+ cd /tmp/tmpvvgb4zlc/tests; TEST_SUBJECTS=/cache/centos-7.qcow2c TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-100-3dbef8b-centos-7-9qbgm6b2/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpvvgb4zlc/_setup.yml /tmp/tmpvvgb4zlc/tests/tests_basic_ipa.yml ansible-playbook 2.9.23 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpvvgb4zlc/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpvvgb4zlc/_setup.yml:5 ok: [/cache/centos-7.qcow2c] => { "groups": { "all": [ "/cache/centos-7.qcow2c" ], "localhost": [ "/cache/centos-7.qcow2c" ], "subjects": [ "/cache/centos-7.qcow2c" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpvvgb4zlc/_setup.yml:7 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 statically imported: /tmp/tmpvvgb4zlc/tests/tasks/setup_ipa.yml PLAYBOOK: tests_basic_ipa.yml ************************************************** 3 plays in /tmp/tmpvvgb4zlc/tests/tests_basic_ipa.yml PLAY [Install IPA server] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_basic_ipa.yml:2 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [Set __is_beaker_env] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/setup_ipa.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__is_beaker_env": false}, "changed": false} TASK [Install ansible-freeipa] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/setup_ipa.yml:6 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Clone ansible-freeipa repo] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/setup_ipa.yml:12 changed: [/cache/centos-7.qcow2c] => {"after": "6c7f433135795d3ebec2ce26d6ca398301792588", "before": null, "changed": true} TASK [Create role symlinks] **************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/setup_ipa.yml:21 changed: [/cache/centos-7.qcow2c] => (item=ipaserver) => {"ansible_loop_var": "item", "changed": true, "dest": "/tmp/tmpvvgb4zlc/tests/roles/ipaserver", "gid": 0, "group": "root", "item": "ipaserver", "mode": "0777", "owner": "root", "size": 34, "src": "/tmp/freeipa-repo/roles/ipaserver/", "state": "link", "uid": 0} changed: [/cache/centos-7.qcow2c] => (item=ipaclient) => {"ansible_loop_var": "item", "changed": true, "dest": "/tmp/tmpvvgb4zlc/tests/roles/ipaclient", "gid": 0, "group": "root", "item": "ipaclient", "mode": "0777", "owner": "root", "size": 34, "src": "/tmp/freeipa-repo/roles/ipaclient/", "state": "link", "uid": 0} TASK [ensure hostname package is installed] ************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/setup_ipa.yml:33 ok: [/cache/centos-7.qcow2c] => {"changed": false, "msg": "", "rc": 0, "results": ["hostname-3.13-3.el7_7.1.x86_64 providing hostname is already installed"]} TASK [Set hostname] ************************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/setup_ipa.yml:38 changed: [/cache/centos-7.qcow2c] => {"ansible_facts": {"ansible_domain": "test.local", "ansible_fqdn": "ipaserver.test.local", "ansible_hostname": "ipaserver", "ansible_nodename": "ipaserver.test.local"}, "changed": true, "name": "ipaserver.test.local"} TASK [Ensure nss package is up-to-date] **************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/setup_ipa.yml:42 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": [], "updated": [["nss", "3.67.0-3.el7_9.x86_64 from updates"]]}, "msg": "warning: /var/cache/yum/x86_64/7/updates/packages/nspr-4.32.0-1.el7_9.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) \"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-8.2003.0.el7.centos.x86_64 (installed)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package nss.x86_64 0:3.44.0-7.el7_7 will be updated\n--> Processing Dependency: nss = 3.44.0-7.el7_7 for package: nss-sysinit-3.44.0-7.el7_7.x86_64\n--> Processing Dependency: nss(x86-64) = 3.44.0-7.el7_7 for package: nss-tools-3.44.0-7.el7_7.x86_64\n---> Package nss.x86_64 0:3.67.0-3.el7_9 will be an update\n--> Processing Dependency: nss-util >= 3.67.0-1 for package: nss-3.67.0-3.el7_9.x86_64\n--> Processing Dependency: nss-softokn(x86-64) >= 3.67.0-1 for package: nss-3.67.0-3.el7_9.x86_64\n--> Processing Dependency: nspr >= 4.31.0 for package: nss-3.67.0-3.el7_9.x86_64\n--> Processing Dependency: libnssutil3.so(NSSUTIL_3.59)(64bit) for package: nss-3.67.0-3.el7_9.x86_64\n--> Running transaction check\n---> Package nspr.x86_64 0:4.21.0-1.el7 will be updated\n---> Package nspr.x86_64 0:4.32.0-1.el7_9 will be an update\n---> Package nss-softokn.x86_64 0:3.44.0-8.el7_7 will be updated\n---> Package nss-softokn.x86_64 0:3.67.0-3.el7_9 will be an update\n--> Processing Dependency: nss-softokn-freebl(x86-64) >= 3.67.0-3.el7_9 for package: nss-softokn-3.67.0-3.el7_9.x86_64\n---> Package nss-sysinit.x86_64 0:3.44.0-7.el7_7 will be updated\n---> Package nss-sysinit.x86_64 0:3.67.0-3.el7_9 will be an update\n---> Package nss-tools.x86_64 0:3.44.0-7.el7_7 will be updated\n---> Package nss-tools.x86_64 0:3.67.0-3.el7_9 will be an update\n---> Package nss-util.x86_64 0:3.44.0-4.el7_7 will be updated\n---> Package nss-util.x86_64 0:3.67.0-1.el7_9 will be an update\n--> Running transaction check\n---> Package nss-softokn-freebl.x86_64 0:3.44.0-8.el7_7 will be updated\n---> Package nss-softokn-freebl.x86_64 0:3.67.0-3.el7_9 will be an update\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nUpdating:\n nss x86_64 3.67.0-3.el7_9 updates 882 k\nUpdating for dependencies:\n nspr x86_64 4.32.0-1.el7_9 updates 127 k\n nss-softokn x86_64 3.67.0-3.el7_9 updates 358 k\n nss-softokn-freebl x86_64 3.67.0-3.el7_9 updates 337 k\n nss-sysinit x86_64 3.67.0-3.el7_9 updates 66 k\n nss-tools x86_64 3.67.0-3.el7_9 updates 549 k\n nss-util x86_64 3.67.0-1.el7_9 updates 79 k\n\nTransaction Summary\n================================================================================\nUpgrade 1 Package (+6 Dependent packages)\n\nTotal download size: 2.3 M\nDownloading packages:\nDelta RPMs disabled because /usr/bin/applydeltarpm not installed.\nPublic key for nspr-4.32.0-1.el7_9.x86_64.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 14 MB/s | 2.3 MB 00:00 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Updating : nspr-4.32.0-1.el7_9.x86_64 1/14 \n Updating : nss-util-3.67.0-1.el7_9.x86_64 2/14 \n Updating : nss-softokn-freebl-3.67.0-3.el7_9.x86_64 3/14 \n Updating : nss-softokn-3.67.0-3.el7_9.x86_64 4/14 \n Updating : nss-sysinit-3.67.0-3.el7_9.x86_64 5/14 \n Updating : nss-3.67.0-3.el7_9.x86_64 6/14 \n Updating : nss-tools-3.67.0-3.el7_9.x86_64 7/14 \n Cleanup : nss-tools-3.44.0-7.el7_7.x86_64 8/14 \n Cleanup : nss-sysinit-3.44.0-7.el7_7.x86_64 9/14 \n Cleanup : nss-3.44.0-7.el7_7.x86_64 10/14 \n Cleanup : nss-softokn-3.44.0-8.el7_7.x86_64 11/14 \n Cleanup : nss-softokn-freebl-3.44.0-8.el7_7.x86_64 12/14 \n Cleanup : nss-util-3.44.0-4.el7_7.x86_64 13/14 \n Cleanup : nspr-4.21.0-1.el7.x86_64 14/14 \n Verifying : nss-tools-3.67.0-3.el7_9.x86_64 1/14 \n Verifying : nss-util-3.67.0-1.el7_9.x86_64 2/14 \n Verifying : nspr-4.32.0-1.el7_9.x86_64 3/14 \n Verifying : nss-softokn-freebl-3.67.0-3.el7_9.x86_64 4/14 \n Verifying : nss-sysinit-3.67.0-3.el7_9.x86_64 5/14 \n Verifying : nss-softokn-3.67.0-3.el7_9.x86_64 6/14 \n Verifying : nss-3.67.0-3.el7_9.x86_64 7/14 \n Verifying : nss-sysinit-3.44.0-7.el7_7.x86_64 8/14 \n Verifying : nss-util-3.44.0-4.el7_7.x86_64 9/14 \n Verifying : nss-tools-3.44.0-7.el7_7.x86_64 10/14 \n Verifying : nss-3.44.0-7.el7_7.x86_64 11/14 \n Verifying : nss-softokn-freebl-3.44.0-8.el7_7.x86_64 12/14 \n Verifying : nss-softokn-3.44.0-8.el7_7.x86_64 13/14 \n Verifying : nspr-4.21.0-1.el7.x86_64 14/14 \n\nUpdated:\n nss.x86_64 0:3.67.0-3.el7_9 \n\nDependency Updated:\n nspr.x86_64 0:4.32.0-1.el7_9 \n nss-softokn.x86_64 0:3.67.0-3.el7_9 \n nss-softokn-freebl.x86_64 0:3.67.0-3.el7_9 \n nss-sysinit.x86_64 0:3.67.0-3.el7_9 \n nss-tools.x86_64 0:3.67.0-3.el7_9 \n nss-util.x86_64 0:3.67.0-1.el7_9 \n\nComplete!\n"]} TASK [Include ipaserver role] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/setup_ipa.yml:50 TASK [ipaserver : Import variables specific to distribution] ******************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/main.yml:4 ok: [/cache/centos-7.qcow2c] => (item=/tmp/freeipa-repo/roles/ipaserver/vars/CentOS-7.yml) => {"ansible_facts": {"ipaserver_packages": ["ipa-server", "libselinux-python"], "ipaserver_packages_adtrust": ["ipa-server-trust-ad"], "ipaserver_packages_dns": ["ipa-server-dns"], "ipaserver_packages_firewalld": ["firewalld"]}, "ansible_included_var_files": ["/tmp/freeipa-repo/roles/ipaserver/vars/CentOS-7.yml"], "ansible_loop_var": "item", "changed": false, "item": "/tmp/freeipa-repo/roles/ipaserver/vars/CentOS-7.yml"} TASK [ipaserver : Install IPA server] ****************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/main.yml:12 included: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml for /cache/centos-7.qcow2c TASK [ipaserver : Install - Ensure that IPA server packages are installed] ***** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:5 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["ipa-server"]}, "msg": "", "rc": 0, "results": ["libselinux-python-2.5-15.el7.x86_64 providing libselinux-python is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package ipa-server.x86_64 0:4.6.8-5.el7.centos.9 will be installed\n--> Processing Dependency: python2-ipaserver = 4.6.8-5.el7.centos.9 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: ipa-server-common = 4.6.8-5.el7.centos.9 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: ipa-common = 4.6.8-5.el7.centos.9 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: ipa-client = 4.6.8-5.el7.centos.9 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: krb5-server < 1.15.100 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: openldap-clients > 2.4.35-4 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: sssd-dbus >= 1.15.2 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: softhsm >= 2.0.0rc1-1 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: slapi-nis >= 0.56.0-4 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: python-ldap >= 2.4.15 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: python-gssapi >= 1.2.0-3 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: pki-kra >= 10.5.18-13 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: pki-ca >= 10.5.18-13 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: mod_nss >= 1.0.14-7 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: mod_lookup_identity >= 0.9.9 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: mod_auth_gssapi >= 1.5.0 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: krb5-server >= 1.15.1-36 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: krb5-server >= 1.15 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: krb5-pkinit-openssl >= 1.15.1-36 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: httpd >= 2.4.6-31 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: certmonger >= 0.78.4-10 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: 389-ds-base >= 1.3.10.2-12 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: 389-ds-base >= 1.3.10.2-12 for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: systemd-python for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: open-sans-fonts for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: oddjob for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: ntp for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: mod_wsgi for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: mod_session for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libsss_nss_idmap.so.0(SSS_NSS_IDMAP_0.4.0)(64bit) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libsss_nss_idmap.so.0(SSS_NSS_IDMAP_0.1.0)(64bit) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libsss_certmap.so.0(SSS_CERTMAP_0.0)(64bit) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libsamba-util.so.0(SAMBA_UTIL_0.0.1)(64bit) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libndr.so.0(NDR_0.0.1)(64bit) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libndr-nbt.so.0(NDR_NBT_0.0.1)(64bit) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libndr-krb5pac.so.0(NDR_KRB5PAC_0.0.1)(64bit) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: fontawesome-fonts for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: cyrus-sasl-gssapi(x86-64) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libsss_nss_idmap.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libsss_certmap.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libsamba-util.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libndr.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libndr-standard.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libndr-nbt.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libndr-krb5pac.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.centos.9.x86_64\n--> Running transaction check\n---> Package 389-ds-base.x86_64 0:1.3.10.2-13.el7_9 will be installed\n--> Processing Dependency: 389-ds-base-libs = 1.3.10.2-13.el7_9 for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: svrcore >= 4.1.3 for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl-Socket for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl-NetAddr-IP for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl-Mozilla-LDAP for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(warnings) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(vars) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(strict) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(sigtrap) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(lib) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(Time::Local) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(Sys::Hostname) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(Socket) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(Scalar::Util) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(POSIX) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(NetAddr::IP::Util) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(Mozilla::LDAP::Utils) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(Mozilla::LDAP::LDIF) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(Mozilla::LDAP::Conn) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(Mozilla::LDAP::API) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(MIME::Base64) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(IO::Uncompress::AnyUncompress) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(IO::File) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(Getopt::Std) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(Getopt::Long) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(File::Temp) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(File::Spec::Functions) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(File::Spec) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(File::Path) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(File::Copy) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(File::Basename) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(Exporter) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(DynaLoader) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(DB_File) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(DB) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(Cwd) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(Config) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(Carp) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(Archive::Tar) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: perl(:MODULE_COMPAT_5.16.3) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: gperftools-libs for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: cyrus-sasl-plain for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: cyrus-sasl-md5 for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: bind-utils for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: /usr/bin/perl for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: libtcmalloc.so.4()(64bit) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: libsvrcore.so.0()(64bit) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: libslapd.so.0()(64bit) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: libsds.so.0()(64bit) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: