e8:43:99:14:0e:57:ef:98:70: 430s e4:9d 430s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA.config -passin pass:random-root-CA-password-26218 -keyfile /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001.pem 430s Using configuration from /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA.config 430s Check that the request matches the signature 430s Signature ok 430s Certificate Details: 430s Serial Number: 3 (0x3) 430s Validity 430s Not Before: Jan 17 18:13:26 2025 GMT 430s Not After : Jan 17 18:13:26 2026 GMT 430s Subject: 430s organizationName = Test Organization 430s organizationalUnitName = Test Organization Unit 430s commonName = Test Organization Root Trusted Certificate 0001 430s X509v3 extensions: 430s X509v3 Authority Key Identifier: 430s 8E:B5:EA:D2:7A:97:99:4B:AE:C1:6D:35:D7:2A:1F:65:60:FB:07:C9 430s X509v3 Basic Constraints: 430s CA:FALSE 430s Netscape Cert Type: 430s SSL Client, S/MIME 430s Netscape Comment: 430s Test Organization Root CA trusted Certificate 430s X509v3 Subject Key Identifier: 430s 32:EE:28:B4:1F:52:B7:C7:2F:A2:35:86:EE:C9:C5:65:DB:3D:B2:0F 430s X509v3 Key Usage: critical 430s Digital Signature, Non Repudiation, Key Encipherment 430s X509v3 Extended Key Usage: 430s TLS Web Client Authentication, E-mail Protection 430s X509v3 Subject Alternative Name: 430s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 430s Certificate is to be certified until Jan 17 18:13:26 2026 GMT (365 days) 430s 430s Write out database with 1 new entries 430s Database updated 430s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001.pem 430s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001.pem 430s /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001.pem: OK 430s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001.pem 430s + local cmd=openssl 430s + shift 430s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001.pem 430s O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root Trusted Certificate 0001 430s error 20 at 0 depth lookup: unable to get local issuer certificate 430s error /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001.pem: verification failed 430s + cat 430s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-29174 430s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-29174 1024 431s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-29174 -key /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001-request.pem 431s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001-request.pem 431s Certificate Request: 431s Data: 431s Version: 1 (0x0) 431s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate Trusted Certificate 0001 431s Subject Public Key Info: 431s Public Key Algorithm: rsaEncryption 431s Public-Key: (1024 bit) 431s Modulus: 431s 00:c3:45:3c:cc:4f:1f:d9:c6:60:bd:6a:34:66:ab: 431s a3:04:5f:99:c6:97:c5:f8:0c:24:25:89:9b:f8:6c: 431s 07:96:04:49:da:c7:db:2d:e5:3b:34:e5:33:6c:04: 431s 94:d2:38:a2:d5:4c:10:4f:57:aa:24:52:f1:54:13: 431s 98:50:13:f3:64:26:dd:08:b9:51:2a:aa:10:6e:5b: 431s 07:e4:fe:61:38:c6:8b:ea:8e:99:46:70:07:be:65: 431s 88:08:55:d4:3b:02:99:dd:08:d2:9b:96:58:56:9c: 431s b2:35:eb:ab:48:18:80:ac:76:f3:c9:96:c6:38:82: 431s 36:ae:d4:e8:ff:25:4f:8b:a7 431s Exponent: 65537 (0x10001) 431s Attributes: 431s Requested Extensions: 431s X509v3 Basic Constraints: 431s CA:FALSE 431s Netscape Cert Type: 431s SSL Client, S/MIME 431s Netscape Comment: 431s Test Organization Intermediate CA trusted Certificate 431s X509v3 Subject Key Identifier: 431s F1:C0:16:73:BE:A3:EC:EA:91:8B:B2:4D:2A:DB:FF:C4:0F:20:55:F0 431s X509v3 Key Usage: critical 431s Digital Signature, Non Repudiation, Key Encipherment 431s X509v3 Extended Key Usage: 431s TLS Web Client Authentication, E-mail Protection 431s X509v3 Subject Alternative Name: 431s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 431s Signature Algorithm: sha256WithRSAEncryption 431s Signature Value: 431s 49:50:28:36:c8:1b:9b:e5:e3:25:2e:64:57:27:69:ce:63:e2: 431s f7:f9:24:e5:cc:1c:6d:72:78:97:09:05:01:c3:96:22:46:f5: 431s e6:da:fc:6c:43:55:49:2f:56:63:d3:22:be:b1:5a:58:a8:28: 431s 20:a5:9b:3e:5d:3b:60:0f:3f:33:17:54:7e:cc:91:d7:35:83: 431s c7:e3:ac:dd:23:73:61:2c:bd:84:d8:27:df:53:e7:fa:f4:84: 431s f9:c5:59:cd:ab:5c:76:96:0c:04:b1:17:b3:67:74:5b:60:d3: 431s e4:54:7d:66:ad:90:88:f1:ec:d4:7c:3b:3a:13:71:bd:cb:38: 431s 91:28 431s + openssl ca -passin pass:random-intermediate-CA-password-21826 -config /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001.pem 431s Using configuration from /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.config 431s Check that the request matches the signature 431s Signature ok 431s Certificate Details: 431s Serial Number: 4 (0x4) 431s Validity 431s Not Before: Jan 17 18:13:27 2025 GMT 431s Not After : Jan 17 18:13:27 2026 GMT 431s Subject: 431s organizationName = Test Organization 431s organizationalUnitName = Test Organization Unit 431s commonName = Test Organization Intermediate Trusted Certificate 0001 431s X509v3 extensions: 431s X509v3 Authority Key Identifier: 431s 74:22:B6:4C:EC:A4:DC:2C:DC:20:D0:3D:70:48:13:B2:D7:32:98:F0 431s X509v3 Basic Constraints: 431s CA:FALSE 431s Netscape Cert Type: 431s SSL Client, S/MIME 431s Netscape Comment: 431s Test Organization Intermediate CA trusted Certificate 431s X509v3 Subject Key Identifier: 431s F1:C0:16:73:BE:A3:EC:EA:91:8B:B2:4D:2A:DB:FF:C4:0F:20:55:F0 431s X509v3 Key Usage: critical 431s Digital Signature, Non Repudiation, Key Encipherment 431s X509v3 Extended Key Usage: 431s TLS Web Client Authentication, E-mail Protection 431s X509v3 Subject Alternative Name: 431s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 431s Certificate is to be certified until Jan 17 18:13:27 2026 GMT (365 days) 431s 431s Write out database with 1 new entries 431s Database updated 431s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001.pem 431s This certificate should not be trusted fully 431s + echo 'This certificate should not be trusted fully' 431s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001.pem 431s + local cmd=openssl 431s + shift 431s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001.pem 431s O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate CA 431s error 2 at 1 depth lookup: unable to get issuer certificate 431s error /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 431s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001.pem 431s /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001.pem: OK 431s + cat 431s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-1548 431s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-1548 1024 431s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-1548 -key /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 431s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 431s Certificate Request: 431s Data: 431s Version: 1 (0x0) 431s Subject: O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate Trusted Certificate 0001 431s Subject Public Key Info: 431s Public Key Algorithm: rsaEncryption 431s Public-Key: (1024 bit) 431s Modulus: 431s 00:c1:9c:4e:fc:d3:b2:6e:c9:27:89:89:b5:73:ef: 431s 49:d7:81:2a:c6:c2:9e:b0:ac:e1:51:10:ad:c7:16: 431s 4f:0a:ed:87:98:71:32:15:ff:ef:b6:ba:28:fb:e7: 431s 0c:6a:35:77:d1:63:8c:c6:f8:80:8a:f5:73:c6:64: 431s 65:b1:8a:b7:a9:9d:2e:27:c1:ff:fe:fc:b2:83:22: 431s 22:f3:aa:c0:8c:b1:60:b7:88:48:d1:e9:c8:60:3f: 431s b9:d5:35:11:b0:d6:47:07:c4:01:51:19:bb:91:25: 431s 79:2b:a4:7c:b5:0c:48:63:84:91:cf:bb:38:73:4f: 431s d9:fd:74:7f:f2:cb:4d:ad:e1 431s Exponent: 65537 (0x10001) 431s Attributes: 431s Requested Extensions: 431s X509v3 Basic Constraints: 431s CA:FALSE 431s Netscape Cert Type: 431s SSL Client, S/MIME 431s Netscape Comment: 431s Test Organization Sub Intermediate CA trusted Certificate 431s X509v3 Subject Key Identifier: 431s 5B:75:8F:8A:C1:25:AA:17:9F:AC:7A:0A:C3:A3:62:24:3C:6A:EF:F5 431s X509v3 Key Usage: critical 431s Digital Signature, Non Repudiation, Key Encipherment 431s X509v3 Extended Key Usage: 431s TLS Web Client Authentication, E-mail Protection 431s X509v3 Subject Alternative Name: 431s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 431s Signature Algorithm: sha256WithRSAEncryption 431s Signature Value: 431s b8:d5:c9:7d:bd:f4:de:d8:1d:02:e5:27:c1:a0:2b:d8:5b:ee: 431s 17:f9:59:a7:78:b4:4d:ce:2d:2f:44:0a:2b:0b:af:9f:4d:f3: 431s 2f:3a:67:b3:2e:fd:2d:36:f9:b0:9f:91:4f:3d:96:d4:aa:d1: 431s cd:f7:f3:cd:be:36:5b:81:4a:78:9d:db:1d:b2:cb:91:28:0c: 431s 74:73:a6:2f:ae:d8:e5:e3:ad:dc:ec:6e:cc:c5:c0:06:bf:61: 431s 35:b8:3e:f3:a3:43:65:5b:26:c7:ae:fd:43:9c:d7:09:f4:0f: 431s 73:52:33:7d:73:d2:d2:78:5c:14:0d:46:b7:c6:f4:75:29:91: 431s 43:83 431s + openssl ca -passin pass:random-sub-intermediate-CA-password-17983 -config /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem 431s Using configuration from /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.config 431s Check that the request matches the signature 431s Signature ok 431s Certificate Details: 431s Serial Number: 5 (0x5) 431s Validity 431s Not Before: Jan 17 18:13:27 2025 GMT 431s Not After : Jan 17 18:13:27 2026 GMT 431s Subject: 431s organizationName = Test Organization 431s organizationalUnitName = Test Organization Unit 431s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 431s X509v3 extensions: 431s X509v3 Authority Key Identifier: 431s 73:22:21:ED:62:26:85:7B:65:D3:D8:5F:75:80:F3:52:2D:15:D5:5A 431s X509v3 Basic Constraints: 431s CA:FALSE 431s Netscape Cert Type: 431s SSL Client, S/MIME 431s Netscape Comment: 431s Test Organization Sub Intermediate CA trusted Certificate 431s X509v3 Subject Key Identifier: 431s 5B:75:8F:8A:C1:25:AA:17:9F:AC:7A:0A:C3:A3:62:24:3C:6A:EF:F5 431s X509v3 Key Usage: critical 431s Digital Signature, Non Repudiation, Key Encipherment 431s X509v3 Extended Key Usage: 431s TLS Web Client Authentication, E-mail Protection 431s X509v3 Subject Alternative Name: 431s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 431s Certificate is to be certified until Jan 17 18:13:27 2026 GMT (365 days) 431s 431s Write out database with 1 new entries 431s Database updated 431s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem 431s This certificate should not be trusted fully 431s + echo 'This certificate should not be trusted fully' 431s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem 431s + local cmd=openssl 431s + shift 431s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem 431s O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate CA 431s error 2 at 1 depth lookup: unable to get issuer certificate 431s error /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 431s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem 431s + local cmd=openssl 431s + shift 431s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem 431s O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate Trusted Certificate 0001 431s error 20 at 0 depth lookup: unable to get local issuer certificate 431s error /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 431s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem 431s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem 431s /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 431s + local cmd=openssl 431s + shift 431s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem 431s O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate Trusted Certificate 0001 431s error 20 at 0 depth lookup: unable to get local issuer certificate 431s error /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 431s + echo 'Building a the full-chain CA file...' 431s Building a the full-chain CA file... 431s + cat /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.pem 431s + cat /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem 431s + cat /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.pem 431s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-certs-6jut3G/test-full-chain-CA.pem 431s + openssl pkcs7 -print_certs -noout 431s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem 431s subject=O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root CA 431s issuer=O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root CA 431s 431s subject=O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate CA 431s issuer=O=Test Organization, OU=Test Organization Unit, CN=Test Organization Root CA 431s 431s subject=O=Test Organization, OU=Test Organization Unit, CN=Test Organization Sub Intermediate CA 431s issuer=O=Test Organization, OU=Test Organization Unit, CN=Test Organization Intermediate CA 431s 431s /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA.pem: OK 431s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001.pem 431s /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001.pem: OK 431s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001.pem 431s /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001.pem: OK 431s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-root-intermediate-chain-CA.pem 431s /tmp/sssd-softhsm2-certs-6jut3G/test-root-intermediate-chain-CA.pem: OK 431s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-6jut3G/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem 431s /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 431s + echo 'Certificates generation completed!' 431s + [[ -v NO_SSSD_TESTS ]] 431s + [[ -v GENERATE_SMART_CARDS ]] 431s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-18692 431s + local certificate=/tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001.pem 431s + local key_pass=pass:random-root-ca-trusted-cert-0001-18692 431s + local key_cn 431s + local key_name 431s + local tokens_dir 431s + local output_cert_file 431s + token_name= 431s ++ basename /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001.pem .pem 431s Certificates generation completed! 431s + key_name=test-root-CA-trusted-certificate-0001 431s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001.pem 431s ++ sed -n 's/ *commonName *= //p' 431s + key_cn='Test Organization Root Trusted Certificate 0001' 431s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 431s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-root-CA-trusted-certificate-0001.conf 431s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-root-CA-trusted-certificate-0001.conf 431s ++ basename /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 431s + tokens_dir=/tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-root-CA-trusted-certificate-0001 431s + token_name='Test Organization Root Tr Token' 431s + '[' '!' -e /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 431s + local key_file 431s + local decrypted_key 431s + mkdir -p /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-root-CA-trusted-certificate-0001 431s + key_file=/tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001-key.pem 431s + decrypted_key=/tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001-key-decrypted.pem 431s + cat 431s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 123456 --so-pin 123456 --free 431s Slot 0 has a free/uninitialized token. 431s The token has been initialized and is reassigned to slot 439083491 431s Available slots: 431s Slot 439083491 431s Slot info: 431s Description: SoftHSM slot ID 0x1a2be1e3 431s Manufacturer ID: SoftHSM project 431s Hardware version: 2.6 431s Firmware version: 2.6 431s Token present: yes 431s Token info: 431s Manufacturer ID: SoftHSM project 431s Model: SoftHSM v2 431s Hardware version: 2.6 431s Firmware version: 2.6 431s Serial number: 1c56e5f51a2be1e3 431s Initialized: yes 431s User PIN init.: yes 431s Label: Test Organization Root Tr Token 431s Slot 1 431s Slot info: 431s Description: SoftHSM slot ID 0x1 431s Manufacturer ID: SoftHSM project 431s Hardware version: 2.6 431s Firmware version: 2.6 431s Token present: yes 431s Token info: 431s Manufacturer ID: SoftHSM project 431s Model: SoftHSM v2 431s Hardware version: 2.6 431s Firmware version: 2.6 431s Serial number: 431s Initialized: no 431s User PIN init.: no 431s Label: 431s + softhsm2-util --show-slots 431s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 431s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-18692 -in /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001-key-decrypted.pem 431s writing RSA key 431s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 431s + rm /tmp/sssd-softhsm2-certs-6jut3G/test-root-CA-trusted-certificate-0001-key-decrypted.pem 431s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 431s Object 0: 431s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=1c56e5f51a2be1e3;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 431s Type: X.509 Certificate (RSA-1024) 431s Expires: Sat Jan 17 18:13:26 2026 431s Label: Test Organization Root Trusted Certificate 0001 431s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 431s 431s Test Organization Root Tr Token 431s + echo 'Test Organization Root Tr Token' 431s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-29174 431s + local certificate=/tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001.pem 431s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-29174 431s + local key_cn 431s + local key_name 431s + local tokens_dir 431s + local output_cert_file 431s + token_name= 431s ++ basename /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001.pem .pem 431s + key_name=test-intermediate-CA-trusted-certificate-0001 431s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001.pem 431s ++ sed -n 's/ *commonName *= //p' 431s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 431s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 431s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 431s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 431s ++ basename /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 431s + tokens_dir=/tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-intermediate-CA-trusted-certificate-0001 431s + token_name='Test Organization Interme Token' 431s + '[' '!' -e /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 431s + local key_file 431s + local decrypted_key 431s + mkdir -p /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-intermediate-CA-trusted-certificate-0001 431s + key_file=/tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001-key.pem 431s + decrypted_key=/tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 431s + cat 431s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 123456 --so-pin 123456 --free 431s Slot 0 has a free/uninitialized token. 