libnunc-stans.so.0()(64bit) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: libns-dshttpd-1.3.10.2.so()(64bit) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: libldaputil.so.0()(64bit) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: libicuuc.so.50()(64bit) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: libicui18n.so.50()(64bit) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n--> Processing Dependency: libicudata.so.50()(64bit) for package: 389-ds-base-1.3.10.2-13.el7_9.x86_64\n---> Package certmonger.x86_64 0:0.78.4-16.el7_9 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n---> Package cyrus-sasl-gssapi.x86_64 0:2.1.26-23.el7 will be installed\n---> Package fontawesome-fonts.noarch 0:4.1.0-2.el7 will be installed\n--> Processing Dependency: fontpackages-filesystem for package: fontawesome-fonts-4.1.0-2.el7.noarch\n---> Package httpd.x86_64 0:2.4.6-97.el7.centos.1 will be installed\n--> Processing Dependency: httpd-tools = 2.4.6-97.el7.centos.1 for package: httpd-2.4.6-97.el7.centos.1.x86_64\n--> Processing Dependency: system-logos >= 7.92.1-1 for package: httpd-2.4.6-97.el7.centos.1.x86_64\n--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-97.el7.centos.1.x86_64\n--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-97.el7.centos.1.x86_64\n--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-97.el7.centos.1.x86_64\n---> Package ipa-client.x86_64 0:4.6.8-5.el7.centos.9 will be installed\n--> Processing Dependency: python2-ipaclient = 4.6.8-5.el7.centos.9 for package: ipa-client-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: ipa-client-common = 4.6.8-5.el7.centos.9 for package: ipa-client-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: sssd >= 1.14.0 for package: ipa-client-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: krb5-workstation >= 1.15.1-36 for package: ipa-client-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: python-sssdconfig for package: ipa-client-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: oddjob-mkhomedir for package: ipa-client-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: libsss_autofs for package: ipa-client-4.6.8-5.el7.centos.9.x86_64\n--> Processing Dependency: autofs for package: ipa-client-4.6.8-5.el7.centos.9.x86_64\n---> Package ipa-common.noarch 0:4.6.8-5.el7.centos.9 will be installed\n---> Package ipa-server-common.noarch 0:4.6.8-5.el7.centos.9 will be installed\n--> Processing Dependency: custodia >= 0.3.0-4 for package: ipa-server-common-4.6.8-5.el7.centos.9.noarch\n---> Package krb5-pkinit.x86_64 0:1.15.1-50.el7 will be installed\n--> Processing Dependency: krb5-libs(x86-64) = 1.15.1-50.el7 for package: krb5-pkinit-1.15.1-50.el7.x86_64\n---> Package krb5-server.x86_64 0:1.15.1-50.el7 will be installed\n--> Processing Dependency: libkadm5(x86-64) = 1.15.1-50.el7 for package: krb5-server-1.15.1-50.el7.x86_64\n--> Processing Dependency: libkadm5srv_mit.so.11(kadm5srv_mit_11_MIT)(64bit) for package: krb5-server-1.15.1-50.el7.x86_64\n--> Processing Dependency: libkadm5clnt_mit.so.11(kadm5clnt_mit_11_MIT)(64bit) for package: krb5-server-1.15.1-50.el7.x86_64\n--> Processing Dependency: /usr/share/dict/words for package: krb5-server-1.15.1-50.el7.x86_64\n--> Processing Dependency: libkadm5srv_mit.so.11()(64bit) for package: krb5-server-1.15.1-50.el7.x86_64\n--> Processing Dependency: libkadm5clnt_mit.so.11()(64bit) for package: krb5-server-1.15.1-50.el7.x86_64\n---> Package libsss_certmap.x86_64 0:1.16.5-10.el7_9.10 will be installed\n---> Package libsss_nss_idmap.x86_64 0:1.16.5-10.el7_9.10 will be installed\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package mod_auth_gssapi.x86_64 0:1.5.1-7.el7 will be installed\n---> Package mod_lookup_identity.x86_64 0:1.0.0-1.el7 will be installed\n---> Package mod_nss.x86_64 0:1.0.14-12.el7 will be installed\n---> Package mod_session.x86_64 0:2.4.6-97.el7.centos.1 will be installed\n--> Processing Dependency: apr-util-openssl for package: mod_session-2.4.6-97.el7.centos.1.x86_64\n---> Package mod_wsgi.x86_64 0:3.4-18.el7 will be installed\n---> Package ntp.x86_64 0:4.2.6p5-29.el7.centos.2 will be installed\n--> Processing Dependency: ntpdate = 4.2.6p5-29.el7.centos.2 for package: ntp-4.2.6p5-29.el7.centos.2.x86_64\n--> Processing Dependency: libopts.so.25()(64bit) for package: ntp-4.2.6p5-29.el7.centos.2.x86_64\n---> Package oddjob.x86_64 0:0.31.5-4.el7 will be installed\n---> Package open-sans-fonts.noarch 0:1.10-1.el7 will be installed\n---> Package openldap-clients.x86_64 0:2.4.44-24.el7_9 will be installed\n--> Processing Dependency: openldap(x86-64) = 2.4.44-24.el7_9 for package: openldap-clients-2.4.44-24.el7_9.x86_64\n---> Package pki-ca.noarch 0:10.5.18-17.el7_9 will be installed\n--> Processing Dependency: pki-server = 10.5.18-17.el7_9 for package: pki-ca-10.5.18-17.el7_9.noarch\n--> Processing Dependency: java-1.8.0-openjdk-headless for package: pki-ca-10.5.18-17.el7_9.noarch\n---> Package pki-kra.noarch 0:10.5.18-17.el7_9 will be installed\n---> Package python-gssapi.x86_64 0:1.2.0-3.el7 will be installed\n--> Processing Dependency: python-enum34 for package: python-gssapi-1.2.0-3.el7.x86_64\n---> Package python-ldap.x86_64 0:2.4.15-2.el7 will be installed\n---> Package python2-ipaserver.noarch 0:4.6.8-5.el7.centos.9 will be installed\n--> Processing Dependency: python-kdcproxy >= 0.3 for package: python2-ipaserver-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: python-dns >= 1.12.0-3 for package: python2-ipaserver-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: python-custodia >= 0.3.0-4 for package: python2-ipaserver-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: python-augeas >= 0.5 for package: python2-ipaserver-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: pki-base-python2 >= 10.5.18-13 for package: python2-ipaserver-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: python-pyasn1 for package: python2-ipaserver-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: python-lxml for package: python2-ipaserver-4.6.8-5.el7.centos.9.noarch\n---> Package samba-client-libs.x86_64 0:4.10.16-15.el7_9 will be installed\n--> Processing Dependency: samba-common-libs = 4.10.16-15.el7_9 for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: samba-common = 4.10.16-15.el7_9 for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: samba-common = 4.10.16-15.el7_9 for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libwbclient = 4.10.16-15.el7_9 for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libwbclient.so.0(WBCLIENT_0.9)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libwbclient.so.0(WBCLIENT_0.13)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.3.17)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.3.11)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.3.0)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.2.5)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.2.2)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.2.1)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libldb.so.1(LDB_1.3.0)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libldb.so.1(LDB_1.1.30)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libldb.so.1(LDB_1.1.19)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libldb.so.1(LDB_1.1.1)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libldb.so.1(LDB_0.9.23)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libldb.so.1(LDB_0.9.15)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libldb.so.1(LDB_0.9.10)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libgnutls.so.28(GNUTLS_3_1_0)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libgnutls.so.28(GNUTLS_1_4)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libaesni-intel-samba4.so(SAMBA_4.10.16)(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libwinbind-client-samba4.so()(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libwbclient.so.0()(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libtdb.so.1()(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libldb.so.1()(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libgnutls.so.28()(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libcups.so.2()(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libcluster-samba4.so()(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libavahi-common.so.3()(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libavahi-client.so.3()(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n--> Processing Dependency: libaesni-intel-samba4.so()(64bit) for package: samba-client-libs-4.10.16-15.el7_9.x86_64\n---> Package slapi-nis.x86_64 0:0.56.5-3.el7_9 will be installed\n---> Package softhsm.x86_64 0:2.1.0-3.el7 will be installed\n---> Package sssd-dbus.x86_64 0:1.16.5-10.el7_9.10 will be installed\n--> Processing Dependency: sssd-common = 1.16.5-10.el7_9.10 for package: sssd-dbus-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libdhash.so.1(DHASH_0.4.3)(64bit) for package: sssd-dbus-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libsss_util.so()(64bit) for package: sssd-dbus-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libsss_debug.so()(64bit) for package: sssd-dbus-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libsss_crypt.so()(64bit) for package: sssd-dbus-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libsss_child.so()(64bit) for package: sssd-dbus-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libsss_cert.so()(64bit) for package: sssd-dbus-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libdhash.so.1()(64bit) for package: sssd-dbus-1.16.5-10.el7_9.10.x86_64\n---> Package systemd-python.x86_64 0:219-78.el7_9.3 will be installed\n--> Processing Dependency: systemd-libs = 219-78.el7_9.3 for package: systemd-python-219-78.el7_9.3.x86_64\n--> Processing Dependency: systemd = 219-78.el7_9.3 for package: systemd-python-219-78.el7_9.3.x86_64\n--> Running transaction check\n---> Package 389-ds-base-libs.x86_64 0:1.3.10.2-13.el7_9 will be installed\n---> Package apr.x86_64 0:1.4.8-7.el7 will be installed\n---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed\n---> Package apr-util-openssl.x86_64 0:1.5.2-6.el7 will be installed\n---> Package autofs.x86_64 1:5.0.7-116.el7_9 will be installed\n--> Processing Dependency: libhesiod.so.0()(64bit) for package: 1:autofs-5.0.7-116.el7_9.x86_64\n---> Package autogen-libopts.x86_64 0:5.18-5.el7 will be installed\n---> Package avahi-libs.x86_64 0:0.6.31-20.el7 will be installed\n---> Package bind-utils.x86_64 32:9.11.4-26.P2.el7_9.7 will be installed\n--> Processing Dependency: bind-libs-lite(x86-64) = 32:9.11.4-26.P2.el7_9.7 for package: 32:bind-utils-9.11.4-26.P2.el7_9.7.x86_64\n--> Processing Dependency: bind-libs(x86-64) = 32:9.11.4-26.P2.el7_9.7 for package: 32:bind-utils-9.11.4-26.P2.el7_9.7.x86_64\n--> Processing Dependency: liblwres.so.160()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7_9.7.x86_64\n--> Processing Dependency: libisccfg.so.160()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7_9.7.x86_64\n--> Processing Dependency: libisc.so.169()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7_9.7.x86_64\n--> Processing Dependency: libirs.so.160()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7_9.7.x86_64\n--> Processing Dependency: libdns.so.1102()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7_9.7.x86_64\n--> Processing Dependency: libbind9.so.160()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7_9.7.x86_64\n--> Processing Dependency: libGeoIP.so.1()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7_9.7.x86_64\n---> Package centos-logos.noarch 0:70.0.6-3.el7.centos will be installed\n---> Package cups-libs.x86_64 1:1.6.3-51.el7 will be installed\n---> Package custodia.noarch 0:0.3.1-4.el7 will be installed\n---> Package cyrus-sasl-md5.x86_64 0:2.1.26-23.el7 will be installed\n---> Package cyrus-sasl-plain.x86_64 0:2.1.26-23.el7 will be installed\n---> Package fontpackages-filesystem.noarch 0:1.44-8.el7 will be installed\n---> Package gnutls.x86_64 0:3.3.29-9.el7_6 will be installed\n--> Processing Dependency: trousers >= 0.3.11.2 for package: gnutls-3.3.29-9.el7_6.x86_64\n--> Processing Dependency: libnettle.so.4()(64bit) for package: gnutls-3.3.29-9.el7_6.x86_64\n--> Processing Dependency: libhogweed.so.2()(64bit) for package: gnutls-3.3.29-9.el7_6.x86_64\n---> Package gperftools-libs.x86_64 0:2.6.1-1.el7 will be installed\n---> Package httpd-tools.x86_64 0:2.4.6-97.el7.centos.1 will be installed\n---> Package ipa-client-common.noarch 0:4.6.8-5.el7.centos.9 will be installed\n---> Package java-1.8.0-openjdk-headless.x86_64 1:1.8.0.312.b07-1.el7_9 will be installed\n--> Processing Dependency: tzdata-java >= 2021a for package: 1:java-1.8.0-openjdk-headless-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: copy-jdk-configs >= 3.3 for package: 1:java-1.8.0-openjdk-headless-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: pcsc-lite-libs(x86-64) for package: 1:java-1.8.0-openjdk-headless-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: lksctp-tools(x86-64) for package: 1:java-1.8.0-openjdk-headless-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: libjpeg.so.62(LIBJPEG_6.2)(64bit) for package: 1:java-1.8.0-openjdk-headless-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: jpackage-utils for package: 1:java-1.8.0-openjdk-headless-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: libjpeg.so.62()(64bit) for package: 1:java-1.8.0-openjdk-headless-1.8.0.312.b07-1.el7_9.x86_64\n---> Package krb5-libs.x86_64 0:1.15.1-46.el7 will be updated\n---> Package krb5-libs.x86_64 0:1.15.1-50.el7 will be an update\n---> Package krb5-workstation.x86_64 0:1.15.1-50.el7 will be installed\n---> Package libdhash.x86_64 0:0.5.0-32.el7 will be installed\n---> Package libicu.x86_64 0:50.2-4.el7_7 will be installed\n---> Package libkadm5.x86_64 0:1.15.1-50.el7 will be installed\n---> Package libldb.x86_64 0:1.5.4-2.el7 will be installed\n---> Package libsss_autofs.x86_64 0:1.16.5-10.el7_9.10 will be installed\n---> Package libtdb.x86_64 0:1.3.18-1.el7 will be installed\n---> Package libwbclient.x86_64 0:4.10.16-15.el7_9 will be installed\n---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed\n---> Package ntpdate.x86_64 0:4.2.6p5-29.el7.centos.2 will be installed\n---> Package oddjob-mkhomedir.x86_64 0:0.31.5-4.el7 will be installed\n---> Package openldap.x86_64 0:2.4.44-21.el7_6 will be updated\n---> Package openldap.x86_64 0:2.4.44-24.el7_9 will be an update\n---> Package perl.x86_64 4:5.16.3-299.el7_9 will be installed\n--> Processing Dependency: perl-libs = 4:5.16.3-299.el7_9 for package: 4:perl-5.16.3-299.el7_9.x86_64\n--> Processing Dependency: perl-macros for package: 4:perl-5.16.3-299.el7_9.x86_64\n--> Processing Dependency: perl-libs for package: 4:perl-5.16.3-299.el7_9.x86_64\n--> Processing Dependency: perl(threads::shared) for package: 4:perl-5.16.3-299.el7_9.x86_64\n--> Processing Dependency: perl(threads) for package: 4:perl-5.16.3-299.el7_9.x86_64\n--> Processing Dependency: perl(constant) for package: 4:perl-5.16.3-299.el7_9.x86_64\n--> Processing Dependency: perl(Time::HiRes) for package: 4:perl-5.16.3-299.el7_9.x86_64\n--> Processing Dependency: perl(Storable) for package: 4:perl-5.16.3-299.el7_9.x86_64\n--> Processing Dependency: perl(Pod::Simple::XHTML) for package: 4:perl-5.16.3-299.el7_9.x86_64\n--> Processing Dependency: perl(Pod::Simple::Search) for package: 4:perl-5.16.3-299.el7_9.x86_64\n--> Processing Dependency: perl(Filter::Util::Call) for package: 4:perl-5.16.3-299.el7_9.x86_64\n--> Processing Dependency: libperl.so()(64bit) for package: 4:perl-5.16.3-299.el7_9.x86_64\n---> Package perl-Archive-Tar.noarch 0:1.92-3.el7 will be installed\n--> Processing Dependency: perl(IO::Zlib) >= 1.01 for package: perl-Archive-Tar-1.92-3.el7.noarch\n--> Processing Dependency: perl(Pod::Usage) for package: perl-Archive-Tar-1.92-3.el7.noarch\n--> Processing Dependency: perl(Package::Constants) for package: perl-Archive-Tar-1.92-3.el7.noarch\n--> Processing Dependency: perl(IO::Zlib) for package: perl-Archive-Tar-1.92-3.el7.noarch\n--> Processing Dependency: perl(Data::Dumper) for package: perl-Archive-Tar-1.92-3.el7.noarch\n---> Package perl-Carp.noarch 0:1.26-244.el7 will be installed\n---> Package perl-DB_File.x86_64 0:1.830-6.el7 will be installed\n---> Package perl-Exporter.noarch 0:5.68-3.el7 will be installed\n---> Package perl-File-Path.noarch 0:2.09-2.el7 will be installed\n---> Package perl-File-Temp.noarch 0:0.23.01-3.el7 will be installed\n---> Package perl-Getopt-Long.noarch 0:2.40-3.el7 will be installed\n--> Processing Dependency: perl(Text::ParseWords) for package: perl-Getopt-Long-2.40-3.el7.noarch\n---> Package perl-IO-Compress.noarch 0:2.061-2.el7 will be installed\n--> Processing Dependency: perl(Compress::Raw::Zlib) >= 2.061 for package: perl-IO-Compress-2.061-2.el7.noarch\n--> Processing Dependency: perl(Compress::Raw::Bzip2) >= 2.061 for package: perl-IO-Compress-2.061-2.el7.noarch\n--> Processing Dependency: perl(Encode) for package: perl-IO-Compress-2.061-2.el7.noarch\n---> Package perl-Mozilla-LDAP.x86_64 0:1.5.3-12.el7 will be installed\n---> Package perl-NetAddr-IP.x86_64 0:4.069-3.el7 will be installed\n---> Package perl-PathTools.x86_64 0:3.40-5.el7 will be installed\n---> Package perl-Scalar-List-Utils.x86_64 0:1.27-248.el7 will be installed\n---> Package perl-Socket.x86_64 0:2.010-5.el7 will be installed\n---> Package perl-Time-Local.noarch 0:1.2300-2.el7 will be installed\n---> Package pki-base.noarch 0:10.5.18-17.el7_9 will be installed\n--> Processing Dependency: python2-cryptography for package: pki-base-10.5.18-17.el7_9.noarch\n--> Processing Dependency: python-nss for package: pki-base-10.5.18-17.el7_9.noarch\n---> Package pki-server.noarch 0:10.5.18-17.el7_9 will be installed\n--> Processing Dependency: pki-tools = 10.5.18-17.el7_9 for package: pki-server-10.5.18-17.el7_9.noarch\n--> Processing Dependency: pki-base-java = 10.5.18-17.el7_9 for package: pki-server-10.5.18-17.el7_9.noarch\n--> Processing Dependency: tomcatjss >= 7.2.5-1 for package: pki-server-10.5.18-17.el7_9.noarch\n--> Processing Dependency: tomcat >= 7.0.69 for package: pki-server-10.5.18-17.el7_9.noarch\n--> Processing Dependency: nuxwdog-client-java >= 1.0.5-1 for package: pki-server-10.5.18-17.el7_9.noarch\n--> Processing Dependency: velocity for package: pki-server-10.5.18-17.el7_9.noarch\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package python-augeas.noarch 0:0.5.0-2.el7 will be installed\n--> Processing Dependency: augeas-libs for package: python-augeas-0.5.0-2.el7.noarch\n---> Package python-custodia.noarch 0:0.3.1-4.el7 will be installed\n--> Processing Dependency: python-jwcrypto for package: python-custodia-0.3.1-4.el7.noarch\n---> Package python-dns.noarch 0:1.12.0-4.20150617git465785f.el7 will be installed\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-kdcproxy.noarch 0:0.3.2-3.el7 will be installed\n---> Package python-lxml.x86_64 0:3.2.1-4.el7 will be installed\n--> Processing Dependency: libxslt.so.1(LIBXML2_1.1.9)(64bit) for package: python-lxml-3.2.1-4.el7.x86_64\n--> Processing Dependency: libxslt.so.1(LIBXML2_1.1.26)(64bit) for package: python-lxml-3.2.1-4.el7.x86_64\n--> Processing Dependency: libxslt.so.1(LIBXML2_1.1.2)(64bit) for package: python-lxml-3.2.1-4.el7.x86_64\n--> Processing Dependency: libxslt.so.1(LIBXML2_1.0.24)(64bit) for package: python-lxml-3.2.1-4.el7.x86_64\n--> Processing Dependency: libxslt.so.1(LIBXML2_1.0.22)(64bit) for package: python-lxml-3.2.1-4.el7.x86_64\n--> Processing Dependency: libxslt.so.1(LIBXML2_1.0.18)(64bit) for package: python-lxml-3.2.1-4.el7.x86_64\n--> Processing Dependency: libxslt.so.1(LIBXML2_1.0.11)(64bit) for package: python-lxml-3.2.1-4.el7.x86_64\n--> Processing Dependency: libxslt.so.1()(64bit) for package: python-lxml-3.2.1-4.el7.x86_64\n--> Processing Dependency: libexslt.so.0()(64bit) for package: python-lxml-3.2.1-4.el7.x86_64\n---> Package python-sssdconfig.noarch 0:1.16.5-10.el7_9.10 will be installed\n---> Package python2-ipaclient.noarch 0:4.6.8-5.el7.centos.9 will be installed\n--> Processing Dependency: python2-ipalib = 4.6.8-5.el7.centos.9 for package: python2-ipaclient-4.6.8-5.el7.centos.9.noarch\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n---> Package samba-common.noarch 0:4.10.16-15.el7_9 will be installed\n---> Package samba-common-libs.x86_64 0:4.10.16-15.el7_9 will be installed\n---> Package sssd.x86_64 0:1.16.5-10.el7_9.10 will be installed\n--> Processing Dependency: sssd-proxy = 1.16.5-10.el7_9.10 for package: sssd-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: sssd-ldap = 1.16.5-10.el7_9.10 for package: sssd-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: sssd-krb5 = 1.16.5-10.el7_9.10 for package: sssd-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: sssd-ipa = 1.16.5-10.el7_9.10 for package: sssd-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: sssd-ad = 1.16.5-10.el7_9.10 for package: sssd-1.16.5-10.el7_9.10.x86_64\n---> Package sssd-common.x86_64 0:1.16.5-10.el7_9.10 will be installed\n--> Processing Dependency: sssd-client(x86-64) = 1.16.5-10.el7_9.10 for package: sssd-common-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libsss_sudo(x86-64) = 1.16.5-10.el7_9.10 for package: sssd-common-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libsss_idmap(x86-64) = 1.16.5-10.el7_9.10 for package: sssd-common-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libsss_idmap.so.0(SSS_IDMAP_0.5)(64bit) for package: sssd-common-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libsss_idmap.so.0(SSS_IDMAP_0.4)(64bit) for package: sssd-common-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libsss_idmap.so.0()(64bit) for package: sssd-common-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libhttp_parser_strict.so.2()(64bit) for package: sssd-common-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libcares.so.2()(64bit) for package: sssd-common-1.16.5-10.el7_9.10.x86_64\n---> Package svrcore.x86_64 0:4.1.3-2.el7 will be installed\n---> Package systemd.x86_64 0:219-73.el7_8.5 will be updated\n--> Processing Dependency: systemd = 219-73.el7_8.5 for package: systemd-sysv-219-73.el7_8.5.x86_64\n---> Package systemd.x86_64 0:219-78.el7_9.3 will be an update\n---> Package systemd-libs.x86_64 0:219-73.el7_8.5 will be updated\n---> Package systemd-libs.x86_64 0:219-78.el7_9.3 will be an update\n---> Package words.noarch 0:3.0-22.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Running transaction check\n---> Package GeoIP.x86_64 0:1.5.0-14.el7 will be installed\n--> Processing Dependency: geoipupdate for package: GeoIP-1.5.0-14.el7.x86_64\n---> Package augeas-libs.x86_64 0:1.4.0-10.el7 will be installed\n---> Package bind-libs.x86_64 32:9.11.4-26.P2.el7_9.7 will be installed\n--> Processing Dependency: bind-license = 32:9.11.4-26.P2.el7_9.7 for package: 32:bind-libs-9.11.4-26.P2.el7_9.7.x86_64\n---> Package bind-libs-lite.x86_64 32:9.11.4-26.P2.el7_9.7 will be installed\n---> Package c-ares.x86_64 0:1.10.0-3.el7 will be installed\n---> Package copy-jdk-configs.noarch 0:3.3-10.el7_5 will be installed\n---> Package hesiod.x86_64 0:3.2.1-3.el7 will be installed\n---> Package http-parser.x86_64 0:2.7.1-9.el7 will be installed\n---> Package javapackages-tools.noarch 0:3.4.1-11.el7 will be installed\n--> Processing Dependency: python-javapackages = 3.4.1-11.el7 for package: javapackages-tools-3.4.1-11.el7.noarch\n---> Package libjpeg-turbo.x86_64 0:1.2.90-8.el7 will be installed\n---> Package libsss_idmap.x86_64 0:1.16.5-10.el7_9.10 will be installed\n---> Package libsss_sudo.x86_64 0:1.16.5-10.el7_9.10 will be installed\n---> Package libxslt.x86_64 0:1.1.28-6.el7 will be installed\n---> Package lksctp-tools.x86_64 0:1.0.17-2.el7 will be installed\n---> Package nettle.x86_64 0:2.7.1-9.el7_9 will be installed\n---> Package nuxwdog-client-java.x86_64 0:1.0.5-1.el7 will be installed\n--> Processing Dependency: nuxwdog = 1.0.5-1.el7 for package: nuxwdog-client-java-1.0.5-1.el7.x86_64\n--> Processing Dependency: libnuxwdog.so.0()(64bit) for package: nuxwdog-client-java-1.0.5-1.el7.x86_64\n---> Package pcsc-lite-libs.x86_64 0:1.8.8-8.el7 will be installed\n---> Package perl-Compress-Raw-Bzip2.x86_64 0:2.061-3.el7 will be installed\n---> Package perl-Compress-Raw-Zlib.x86_64 1:2.061-4.el7 will be installed\n---> Package perl-Data-Dumper.x86_64 0:2.145-3.el7 will be installed\n---> Package perl-Encode.x86_64 0:2.51-7.el7 will be installed\n---> Package perl-Filter.x86_64 0:1.49-3.el7 will be installed\n---> Package perl-IO-Zlib.noarch 1:1.10-299.el7_9 will be installed\n---> Package perl-Package-Constants.noarch 1:0.02-299.el7_9 will be installed\n---> Package perl-Pod-Simple.noarch 1:3.28-4.el7 will be installed\n--> Processing Dependency: perl(Pod::Escapes) >= 1.04 for package: 1:perl-Pod-Simple-3.28-4.el7.noarch\n---> Package perl-Pod-Usage.noarch 0:1.63-3.el7 will be installed\n--> Processing Dependency: perl(Pod::Text) >= 3.15 for package: perl-Pod-Usage-1.63-3.el7.noarch\n--> Processing Dependency: perl-Pod-Perldoc for package: perl-Pod-Usage-1.63-3.el7.noarch\n---> Package perl-Storable.x86_64 0:2.45-3.el7 will be installed\n---> Package perl-Text-ParseWords.noarch 0:3.29-4.el7 will be installed\n---> Package perl-Time-HiRes.x86_64 4:1.9725-3.el7 will be installed\n---> Package perl-constant.noarch 0:1.27-2.el7 will be installed\n---> Package perl-libs.x86_64 4:5.16.3-299.el7_9 will be installed\n---> Package perl-macros.x86_64 4:5.16.3-299.el7_9 will be installed\n---> Package perl-threads.x86_64 0:1.87-4.el7 will be installed\n---> Package perl-threads-shared.x86_64 0:1.43-6.el7 will be installed\n---> Package pki-base-java.noarch 0:10.5.18-17.el7_9 will be installed\n--> Processing Dependency: resteasy-base-jaxrs-api >= 3.0.6-1 for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: resteasy-base-jaxrs >= 3.0.6-1 for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: resteasy-base-jaxb-provider >= 3.0.6-1 for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: resteasy-base-jackson-provider >= 3.0.6-1 for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: resteasy-base-client >= 3.0.6-1 for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: resteasy-base-atom-provider >= 3.0.6-1 for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: ldapjdk >= 4.19-5 for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: jss >= 4.4.9-3 for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: xml-commons-resolver for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: xml-commons-apis for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: xerces-j2 for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: xalan-j2 for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: slf4j for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: javassist for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: jakarta-commons-httpclient for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: apache-commons-logging for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: apache-commons-lang for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: apache-commons-io for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: apache-commons-codec for package: pki-base-java-10.5.18-17.el7_9.noarch\n--> Processing Dependency: apache-commons-cli for package: pki-base-java-10.5.18-17.el7_9.noarch\n---> Package pki-tools.x86_64 0:10.5.18-17.el7_9 will be installed\n---> Package python-jwcrypto.noarch 0:0.4.2-1.el7 will be installed\n---> Package python-nss.x86_64 0:0.16.0-3.el7 will be installed\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-ipalib.noarch 0:4.6.8-5.el7.centos.9 will be installed\n--> Processing Dependency: python-yubico >= 1.2.3 for package: python2-ipalib-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: python-qrcode-core >= 5.0.0 for package: python2-ipalib-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: python-netifaces >= 0.10.4 for package: python2-ipalib-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: python-netaddr >= 0.7.5-9 for package: python2-ipalib-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: pyusb for package: python2-ipalib-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: python-sss-murmur for package: python2-ipalib-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: python-pyasn1-modules for package: python2-ipalib-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: python-libipa_hbac for package: python2-ipalib-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: python-dateutil for package: python2-ipalib-4.6.8-5.el7.centos.9.noarch\n---> Package sssd-ad.x86_64 0:1.16.5-10.el7_9.10 will be installed\n--> Processing Dependency: sssd-krb5-common = 1.16.5-10.el7_9.10 for package: sssd-ad-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: sssd-common-pac = 1.16.5-10.el7_9.10 for package: sssd-ad-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit) for package: sssd-ad-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libsmbclient.so.0()(64bit) for package: sssd-ad-1.16.5-10.el7_9.10.x86_64\n---> Package sssd-client.x86_64 0:1.16.5-10.el7_9.10 will be installed\n---> Package sssd-ipa.x86_64 0:1.16.5-10.el7_9.10 will be installed\n--> Processing Dependency: libipa_hbac(x86-64) = 1.16.5-10.el7_9.10 for package: sssd-ipa-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libipa_hbac.so.0(IPA_HBAC_0.1.0)(64bit) for package: sssd-ipa-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libipa_hbac.so.0(IPA_HBAC_0.0.1)(64bit) for package: sssd-ipa-1.16.5-10.el7_9.10.x86_64\n--> Processing Dependency: libipa_hbac.so.0()(64bit) for package: sssd-ipa-1.16.5-10.el7_9.10.x86_64\n---> Package sssd-krb5.x86_64 0:1.16.5-10.el7_9.10 will be installed\n---> Package sssd-ldap.x86_64 0:1.16.5-10.el7_9.10 will be installed\n---> Package sssd-proxy.x86_64 0:1.16.5-10.el7_9.10 will be installed\n---> Package systemd-sysv.x86_64 0:219-73.el7_8.5 will be updated\n---> Package systemd-sysv.x86_64 0:219-78.el7_9.3 will be an update\n---> Package tomcat.noarch 0:7.0.76-16.el7_9 will be installed\n--> Processing Dependency: tomcat-lib = 7.0.76-16.el7_9 for package: tomcat-7.0.76-16.el7_9.noarch\n--> Processing Dependency: java >= 1:1.6.0 for package: tomcat-7.0.76-16.el7_9.noarch\n--> Processing Dependency: apache-commons-pool for package: tomcat-7.0.76-16.el7_9.noarch\n--> Processing Dependency: apache-commons-dbcp for package: tomcat-7.0.76-16.el7_9.noarch\n--> Processing Dependency: apache-commons-daemon for package: tomcat-7.0.76-16.el7_9.noarch\n--> Processing Dependency: apache-commons-collections for package: tomcat-7.0.76-16.el7_9.noarch\n---> Package tomcatjss.noarch 0:7.2.5-1.el7 will be installed\n---> Package trousers.x86_64 0:0.3.14-2.el7 will be installed\n---> Package tzdata-java.noarch 0:2021e-1.el7 will be installed\n---> Package velocity.noarch 0:1.7-10.el7 will be installed\n--> Processing Dependency: servlet3 for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: log4j for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: junit for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: jdom for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: jaxen for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: jakarta-oro for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: hsqldb for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: bcel for package: velocity-1.7-10.el7.noarch\n--> Running transaction check\n---> Package apache-commons-cli.noarch 0:1.2-13.el7 will be installed\n---> Package apache-commons-codec.noarch 0:1.8-7.el7 will be installed\n---> Package apache-commons-collections.noarch 0:3.2.1-22.el7_2 will be installed\n---> Package apache-commons-daemon.x86_64 0:1.0.13-7.el7 will be installed\n---> Package apache-commons-dbcp.noarch 0:1.4-17.el7 will be installed\n--> Processing Dependency: mvn(org.apache.geronimo.specs:geronimo-jta_1.1_spec) for package: apache-commons-dbcp-1.4-17.el7.noarch\n---> Package apache-commons-io.noarch 1:2.4-12.el7 will be installed\n---> Package apache-commons-lang.noarch 0:2.6-15.el7 will be installed\n---> Package apache-commons-logging.noarch 0:1.1.2-7.el7 will be installed\n--> Processing Dependency: mvn(logkit:logkit) for package: apache-commons-logging-1.1.2-7.el7.noarch\n--> Processing Dependency: mvn(avalon-framework:avalon-framework-api) for package: apache-commons-logging-1.1.2-7.el7.noarch\n---> Package apache-commons-pool.noarch 0:1.6-9.el7 will be installed\n---> Package bcel.noarch 0:5.2-18.el7 will be installed\n--> Processing Dependency: mvn(regexp:regexp) for package: bcel-5.2-18.el7.noarch\n---> Package bind-license.noarch 