431s The token has been initialized and is reassigned to slot 1350645902 431s + softhsm2-util --show-slots 431s Available slots: 431s Slot 1350645902 431s Slot info: 431s Description: SoftHSM slot ID 0x5081388e 431s Manufacturer ID: SoftHSM project 431s Hardware version: 2.6 431s Firmware version: 2.6 431s Token present: yes 431s Token info: 431s Manufacturer ID: SoftHSM project 431s Model: SoftHSM v2 431s Hardware version: 2.6 431s Firmware version: 2.6 431s Serial number: fb8c39a45081388e 431s Initialized: yes 431s User PIN init.: yes 431s Label: Test Organization Interme Token 431s Slot 1 431s Slot info: 431s Description: SoftHSM slot ID 0x1 431s Manufacturer ID: SoftHSM project 431s Hardware version: 2.6 431s Firmware version: 2.6 431s Token present: yes 431s Token info: 431s Manufacturer ID: SoftHSM project 431s Model: SoftHSM v2 431s Hardware version: 2.6 431s Firmware version: 2.6 431s Serial number: 431s Initialized: no 431s User PIN init.: no 431s Label: 431s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 431s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-29174 -in /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 431s writing RSA key 431s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 431s + rm /tmp/sssd-softhsm2-certs-6jut3G/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 431s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 431s Object 0: 431s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=fb8c39a45081388e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 431s Type: X.509 Certificate (RSA-1024) 431s Expires: Sat Jan 17 18:13:27 2026 431s Label: Test Organization Intermediate Trusted Certificate 0001 431s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 431s 431s Test Organization Interme Token 431s + echo 'Test Organization Interme Token' 431s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-1548 431s + local certificate=/tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem 431s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-1548 431s + local key_cn 431s + local key_name 431s + local tokens_dir 431s + local output_cert_file 431s + token_name= 431s ++ basename /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 431s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 431s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem 431s ++ sed -n 's/ *commonName *= //p' 432s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 432s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 432s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 432s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 432s ++ basename /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 432s + tokens_dir=/tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 432s + token_name='Test Organization Sub Int Token' 432s + '[' '!' -e /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 432s + local key_file 432s + local decrypted_key 432s + mkdir -p /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 432s + key_file=/tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 432s + decrypted_key=/tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 432s + cat 432s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 123456 --so-pin 123456 --free 432s Slot 0 has a free/uninitialized token. 432s The token has been initialized and is reassigned to slot 1310399167 432s + softhsm2-util --show-slots 432s Available slots: 432s Slot 1310399167 432s Slot info: 432s Description: SoftHSM slot ID 0x4e1b1abf 432s Manufacturer ID: SoftHSM project 432s Hardware version: 2.6 432s Firmware version: 2.6 432s Token present: yes 432s Token info: 432s Manufacturer ID: SoftHSM project 432s Model: SoftHSM v2 432s Hardware version: 2.6 432s Firmware version: 2.6 432s Serial number: 656b1c264e1b1abf 432s Initialized: yes 432s User PIN init.: yes 432s Label: Test Organization Sub Int Token 432s Slot 1 432s Slot info: 432s Description: SoftHSM slot ID 0x1 432s Manufacturer ID: SoftHSM project 432s Hardware version: 2.6 432s Firmware version: 2.6 432s Token present: yes 432s Token info: 432s Manufacturer ID: SoftHSM project 432s Model: SoftHSM v2 432s Hardware version: 2.6 432s Firmware version: 2.6 432s Serial number: 432s Initialized: no 432s User PIN init.: no 432s Label: 432s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 432s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-1548 -in /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 432s writing RSA key 432s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 432s + rm /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 432s + p11tool --provider=/usr/lib/powerpc64le-linux-gnu/softhsm/libsofthsm2.so --list-all 432s Object 0: 432s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=656b1c264e1b1abf;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 432s Type: X.509 Certificate (RSA-1024) 432s Expires: Sat Jan 17 18:13:27 2026 432s Label: Test Organization Sub Intermediate Trusted Certificate 0001 432s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 432s 432s Test Organization Sub Int Token 432s Certificates generation completed! 432s + echo 'Test Organization Sub Int Token' 432s + echo 'Certificates generation completed!' 432s + exit 0 432s + find /tmp/sssd-softhsm2-certs-6jut3G -type d -exec chmod 777 '{}' ';' 432s + find /tmp/sssd-softhsm2-certs-6jut3G -type f -exec chmod 666 '{}' ';' 432s + backup_file /etc/sssd/sssd.conf 432s + '[' -z '' ']' 432s ++ mktemp -d -t sssd-softhsm2-backups-XXXXXX 432s + backupsdir=/tmp/sssd-softhsm2-backups-Rti3Is 432s + '[' -e /etc/sssd/sssd.conf ']' 432s + delete_paths+=("$1") 432s + rm -f /etc/sssd/sssd.conf 432s ++ runuser -u ubuntu -- sh -c 'echo ~' 432s + user_home=/home/ubuntu 432s + mkdir -p /home/ubuntu 432s + chown ubuntu:ubuntu /home/ubuntu 432s ++ runuser -u ubuntu -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}' 432s + user_config=/home/ubuntu/.config 432s + system_config=/etc 432s + softhsm2_conf_paths=("${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf" "root:$system_config/softhsm/softhsm2.conf") 432s + for path_pair in "${softhsm2_conf_paths[@]}" 432s + IFS=: 432s + read -r -a path 432s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 432s + backup_file /home/ubuntu/.config/softhsm2/softhsm2.conf 432s + '[' -z /tmp/sssd-softhsm2-backups-Rti3Is ']' 432s + '[' -e /home/ubuntu/.config/softhsm2/softhsm2.conf ']' 432s + delete_paths+=("$1") 432s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 432s + for path_pair in "${softhsm2_conf_paths[@]}" 432s + IFS=: 432s + read -r -a path 432s + path=/etc/softhsm/softhsm2.conf 432s + backup_file /etc/softhsm/softhsm2.conf 432s + '[' -z /tmp/sssd-softhsm2-backups-Rti3Is ']' 432s + '[' -e /etc/softhsm/softhsm2.conf ']' 432s ++ dirname /etc/softhsm/softhsm2.conf 432s + local back_dir=/tmp/sssd-softhsm2-backups-Rti3Is//etc/softhsm 432s ++ basename /etc/softhsm/softhsm2.conf 432s + local back_path=/tmp/sssd-softhsm2-backups-Rti3Is//etc/softhsm/softhsm2.conf 432s + '[' '!' -e /tmp/sssd-softhsm2-backups-Rti3Is//etc/softhsm/softhsm2.conf ']' 432s + mkdir -p /tmp/sssd-softhsm2-backups-Rti3Is//etc/softhsm 