32:9.11.4-26.P2.el7_9.7 will be installed\n---> Package geoipupdate.x86_64 0:2.5.0-1.el7 will be installed\n---> Package hsqldb.noarch 1:1.8.1.3-14.el7 will be installed\n---> Package jakarta-commons-httpclient.noarch 1:3.1-16.el7_0 will be installed\n---> Package jakarta-oro.noarch 0:2.0.8-16.el7 will be installed\n---> Package java-1.8.0-openjdk.x86_64 1:1.8.0.312.b07-1.el7_9 will be installed\n--> Processing Dependency: xorg-x11-fonts-Type1 for package: 1:java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: libasound.so.2(ALSA_0.9.0rc4)(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: libasound.so.2(ALSA_0.9)(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: libXcomposite(x86-64) for package: 1:java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: gtk2(x86-64) for package: 1:java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: fontconfig(x86-64) for package: 1:java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: libgif.so.4()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: libasound.so.2()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: libXtst.so.6()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: libXrender.so.1()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: libXi.so.6()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: libXext.so.6()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.x86_64\n--> Processing Dependency: libX11.so.6()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.x86_64\n---> Package javassist.noarch 0:3.16.1-10.el7 will be installed\n---> Package jaxen.noarch 0:1.1.3-11.el7 will be installed\n--> Processing Dependency: dom4j >= 1.6.1 for package: jaxen-1.1.3-11.el7.noarch\n---> Package jdom.noarch 0:1.1.3-6.el7 will be installed\n---> Package jss.x86_64 0:4.4.9-3.el7 will be installed\n---> Package junit.noarch 0:4.11-8.el7 will be installed\n--> Processing Dependency: osgi(org.hamcrest.core) for package: junit-4.11-8.el7.noarch\n--> Processing Dependency: hamcrest for package: junit-4.11-8.el7.noarch\n---> Package ldapjdk.noarch 0:4.19-5.el7 will be installed\n---> Package libipa_hbac.x86_64 0:1.16.5-10.el7_9.10 will be installed\n---> Package libsmbclient.x86_64 0:4.10.16-15.el7_9 will be installed\n---> Package log4j.noarch 0:1.2.17-16.el7_4 will be installed\n--> Processing Dependency: mvn(org.apache.geronimo.specs:geronimo-jms_1.1_spec) for package: log4j-1.2.17-16.el7_4.noarch\n--> Processing Dependency: mvn(javax.mail:mail) for package: log4j-1.2.17-16.el7_4.noarch\n---> Package nuxwdog.x86_64 0:1.0.5-1.el7 will be installed\n---> Package perl-Pod-Escapes.noarch 1:1.04-299.el7_9 will be installed\n---> Package perl-Pod-Perldoc.noarch 0:3.20-4.el7 will be installed\n--> Processing Dependency: perl(parent) for package: perl-Pod-Perldoc-3.20-4.el7.noarch\n--> Processing Dependency: perl(HTTP::Tiny) for package: perl-Pod-Perldoc-3.20-4.el7.noarch\n---> Package perl-podlators.noarch 0:2.5.1-3.el7 will be installed\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-dateutil.noarch 0:1.5-7.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n---> Package python-javapackages.noarch 0:3.4.1-11.el7 will be installed\n---> Package python-libipa_hbac.x86_64 0:1.16.5-10.el7_9.10 will be installed\n---> Package python-netaddr.noarch 0:0.7.5-9.el7 will be installed\n---> Package python-netifaces.x86_64 0:0.10.4-3.el7 will be installed\n---> Package python-qrcode-core.noarch 0:5.0.1-1.el7 will be installed\n---> Package python-sss-murmur.x86_64 0:1.16.5-10.el7_9.10 will be installed\n---> Package python-yubico.noarch 0:1.2.3-1.el7 will be installed\n---> Package python2-pyasn1-modules.noarch 0:0.1.9-7.el7 will be installed\n---> Package pyusb.noarch 0:1.0.0-0.11.b1.el7 will be installed\n---> Package resteasy-base-atom-provider.noarch 0:3.0.6-4.el7 will be installed\n--> Processing Dependency: mvn(com.sun.xml.bind:jaxb-impl) for package: resteasy-base-atom-provider-3.0.6-4.el7.noarch\n---> Package resteasy-base-client.noarch 0:3.0.6-4.el7 will be installed\n---> Package resteasy-base-jackson-provider.noarch 0:3.0.6-4.el7 will be installed\n--> Processing Dependency: mvn(org.codehaus.jackson:jackson-xc) for package: resteasy-base-jackson-provider-3.0.6-4.el7.noarch\n--> Processing Dependency: mvn(org.codehaus.jackson:jackson-mapper-asl) for package: resteasy-base-jackson-provider-3.0.6-4.el7.noarch\n--> Processing Dependency: mvn(org.codehaus.jackson:jackson-jaxrs) for package: resteasy-base-jackson-provider-3.0.6-4.el7.noarch\n--> Processing Dependency: mvn(org.codehaus.jackson:jackson-core-asl) for package: resteasy-base-jackson-provider-3.0.6-4.el7.noarch\n---> Package resteasy-base-jaxb-provider.noarch 0:3.0.6-4.el7 will be installed\n---> Package resteasy-base-jaxrs.noarch 0:3.0.6-4.el7 will be installed\n--> Processing Dependency: mvn(org.scannotation:scannotation) for package: resteasy-base-jaxrs-3.0.6-4.el7.noarch\n--> Processing Dependency: mvn(org.jboss.spec.javax.annotation:jboss-annotations-api_1.1_spec) for package: resteasy-base-jaxrs-3.0.6-4.el7.noarch\n--> Processing Dependency: mvn(org.apache.httpcomponents:httpclient) for package: resteasy-base-jaxrs-3.0.6-4.el7.noarch\n---> Package resteasy-base-jaxrs-api.noarch 0:3.0.6-4.el7 will be installed\n---> Package slf4j.noarch 0:1.7.4-4.el7_4 will be installed\n--> Processing Dependency: mvn(ch.qos.cal10n:cal10n-api) for package: slf4j-1.7.4-4.el7_4.noarch\n---> Package sssd-common-pac.x86_64 0:1.16.5-10.el7_9.10 will be installed\n---> Package sssd-krb5-common.x86_64 0:1.16.5-10.el7_9.10 will be installed\n---> Package tomcat-lib.noarch 0:7.0.76-16.el7_9 will be installed\n--> Processing Dependency: tomcat-jsp-2.2-api = 7.0.76-16.el7_9 for package: tomcat-lib-7.0.76-16.el7_9.noarch\n--> Processing Dependency: tomcat-el-2.2-api = 7.0.76-16.el7_9 for package: tomcat-lib-7.0.76-16.el7_9.noarch\n--> Processing Dependency: ecj >= 1:4.2.1 for package: tomcat-lib-7.0.76-16.el7_9.noarch\n---> Package tomcat-servlet-3.0-api.noarch 0:7.0.76-16.el7_9 will be installed\n---> Package xalan-j2.noarch 0:2.7.1-23.el7 will be installed\n---> Package xerces-j2.noarch 0:2.11.0-17.el7_0 will be installed\n---> Package xml-commons-apis.noarch 0:1.4.01-16.el7 will be installed\n---> Package xml-commons-resolver.noarch 0:1.2-15.el7 will be installed\n--> Running transaction check\n---> Package alsa-lib.x86_64 0:1.1.8-1.el7 will be installed\n---> Package avalon-framework.noarch 0:4.3-10.el7 will be installed\n---> Package avalon-logkit.noarch 0:2.1-14.el7 will be installed\n---> Package cal10n.noarch 0:0.7.7-4.el7 will be installed\n---> Package dom4j.noarch 0:1.6.1-20.el7 will be installed\n--> Processing Dependency: xpp3 for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: ws-jaxme for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: relaxngDatatype for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: msv-xsdlib for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: msv-msv for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: isorelax for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: bea-stax-api for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: bea-stax for package: dom4j-1.6.1-20.el7.noarch\n---> Package ecj.x86_64 1:4.5.2-3.el7 will be installed\n---> Package fontconfig.x86_64 0:2.13.0-4.3.el7 will be installed\n--> Processing Dependency: dejavu-sans-fonts for package: fontconfig-2.13.0-4.3.el7.x86_64\n---> Package geronimo-jms.noarch 0:1.1.1-19.el7 will be installed\n---> Package geronimo-jta.noarch 0:1.1.1-17.el7 will be installed\n---> Package giflib.x86_64 0:4.1.6-9.el7 will be installed\n--> Processing Dependency: libSM.so.6()(64bit) for package: giflib-4.1.6-9.el7.x86_64\n--> Processing Dependency: libICE.so.6()(64bit) for package: giflib-4.1.6-9.el7.x86_64\n---> Package glassfish-jaxb.noarch 0:2.2.5-6.el7 will be installed\n--> Processing Dependency: xsom for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: txw2 for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: stax-ex for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: rngom for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: jing for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: istack-commons for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: glassfish-jaxb-api for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: glassfish-fastinfoset for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: glassfish-dtd-parser for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: codemodel for package: glassfish-jaxb-2.2.5-6.el7.noarch\n---> Package gtk2.x86_64 0:2.24.31-1.el7 will be installed\n--> Processing Dependency: pango >= 1.20.0-1 for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libtiff >= 3.6.1 for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXrandr >= 1.2.99.4-2 for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: atk >= 1.29.4-2 for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: hicolor-icon-theme for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: gtk-update-icon-cache for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libpangoft2-1.0.so.0()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libpangocairo-1.0.so.0()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libpango-1.0.so.0()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libgdk_pixbuf-2.0.so.0()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libcairo.so.2()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libatk-1.0.so.0()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXrandr.so.2()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXinerama.so.1()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXfixes.so.3()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXdamage.so.1()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXcursor.so.1()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n---> Package hamcrest.noarch 0:1.3-6.el7 will be installed\n--> Processing Dependency: qdox for package: hamcrest-1.3-6.el7.noarch\n--> Processing Dependency: easymock2 for package: hamcrest-1.3-6.el7.noarch\n---> Package httpcomponents-client.noarch 0:4.2.5-5.el7_0 will be installed\n--> Processing Dependency: mvn(org.apache.httpcomponents:httpcore) for package: httpcomponents-client-4.2.5-5.el7_0.noarch\n---> Package jackson.noarch 0:1.9.4-7.el7 will be installed\n--> Processing Dependency: stax2-api >= 3.1.1 for package: jackson-1.9.4-7.el7.noarch\n--> Processing Dependency: objectweb-asm >= 3.3 for package: jackson-1.9.4-7.el7.noarch\n--> Processing Dependency: jsr-311 >= 1.1.1 for package: jackson-1.9.4-7.el7.noarch\n--> Processing Dependency: joda-time >= 1.6.2 for package: jackson-1.9.4-7.el7.noarch\n---> Package javamail.noarch 0:1.4.6-8.el7 will be installed\n---> Package jboss-annotations-1.1-api.noarch 0:1.0.1-0.6.20120212git76e1a2.el7 will be installed\n---> Package libX11.x86_64 0:1.6.7-4.el7_9 will be installed\n--> Processing Dependency: libX11-common >= 1.6.7-4.el7_9 for package: libX11-1.6.7-4.el7_9.x86_64\n--> Processing Dependency: libxcb.so.1()(64bit) for package: libX11-1.6.7-4.el7_9.x86_64\n---> Package libXcomposite.x86_64 0:0.4.4-4.1.el7 will be installed\n---> Package libXext.x86_64 0:1.3.3-3.el7 will be installed\n---> Package libXi.x86_64 0:1.7.9-1.el7 will be installed\n---> Package libXrender.x86_64 0:0.9.10-1.el7 will be installed\n---> Package libXtst.x86_64 0:1.2.3-1.el7 will be installed\n---> Package perl-HTTP-Tiny.noarch 0:0.033-3.el7 will be installed\n---> Package perl-parent.noarch 1:0.225-244.el7 will be installed\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n---> Package regexp.noarch 0:1.5-13.el7 will be installed\n---> Package scannotation.noarch 0:1.0.3-0.7.r12.el7 will be installed\n---> Package tomcat-el-2.2-api.noarch 0:7.0.76-16.el7_9 will be installed\n---> Package tomcat-jsp-2.2-api.noarch 0:7.0.76-16.el7_9 will be installed\n---> Package xorg-x11-fonts-Type1.noarch 0:7.5-9.el7 will be installed\n--> Processing Dependency: ttmkfdir for package: xorg-x11-fonts-Type1-7.5-9.el7.noarch\n--> Processing Dependency: ttmkfdir for package: xorg-x11-fonts-Type1-7.5-9.el7.noarch\n--> Processing Dependency: mkfontdir for package: xorg-x11-fonts-Type1-7.5-9.el7.noarch\n--> Processing Dependency: mkfontdir for package: xorg-x11-fonts-Type1-7.5-9.el7.noarch\n--> Running transaction check\n---> Package atk.x86_64 0:2.28.1-2.el7 will be installed\n---> Package bea-stax.noarch 0:1.2.0-9.el7 will be installed\n---> Package bea-stax-api.noarch 0:1.2.0-9.el7 will be installed\n---> Package cairo.x86_64 0:1.15.12-4.el7 will be installed\n--> Processing Dependency: libpixman-1.so.0()(64bit) for package: cairo-1.15.12-4.el7.x86_64\n--> Processing Dependency: libGL.so.1()(64bit) for package: cairo-1.15.12-4.el7.x86_64\n--> Processing Dependency: libEGL.so.1()(64bit) for package: cairo-1.15.12-4.el7.x86_64\n---> Package codemodel.noarch 0:2.6-9.el7 will be installed\n--> Processing Dependency: jvnet-parent for package: codemodel-2.6-9.el7.noarch\n---> Package dejavu-sans-fonts.noarch 0:2.33-6.el7 will be installed\n--> Processing Dependency: dejavu-fonts-common = 2.33-6.el7 for package: dejavu-sans-fonts-2.33-6.el7.noarch\n---> Package easymock2.noarch 0:2.5.2-12.el7 will be installed\n---> Package gdk-pixbuf2.x86_64 0:2.36.12-3.el7 will be installed\n--> Processing Dependency: libjasper.so.1()(64bit) for package: gdk-pixbuf2-2.36.12-3.el7.x86_64\n---> Package glassfish-dtd-parser.noarch 0:1.2-0.8.20120120svn.el7 will be installed\n---> Package glassfish-fastinfoset.noarch 0:1.2.12-9.el7 will be installed\n---> Package glassfish-jaxb-api.noarch 0:2.2.7-4.el7 will be installed\n---> Package gtk-update-icon-cache.x86_64 0:3.22.30-6.el7 will be installed\n---> Package hicolor-icon-theme.noarch 0:0.12-7.el7 will be installed\n---> Package httpcomponents-core.noarch 0:4.2.4-6.el7 will be installed\n---> Package isorelax.noarch 1:0-0.15.release20050331.el7 will be installed\n---> Package istack-commons.noarch 0:2.17-4.el7 will be installed\n---> Package jing.noarch 0:20091111-14.el7 will be installed\n---> Package joda-time.noarch 0:2.2-3.tzdata2013c.el7 will be installed\n--> Processing Dependency: mvn(org.joda:joda-convert) for package: joda-time-2.2-3.tzdata2013c.el7.noarch\n---> Package jsr-311.noarch 0:1.1.1-6.el7 will be installed\n---> Package libICE.x86_64 0:1.0.9-9.el7 will be installed\n---> Package libSM.x86_64 0:1.2.2-2.el7 will be installed\n---> Package libX11-common.noarch 0:1.6.7-4.el7_9 will be installed\n---> Package libXcursor.x86_64 0:1.1.15-1.el7 will be installed\n---> Package libXdamage.x86_64 0:1.1.4-4.1.el7 will be installed\n---> Package libXfixes.x86_64 0:5.0.3-1.el7 will be installed\n---> Package libXinerama.x86_64 0:1.1.3-2.1.el7 will be installed\n---> Package libXrandr.x86_64 0:1.5.1-2.el7 will be installed\n---> Package libtiff.x86_64 0:4.0.3-35.el7 will be installed\n--> Processing Dependency: libjbig.so.2.0()(64bit) for package: libtiff-4.0.3-35.el7.x86_64\n---> Package libxcb.x86_64 0:1.13-1.el7 will be installed\n--> Processing Dependency: libXau.so.6()(64bit) for package: libxcb-1.13-1.el7.x86_64\n---> Package msv-msv.noarch 1:2013.5.1-7.el7 will be installed\n---> Package msv-xsdlib.noarch 1:2013.5.1-7.el7 will be installed\n---> Package objectweb-asm.noarch 0:3.3.1-9.el7 will be installed\n---> Package pango.x86_64 0:1.42.4-4.el7_7 will be installed\n--> Processing Dependency: libthai(x86-64) >= 0.1.9 for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libXft(x86-64) >= 2.0.0 for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: harfbuzz(x86-64) >= 1.4.2 for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: fribidi(x86-64) >= 1.0 for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libthai.so.0(LIBTHAI_0.1)(64bit) for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libthai.so.0()(64bit) for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libharfbuzz.so.0()(64bit) for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libfribidi.so.0()(64bit) for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libXft.so.2()(64bit) for package: pango-1.42.4-4.el7_7.x86_64\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n---> Package qdox.noarch 0:1.12.1-10.el7 will be installed\n---> Package relaxngDatatype.noarch 0:1.0-11.el7 will be installed\n---> Package rngom.noarch 0:201103-0.8.20120119svn.el7 