432s + cp -a /etc/softhsm/softhsm2.conf /tmp/sssd-softhsm2-backups-Rti3Is//etc/softhsm/softhsm2.conf 432s + restore_paths+=("$back_path") 432s + rm -f /etc/softhsm/softhsm2.conf 432s + test_authentication login /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-root-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-6jut3G/test-full-chain-CA.pem 432s + pam_service=login 432s + certificate_config=/tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-root-CA-trusted-certificate-0001.conf 432s + ca_db=/tmp/sssd-softhsm2-certs-6jut3G/test-full-chain-CA.pem 432s + verification_options= 432s + mkdir -p -m 700 /etc/sssd 432s Using CA DB '/tmp/sssd-softhsm2-certs-6jut3G/test-full-chain-CA.pem' with verification options: '' 432s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-6jut3G/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 432s + cat 432s + chmod 600 /etc/sssd/sssd.conf 432s + for path_pair in "${softhsm2_conf_paths[@]}" 432s + IFS=: 432s + read -r -a path 432s + user=ubuntu 432s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 432s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 432s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 432s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-root-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 432s + grep 'Test Organization' 432s + runuser -u ubuntu -- softhsm2-util --show-slots 432s Label: Test Organization Root Tr Token 432s + for path_pair in "${softhsm2_conf_paths[@]}" 432s + IFS=: 432s + read -r -a path 432s + user=root 432s + path=/etc/softhsm/softhsm2.conf 432s ++ dirname /etc/softhsm/softhsm2.conf 432s + runuser -u root -- mkdir -p /etc/softhsm 432s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-root-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 432s + grep 'Test Organization' 432s + runuser -u root -- softhsm2-util --show-slots 432s Label: Test Organization Root Tr Token 432s + systemctl restart sssd 433s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 433s + for alternative in "${alternative_pam_configs[@]}" 433s + pam-auth-update --enable sss-smart-card-optional 434s + cat /etc/pam.d/common-auth 434s # 434s # /etc/pam.d/common-auth - authentication settings common to all services 434s # 434s # This file is included from other service-specific PAM config files, 434s # and should contain a list of the authentication modules that define 434s # the central authentication scheme for use on the system 434s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 434s # traditional Unix authentication mechanisms. 434s # 434s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 434s # To take advantage of this, it is recommended that you configure any 434s # local modules either before or after the default block, and use 434s # pam-auth-update to manage selection of other modules. See 434s # pam-auth-update(8) for details. 434s 434s # here are the per-package modules (the "Primary" block) 434s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 434s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 434s auth [success=1 default=ignore] pam_sss.so use_first_pass 434s # here's the fallback if no module succeeds 434s auth requisite pam_deny.so 434s # prime the stack with a positive return value if there isn't one already; 434s # this avoids us returning an error just because nothing sets a success code 434s # since the modules above will each just jump around 434s auth required pam_permit.so 434s # and here are more per-package modules (the "Additional" block) 434s auth optional pam_cap.so 434s # end of pam-auth-update config 434s + echo -n -e 123456 434s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 434s pamtester: invoking pam_start(login, ubuntu, ...) 434s pamtester: performing operation - authenticate 434s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 434s + echo -n -e 123456 434s + runuser -u ubuntu -- pamtester -v login '' authenticate 434s pamtester: invoking pam_start(login, , ...) 434s pamtester: performing operation - authenticate 434s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 434s + echo -n -e wrong123456 434s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 434s pamtester: invoking pam_start(login, ubuntu, ...) 434s pamtester: performing operation - authenticate 437s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 437s + echo -n -e wrong123456 437s + runuser -u ubuntu -- pamtester -v login '' authenticate 437s pamtester: invoking pam_start(login, , ...) 437s pamtester: performing operation - authenticate 440s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 440s + echo -n -e 123456 440s + pamtester -v login root authenticate 440s pamtester: invoking pam_start(login, root, ...) 440s pamtester: performing operation - authenticate 443s Password: pamtester: Authentication failure 443s + for alternative in "${alternative_pam_configs[@]}" 443s + pam-auth-update --enable sss-smart-card-required 443s PAM configuration 443s ----------------- 443s 443s Incompatible PAM profiles selected. 443s 443s The following PAM profiles cannot be used together: 443s 443s SSS required smart card authentication, SSS optional smart card 443s authentication 443s 443s Please select a different set of modules to enable. 443s 443s + cat /etc/pam.d/common-auth 443s # 443s # /etc/pam.d/common-auth - authentication settings common to all services 443s # 443s # This file is included from other service-specific PAM config files, 443s # and should contain a list of the authentication modules that define 443s # the central authentication scheme for use on the system 443s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 443s # traditional Unix authentication mechanisms. 443s # 443s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 443s # To take advantage of this, it is recommended that you configure any 443s # local modules either before or after the default block, and use 443s # pam-auth-update to manage selection of other modules. See 443s # pam-auth-update(8) for details. 443s 443s # here are the per-package modules (the "Primary" block) 443s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 443s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 443s auth [success=1 default=ignore] pam_sss.so use_first_pass 443s # here's the fallback if no module succeeds 443s auth requisite pam_deny.so 443s # prime the stack with a positive return value if there isn't one already; 443s # this avoids us returning an error just because nothing sets a success code 443s # since the modules above will each just jump around 443s auth required pam_permit.so 443s # and here are more per-package modules (the "Additional" block) 443s auth optional pam_cap.so 443s # end of pam-auth-update config 443s + echo -n -e 123456 443s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 443s pamtester: invoking pam_start(login, ubuntu, ...) 443s pamtester: performing operation - authenticate 443s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 444s + echo -n -e 123456 444s + runuser -u ubuntu -- pamtester -v login '' authenticate 444s pamtester: invoking pam_start(login, , ...) 444s pamtester: performing operation - authenticate 444s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 444s + echo -n -e wrong123456 444s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 444s pamtester: invoking pam_start(login, ubuntu, ...) 444s pamtester: performing operation - authenticate 446s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 446s + echo -n -e wrong123456 446s + runuser -u ubuntu -- pamtester -v login '' authenticate 446s pamtester: invoking pam_start(login, , ...) 446s pamtester: performing operation - authenticate 449s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 449s + echo -n -e 123456 449s + pamtester -v login root authenticate 449s pamtester: invoking pam_start(login, root, ...) 449s pamtester: performing operation - authenticate 452s pamtester: Authentication service cannot retrieve authentication info 452s + test_authentication login /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-6jut3G/test-full-chain-CA.pem 452s + pam_service=login 452s + certificate_config=/tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 452s + ca_db=/tmp/sssd-softhsm2-certs-6jut3G/test-full-chain-CA.pem 452s + verification_options= 452s + mkdir -p -m 700 /etc/sssd 452s Using CA DB '/tmp/sssd-softhsm2-certs-6jut3G/test-full-chain-CA.pem' with verification options: '' 452s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-6jut3G/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 452s + cat 452s + chmod 600 /etc/sssd/sssd.conf 452s + for path_pair in "${softhsm2_conf_paths[@]}" 452s + IFS=: 452s + read -r -a path 452s + user=ubuntu 452s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 452s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 452s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 452s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 452s Label: Test Organization Sub Int Token 452s + runuser -u ubuntu -- softhsm2-util --show-slots 452s + grep 'Test Organization' 452s + for path_pair in "${softhsm2_conf_paths[@]}" 452s + IFS=: 452s + read -r -a path 452s + user=root 452s + path=/etc/softhsm/softhsm2.conf 452s ++ dirname /etc/softhsm/softhsm2.conf 452s + runuser -u root -- mkdir -p /etc/softhsm 452s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 452s + runuser -u root -- softhsm2-util --show-slots 452s + grep 'Test Organization' 452s Label: Test Organization Sub Int Token 452s + systemctl restart sssd 453s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 453s + for alternative in "${alternative_pam_configs[@]}" 453s + pam-auth-update --enable sss-smart-card-optional 453s + cat /etc/pam.d/common-auth 453s # 453s # /etc/pam.d/common-auth - authentication settings common to all services 453s # 453s # This file is included from other service-specific PAM config files, 453s # and should contain a list of the authentication modules that define 453s # the central authentication scheme for use on the system 453s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 453s # traditional Unix authentication mechanisms. 453s # 453s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 453s # To take advantage of this, it is recommended that you configure any 453s # local modules either before or after the default block, and use 453s # pam-auth-update to manage selection of other modules. See 453s # pam-auth-update(8) for details. 453s 453s # here are the per-package modules (the "Primary" block) 453s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 453s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 453s auth [success=1 default=ignore] pam_sss.so use_first_pass 453s # here's the fallback if no module succeeds 453s auth requisite pam_deny.so 453s # prime the stack with a positive return value if there isn't one already; 453s # this avoids us returning an error just because nothing sets a success code 453s # since the modules above will each just jump around 453s auth required pam_permit.so 453s # and here are more per-package modules (the "Additional" block) 453s auth optional pam_cap.so 453s # end of pam-auth-update config 453s + echo -n -e 123456 453s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 453s pamtester: invoking pam_start(login, ubuntu, ...) 453s pamtester: performing operation - authenticate 453s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 453s + runuser -u ubuntu -- pamtester -v login '' authenticate 453s + echo -n -e 123456 454s pamtester: invoking pam_start(login, , ...) 454s pamtester: performing operation - authenticate 454s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 454s + echo -n -e wrong123456 454s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 454s pamtester: invoking pam_start(login, ubuntu, ...) 454s pamtester: performing operation - authenticate 457s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 457s + echo -n -e wrong123456 457s + runuser -u ubuntu -- pamtester -v login '' authenticate 457s pamtester: invoking pam_start(login, , ...) 457s pamtester: performing operation - authenticate 460s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 460s + echo -n -e 123456 460s + pamtester -v login root authenticate 460s pamtester: invoking pam_start(login, root, ...) 460s pamtester: performing operation - authenticate 463s Password: pamtester: Authentication failure 463s + for alternative in "${alternative_pam_configs[@]}" 463s + pam-auth-update --enable sss-smart-card-required 464s PAM configuration 464s ----------------- 464s 464s Incompatible PAM profiles selected. 464s 464s The following PAM profiles cannot be used together: 464s 464s SSS required smart card authentication, SSS optional smart card 464s authentication 464s 464s Please select a different set of modules to enable. 