will be installed\n---> Package stax-ex.noarch 0:1.7.1-6.el7 will be installed\n---> Package stax2-api.noarch 0:3.1.1-10.el7 will be installed\n---> Package ttmkfdir.x86_64 0:3.0.9-42.el7 will be installed\n---> Package txw2.noarch 0:20110809-8.el7 will be installed\n--> Processing Dependency: args4j for package: txw2-20110809-8.el7.noarch\n---> Package ws-jaxme.noarch 0:0.5.2-10.el7 will be installed\n--> Processing Dependency: antlr for package: ws-jaxme-0.5.2-10.el7.noarch\n---> Package xorg-x11-font-utils.x86_64 1:7.5-21.el7 will be installed\n--> Processing Dependency: libfontenc.so.1()(64bit) for package: 1:xorg-x11-font-utils-7.5-21.el7.x86_64\n---> Package xpp3.noarch 0:1.1.3.8-11.el7 will be installed\n---> Package xsom.noarch 0:0-10.20110809svn.el7 will be installed\n--> Running transaction check\n---> Package antlr-tool.noarch 0:2.7.7-30.el7 will be installed\n---> Package args4j.noarch 0:2.0.16-13.el7 will be installed\n---> Package dejavu-fonts-common.noarch 0:2.33-6.el7 will be installed\n---> Package fribidi.x86_64 0:1.0.2-1.el7_7.1 will be installed\n---> Package harfbuzz.x86_64 0:1.7.5-2.el7 will be installed\n--> Processing Dependency: libgraphite2.so.3()(64bit) for package: harfbuzz-1.7.5-2.el7.x86_64\n---> Package jasper-libs.x86_64 0:1.900.1-33.el7 will be installed\n---> Package jbigkit-libs.x86_64 0:2.0-11.el7 will be installed\n---> Package joda-convert.noarch 0:1.3-5.el7 will be installed\n---> Package jvnet-parent.noarch 0:4-2.el7 will be installed\n---> Package libXau.x86_64 0:1.0.8-2.1.el7 will be installed\n---> Package libXft.x86_64 0:2.3.2-2.el7 will be installed\n---> Package libfontenc.x86_64 0:1.1.3-3.el7 will be installed\n---> Package libglvnd-egl.x86_64 1:1.0.1-0.8.git5baa1e5.el7 will be installed\n--> Processing Dependency: libglvnd(x86-64) = 1:1.0.1-0.8.git5baa1e5.el7 for package: 1:libglvnd-egl-1.0.1-0.8.git5baa1e5.el7.x86_64\n--> Processing Dependency: mesa-libEGL(x86-64) >= 13.0.4-1 for package: 1:libglvnd-egl-1.0.1-0.8.git5baa1e5.el7.x86_64\n--> Processing Dependency: libGLdispatch.so.0()(64bit) for package: 1:libglvnd-egl-1.0.1-0.8.git5baa1e5.el7.x86_64\n---> Package libglvnd-glx.x86_64 1:1.0.1-0.8.git5baa1e5.el7 will be installed\n--> Processing Dependency: mesa-libGL(x86-64) >= 13.0.4-1 for package: 1:libglvnd-glx-1.0.1-0.8.git5baa1e5.el7.x86_64\n---> Package libthai.x86_64 0:0.1.14-9.el7 will be installed\n---> Package pixman.x86_64 0:0.34.0-1.el7 will be installed\n--> Running transaction check\n---> Package graphite2.x86_64 0:1.3.10-1.el7_3 will be installed\n---> Package libglvnd.x86_64 1:1.0.1-0.8.git5baa1e5.el7 will be installed\n---> Package mesa-libEGL.x86_64 0:18.3.4-12.el7_9 will be installed\n--> Processing Dependency: mesa-libgbm = 18.3.4-12.el7_9 for package: mesa-libEGL-18.3.4-12.el7_9.x86_64\n--> Processing Dependency: libxshmfence.so.1()(64bit) for package: mesa-libEGL-18.3.4-12.el7_9.x86_64\n--> Processing Dependency: libwayland-server.so.0()(64bit) for package: mesa-libEGL-18.3.4-12.el7_9.x86_64\n--> Processing Dependency: libwayland-client.so.0()(64bit) for package: mesa-libEGL-18.3.4-12.el7_9.x86_64\n--> Processing Dependency: libglapi.so.0()(64bit) for package: mesa-libEGL-18.3.4-12.el7_9.x86_64\n--> Processing Dependency: libgbm.so.1()(64bit) for package: mesa-libEGL-18.3.4-12.el7_9.x86_64\n--> Processing Dependency: libdrm.so.2()(64bit) for package: mesa-libEGL-18.3.4-12.el7_9.x86_64\n---> Package mesa-libGL.x86_64 0:18.3.4-12.el7_9 will be installed\n--> Processing Dependency: libXxf86vm.so.1()(64bit) for package: mesa-libGL-18.3.4-12.el7_9.x86_64\n--> Running transaction check\n---> Package libXxf86vm.x86_64 0:1.1.4-1.el7 will be installed\n---> Package libdrm.x86_64 0:2.4.97-2.el7 will be installed\n--> Processing Dependency: libpciaccess.so.0()(64bit) for package: libdrm-2.4.97-2.el7.x86_64\n---> Package libwayland-client.x86_64 0:1.15.0-1.el7 will be installed\n---> Package libwayland-server.x86_64 0:1.15.0-1.el7 will be installed\n---> Package libxshmfence.x86_64 0:1.2-1.el7 will be installed\n---> Package mesa-libgbm.x86_64 0:18.3.4-12.el7_9 will be installed\n---> Package mesa-libglapi.x86_64 0:18.3.4-12.el7_9 will be installed\n--> Running transaction check\n---> Package libpciaccess.x86_64 0:0.14-1.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n ipa-server x86_64 4.6.8-5.el7.centos.9 updates 533 k\nInstalling for dependencies:\n 389-ds-base x86_64 1.3.10.2-13.el7_9 updates 1.7 M\n 389-ds-base-libs x86_64 1.3.10.2-13.el7_9 updates 715 k\n GeoIP x86_64 1.5.0-14.el7 base 1.5 M\n alsa-lib x86_64 1.1.8-1.el7 base 425 k\n antlr-tool noarch 2.7.7-30.el7 base 357 k\n apache-commons-cli noarch 1.2-13.el7 base 50 k\n apache-commons-codec noarch 1.8-7.el7 base 223 k\n apache-commons-collections noarch 3.2.1-22.el7_2 base 509 k\n apache-commons-daemon x86_64 1.0.13-7.el7 base 54 k\n apache-commons-dbcp noarch 1.4-17.el7 base 167 k\n apache-commons-io noarch 1:2.4-12.el7 base 189 k\n apache-commons-lang noarch 2.6-15.el7 base 276 k\n apache-commons-logging noarch 1.1.2-7.el7 base 78 k\n apache-commons-pool noarch 1.6-9.el7 base 113 k\n apr x86_64 1.4.8-7.el7 base 104 k\n apr-util x86_64 1.5.2-6.el7 base 92 k\n apr-util-openssl x86_64 1.5.2-6.el7 base 20 k\n args4j noarch 2.0.16-13.el7 base 70 k\n atk x86_64 2.28.1-2.el7 base 263 k\n augeas-libs x86_64 1.4.0-10.el7 base 357 k\n autofs x86_64 1:5.0.7-116.el7_9 updates 834 k\n autogen-libopts x86_64 5.18-5.el7 base 66 k\n avahi-libs x86_64 0.6.31-20.el7 base 62 k\n avalon-framework noarch 4.3-10.el7 base 88 k\n avalon-logkit noarch 2.1-14.el7 base 87 k\n bcel noarch 5.2-18.el7 base 469 k\n bea-stax noarch 1.2.0-9.el7 base 176 k\n bea-stax-api noarch 1.2.0-9.el7 base 31 k\n bind-libs x86_64 32:9.11.4-26.P2.el7_9.7 updates 157 k\n bind-libs-lite x86_64 32:9.11.4-26.P2.el7_9.7 updates 1.1 M\n bind-license noarch 32:9.11.4-26.P2.el7_9.7 updates 91 k\n bind-utils x86_64 32:9.11.4-26.P2.el7_9.7 updates 261 k\n c-ares x86_64 1.10.0-3.el7 base 78 k\n cairo x86_64 1.15.12-4.el7 base 741 k\n cal10n noarch 0.7.7-4.el7 base 36 k\n centos-logos noarch 70.0.6-3.el7.centos base 21 M\n certmonger x86_64 0.78.4-16.el7_9 updates 604 k\n codemodel noarch 2.6-9.el7 base 164 k\n copy-jdk-configs noarch 3.3-10.el7_5 base 21 k\n cups-libs x86_64 1:1.6.3-51.el7 base 359 k\n custodia noarch 0.3.1-4.el7 base 24 k\n cyrus-sasl-gssapi x86_64 2.1.26-23.el7 base 41 k\n cyrus-sasl-md5 x86_64 2.1.26-23.el7 base 57 k\n cyrus-sasl-plain x86_64 2.1.26-23.el7 base 39 k\n dejavu-fonts-common noarch 2.33-6.el7 base 64 k\n dejavu-sans-fonts noarch 2.33-6.el7 base 1.4 M\n dom4j noarch 1.6.1-20.el7 base 277 k\n easymock2 noarch 2.5.2-12.el7 base 92 k\n ecj x86_64 1:4.5.2-3.el7 base 1.9 M\n fontawesome-fonts noarch 4.1.0-2.el7 base 137 k\n fontconfig x86_64 2.13.0-4.3.el7 base 254 k\n fontpackages-filesystem noarch 1.44-8.el7 base 9.9 k\n fribidi x86_64 1.0.2-1.el7_7.1 base 79 k\n gdk-pixbuf2 x86_64 2.36.12-3.el7 base 570 k\n geoipupdate x86_64 2.5.0-1.el7 base 35 k\n geronimo-jms noarch 1.1.1-19.el7 base 31 k\n geronimo-jta noarch 1.1.1-17.el7 base 20 k\n giflib x86_64 4.1.6-9.el7 base 40 k\n glassfish-dtd-parser noarch 1.2-0.8.20120120svn.el7 base 70 k\n glassfish-fastinfoset noarch 1.2.12-9.el7 base 272 k\n glassfish-jaxb noarch 2.2.5-6.el7 base 1.8 M\n glassfish-jaxb-api noarch 2.2.7-4.el7 base 92 k\n gnutls x86_64 3.3.29-9.el7_6 base 680 k\n gperftools-libs x86_64 2.6.1-1.el7 base 272 k\n graphite2 x86_64 1.3.10-1.el7_3 base 115 k\n gtk-update-icon-cache x86_64 3.22.30-6.el7 updates 27 k\n gtk2 x86_64 2.24.31-1.el7 base 3.4 M\n hamcrest noarch 1.3-6.el7 base 124 k\n harfbuzz x86_64 1.7.5-2.el7 base 267 k\n hesiod x86_64 3.2.1-3.el7 base 30 k\n hicolor-icon-theme noarch 0.12-7.el7 base 42 k\n hsqldb noarch 1:1.8.1.3-14.el7 base 950 k\n http-parser x86_64 2.7.1-9.el7 base 29 k\n httpcomponents-client noarch 4.2.5-5.el7_0 base 425 k\n httpcomponents-core noarch 4.2.4-6.el7 base 466 k\n httpd x86_64 2.4.6-97.el7.centos.1 updates 2.7 M\n httpd-tools x86_64 2.4.6-97.el7.centos.1 updates 93 k\n ipa-client x86_64 4.6.8-5.el7.centos.9 updates 290 k\n ipa-client-common noarch 4.6.8-5.el7.centos.9 updates 196 k\n ipa-common noarch 4.6.8-5.el7.centos.9 updates 622 k\n ipa-server-common noarch 4.6.8-5.el7.centos.9 updates 712 k\n isorelax noarch 1:0-0.15.release20050331.el7 base 75 k\n istack-commons noarch 2.17-4.el7 base 100 k\n jackson noarch 1.9.4-7.el7 base 1.0 M\n jakarta-commons-httpclient noarch 1:3.1-16.el7_0 base 241 k\n jakarta-oro noarch 2.0.8-16.el7 base 78 k\n jasper-libs x86_64 1.900.1-33.el7 base 150 k\n java-1.8.0-openjdk x86_64 1:1.8.0.312.b07-1.el7_9 updates 313 k\n java-1.8.0-openjdk-headless x86_64 1:1.8.0.312.b07-1.el7_9 updates 33 M\n javamail noarch 1.4.6-8.el7 base 758 k\n javapackages-tools noarch 3.4.1-11.el7 base 73 k\n javassist noarch 3.16.1-10.el7 base 627 k\n jaxen noarch 1.1.3-11.el7 base 204 k\n jbigkit-libs x86_64 2.0-11.el7 base 46 k\n jboss-annotations-1.1-api noarch 1.0.1-0.6.20120212git76e1a2.el7\n base 20 k\n jdom noarch 1.1.3-6.el7 base 174 k\n jing noarch 20091111-14.el7 base 611 k\n joda-convert noarch 1.3-5.el7 base 46 k\n joda-time noarch 2.2-3.tzdata2013c.el7 base 484 k\n jsr-311 noarch 1.1.1-6.el7 base 45 k\n jss x86_64 4.4.9-3.el7 base 1.1 M\n junit noarch 4.11-8.el7 base 261 k\n jvnet-parent noarch 4-2.el7 base 10 k\n krb5-pkinit x86_64 1.15.1-50.el7 base 166 k\n krb5-server x86_64 1.15.1-50.el7 base 1.0 M\n krb5-workstation x86_64 1.15.1-50.el7 base 820 k\n ldapjdk noarch 4.19-5.el7 base 317 k\n libICE x86_64 1.0.9-9.el7 base 66 k\n libSM x86_64 1.2.2-2.el7 base 39 k\n libX11 x86_64 1.6.7-4.el7_9 updates 607 k\n libX11-common noarch 1.6.7-4.el7_9 updates 164 k\n libXau x86_64 1.0.8-2.1.el7 base 29 k\n libXcomposite x86_64 0.4.4-4.1.el7 base 22 k\n libXcursor x86_64 1.1.15-1.el7 base 30 k\n libXdamage x86_64 1.1.4-4.1.el7 base 20 k\n libXext x86_64 1.3.3-3.el7 base 39 k\n libXfixes x86_64 5.0.3-1.el7 base 18 k\n libXft x86_64 2.3.2-2.el7 base 58 k\n libXi x86_64 1.7.9-1.el7 base 40 k\n libXinerama x86_64 1.1.3-2.1.el7 base 14 k\n libXrandr x86_64 1.5.1-2.el7 base 27 k\n libXrender x86_64 0.9.10-1.el7 base 26 k\n libXtst x86_64 1.2.3-1.el7 base 20 k\n libXxf86vm x86_64 1.1.4-1.el7 base 18 k\n libdhash x86_64 0.5.0-32.el7 base 29 k\n libdrm x86_64 2.4.97-2.el7 base 151 k\n libfontenc x86_64 1.1.3-3.el7 base 31 k\n libglvnd x86_64 1:1.0.1-0.8.git5baa1e5.el7 base 89 k\n libglvnd-egl x86_64 1:1.0.1-0.8.git5baa1e5.el7 base 44 k\n libglvnd-glx x86_64 1:1.0.1-0.8.git5baa1e5.el7 base 125 k\n libicu x86_64 50.2-4.el7_7 base 6.9 M\n libipa_hbac x86_64 1.16.5-10.el7_9.10 updates 157 k\n libjpeg-turbo x86_64 1.2.90-8.el7 base 135 k\n libkadm5 x86_64 1.15.1-50.el7 base 179 k\n libldb x86_64 1.5.4-2.el7 updates 149 k\n libpciaccess x86_64 0.14-1.el7 base 26 k\n libsmbclient x86_64 4.10.16-15.el7_9 updates 145 k\n libsss_autofs x86_64 1.16.5-10.el7_9.10 updates 159 k\n libsss_certmap x86_64 1.16.5-10.el7_9.10 updates 190 k\n libsss_idmap x86_64 1.16.5-10.el7_9.10 updates 162 k\n libsss_nss_idmap x86_64 1.16.5-10.el7_9.10 updates 168 k\n libsss_sudo x86_64 1.16.5-10.el7_9.10 updates 157 k\n libtalloc x86_64 2.1.16-1.el7 base 33 k\n libtdb x86_64 1.3.18-1.el7 base 49 k\n libtevent x86_64 0.9.39-1.el7 base 41 k\n libthai x86_64 0.1.14-9.el7 base 187 k\n libtiff x86_64 4.0.3-35.el7 base 172 k\n libwayland-client x86_64 1.15.0-1.el7 base 33 k\n libwayland-server x86_64 1.15.0-1.el7 base 39 k\n libwbclient x86_64 4.10.16-15.el7_9 updates 116 k\n libxcb x86_64 1.13-1.el7 base 214 k\n libxshmfence x86_64 1.2-1.el7 base 7.2 k\n libxslt x86_64 1.1.28-6.el7 base 242 k\n lksctp-tools x86_64 1.0.17-2.el7 base 88 k\n log4j noarch 1.2.17-16.el7_4 base 444 k\n mailcap noarch 2.1.41-2.el7 base 31 k\n mesa-libEGL x86_64 18.3.4-12.el7_9 updates 110 k\n mesa-libGL x86_64 18.3.4-12.el7_9 updates 166 k\n mesa-libgbm x86_64 18.3.4-12.el7_9 updates 39 k\n mesa-libglapi x86_64 18.3.4-12.el7_9 updates 46 k\n mod_auth_gssapi x86_64 1.5.1-7.el7 base 67 k\n mod_lookup_identity x86_64 1.0.0-1.el7 base 24 k\n mod_nss x86_64 1.0.14-12.el7 base 113 k\n mod_session x86_64 2.4.6-97.el7.centos.1 updates 63 k\n mod_wsgi x86_64 3.4-18.el7 base 77 k\n msv-msv noarch 1:2013.5.1-7.el7 base 3.7 M\n msv-xsdlib noarch 1:2013.5.1-7.el7 base 1.1 M\n nettle x86_64 2.7.1-9.el7_9 updates 328 k\n ntp x86_64 4.2.6p5-29.el7.centos.2 base 549 k\n ntpdate x86_64 4.2.6p5-29.el7.centos.2 base 87 k\n nuxwdog x86_64 1.0.5-1.el7 base 46 k\n nuxwdog-client-java x86_64 1.0.5-1.el7 base 12 k\n objectweb-asm noarch 3.3.1-9.el7 base 197 k\n oddjob x86_64 0.31.5-4.el7 base 69 k\n oddjob-mkhomedir x86_64 0.31.5-4.el7 base 38 k\n open-sans-fonts noarch 1.10-1.el7 base 475 k\n openldap-clients x86_64 2.4.44-24.el7_9 updates 191 k\n pango x86_64 1.42.4-4.el7_7 base 280 k\n pcsc-lite-libs x86_64 1.8.8-8.el7 base 34 k\n perl x86_64 4:5.16.3-299.el7_9 updates 8.0 M\n perl-Archive-Tar noarch 1.92-3.el7 base 73 k\n perl-Carp noarch 1.26-244.el7 base 19 k\n perl-Compress-Raw-Bzip2 x86_64 2.061-3.el7 base 32 k\n perl-Compress-Raw-Zlib x86_64 1:2.061-4.el7 base 57 k\n perl-DB_File x86_64 1.830-6.el7 base 74 k\n perl-Data-Dumper x86_64 2.145-3.el7 base 47 k\n perl-Encode x86_64 2.51-7.el7 base 1.5 M\n perl-Exporter noarch 5.68-3.el7 base 28 k\n perl-File-Path noarch 2.09-2.el7 base 26 k\n perl-File-Temp noarch 0.23.01-3.el7 base 56 k\n perl-Filter x86_64 1.49-3.el7 base 76 k\n perl-Getopt-Long noarch 2.40-3.el7 base 56 k\n perl-HTTP-Tiny noarch 0.033-3.el7 base 38 k\n perl-IO-Compress noarch 2.061-2.el7 base 260 k\n perl-IO-Zlib noarch 1:1.10-299.el7_9 updates 52 k\n perl-Mozilla-LDAP x86_64 1.5.3-12.el7 base 147 k\n perl-NetAddr-IP x86_64 4.069-3.el7 base 125 k\n perl-Package-Constants noarch 1:0.02-299.el7_9 updates 46 k\n perl-PathTools x86_64 3.40-5.el7 base 82 k\n perl-Pod-Escapes noarch 1:1.04-299.el7_9 updates 52 k\n perl-Pod-Perldoc noarch 3.20-4.el7 base 87 k\n perl-Pod-Simple noarch 1:3.28-4.el7 base 216 k\n perl-Pod-Usage noarch 1.63-3.el7 base 27 k\n perl-Scalar-List-Utils x86_64 1.27-248.el7 base 36 k\n perl-Socket x86_64 2.010-5.el7 base 49 k\n perl-Storable x86_64 2.45-3.el7 base 77 k\n perl-Text-ParseWords noarch 3.29-4.el7 base 14 k\n perl-Time-HiRes x86_64 4:1.9725-3.el7 base 45 k\n perl-Time-Local noarch 1.2300-2.el7 base 24 k\n perl-constant noarch 1.27-2.el7 base 19 k\n perl-libs x86_64 4:5.16.3-299.el7_9 updates 690 k\n perl-macros x86_64 4:5.16.3-299.el7_9 updates 44 k\n perl-parent noarch 1:0.225-244.el7 base 12 k\n perl-podlators noarch 2.5.1-3.el7 base 112 k\n perl-threads x86_64 1.87-4.el7 base 49 k\n perl-threads-shared x86_64 1.43-6.el7 base 39 k\n pixman x86_64 0.34.0-1.el7 base 248 k\n pki-base noarch 10.5.18-17.el7_9 updates 432 k\n pki-base-java noarch 10.5.18-17.el7_9 updates 1.2 M\n pki-ca noarch 10.5.18-17.el7_9 updates 490 k\n pki-kra noarch 10.5.18-17.el7_9 updates 311 k\n pki-server noarch 10.5.18-17.el7_9 updates 2.9 M\n pki-tools x86_64 10.5.18-17.el7_9 updates 771 k\n psmisc x86_64 22.20-17.el7 base 141 k\n python-augeas noarch 0.5.0-2.el7 base 25 k\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-custodia noarch 0.3.1-4.el7 base 115 k\n python-dateutil noarch 1.5-7.el7 base 85 k\n python-dns noarch 1.12.0-4.20150617git465785f.el7\n base 233 k\n python-enum34 noarch 1.0.4-1.el7 base 52 k\n python-gssapi x86_64 1.2.0-3.el7 base 322 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-javapackages noarch 3.4.1-11.el7 base 31 k\n python-jwcrypto noarch 0.4.2-1.el7 base 57 k\n python-kdcproxy noarch 0.3.2-3.el7 base 28 k\n python-ldap x86_64 2.4.15-2.el7 base 159 k\n python-libipa_hbac x86_64 1.16.5-10.el7_9.10 updates 150 k\n python-lxml x86_64 3.2.1-4.el7 base 758 k\n python-netaddr noarch 0.7.5-9.el7 base 983 k\n python-netifaces x86_64 0.10.4-3.el7 base 17 k\n python-nss x86_64 0.16.0-3.el7 base 266 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n python-qrcode-core noarch 5.0.1-1.el7 base 40 k\n python-sss-murmur x86_64 1.16.5-10.el7_9.10 updates 140 k\n python-sssdconfig noarch 1.16.5-10.el7_9.10 updates 180 k\n python-yubico noarch 1.2.3-1.el7 base 47 k\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-ipaclient noarch 4.6.8-5.el7.centos.9 updates 705 k\n python2-ipalib noarch 4.6.8-5.el7.centos.9 updates 687 k\n python2-ipaserver noarch 4.6.8-5.el7.centos.9 updates 1.5 M\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\n python2-pyasn1-modules noarch 0.1.9-7.el7 base 59 k\n pyusb noarch 1.0.0-0.11.b1.el7 base 66 k\n qdox noarch 1.12.1-10.el7 base 170 k\n regexp noarch 1.5-13.el7 base 47 k\n relaxngDatatype noarch 1.0-11.el7 base 15 k\n resteasy-base-atom-provider noarch 3.0.6-4.el7 base 41 k\n resteasy-base-client noarch 3.0.6-4.el7 base 125 k\n resteasy-base-jackson-provider\n noarch 3.0.6-4.el7 base 13 k\n resteasy-base-jaxb-provider noarch 3.0.6-4.el7 base 65 k\n resteasy-base-jaxrs noarch 3.0.6-4.el7 base 728 k\n resteasy-base-jaxrs-api noarch 3.0.6-4.el7 base 96 k\n rngom noarch 201103-0.8.20120119svn.el7 base 266 k\n samba-client-libs x86_64 4.10.16-15.el7_9 updates 5.0 M\n samba-common noarch 4.10.16-15.el7_9 updates 215 k\n samba-common-libs x86_64 4.10.16-15.el7_9 updates 182 k\n scannotation noarch 1.0.3-0.7.r12.el7 base 23 k\n slapi-nis x86_64 0.56.5-3.el7_9 updates 149 k\n slf4j noarch 1.7.4-4.el7_4 base 170 k\n softhsm x86_64 2.1.0-3.el7 base 291 k\n sssd x86_64 1.16.5-10.el7_9.10 updates 149 k\n sssd-ad x86_64 1.16.5-10.el7_9.10 updates 303 k\n sssd-client x86_64 1.16.5-10.el7_9.10 updates 228 k\n sssd-common x86_64 1.16.5-10.el7_9.10 updates 1.5 M\n sssd-common-pac x86_64 1.16.5-10.el7_9.10 updates 222 k\n sssd-dbus x86_64 1.16.5-10.el7_9.10 updates 260 k\n sssd-ipa x86_64 1.16.5-10.el7_9.10 updates 385 k\n sssd-krb5 x86_64 1.16.5-10.el7_9.10 updates 191 k\n sssd-krb5-common x86_64 1.16.5-10.el7_9.10 updates 225 k\n sssd-ldap x86_64 1.16.5-10.el7_9.10 updates 285 k\n sssd-proxy x86_64 1.16.5-10.el7_9.10 updates 184 k\n stax-ex noarch 1.7.1-6.el7 base 33 k\n stax2-api noarch 3.1.1-10.el7 base 165 k\n svrcore x86_64 4.1.3-2.el7 base 19 k\n systemd-python x86_64 219-78.el7_9.3 updates 145 k\n tomcat noarch 7.0.76-16.el7_9 updates 93 k\n tomcat-el-2.2-api noarch 7.0.76-16.el7_9 updates 83 k\n tomcat-jsp-2.2-api noarch 7.0.76-16.el7_9 updates 96 k\n tomcat-lib noarch 7.0.76-16.el7_9 updates 3.9 M\n tomcat-servlet-3.0-api noarch 7.0.76-16.el7_9 updates 214 k\n tomcatjss noarch 7.2.5-1.el7 base 39 k\n trousers x86_64 0.3.14-2.el7 base 289 k\n ttmkfdir x86_64 3.0.9-42.el7 base 48 k\n txw2 noarch 20110809-8.el7 base 134 k\n tzdata-java noarch 2021e-1.el7 updates 190 k\n velocity noarch 1.7-10.el7 base 414 k\n words noarch 3.0-22.el7 base 1.4 M\n ws-jaxme noarch 0.5.2-10.el7 base 1.1 M\n xalan-j2 noarch 2.7.1-23.el7 base 1.9 M\n xerces-j2 noarch 2.11.0-17.el7_0 base 1.1 M\n xml-commons-apis noarch 1.4.01-16.el7 base 227 k\n xml-commons-resolver noarch 1.2-15.el7 base 108 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 base 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 base 32 k\n xorg-x11-font-utils x86_64 1:7.5-21.el7 base 104 k\n xorg-x11-fonts-Type1 noarch 7.5-9.el7 base 521 k\n xpp3 noarch 1.1.3.8-11.el7 base 336 k\n xsom noarch 0-10.20110809svn.el7 base 380 k\nUpdating for dependencies:\n krb5-libs x86_64 1.15.1-50.el7 base 809 k\n openldap x86_64 2.4.44-24.el7_9 updates 356 k\n systemd x86_64 219-78.el7_9.3 updates 5.1 M\n systemd-libs x86_64 219-78.el7_9.3 updates 418 k\n systemd-sysv x86_64 219-78.el7_9.3 updates 97 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+309 Dependent packages)\nUpgrade ( 5 Dependent packages)\n\nTotal download size: 172 M\nDownloading packages:\nDelta RPMs disabled because /usr/bin/applydeltarpm not installed.\n--------------------------------------------------------------------------------\nTotal 23 MB/s | 172 MB 00:07 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Updating : krb5-libs-1.15.1-50.el7.x86_64 1/320 \n Updating : openldap-2.4.44-24.el7_9.x86_64 2/320 \n Updating : systemd-libs-219-78.el7_9.3.x86_64 3/320 \n Updating : systemd-219-78.el7_9.3.x86_64 4/320 \n Installing : libtalloc-2.1.16-1.el7.x86_64 5/320 \n Installing : libtevent-0.9.39-1.el7.x86_64 6/320 \n Installing : libtdb-1.3.18-1.el7.x86_64 7/320 \n Installing : libldb-1.5.4-2.el7.x86_64 8/320 \n Installing : libsss_certmap-1.16.5-10.el7_9.10.x86_64 9/320 \n Installing : libdhash-0.5.0-32.el7.x86_64 10/320 \n Installing : python-ldap-2.4.15-2.el7.x86_64 11/320 \n Installing : libsss_idmap-1.16.5-10.el7_9.10.x86_64 12/320 \n Installing : python2-pyasn1-0.1.9-7.el7.noarch 13/320 \n Installing : ipa-common-4.6.8-5.el7.centos.9.noarch 14/320 \n Installing : libjpeg-turbo-1.2.90-8.el7.x86_64 15/320 \n Installing : openldap-clients-2.4.44-24.el7_9.x86_64 16/320 \n Installing : cyrus-sasl-gssapi-2.1.26-23.el7.x86_64 17/320 \n Installing : python-dns-1.12.0-4.20150617git465785f.el7.noarch 18/320 \n Installing : fontpackages-filesystem-1.44-8.el7.noarch 19/320 \n Updating : systemd-sysv-219-78.el7_9.3.x86_64 20/320 \n Installing : samba-common-4.10.16-15.el7_9.noarch 21/320 \n Installing : python-enum34-1.0.4-1.el7.noarch 22/320 \n Installing : python-gssapi-1.2.0-3.el7.x86_64 23/320 \n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 24/320 \n Installing : psmisc-22.20-17.el7.x86_64 25/320 \n Installing : libsss_nss_idmap-1.16.5-10.el7_9.10.x86_64 26/320 \n Installing : python-sssdconfig-1.16.5-10.el7_9.10.noarch 27/320 \n Installing : ipa-client-common-4.6.8-5.el7.centos.9.noarch 28/320 \n Installing : mesa-libglapi-18.3.4-12.el7_9.x86_64 29/320 \n Installing : apr-1.4.8-7.el7.x86_64 30/320 \n Installing : apr-util-1.5.2-6.el7.x86_64 31/320 \n Installing : oddjob-0.31.5-4.el7.x86_64 32/320 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 33/320 \n Installing : certmonger-0.78.4-16.el7_9.x86_64 34/320 \n Installing : systemd-python-219-78.el7_9.3.x86_64 35/320 \n Installing : libkadm5-1.15.1-50.el7.x86_64 36/320 \n Installing : libxslt-1.1.28-6.el7.x86_64 37/320 \n Installing : python-lxml-3.2.1-4.el7.x86_64 38/320 \n Installing : svrcore-4.1.3-2.el7.x86_64 39/320 \n Installing : libipa_hbac-1.16.5-10.el7_9.10.x86_64 40/320 \n Installing : pyusb-1.0.0-0.11.b1.el7.noarch 41/320 \n Installing : avahi-libs-0.6.31-20.el7.x86_64 42/320 \n Installing : 1:cups-libs-1.6.3-51.el7.x86_64 43/320 \n Installing : 1:libglvnd-1.0.1-0.8.git5baa1e5.el7.x86_64 44/320 \n Installing : 32:bind-license-9.11.4-26.P2.el7_9.7.noarch 45/320 \n Installing : libICE-1.0.9-9.el7.x86_64 46/320 \n Installing : gperftools-libs-2.6.1-1.el7.x86_64 47/320 \n Installing : libsss_autofs-1.16.5-10.el7_9.10.x86_64 48/320 \n Installing : libwayland-server-1.15.0-1.el7.x86_64 49/320 \n Installing : libxshmfence-1.2-1.el7.x86_64 50/320 \n Installing : python-nss-0.16.0-3.el7.x86_64 51/320 \n Installing : 389-ds-base-libs-1.3.10.2-13.el7_9.x86_64 52/320 \n Installing : libSM-1.2.2-2.el7.x86_64 53/320 \n Installing : python-yubico-1.2.3-1.el7.noarch 54/320 \n Installing : python-libipa_hbac-1.16.5-10.el7_9.10.x86_64 55/320 \n Installing : python-javapackages-3.4.1-11.el7.noarch 56/320 \n Installing : javapackages-tools-3.4.1-11.el7.noarch 57/320 \n Installing : relaxngDatatype-1.0-11.el7.noarch 58/320 \n Installing : tomcat-servlet-3.0-api-7.0.76-16.el7_9.noarch 59/320 \n Installing : bea-stax-api-1.2.0-9.el7.noarch 60/320 \n Installing : xsom-0-10.20110809svn.el7.noarch 61/320 \n Installing : stax2-api-3.1.1-10.el7.noarch 62/320 \n Installing : jvnet-parent-4-2.el7.noarch 63/320 \n Installing : bea-stax-1.2.0-9.el7.noarch 64/320 \n Installing : tomcat-jsp-2.2-api-7.0.76-16.el7_9.noarch 65/320 \n Installing : tomcat-el-2.2-api-7.0.76-16.el7_9.noarch 66/320 \n Installing : jakarta-oro-2.0.8-16.el7.noarch 67/320 \n Installing : krb5-workstation-1.15.1-50.el7.x86_64 68/320 \n Installing : oddjob-mkhomedir-0.31.5-4.el7.x86_64 69/320 \n Installing : httpd-tools-2.4.6-97.el7.centos.1.x86_64 70/320 \n Installing : apr-util-openssl-1.5.2-6.el7.x86_64 71/320 \n Installing : sssd-client-1.16.5-10.el7_9.10.x86_64 72/320 \n Installing : open-sans-fonts-1.10-1.el7.noarch 73/320 \n Installing : fontawesome-fonts-4.1.0-2.el7.noarch 74/320 \n Installing : dejavu-fonts-common-2.33-6.el7.noarch 75/320 \n Installing : dejavu-sans-fonts-2.33-6.el7.noarch 76/320 \n Installing : fontconfig-2.13.0-4.3.el7.x86_64 77/320 \n Installing : python-kdcproxy-0.3.2-3.el7.noarch 78/320 \n Installing : jasper-libs-1.900.1-33.el7.x86_64 79/320 \n Installing : python2-pyasn1-modules-0.1.9-7.el7.noarch 80/320 \n Installing : ntpdate-4.2.6p5-29.el7.centos.2.x86_64 81/320 \n Installing : trousers-0.3.14-2.el7.x86_64 82/320 \n Installing : cyrus-sasl-md5-2.1.26-23.el7.x86_64 83/320 \n Installing : krb5-pkinit-1.15.1-50.el7.x86_64 84/320 \n Installing : cyrus-sasl-plain-2.1.26-23.el7.x86_64 85/320 \n Installing : 1:perl-parent-0.225-244.el7.noarch 86/320 \n Installing : perl-HTTP-Tiny-0.033-3.el7.noarch 87/320 \n Installing : perl-podlators-2.5.1-3.el7.noarch 88/320 \n Installing : perl-Pod-Perldoc-3.20-4.el7.noarch 89/320 \n Installing : 1:perl-Pod-Escapes-1.04-299.el7_9.noarch 90/320 \n Installing : perl-Text-ParseWords-3.29-4.el7.noarch 91/320 \n Installing : perl-Encode-2.51-7.el7.x86_64 92/320 \n Installing : perl-Pod-Usage-1.63-3.el7.noarch 93/320 \n Installing : perl-threads-1.87-4.el7.x86_64 94/320 \n Installing : perl-Storable-2.45-3.el7.x86_64 95/320 \n Installing : perl-Carp-1.26-244.el7.noarch 96/320 \n Installing : 4:perl-Time-HiRes-1.9725-3.el7.x86_64 97/320 \n Installing : perl-Filter-1.49-3.el7.x86_64 98/320 \n Installing : perl-Exporter-5.68-3.el7.noarch 99/320 \n Installing : perl-constant-1.27-2.el7.noarch 100/320 \n Installing : perl-Socket-2.010-5.el7.x86_64 101/320 \n Installing : 4:perl-macros-5.16.3-299.el7_9.x86_64 102/320 \n Installing : perl-Time-Local-1.2300-2.el7.noarch 103/320 \n Installing : perl-threads-shared-1.43-6.el7.x86_64 104/320 \n Installing : perl-File-Temp-0.23.01-3.el7.noarch 105/320 \n Installing : perl-File-Path-2.09-2.el7.noarch 106/320 \n Installing : perl-PathTools-3.40-5.el7.x86_64 107/320 \n Installing : perl-Scalar-List-Utils-1.27-248.el7.x86_64 108/320 \n Installing : 4:perl-libs-5.16.3-299.el7_9.x86_64 109/320 \n Installing : 1:perl-Pod-Simple-3.28-4.el7.noarch 110/320 \n Installing : perl-Getopt-Long-2.40-3.el7.noarch 111/320 \n Installing : 4:perl-5.16.3-299.el7_9.x86_64 112/320 \n Installing : perl-Data-Dumper-2.145-3.el7.x86_64 113/320 \n Installing : perl-Mozilla-LDAP-1.5.3-12.el7.x86_64 114/320 \n Installing : perl-DB_File-1.830-6.el7.x86_64 115/320 \n Installing : perl-Compress-Raw-Bzip2-2.061-3.el7.x86_64 116/320 \n Installing : 1:perl-Package-Constants-0.02-299.el7_9.noarch 117/320 \n Installing : perl-NetAddr-IP-4.069-3.el7.x86_64 118/320 \n Installing : 1:perl-Compress-Raw-Zlib-2.061-4.el7.x86_64 119/320 \n Installing : perl-IO-Compress-2.061-2.el7.noarch 120/320 \n Installing : 1:perl-IO-Zlib-1.10-299.el7_9.noarch 121/320 \n Installing : perl-Archive-Tar-1.92-3.el7.noarch 122/320 \n Installing : libfontenc-1.1.3-3.el7.x86_64 123/320 \n Installing : 1:xorg-x11-font-utils-7.5-21.el7.x86_64 124/320 \n Installing : libX11-common-1.6.7-4.el7_9.noarch 125/320 \n Installing : python-netifaces-0.10.4-3.el7.x86_64 126/320 \n Installing : softhsm-2.1.0-3.el7.x86_64 127/320 \n Installing : alsa-lib-1.1.8-1.el7.x86_64 128/320 \n Installing : centos-logos-70.0.6-3.el7.centos.noarch 129/320 \n Installing : nuxwdog-1.0.5-1.el7.x86_64 130/320 \n Installing : python-netaddr-0.7.5-9.el7.noarch 131/320 \n Installing : libthai-0.1.14-9.el7.x86_64 132/320 \n Installing : nettle-2.7.1-9.el7_9.x86_64 133/320 \n Installing : gnutls-3.3.29-9.el7_6.x86_64 134/320 \n Installing : samba-client-libs-4.10.16-15.el7_9.x86_64 135/320 \n Installing : libwbclient-4.10.16-15.el7_9.x86_64 136/320 \n Installing : samba-common-libs-4.10.16-15.el7_9.x86_64 137/320 \n Installing : libsmbclient-4.10.16-15.el7_9.x86_64 138/320 \n Installing : fribidi-1.0.2-1.el7_7.1.x86_64 139/320 \n Installing : copy-jdk-configs-3.3-10.el7_5.noarch 140/320 \n Installing : jbigkit-libs-2.0-11.el7.x86_64 141/320 \n Installing : libtiff-4.0.3-35.el7.x86_64 142/320 \n Installing : hicolor-icon-theme-0.12-7.el7.noarch 143/320 \n Installing : ttmkfdir-3.0.9-42.el7.x86_64 144/320 \n Installing : xorg-x11-fonts-Type1-7.5-9.el7.noarch 145/320 \n Installing : libwayland-client-1.15.0-1.el7.x86_64 146/320 \n Installing : libpciaccess-0.14-1.el7.x86_64 147/320 \n Installing : libdrm-2.4.97-2.el7.x86_64 148/320 \n Installing : mesa-libgbm-18.3.4-12.el7_9.x86_64 149/320 \n Installing : python-sss-murmur-1.16.5-10.el7_9.10.x86_64 150/320 \n Installing : libsss_sudo-1.16.5-10.el7_9.10.x86_64 151/320 \n Installing : mailcap-2.1.41-2.el7.noarch 152/320 \n Installing : httpd-2.4.6-97.el7.centos.1.x86_64 153/320 \n Installing : mod_wsgi-3.4-18.el7.x86_64 154/320 \n Installing : mod_nss-1.0.14-12.el7.x86_64 155/320 \n\nmod_nss certificate database generated.\n\n Installing : mod_session-2.4.6-97.el7.centos.1.x86_64 156/320 \n Installing : mod_lookup_identity-1.0.0-1.el7.x86_64 157/320 \n Installing : mod_auth_gssapi-1.5.1-7.el7.x86_64 158/320 \n Installing : atk-2.28.1-2.el7.x86_64 159/320 \n Installing : python-dateutil-1.5-7.el7.noarch 160/320 \n Installing : http-parser-2.7.1-9.el7.x86_64 161/320 \n Installing : python-ply-3.4-11.el7.noarch 162/320 \n Installing : python-pycparser-2.14-1.el7.noarch 163/320 \n Installing : python-cffi-1.6.0-5.el7.x86_64 164/320 \n Installing : python-idna-2.4-1.el7.noarch 165/320 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 166/320 \n Installing : pki-base-10.5.18-17.el7_9.noarch 167/320 \n Installing : python-jwcrypto-0.4.2-1.el7.noarch 168/320 \n Installing : python-custodia-0.3.1-4.el7.noarch 169/320 \n Installing : custodia-0.3.1-4.el7.noarch 170/320 \n Installing : ipa-server-common-4.6.8-5.el7.centos.9.noarch 171/320 \n Installing : libicu-50.2-4.el7_7.x86_64 172/320 \n Installing : python-qrcode-core-5.0.1-1.el7.noarch 173/320 \n Installing : python2-ipalib-4.6.8-5.el7.centos.9.noarch 174/320 \n Installing : python2-ipaclient-4.6.8-5.el7.centos.9.noarch 175/320 \n Installing : autogen-libopts-5.18-5.el7.x86_64 176/320 \n Installing : ntp-4.2.6p5-29.el7.centos.2.x86_64 177/320 \n Installing : geoipupdate-2.5.0-1.el7.x86_64 178/320 \n Installing : GeoIP-1.5.0-14.el7.x86_64 179/320 \n Installing : 32:bind-libs-lite-9.11.4-26.P2.el7_9.7.x86_64 180/320 \n Installing : 32:bind-libs-9.11.4-26.P2.el7_9.7.x86_64 181/320 \n Installing : 32:bind-utils-9.11.4-26.P2.el7_9.7.x86_64 182/320 \n Installing : 389-ds-base-1.3.10.2-13.el7_9.x86_64 183/320 \n Installing : slapi-nis-0.56.5-3.el7_9.x86_64 184/320 \n Installing : libXau-1.0.8-2.1.el7.x86_64 185/320 \n Installing : libxcb-1.13-1.el7.x86_64 186/320 \n Installing : libX11-1.6.7-4.el7_9.x86_64 187/320 \n Installing : libXext-1.3.3-3.el7.x86_64 188/320 \n Installing : libXrender-0.9.10-1.el7.x86_64 189/320 \n Installing : libXfixes-5.0.3-1.el7.x86_64 190/320 \n Installing : libXi-1.7.9-1.el7.x86_64 191/320 \n Installing : libXdamage-1.1.4-4.1.el7.x86_64 192/320 \n Installing : libXcomposite-0.4.4-4.1.el7.x86_64 193/320 \n Installing : gdk-pixbuf2-2.36.12-3.el7.x86_64 194/320 \n Installing : gtk-update-icon-cache-3.22.30-6.el7.x86_64 195/320 \n Installing : libXtst-1.2.3-1.el7.x86_64 196/320 \n Installing : libXcursor-1.1.15-1.el7.x86_64 197/320 \n Installing : libXrandr-1.5.1-2.el7.x86_64 198/320 \n Installing : libXft-2.3.2-2.el7.x86_64 199/320 \n Installing : libXinerama-1.1.3-2.1.el7.x86_64 200/320 \n Installing : libXxf86vm-1.1.4-1.el7.x86_64 201/320 \n Installing : 1:libglvnd-glx-1.0.1-0.8.git5baa1e5.el7.x86_64 202/320 \n Installing : mesa-libGL-18.3.4-12.el7_9.x86_64 203/320 \n Installing : giflib-4.1.6-9.el7.x86_64 204/320 \n Installing : 1:libglvnd-egl-1.0.1-0.8.git5baa1e5.el7.x86_64 205/320 \n Installing : mesa-libEGL-18.3.4-12.el7_9.x86_64 206/320 \n Installing : graphite2-1.3.10-1.el7_3.x86_64 207/320 \n Installing : harfbuzz-1.7.5-2.el7.x86_64 208/320 \n Installing : pcsc-lite-libs-1.8.8-8.el7.x86_64 209/320 \n Installing : augeas-libs-1.4.0-10.el7.x86_64 210/320 \n Installing : python-augeas-0.5.0-2.el7.noarch 211/320 \n Installing : python2-ipaserver-4.6.8-5.el7.centos.9.noarch 212/320 \n Installing : pixman-0.34.0-1.el7.x86_64 213/320 \n Installing : cairo-1.15.12-4.el7.x86_64 214/320 \n Installing : pango-1.42.4-4.el7_7.x86_64 215/320 \n Installing : gtk2-2.24.31-1.el7.x86_64 216/320 \n Installing : lksctp-tools-1.0.17-2.el7.x86_64 217/320 \n Installing : c-ares-1.10.0-3.el7.x86_64 218/320 \n Installing : sssd-common-1.16.5-10.el7_9.10.x86_64 219/320 \n Installing : sssd-krb5-common-1.16.5-10.el7_9.10.x86_64 220/320 \n Installing : sssd-common-pac-1.16.5-10.el7_9.10.x86_64 221/320 \n Installing : sssd-ad-1.16.5-10.el7_9.10.x86_64 222/320 \n Installing : sssd-ipa-1.16.5-10.el7_9.10.x86_64 223/320 \n Installing : sssd-ldap-1.16.5-10.el7_9.10.x86_64 224/320 \n Installing : sssd-krb5-1.16.5-10.el7_9.10.x86_64 225/320 \n Installing : sssd-proxy-1.16.5-10.el7_9.10.x86_64 226/320 \n Installing : sssd-1.16.5-10.el7_9.10.x86_64 227/320 \n Installing : sssd-dbus-1.16.5-10.el7_9.10.x86_64 228/320 \n Installing : tzdata-java-2021e-1.el7.noarch 229/320 \n Installing : 1:java-1.8.0-openjdk-headless-1.8.0.312.b07-1.el7_9.x8 230/320 \n Installing : 1:java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.x86_64 231/320 \n Installing : apache-commons-codec-1.8-7.el7.noarch 232/320 \n Installing : apache-commons-lang-2.6-15.el7.noarch 233/320 \n Installing : xml-commons-apis-1.4.01-16.el7.noarch 234/320 \n Installing : xml-commons-resolver-1.2-15.el7.noarch 235/320 \n Installing : xalan-j2-2.7.1-23.el7.noarch 236/320 \n Installing : xerces-j2-2.11.0-17.el7_0.noarch 237/320 \n Installing : 1:isorelax-0-0.15.release20050331.el7.noarch 238/320 \n Installing : 1:msv-xsdlib-2013.5.1-7.el7.noarch 239/320 \n Installing : jss-4.4.9-3.el7.x86_64 240/320 \n Installing : apache-commons-pool-1.6-9.el7.noarch 241/320 \n Installing : apache-commons-collections-3.2.1-22.el7_2.noarch 242/320 \n Installing : javassist-3.16.1-10.el7.noarch 243/320 \n Installing : rngom-201103-0.8.20120119svn.el7.noarch 244/320 \n Installing : 1:hsqldb-1.8.1.3-14.el7.noarch 245/320 \n Installing : 1:apache-commons-io-2.4-12.el7.noarch 246/320 \n Installing : geronimo-jms-1.1.1-19.el7.noarch 247/320 \n Installing : codemodel-2.6-9.el7.noarch 248/320 \n Installing : resteasy-base-jaxrs-api-3.0.6-4.el7.noarch 249/320 \n Installing : scannotation-1.0.3-0.7.r12.el7.noarch 250/320 \n Installing : ldapjdk-4.19-5.el7.noarch 251/320 \n Installing : 1:msv-msv-2013.5.1-7.el7.noarch 252/320 \n Installing : jing-20091111-14.el7.noarch 253/320 \n Installing : objectweb-asm-3.3.1-9.el7.noarch 254/320 \n Installing : regexp-1.5-13.el7.noarch 255/320 \n Installing : bcel-5.2-18.el7.noarch 256/320 \n Installing : args4j-2.0.16-13.el7.noarch 257/320 \n Installing : txw2-20110809-8.el7.noarch 258/320 \n Installing : glassfish-dtd-parser-1.2-0.8.20120120svn.el7.noarch 259/320 \n Installing : javamail-1.4.6-8.el7.noarch 260/320 \n Installing : log4j-1.2.17-16.el7_4.noarch 261/320 \n Installing : avalon-logkit-2.1-14.el7.noarch 262/320 \n Installing : apache-commons-logging-1.1.2-7.el7.noarch 263/320 \n Installing : avalon-framework-4.3-10.el7.noarch 264/320 \n Installing : 1:jakarta-commons-httpclient-3.1-16.el7_0.noarch 265/320 \n Installing : istack-commons-2.17-4.el7.noarch 266/320 \n Installing : 1:ecj-4.5.2-3.el7.x86_64 267/320 \n Installing : cal10n-0.7.7-4.el7.noarch 268/320 \n Installing : slf4j-1.7.4-4.el7_4.noarch 269/320 \n Installing : geronimo-jta-1.1.1-17.el7.noarch 270/320 \n Installing : apache-commons-dbcp-1.4-17.el7.noarch 271/320 \n Installing : tomcat-lib-7.0.76-16.el7_9.noarch 272/320 \n Installing : antlr-tool-2.7.7-30.el7.noarch 273/320 \n Installing : joda-convert-1.3-5.el7.noarch 274/320 \n Installing : joda-time-2.2-3.tzdata2013c.el7.noarch 275/320 \n Installing : easymock2-2.5.2-12.el7.noarch 276/320 \n Installing : qdox-1.12.1-10.el7.noarch 277/320 \n Installing : hamcrest-1.3-6.el7.noarch 278/320 \n Installing : junit-4.11-8.el7.noarch 279/320 \n Installing : ws-jaxme-0.5.2-10.el7.noarch 280/320 \n Installing : xpp3-1.1.3.8-11.el7.noarch 281/320 \n Installing : jdom-1.1.3-6.el7.noarch 282/320 \n Installing : jaxen-1.1.3-11.el7.noarch 283/320 \n Installing : dom4j-1.6.1-20.el7.noarch 284/320 \n Installing : velocity-1.7-10.el7.noarch 285/320 \n Installing : glassfish-jaxb-api-2.2.7-4.el7.noarch 286/320 \n Installing : apache-commons-daemon-1.0.13-7.el7.x86_64 287/320 \n Installing : tomcat-7.0.76-16.el7_9.noarch 288/320 \n Installing : tomcatjss-7.2.5-1.el7.noarch 289/320 \n Installing : jsr-311-1.1.1-6.el7.noarch 290/320 \n Installing : jackson-1.9.4-7.el7.noarch 291/320 \n Installing : resteasy-base-jackson-provider-3.0.6-4.el7.noarch 292/320 \n Installing : glassfish-fastinfoset-1.2.12-9.el7.noarch 293/320 \n Installing : httpcomponents-core-4.2.4-6.el7.noarch 294/320 \n Installing : httpcomponents-client-4.2.5-5.el7_0.noarch 295/320 \n Installing : jboss-annotations-1.1-api-1.0.1-0.6.20120212git76e1a2. 296/320 \n Installing : resteasy-base-jaxrs-3.0.6-4.el7.noarch 297/320 \n Installing : resteasy-base-client-3.0.6-4.el7.noarch 298/320 \n Installing : apache-commons-cli-1.2-13.el7.noarch 299/320 \n Installing : stax-ex-1.7.1-6.el7.noarch 300/320 \n Installing : glassfish-jaxb-2.2.5-6.el7.noarch 301/320 \n Installing : resteasy-base-jaxb-provider-3.0.6-4.el7.noarch 302/320 \n Installing : resteasy-base-atom-provider-3.0.6-4.el7.noarch 303/320 \n Installing : pki-base-java-10.5.18-17.el7_9.noarch 304/320 \n Installing : pki-tools-10.5.18-17.el7_9.x86_64 305/320 \n Installing : nuxwdog-client-java-1.0.5-1.el7.x86_64 306/320 \n Installing : pki-server-10.5.18-17.el7_9.noarch 307/320 \n Installing : pki-kra-10.5.18-17.el7_9.noarch 308/320 \n Installing : pki-ca-10.5.18-17.el7_9.noarch 309/320 \n Installing : words-3.0-22.el7.noarch 310/320 \n Installing : krb5-server-1.15.1-50.el7.x86_64 311/320 \n Installing : hesiod-3.2.1-3.el7.x86_64 312/320 \n Installing : 1:autofs-5.0.7-116.el7_9.x86_64 313/320 \n Installing : ipa-client-4.6.8-5.el7.centos.9.x86_64 314/320 \n Installing : ipa-server-4.6.8-5.el7.centos.9.x86_64 315/320 \n Cleanup : systemd-sysv-219-73.el7_8.5.x86_64 316/320 \n Cleanup : systemd-219-73.el7_8.5.x86_64 317/320 \n Cleanup : systemd-libs-219-73.el7_8.5.x86_64 318/320 \n Cleanup : krb5-libs-1.15.1-46.el7.x86_64 319/320 \n Cleanup : openldap-2.4.44-21.el7_6.x86_64 320/320 \n Verifying : libXext-1.3.3-3.el7.x86_64 1/320 \n Verifying : perl-HTTP-Tiny-0.033-3.el7.noarch 2/320 \n Verifying : cyrus-sasl-md5-2.1.26-23.el7.x86_64 3/320 \n Verifying : apr-1.4.8-7.el7.x86_64 4/320 \n Verifying : jackson-1.9.4-7.el7.noarch 5/320 \n Verifying : avalon-logkit-2.1-14.el7.noarch 6/320 \n Verifying : libXrender-0.9.10-1.el7.x86_64 7/320 \n Verifying : tomcat-el-2.2-api-7.0.76-16.el7_9.noarch 8/320 \n Verifying : libwbclient-4.10.16-15.el7_9.x86_64 9/320 \n Verifying : libXi-1.7.9-1.el7.x86_64 10/320 \n Verifying : regexp-1.5-13.el7.noarch 11/320 \n Verifying : systemd-libs-219-78.el7_9.3.x86_64 12/320 \n Verifying : hesiod-3.2.1-3.el7.x86_64 13/320 \n Verifying : python-lxml-3.2.1-4.el7.x86_64 14/320 \n Verifying : words-3.0-22.el7.noarch 15/320 \n Verifying : junit-4.11-8.el7.noarch 16/320 \n Verifying : tzdata-java-2021e-1.el7.noarch 17/320 \n Verifying : samba-client-libs-4.10.16-15.el7_9.x86_64 18/320 \n Verifying : httpd-tools-2.4.6-97.el7.centos.1.x86_64 19/320 \n Verifying : args4j-2.0.16-13.el7.noarch 20/320 \n Verifying : krb5-pkinit-1.15.1-50.el7.x86_64 21/320 \n Verifying : stax2-api-3.1.1-10.el7.noarch 22/320 \n Verifying : sssd-ad-1.16.5-10.el7_9.10.x86_64 23/320 \n Verifying : 1:autofs-5.0.7-116.el7_9.x86_64 24/320 \n Verifying : perl-File-Temp-0.23.01-3.el7.noarch 25/320 \n Verifying : libXcomposite-0.4.4-4.1.el7.x86_64 26/320 \n Verifying : 1:java-1.8.0-openjdk-headless-1.8.0.312.b07-1.el7_9.x8 27/320 \n Verifying : mod_wsgi-3.4-18.el7.x86_64 28/320 \n Verifying : c-ares-1.10.0-3.el7.x86_64 29/320 \n Verifying : ipa-server-common-4.6.8-5.el7.centos.9.noarch 30/320 \n Verifying : xerces-j2-2.11.0-17.el7_0.noarch 31/320 \n Verifying : openldap-2.4.44-24.el7_9.x86_64 32/320 \n Verifying : libsmbclient-4.10.16-15.el7_9.x86_64 33/320 \n Verifying : 32:bind-libs-lite-9.11.4-26.P2.el7_9.7.x86_64 34/320 \n Verifying : lksctp-tools-1.0.17-2.el7.x86_64 35/320 \n Verifying : jing-20091111-14.el7.noarch 36/320 \n Verifying : perl-Archive-Tar-1.92-3.el7.noarch 37/320 \n Verifying : pixman-0.34.0-1.el7.x86_64 38/320 \n Verifying : libxcb-1.13-1.el7.x86_64 39/320 \n Verifying : libtiff-4.0.3-35.el7.x86_64 40/320 \n Verifying : perl-Data-Dumper-2.145-3.el7.x86_64 41/320 \n Verifying : perl-threads-shared-1.43-6.el7.x86_64 42/320 \n Verifying : python-nss-0.16.0-3.el7.x86_64 43/320 \n Verifying : apr-util-1.5.2-6.el7.x86_64 44/320 \n Verifying : 1:libglvnd-glx-1.0.1-0.8.git5baa1e5.el7.x86_64 45/320 \n Verifying : apr-util-openssl-1.5.2-6.el7.x86_64 46/320 \n Verifying : sssd-client-1.16.5-10.el7_9.10.x86_64 47/320 \n Verifying : augeas-libs-1.4.0-10.el7.x86_64 48/320 \n Verifying : pcsc-lite-libs-1.8.8-8.el7.x86_64 49/320 \n Verifying : graphite2-1.3.10-1.el7_3.x86_64 50/320 \n Verifying : ipa-client-4.6.8-5.el7.centos.9.x86_64 51/320 \n Verifying : python2-pyasn1-modules-0.1.9-7.el7.noarch 52/320 \n Verifying : ntpdate-4.2.6p5-29.el7.centos.2.x86_64 53/320 \n Verifying : libxshmfence-1.2-1.el7.x86_64 54/320 \n Verifying : python-pycparser-2.14-1.el7.noarch 55/320 \n Verifying : libwayland-server-1.15.0-1.el7.x86_64 56/320 \n Verifying : apache-commons-logging-1.1.2-7.el7.noarch 57/320 \n Verifying : ws-jaxme-0.5.2-10.el7.noarch 58/320 \n Verifying : tomcat-lib-7.0.76-16.el7_9.noarch 59/320 \n Verifying : libsss_autofs-1.16.5-10.el7_9.10.x86_64 60/320 \n Verifying : libXau-1.0.8-2.1.el7.x86_64 61/320 \n Verifying : perl-File-Path-2.09-2.el7.noarch 62/320 \n Verifying : apache-commons-pool-1.6-9.el7.noarch 63/320 \n Verifying : tomcat-servlet-3.0-api-7.0.76-16.el7_9.noarch 64/320 \n Verifying : gperftools-libs-2.6.1-1.el7.x86_64 65/320 \n Verifying : glassfish-dtd-parser-1.2-0.8.20120120svn.el7.noarch 66/320 \n Verifying : slf4j-1.7.4-4.el7_4.noarch 67/320 \n Verifying : jss-4.4.9-3.el7.x86_64 68/320 \n Verifying : 1:hsqldb-1.8.1.3-14.el7.noarch 69/320 \n Verifying : sssd-1.16.5-10.el7_9.10.x86_64 70/320 \n Verifying : libdhash-0.5.0-32.el7.x86_64 71/320 \n Verifying : httpd-2.4.6-97.el7.centos.1.x86_64 72/320 \n Verifying : python-javapackages-3.4.1-11.el7.noarch 73/320 \n Verifying : ntp-4.2.6p5-29.el7.centos.2.x86_64 74/320 \n Verifying : resteasy-base-jaxb-provider-3.0.6-4.el7.noarch 75/320 \n Verifying : python-augeas-0.5.0-2.el7.noarch 76/320 \n Verifying : trousers-0.3.14-2.el7.x86_64 77/320 \n Verifying : libICE-1.0.9-9.el7.x86_64 78/320 \n Verifying : 1:jakarta-commons-httpclient-3.1-16.el7_0.noarch 79/320 \n Verifying : giflib-4.1.6-9.el7.x86_64 80/320 \n Verifying : geoipupdate-2.5.0-1.el7.x86_64 81/320 \n Verifying : velocity-1.7-10.el7.noarch 82/320 \n Verifying : mesa-libGL-18.3.4-12.el7_9.x86_64 83/320 \n Verifying : sssd-common-1.16.5-10.el7_9.10.x86_64 84/320 \n Verifying : autogen-libopts-5.18-5.el7.x86_64 85/320 \n Verifying : javamail-1.4.6-8.el7.noarch 86/320 \n Verifying : bcel-5.2-18.el7.noarch 87/320 \n Verifying : python-qrcode-core-5.0.1-1.el7.noarch 88/320 \n Verifying : mesa-libglapi-18.3.4-12.el7_9.x86_64 89/320 \n Verifying : libtdb-1.3.18-1.el7.x86_64 90/320 \n Verifying : perl-Mozilla-LDAP-1.5.3-12.el7.x86_64 91/320 \n Verifying : apache-commons-codec-1.8-7.el7.noarch 92/320 \n Verifying : jaxen-1.1.3-11.el7.noarch 93/320 \n Verifying : jvnet-parent-4-2.el7.noarch 94/320 \n Verifying : pki-tools-10.5.18-17.el7_9.x86_64 95/320 \n Verifying : 1:apache-commons-io-2.4-12.el7.noarch 96/320 \n Verifying : 1:cups-libs-1.6.3-51.el7.x86_64 97/320 \n Verifying : tomcat-jsp-2.2-api-7.0.76-16.el7_9.noarch 98/320 \n Verifying : bea-stax-1.2.0-9.el7.noarch 99/320 \n Verifying : resteasy-base-atom-provider-3.0.6-4.el7.noarch 100/320 \n Verifying : libldb-1.5.4-2.el7.x86_64 101/320 \n Verifying : 389-ds-base-libs-1.3.10.2-13.el7_9.x86_64 102/320 \n Verifying : glassfish-jaxb-2.2.5-6.el7.noarch 103/320 \n Verifying : systemd-sysv-219-78.el7_9.3.x86_64 104/320 \n Verifying : resteasy-base-client-3.0.6-4.el7.noarch 105/320 \n Verifying : ipa-client-common-4.6.8-5.el7.centos.9.noarch 106/320 \n Verifying : cyrus-sasl-plain-2.1.26-23.el7.x86_64 107/320 \n Verifying : libXtst-1.2.3-1.el7.x86_64 108/320 \n Verifying : python-sssdconfig-1.16.5-10.el7_9.10.noarch 109/320 \n Verifying : libicu-50.2-4.el7_7.x86_64 110/320 \n Verifying : istack-commons-2.17-4.el7.noarch 111/320 \n Verifying : perl-Text-ParseWords-3.29-4.el7.noarch 112/320 \n Verifying : open-sans-fonts-1.10-1.el7.noarch 113/320 \n Verifying : libkadm5-1.15.1-50.el7.x86_64 114/320 \n Verifying : gnutls-3.3.29-9.el7_6.x86_64 115/320 \n Verifying : python-idna-2.4-1.el7.noarch 116/320 \n Verifying : 1:ecj-4.5.2-3.el7.x86_64 117/320 \n Verifying : python-ply-3.4-11.el7.noarch 118/320 \n Verifying : geronimo-jms-1.1.1-19.el7.noarch 119/320 \n Verifying : samba-common-4.10.16-15.el7_9.noarch 120/320 \n Verifying : mod_nss-1.0.14-12.el7.x86_64 121/320 \n Verifying : sssd-krb5-common-1.16.5-10.el7_9.10.x86_64 122/320 \n Verifying : krb5-workstation-1.15.1-50.el7.x86_64 123/320 \n Verifying : mod_session-2.4.6-97.el7.centos.1.x86_64 124/320 \n Verifying : cal10n-0.7.7-4.el7.noarch 125/320 \n Verifying : python-jwcrypto-0.4.2-1.el7.noarch 126/320 \n Verifying : python-ldap-2.4.15-2.el7.x86_64 127/320 \n Verifying : 32:bind-license-9.11.4-26.P2.el7_9.7.noarch 128/320 \n Verifying : 1:libglvnd-1.0.1-0.8.git5baa1e5.el7.x86_64 129/320 \n Verifying : libsss_nss_idmap-1.16.5-10.el7_9.10.x86_64 130/320 \n Verifying : sssd-ipa-1.16.5-10.el7_9.10.x86_64 131/320 \n Verifying : slapi-nis-0.56.5-3.el7_9.x86_64 132/320 \n Verifying : perl-Encode-2.51-7.el7.x86_64 133/320 \n Verifying : pki-kra-10.5.18-17.el7_9.noarch 134/320 \n Verifying : perl-DB_File-1.830-6.el7.x86_64 135/320 \n Verifying : http-parser-2.7.1-9.el7.x86_64 136/320 \n Verifying : codemodel-2.6-9.el7.noarch 137/320 \n Verifying : python2-ipaserver-4.6.8-5.el7.centos.9.noarch 138/320 \n Verifying : 1:msv-xsdlib-2013.5.1-7.el7.noarch 139/320 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 140/320 \n Verifying : 1:libglvnd-egl-1.0.1-0.8.git5baa1e5.el7.x86_64 141/320 \n Verifying : jasper-libs-1.900.1-33.el7.x86_64 142/320 \n Verifying : perl-threads-1.87-4.el7.x86_64 143/320 \n Verifying : krb5-libs-1.15.1-50.el7.x86_64 144/320 \n Verifying : mesa-libEGL-18.3.4-12.el7_9.x86_64 145/320 \n Verifying : fontawesome-fonts-4.1.0-2.el7.noarch 146/320 \n Verifying : python-dateutil-1.5-7.el7.noarch 147/320 \n Verifying : perl-Getopt-Long-2.40-3.el7.noarch 148/320 \n Verifying : 389-ds-base-1.3.10.2-13.el7_9.x86_64 149/320 \n Verifying : geronimo-jta-1.1.1-17.el7.noarch 150/320 \n Verifying : atk-2.28.1-2.el7.x86_64 151/320 \n Verifying : antlr-tool-2.7.7-30.el7.noarch 152/320 \n Verifying : psmisc-22.20-17.el7.x86_64 153/320 \n Verifying : ldapjdk-4.19-5.el7.noarch 154/320 \n Verifying : relaxngDatatype-1.0-11.el7.noarch 155/320 \n Verifying : avahi-libs-0.6.31-20.el7.x86_64 156/320 \n Verifying : nuxwdog-client-java-1.0.5-1.el7.x86_64 157/320 \n Verifying : 1:xorg-x11-font-utils-7.5-21.el7.x86_64 158/320 \n Verifying : openldap-clients-2.4.44-24.el7_9.x86_64 159/320 \n Verifying : fontconfig-2.13.0-4.3.el7.x86_64 160/320 \n Verifying : joda-convert-1.3-5.el7.noarch 161/320 \n Verifying : gdk-pixbuf2-2.36.12-3.el7.x86_64 162/320 \n Verifying : certmonger-0.78.4-16.el7_9.x86_64 163/320 \n Verifying : mailcap-2.1.41-2.el7.noarch 164/320 \n Verifying : javapackages-tools-3.4.1-11.el7.noarch 165/320 \n Verifying : libtevent-0.9.39-1.el7.x86_64 166/320 \n Verifying : perl-Storable-2.45-3.el7.x86_64 167/320 \n Verifying : pki-ca-10.5.18-17.el7_9.noarch 168/320 \n Verifying : easymock2-2.5.2-12.el7.noarch 169/320 \n Verifying : glassfish-jaxb-api-2.2.7-4.el7.noarch 170/320 \n Verifying : libXcursor-1.1.15-1.el7.x86_64 171/320 \n Verifying : libsss_sudo-1.16.5-10.el7_9.10.x86_64 172/320 \n Verifying : systemd-python-219-78.el7_9.3.x86_64 173/320 \n Verifying : python-sss-murmur-1.16.5-10.el7_9.10.x86_64 174/320 \n Verifying : libpciaccess-0.14-1.el7.x86_64 175/320 \n Verifying : libwayland-client-1.15.0-1.el7.x86_64 176/320 \n Verifying : libXrandr-1.5.1-2.el7.x86_64 177/320 \n Verifying : perl-Compress-Raw-Bzip2-2.061-3.el7.x86_64 178/320 \n Verifying : fontpackages-filesystem-1.44-8.el7.noarch 179/320 \n Verifying : ttmkfdir-3.0.9-42.el7.x86_64 180/320 \n Verifying : bea-stax-api-1.2.0-9.el7.noarch 181/320 \n Verifying : hicolor-icon-theme-0.12-7.el7.noarch 182/320 \n Verifying : log4j-1.2.17-16.el7_4.noarch 183/320 \n Verifying : 1:perl-parent-0.225-244.el7.noarch 184/320 \n Verifying : jbigkit-libs-2.0-11.el7.x86_64 185/320 \n Verifying : apache-commons-lang-2.6-15.el7.noarch 186/320 \n Verifying : pango-1.42.4-4.el7_7.x86_64 187/320 \n Verifying : python-gssapi-1.2.0-3.el7.x86_64 188/320 \n Verifying : perl-Pod-Usage-1.63-3.el7.noarch 189/320 \n