464s 464s + cat /etc/pam.d/common-auth 464s # 464s # /etc/pam.d/common-auth - authentication settings common to all services 464s # 464s # This file is included from other service-specific PAM config files, 464s # and should contain a list of the authentication modules that define 464s # the central authentication scheme for use on the system 464s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 464s # traditional Unix authentication mechanisms. 464s # 464s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 464s # To take advantage of this, it is recommended that you configure any 464s # local modules either before or after the default block, and use 464s # pam-auth-update to manage selection of other modules. See 464s # pam-auth-update(8) for details. 464s 464s # here are the per-package modules (the "Primary" block) 464s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 464s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 464s auth [success=1 default=ignore] pam_sss.so use_first_pass 464s # here's the fallback if no module succeeds 464s auth requisite pam_deny.so 464s # prime the stack with a positive return value if there isn't one already; 464s # this avoids us returning an error just because nothing sets a success code 464s # since the modules above will each just jump around 464s auth required pam_permit.so 464s # and here are more per-package modules (the "Additional" block) 464s auth optional pam_cap.so 464s # end of pam-auth-update config 464s + echo -n -e 123456 464s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 464s pamtester: invoking pam_start(login, ubuntu, ...) 464s pamtester: performing operation - authenticate 464s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 464s + echo -n -e 123456 464s + runuser -u ubuntu -- pamtester -v login '' authenticate 464s pamtester: invoking pam_start(login, , ...) 464s pamtester: performing operation - authenticate 464s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 464s + echo -n -e wrong123456 464s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 464s pamtester: invoking pam_start(login, ubuntu, ...) 464s pamtester: performing operation - authenticate 467s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 467s + echo -n -e wrong123456 467s + runuser -u ubuntu -- pamtester -v login '' authenticate 467s pamtester: invoking pam_start(login, , ...) 467s pamtester: performing operation - authenticate 471s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 471s + echo -n -e 123456 471s + pamtester -v login root authenticate 471s pamtester: invoking pam_start(login, root, ...) 471s pamtester: performing operation - authenticate 473s pamtester: Authentication service cannot retrieve authentication info 473s + test_authentication login /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.pem partial_chain 473s + pam_service=login 473s + certificate_config=/tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 473s + ca_db=/tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.pem 473s + verification_options=partial_chain 473s + mkdir -p -m 700 /etc/sssd 473s Using CA DB '/tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.pem' with verification options: 'partial_chain' 473s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-6jut3G/test-sub-intermediate-CA.pem'\'' with verification options: '\''partial_chain'\''' 473s + cat 473s + chmod 600 /etc/sssd/sssd.conf 473s + for path_pair in "${softhsm2_conf_paths[@]}" 473s + IFS=: 473s + read -r -a path 473s + user=ubuntu 473s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 473s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 473s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 473s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 473s + runuser -u ubuntu -- softhsm2-util --show-slots 473s + grep 'Test Organization' 473s Label: Test Organization Sub Int Token 473s + for path_pair in "${softhsm2_conf_paths[@]}" 473s + IFS=: 473s + read -r -a path 473s + user=root 473s + path=/etc/softhsm/softhsm2.conf 473s ++ dirname /etc/softhsm/softhsm2.conf 473s + runuser -u root -- mkdir -p /etc/softhsm 473s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-6jut3G/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 473s + grep 'Test Organization' 473s + runuser -u root -- softhsm2-util --show-slots 473s Label: Test Organization Sub Int Token 473s + systemctl restart sssd 473s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 474s + for alternative in "${alternative_pam_configs[@]}" 474s + pam-auth-update --enable sss-smart-card-optional 474s + cat /etc/pam.d/common-auth 474s # 474s # /etc/pam.d/common-auth - authentication settings common to all services 474s # 474s # This file is included from other service-specific PAM config files, 474s # and should contain a list of the authentication modules that define 474s # the central authentication scheme for use on the system 474s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 474s # traditional Unix authentication mechanisms. 474s # 474s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 474s # To take advantage of this, it is recommended that you configure any 474s # local modules either before or after the default block, and use 474s # pam-auth-update to manage selection of other modules. See 474s # pam-auth-update(8) for details. 474s 474s # here are the per-package modules (the "Primary" block) 474s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 474s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 474s auth [success=1 default=ignore] pam_sss.so use_first_pass 474s # here's the fallback if no module succeeds 474s auth requisite pam_deny.so 474s # prime the stack with a positive return value if there isn't one already; 474s # this avoids us returning an error just because nothing sets a success code 474s # since the modules above will each just jump around 474s auth required pam_permit.so 474s # and here are more per-package modules (the "Additional" block) 474s auth optional pam_cap.so 474s # end of pam-auth-update config 474s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 474s + echo -n -e 123456 474s pamtester: invoking pam_start(login, ubuntu, ...) 474s pamtester: performing operation - authenticate 474s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 474s + echo -n -e 123456 474s + runuser -u ubuntu -- pamtester -v login '' authenticate 474s pamtester: invoking pam_start(login, , ...) 474s pamtester: performing operation - authenticate 474s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 474s + echo -n -e wrong123456 474s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 474s pamtester: invoking pam_start(login, ubuntu, ...) 474s pamtester: performing operation - authenticate 478s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 478s + echo -n -e wrong123456 478s + runuser -u ubuntu -- pamtester -v login '' authenticate 478s pamtester: invoking pam_start(login, , ...) 478s pamtester: performing operation - authenticate 481s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 481s + echo -n -e 123456 481s + pamtester -v login root authenticate 481s pamtester: invoking pam_start(login, root, ...) 481s pamtester: performing operation - authenticate 484s Password: pamtester: Authentication failure 484s + for alternative in "${alternative_pam_configs[@]}" 484s + pam-auth-update --enable sss-smart-card-required 484s PAM configuration 484s ----------------- 484s 484s Incompatible PAM profiles selected. 484s 484s The following PAM profiles cannot be used together: 484s 484s SSS required smart card authentication, SSS optional smart card 484s authentication 484s 484s Please select a different set of modules to enable. 484s 484s + cat /etc/pam.d/common-auth 484s # 484s # /etc/pam.d/common-auth - authentication settings common to all services 484s # 484s # This file is included from other service-specific PAM config files, 484s # and should contain a list of the authentication modules that define 484s # the central authentication scheme for use on the system 484s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 484s # traditional Unix authentication mechanisms. 484s # 484s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 484s # To take advantage of this, it is recommended that you configure any 484s # local modules either before or after the default block, and use 484s # pam-auth-update to manage selection of other modules. See 484s # pam-auth-update(8) for details. 484s 484s # here are the per-package modules (the "Primary" block) 484s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 484s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 484s auth [success=1 default=ignore] pam_sss.so use_first_pass 484s # here's the fallback if no module succeeds 484s auth requisite pam_deny.so 484s # prime the stack with a positive return value if there isn't one already; 484s # this avoids us returning an error just because nothing sets a success code 484s # since the modules above will each just jump around 484s auth required pam_permit.so 484s # and here are more per-package modules (the "Additional" block) 484s auth optional pam_cap.so 484s # end of pam-auth-update config 484s + echo -n -e 123456 484s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 484s pamtester: invoking pam_start(login, ubuntu, ...) 484s pamtester: performing operation - authenticate 484s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 484s + echo -n -e 123456 484s + runuser -u ubuntu -- pamtester -v login '' authenticate 484s pamtester: invoking pam_start(login, , ...) 484s pamtester: performing operation - authenticate 485s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 485s + echo -n -e wrong123456 485s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 485s pamtester: invoking pam_start(login, ubuntu, ...) 485s pamtester: performing operation - authenticate 487s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 487s + echo -n -e wrong123456 487s + runuser -u ubuntu -- pamtester -v login '' authenticate 487s pamtester: invoking pam_start(login, , ...) 487s pamtester: performing operation - authenticate 491s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 491s + echo -n -e 123456 491s + pamtester -v login root authenticate 491s pamtester: invoking pam_start(login, root, ...) 491s pamtester: performing operation - authenticate 494s pamtester: Authentication service cannot retrieve authentication info 494s + handle_exit 494s + exit_code=0 494s + restore_changes 494s + for path in "${restore_paths[@]}" 494s + local original_path 494s ++ realpath --strip --relative-base=/tmp/sssd-softhsm2-backups-Rti3Is /tmp/sssd-softhsm2-backups-Rti3Is//etc/softhsm/softhsm2.conf 494s + original_path=/etc/softhsm/softhsm2.conf 494s + rm /etc/softhsm/softhsm2.conf 494s + mv /tmp/sssd-softhsm2-backups-Rti3Is//etc/softhsm/softhsm2.conf /etc/softhsm/softhsm2.conf 494s + for path in "${delete_paths[@]}" 494s + rm -f /etc/sssd/sssd.conf 494s + for path in "${delete_paths[@]}" 494s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 494s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 495s + '[' -e /etc/sssd/sssd.conf ']' 495s + systemctl stop sssd 495s + '[' -e /etc/softhsm/softhsm2.conf ']' 495s + chmod 600 /etc/softhsm/softhsm2.conf 495s + rm -rf /tmp/sssd-softhsm2-certs-6jut3G 495s + '[' 0 = 0 ']' 495s + rm -rf /tmp/sssd-softhsm2-backups-Rti3Is 495s Script completed successfully! 495s + set +x 495s autopkgtest [18:14:31]: test sssd-smart-card-pam-auth-configs: -----------------------] 496s autopkgtest [18:14:32]: test sssd-smart-card-pam-auth-configs: - - - - - - - - - - results - - - - - - - - - - 496s sssd-smart-card-pam-auth-configs PASS 496s autopkgtest [18:14:32]: @@@@@@@@@@@@@@@@@@@@ summary 496s ldap-user-group-ldap-auth FAIL non-zero exit status 80 496s ldap-user-group-krb5-auth FAIL non-zero exit status 80 496s sssd-softhism2-certificates-tests.sh PASS 496s sssd-smart-card-pam-auth-configs PASS 501s nova [W] Using flock in prodstack6-ppc64el 501s Creating nova instance adt-plucky-ppc64el-sssd-20250117-180616-juju-7f2275-prod-proposed-migration-environment-20-b61a6798-dce1-4823-9b4f-6a9068d4fd6c from image adt/ubuntu-plucky-ppc64el-server-20250117.img (UUID fc4495f7-ff1c-4a92-a3fe-ee8c580d771a)... 501s nova [W] Timed out waiting for 40f23cd8-3834-4bae-9fea-fef3f5311332 to get deleted. 501s nova [W] Using flock in prodstack6-ppc64el 501s Creating nova instance adt-plucky-ppc64el-sssd-20250117-180616-juju-7f2275-prod-proposed-migration-environment-20-b61a6798-dce1-4823-9b4f-6a9068d4fd6c from image adt/ubuntu-plucky-ppc64el-server-20250117.img (UUID fc4495f7-ff1c-4a92-a3fe-ee8c580d771a)... 501s nova [W] Timed out waiting for 0c9202dd-3bd8-44cc-8e74-065d2e55ae96 to get deleted.