Verifying : copy-jdk-configs-3.3-10.el7_5.noarch 190/320 \n Verifying : python-dns-1.12.0-4.20150617git465785f.el7.noarch 191/320 \n Verifying : 1:perl-Package-Constants-0.02-299.el7_9.noarch 192/320 \n Verifying : fribidi-1.0.2-1.el7_7.1.x86_64 193/320 \n Verifying : custodia-0.3.1-4.el7.noarch 194/320 \n Verifying : pyusb-1.0.0-0.11.b1.el7.noarch 195/320 \n Verifying : jakarta-oro-2.0.8-16.el7.noarch 196/320 \n Verifying : 1:perl-Pod-Escapes-1.04-299.el7_9.noarch 197/320 \n Verifying : cyrus-sasl-gssapi-2.1.26-23.el7.x86_64 198/320 \n Verifying : avalon-framework-4.3-10.el7.noarch 199/320 \n Verifying : libipa_hbac-1.16.5-10.el7_9.10.x86_64 200/320 \n Verifying : libjpeg-turbo-1.2.90-8.el7.x86_64 201/320 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 202/320 \n Verifying : perl-Carp-1.26-244.el7.noarch 203/320 \n Verifying : harfbuzz-1.7.5-2.el7.x86_64 204/320 \n Verifying : resteasy-base-jaxrs-api-3.0.6-4.el7.noarch 205/320 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 206/320 \n Verifying : nettle-2.7.1-9.el7_9.x86_64 207/320 \n Verifying : 4:perl-Time-HiRes-1.9725-3.el7.x86_64 208/320 \n Verifying : apache-commons-dbcp-1.4-17.el7.noarch 209/320 \n Verifying : 1:perl-IO-Zlib-1.10-299.el7_9.noarch 210/320 \n Verifying : sssd-proxy-1.16.5-10.el7_9.10.x86_64 211/320 \n Verifying : xalan-j2-2.7.1-23.el7.noarch 212/320 \n Verifying : apache-commons-collections-3.2.1-22.el7_2.noarch 213/320 \n Verifying : libXft-2.3.2-2.el7.x86_64 214/320 \n Verifying : libXdamage-1.1.4-4.1.el7.x86_64 215/320 \n Verifying : apache-commons-daemon-1.0.13-7.el7.x86_64 216/320 \n Verifying : sssd-dbus-1.16.5-10.el7_9.10.x86_64 217/320 \n Verifying : mesa-libgbm-18.3.4-12.el7_9.x86_64 218/320 \n Verifying : python-yubico-1.2.3-1.el7.noarch 219/320 \n Verifying : tomcat-7.0.76-16.el7_9.noarch 220/320 \n Verifying : perl-Pod-Perldoc-3.20-4.el7.noarch 221/320 \n Verifying : xpp3-1.1.3.8-11.el7.noarch 222/320 \n Verifying : 4:perl-5.16.3-299.el7_9.x86_64 223/320 \n Verifying : libSM-1.2.2-2.el7.x86_64 224/320 \n Verifying : libX11-1.6.7-4.el7_9.x86_64 225/320 \n Verifying : scannotation-1.0.3-0.7.r12.el7.noarch 226/320 \n Verifying : pki-base-10.5.18-17.el7_9.noarch 227/320 \n Verifying : samba-common-libs-4.10.16-15.el7_9.x86_64 228/320 \n Verifying : perl-Filter-1.49-3.el7.x86_64 229/320 \n Verifying : qdox-1.12.1-10.el7.noarch 230/320 \n Verifying : oddjob-mkhomedir-0.31.5-4.el7.x86_64 231/320 \n Verifying : pki-server-10.5.18-17.el7_9.noarch 232/320 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 233/320 \n Verifying : ipa-server-4.6.8-5.el7.centos.9.x86_64 234/320 \n Verifying : libthai-0.1.14-9.el7.x86_64 235/320 \n Verifying : rngom-201103-0.8.20120119svn.el7.noarch 236/320 \n Verifying : xsom-0-10.20110809svn.el7.noarch 237/320 \n Verifying : python-netaddr-0.7.5-9.el7.noarch 238/320 \n Verifying : httpcomponents-client-4.2.5-5.el7_0.noarch 239/320 \n Verifying : nuxwdog-1.0.5-1.el7.x86_64 240/320 \n Verifying : libXinerama-1.1.3-2.1.el7.x86_64 241/320 \n Verifying : jsr-311-1.1.1-6.el7.noarch 242/320 \n Verifying : python2-ipaclient-4.6.8-5.el7.centos.9.noarch 243/320 \n Verifying : resteasy-base-jaxrs-3.0.6-4.el7.noarch 244/320 \n Verifying : libXxf86vm-1.1.4-1.el7.x86_64 245/320 \n Verifying : perl-IO-Compress-2.061-2.el7.noarch 246/320 \n Verifying : perl-Exporter-5.68-3.el7.noarch 247/320 \n Verifying : perl-constant-1.27-2.el7.noarch 248/320 \n Verifying : perl-PathTools-3.40-5.el7.x86_64 249/320 \n Verifying : python-enum34-1.0.4-1.el7.noarch 250/320 \n Verifying : 32:bind-utils-9.11.4-26.P2.el7_9.7.x86_64 251/320 \n Verifying : perl-NetAddr-IP-4.069-3.el7.x86_64 252/320 \n Verifying : perl-Socket-2.010-5.el7.x86_64 253/320 \n Verifying : gtk2-2.24.31-1.el7.x86_64 254/320 \n Verifying : centos-logos-70.0.6-3.el7.centos.noarch 255/320 \n Verifying : xml-commons-apis-1.4.01-16.el7.noarch 256/320 \n Verifying : alsa-lib-1.1.8-1.el7.x86_64 257/320 \n Verifying : 4:perl-macros-5.16.3-299.el7_9.x86_64 258/320 \n Verifying : mod_lookup_identity-1.0.0-1.el7.x86_64 259/320 \n Verifying : oddjob-0.31.5-4.el7.x86_64 260/320 \n Verifying : python2-ipalib-4.6.8-5.el7.centos.9.noarch 261/320 \n Verifying : python-kdcproxy-0.3.2-3.el7.noarch 262/320 \n Verifying : softhsm-2.1.0-3.el7.x86_64 263/320 \n Verifying : svrcore-4.1.3-2.el7.x86_64 264/320 \n Verifying : dejavu-fonts-common-2.33-6.el7.noarch 265/320 \n Verifying : glassfish-fastinfoset-1.2.12-9.el7.noarch 266/320 \n Verifying : 1:perl-Pod-Simple-3.28-4.el7.noarch 267/320 \n Verifying : systemd-219-78.el7_9.3.x86_64 268/320 \n Verifying : dom4j-1.6.1-20.el7.noarch 269/320 \n Verifying : perl-Time-Local-1.2300-2.el7.noarch 270/320 \n Verifying : 32:bind-libs-9.11.4-26.P2.el7_9.7.x86_64 271/320 \n Verifying : 1:java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.x86_64 272/320 \n Verifying : mod_auth_gssapi-1.5.1-7.el7.x86_64 273/320 \n Verifying : gtk-update-icon-cache-3.22.30-6.el7.x86_64 274/320 \n Verifying : hamcrest-1.3-6.el7.noarch 275/320 \n Verifying : sssd-ldap-1.16.5-10.el7_9.10.x86_64 276/320 \n Verifying : httpcomponents-core-4.2.4-6.el7.noarch 277/320 \n Verifying : GeoIP-1.5.0-14.el7.x86_64 278/320 \n Verifying : jboss-annotations-1.1-api-1.0.1-0.6.20120212git76e1a2. 279/320 \n Verifying : pki-base-java-10.5.18-17.el7_9.noarch 280/320 \n Verifying : xml-commons-resolver-1.2-15.el7.noarch 281/320 \n Verifying : apache-commons-cli-1.2-13.el7.noarch 282/320 \n Verifying : xorg-x11-fonts-Type1-7.5-9.el7.noarch 283/320 \n Verifying : txw2-20110809-8.el7.noarch 284/320 \n Verifying : libXfixes-5.0.3-1.el7.x86_64 285/320 \n Verifying : joda-time-2.2-3.tzdata2013c.el7.noarch 286/320 \n Verifying : sssd-krb5-1.16.5-10.el7_9.10.x86_64 287/320 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 288/320 \n Verifying : krb5-server-1.15.1-50.el7.x86_64 289/320 \n Verifying : perl-Scalar-List-Utils-1.27-248.el7.x86_64 290/320 \n Verifying : 1:perl-Compress-Raw-Zlib-2.061-4.el7.x86_64 291/320 \n Verifying : objectweb-asm-3.3.1-9.el7.noarch 292/320 \n Verifying : python-custodia-0.3.1-4.el7.noarch 293/320 \n Verifying : resteasy-base-jackson-provider-3.0.6-4.el7.noarch 294/320 \n Verifying : python-netifaces-0.10.4-3.el7.x86_64 295/320 \n Verifying : cairo-1.15.12-4.el7.x86_64 296/320 \n Verifying : stax-ex-1.7.1-6.el7.noarch 297/320 \n Verifying : ipa-common-4.6.8-5.el7.centos.9.noarch 298/320 \n Verifying : jdom-1.1.3-6.el7.noarch 299/320 \n Verifying : perl-podlators-2.5.1-3.el7.noarch 300/320 \n Verifying : dejavu-sans-fonts-2.33-6.el7.noarch 301/320 \n Verifying : sssd-common-pac-1.16.5-10.el7_9.10.x86_64 302/320 \n Verifying : libxslt-1.1.28-6.el7.x86_64 303/320 \n Verifying : python-libipa_hbac-1.16.5-10.el7_9.10.x86_64 304/320 \n Verifying : libX11-common-1.6.7-4.el7_9.noarch 305/320 \n Verifying : 1:isorelax-0-0.15.release20050331.el7.noarch 306/320 \n Verifying : tomcatjss-7.2.5-1.el7.noarch 307/320 \n Verifying : libdrm-2.4.97-2.el7.x86_64 308/320 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 309/320 \n Verifying : javassist-3.16.1-10.el7.noarch 310/320 \n Verifying : libfontenc-1.1.3-3.el7.x86_64 311/320 \n Verifying : 4:perl-libs-5.16.3-299.el7_9.x86_64 312/320 \n Verifying : libsss_certmap-1.16.5-10.el7_9.10.x86_64 313/320 \n Verifying : 1:msv-msv-2013.5.1-7.el7.noarch 314/320 \n Verifying : libsss_idmap-1.16.5-10.el7_9.10.x86_64 315/320 \n Verifying : systemd-libs-219-73.el7_8.5.x86_64 316/320 \n Verifying : openldap-2.4.44-21.el7_6.x86_64 317/320 \n Verifying : systemd-sysv-219-73.el7_8.5.x86_64 318/320 \n Verifying : systemd-219-73.el7_8.5.x86_64 319/320 \n Verifying : krb5-libs-1.15.1-46.el7.x86_64 320/320 \n\nInstalled:\n ipa-server.x86_64 0:4.6.8-5.el7.centos.9 \n\nDependency Installed:\n 389-ds-base.x86_64 0:1.3.10.2-13.el7_9 \n 389-ds-base-libs.x86_64 0:1.3.10.2-13.el7_9 \n GeoIP.x86_64 0:1.5.0-14.el7 \n alsa-lib.x86_64 0:1.1.8-1.el7 \n antlr-tool.noarch 0:2.7.7-30.el7 \n apache-commons-cli.noarch 0:1.2-13.el7 \n apache-commons-codec.noarch 0:1.8-7.el7 \n apache-commons-collections.noarch 0:3.2.1-22.el7_2 \n apache-commons-daemon.x86_64 0:1.0.13-7.el7 \n apache-commons-dbcp.noarch 0:1.4-17.el7 \n apache-commons-io.noarch 1:2.4-12.el7 \n apache-commons-lang.noarch 0:2.6-15.el7 \n apache-commons-logging.noarch 0:1.1.2-7.el7 \n apache-commons-pool.noarch 0:1.6-9.el7 \n apr.x86_64 0:1.4.8-7.el7 \n apr-util.x86_64 0:1.5.2-6.el7 \n apr-util-openssl.x86_64 0:1.5.2-6.el7 \n args4j.noarch 0:2.0.16-13.el7 \n atk.x86_64 0:2.28.1-2.el7 \n augeas-libs.x86_64 0:1.4.0-10.el7 \n autofs.x86_64 1:5.0.7-116.el7_9 \n autogen-libopts.x86_64 0:5.18-5.el7 \n avahi-libs.x86_64 0:0.6.31-20.el7 \n avalon-framework.noarch 0:4.3-10.el7 \n avalon-logkit.noarch 0:2.1-14.el7 \n bcel.noarch 0:5.2-18.el7 \n bea-stax.noarch 0:1.2.0-9.el7 \n bea-stax-api.noarch 0:1.2.0-9.el7 \n bind-libs.x86_64 32:9.11.4-26.P2.el7_9.7 \n bind-libs-lite.x86_64 32:9.11.4-26.P2.el7_9.7 \n bind-license.noarch 32:9.11.4-26.P2.el7_9.7 \n bind-utils.x86_64 32:9.11.4-26.P2.el7_9.7 \n c-ares.x86_64 0:1.10.0-3.el7 \n cairo.x86_64 0:1.15.12-4.el7 \n cal10n.noarch 0:0.7.7-4.el7 \n centos-logos.noarch 0:70.0.6-3.el7.centos \n certmonger.x86_64 0:0.78.4-16.el7_9 \n codemodel.noarch 0:2.6-9.el7 \n copy-jdk-configs.noarch 0:3.3-10.el7_5 \n cups-libs.x86_64 1:1.6.3-51.el7 \n custodia.noarch 0:0.3.1-4.el7 \n cyrus-sasl-gssapi.x86_64 0:2.1.26-23.el7 \n cyrus-sasl-md5.x86_64 0:2.1.26-23.el7 \n cyrus-sasl-plain.x86_64 0:2.1.26-23.el7 \n dejavu-fonts-common.noarch 0:2.33-6.el7 \n dejavu-sans-fonts.noarch 0:2.33-6.el7 \n dom4j.noarch 0:1.6.1-20.el7 \n easymock2.noarch 0:2.5.2-12.el7 \n ecj.x86_64 1:4.5.2-3.el7 \n fontawesome-fonts.noarch 0:4.1.0-2.el7 \n fontconfig.x86_64 0:2.13.0-4.3.el7 \n fontpackages-filesystem.noarch 0:1.44-8.el7 \n fribidi.x86_64 0:1.0.2-1.el7_7.1 \n gdk-pixbuf2.x86_64 0:2.36.12-3.el7 \n geoipupdate.x86_64 0:2.5.0-1.el7 \n geronimo-jms.noarch 0:1.1.1-19.el7 \n geronimo-jta.noarch 0:1.1.1-17.el7 \n giflib.x86_64 0:4.1.6-9.el7 \n glassfish-dtd-parser.noarch 0:1.2-0.8.20120120svn.el7 \n glassfish-fastinfoset.noarch 0:1.2.12-9.el7 \n glassfish-jaxb.noarch 0:2.2.5-6.el7 \n glassfish-jaxb-api.noarch 0:2.2.7-4.el7 \n gnutls.x86_64 0:3.3.29-9.el7_6 \n gperftools-libs.x86_64 0:2.6.1-1.el7 \n graphite2.x86_64 0:1.3.10-1.el7_3 \n gtk-update-icon-cache.x86_64 0:3.22.30-6.el7 \n gtk2.x86_64 0:2.24.31-1.el7 \n hamcrest.noarch 0:1.3-6.el7 \n harfbuzz.x86_64 0:1.7.5-2.el7 \n hesiod.x86_64 0:3.2.1-3.el7 \n hicolor-icon-theme.noarch 0:0.12-7.el7 \n hsqldb.noarch 1:1.8.1.3-14.el7 \n http-parser.x86_64 0:2.7.1-9.el7 \n httpcomponents-client.noarch 0:4.2.5-5.el7_0 \n httpcomponents-core.noarch 0:4.2.4-6.el7 \n httpd.x86_64 0:2.4.6-97.el7.centos.1 \n httpd-tools.x86_64 0:2.4.6-97.el7.centos.1 \n ipa-client.x86_64 0:4.6.8-5.el7.centos.9 \n ipa-client-common.noarch 0:4.6.8-5.el7.centos.9 \n ipa-common.noarch 0:4.6.8-5.el7.centos.9 \n ipa-server-common.noarch 0:4.6.8-5.el7.centos.9 \n isorelax.noarch 1:0-0.15.release20050331.el7 \n istack-commons.noarch 0:2.17-4.el7 \n jackson.noarch 0:1.9.4-7.el7 \n jakarta-commons-httpclient.noarch 1:3.1-16.el7_0 \n jakarta-oro.noarch 0:2.0.8-16.el7 \n jasper-libs.x86_64 0:1.900.1-33.el7 \n java-1.8.0-openjdk.x86_64 1:1.8.0.312.b07-1.el7_9 \n java-1.8.0-openjdk-headless.x86_64 1:1.8.0.312.b07-1.el7_9 \n javamail.noarch 0:1.4.6-8.el7 \n javapackages-tools.noarch 0:3.4.1-11.el7 \n javassist.noarch 0:3.16.1-10.el7 \n jaxen.noarch 0:1.1.3-11.el7 \n jbigkit-libs.x86_64 0:2.0-11.el7 \n jboss-annotations-1.1-api.noarch 0:1.0.1-0.6.20120212git76e1a2.el7 \n jdom.noarch 0:1.1.3-6.el7 \n jing.noarch 0:20091111-14.el7 \n joda-convert.noarch 0:1.3-5.el7 \n joda-time.noarch 0:2.2-3.tzdata2013c.el7 \n jsr-311.noarch 0:1.1.1-6.el7 \n jss.x86_64 0:4.4.9-3.el7 \n junit.noarch 0:4.11-8.el7 \n jvnet-parent.noarch 0:4-2.el7 \n krb5-pkinit.x86_64 0:1.15.1-50.el7 \n krb5-server.x86_64 0:1.15.1-50.el7 \n krb5-workstation.x86_64 0:1.15.1-50.el7 \n ldapjdk.noarch 0:4.19-5.el7 \n libICE.x86_64 0:1.0.9-9.el7 \n libSM.x86_64 0:1.2.2-2.el7 \n libX11.x86_64 0:1.6.7-4.el7_9 \n libX11-common.noarch 0:1.6.7-4.el7_9 \n libXau.x86_64 0:1.0.8-2.1.el7 \n libXcomposite.x86_64 0:0.4.4-4.1.el7 \n libXcursor.x86_64 0:1.1.15-1.el7 \n libXdamage.x86_64 0:1.1.4-4.1.el7 \n libXext.x86_64 0:1.3.3-3.el7 \n libXfixes.x86_64 0:5.0.3-1.el7 \n libXft.x86_64 0:2.3.2-2.el7 \n libXi.x86_64 0:1.7.9-1.el7 \n libXinerama.x86_64 0:1.1.3-2.1.el7 \n libXrandr.x86_64 0:1.5.1-2.el7 \n libXrender.x86_64 0:0.9.10-1.el7 \n libXtst.x86_64 0:1.2.3-1.el7 \n libXxf86vm.x86_64 0:1.1.4-1.el7 \n libdhash.x86_64 0:0.5.0-32.el7 \n libdrm.x86_64 0:2.4.97-2.el7 \n libfontenc.x86_64 0:1.1.3-3.el7 \n libglvnd.x86_64 1:1.0.1-0.8.git5baa1e5.el7 \n libglvnd-egl.x86_64 1:1.0.1-0.8.git5baa1e5.el7 \n libglvnd-glx.x86_64 1:1.0.1-0.8.git5baa1e5.el7 \n libicu.x86_64 0:50.2-4.el7_7 \n libipa_hbac.x86_64 0:1.16.5-10.el7_9.10 \n libjpeg-turbo.x86_64 0:1.2.90-8.el7 \n libkadm5.x86_64 0:1.15.1-50.el7 \n libldb.x86_64 0:1.5.4-2.el7 \n libpciaccess.x86_64 0:0.14-1.el7 \n libsmbclient.x86_64 0:4.10.16-15.el7_9 \n libsss_autofs.x86_64 0:1.16.5-10.el7_9.10 \n libsss_certmap.x86_64 0:1.16.5-10.el7_9.10 \n libsss_idmap.x86_64 0:1.16.5-10.el7_9.10 \n libsss_nss_idmap.x86_64 0:1.16.5-10.el7_9.10 \n libsss_sudo.x86_64 0:1.16.5-10.el7_9.10 \n libtalloc.x86_64 0:2.1.16-1.el7 \n libtdb.x86_64 0:1.3.18-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n libthai.x86_64 0:0.1.14-9.el7 \n libtiff.x86_64 0:4.0.3-35.el7 \n libwayland-client.x86_64 0:1.15.0-1.el7 \n libwayland-server.x86_64 0:1.15.0-1.el7 \n libwbclient.x86_64 0:4.10.16-15.el7_9 \n libxcb.x86_64 0:1.13-1.el7 \n libxshmfence.x86_64 0:1.2-1.el7 \n libxslt.x86_64 0:1.1.28-6.el7 \n lksctp-tools.x86_64 0:1.0.17-2.el7 \n log4j.noarch 0:1.2.17-16.el7_4 \n mailcap.noarch 0:2.1.41-2.el7 \n mesa-libEGL.x86_64 0:18.3.4-12.el7_9 \n mesa-libGL.x86_64 0:18.3.4-12.el7_9 \n mesa-libgbm.x86_64 0:18.3.4-12.el7_9 \n mesa-libglapi.x86_64 0:18.3.4-12.el7_9 \n mod_auth_gssapi.x86_64 0:1.5.1-7.el7 \n mod_lookup_identity.x86_64 0:1.0.0-1.el7 \n mod_nss.x86_64 0:1.0.14-12.el7 \n mod_session.x86_64 0:2.4.6-97.el7.centos.1 \n mod_wsgi.x86_64 0:3.4-18.el7 \n msv-msv.noarch 1:2013.5.1-7.el7 \n msv-xsdlib.noarch 1:2013.5.1-7.el7 \n nettle.x86_64 0:2.7.1-9.el7_9 \n ntp.x86_64 0:4.2.6p5-29.el7.centos.2 \n ntpdate.x86_64 0:4.2.6p5-29.el7.centos.2 \n nuxwdog.x86_64 0:1.0.5-1.el7 \n nuxwdog-client-java.x86_64 0:1.0.5-1.el7 \n objectweb-asm.noarch 0:3.3.1-9.el7 \n oddjob.x86_64 0:0.31.5-4.el7 \n oddjob-mkhomedir.x86_64 0:0.31.5-4.el7 \n open-sans-fonts.noarch 0:1.10-1.el7 \n openldap-clients.x86_64 0:2.4.44-24.el7_9 \n pango.x86_64 0:1.42.4-4.el7_7 \n pcsc-lite-libs.x86_64 0:1.8.8-8.el7 \n perl.x86_64 4:5.16.3-299.el7_9 \n perl-Archive-Tar.noarch 0:1.92-3.el7 \n perl-Carp.noarch 0:1.26-244.el7 \n perl-Compress-Raw-Bzip2.x86_64 0:2.061-3.el7 \n perl-Compress-Raw-Zlib.x86_64 1:2.061-4.el7 \n perl-DB_File.x86_64 0:1.830-6.el7 \n perl-Data-Dumper.x86_64 0:2.145-3.el7 \n perl-Encode.x86_64 0:2.51-7.el7 \n perl-Exporter.noarch 0:5.68-3.el7 \n perl-File-Path.noarch 0:2.09-2.el7 \n perl-File-Temp.noarch 0:0.23.01-3.el7 \n perl-Filter.x86_64 0:1.49-3.el7 \n perl-Getopt-Long.noarch 0:2.40-3.el7 \n perl-HTTP-Tiny.noarch 0:0.033-3.el7 \n perl-IO-Compress.noarch 0:2.061-2.el7 \n perl-IO-Zlib.noarch 1:1.10-299.el7_9 \n perl-Mozilla-LDAP.x86_64 0:1.5.3-12.el7 \n perl-NetAddr-IP.x86_64 0:4.069-3.el7 \n perl-Package-Constants.noarch 1:0.02-299.el7_9 \n perl-PathTools.x86_64 0:3.40-5.el7 \n perl-Pod-Escapes.noarch 1:1.04-299.el7_9 \n perl-Pod-Perldoc.noarch 0:3.20-4.el7 \n perl-Pod-Simple.noarch 1:3.28-4.el7 \n perl-Pod-Usage.noarch 0:1.63-3.el7 \n perl-Scalar-List-Utils.x86_64 0:1.27-248.el7 \n perl-Socket.x86_64 0:2.010-5.el7 \n perl-Storable.x86_64 0:2.45-3.el7 \n perl-Text-ParseWords.noarch 0:3.29-4.el7 \n perl-Time-HiRes.x86_64 4:1.9725-3.el7 \n perl-Time-Local.noarch 0:1.2300-2.el7 \n perl-constant.noarch 0:1.27-2.el7 \n perl-libs.x86_64 4:5.16.3-299.el7_9 \n perl-macros.x86_64 4:5.16.3-299.el7_9 \n perl-parent.noarch 1:0.225-244.el7 \n perl-podlators.noarch 0:2.5.1-3.el7 \n perl-threads.x86_64 0:1.87-4.el7 \n perl-threads-shared.x86_64 0:1.43-6.el7 \n pixman.x86_64 0:0.34.0-1.el7 \n pki-base.noarch 0:10.5.18-17.el7_9 \n pki-base-java.noarch 0:10.5.18-17.el7_9 \n pki-ca.noarch 0:10.5.18-17.el7_9 \n pki-kra.noarch 0:10.5.18-17.el7_9 \n pki-server.noarch 0:10.5.18-17.el7_9 \n pki-tools.x86_64 0:10.5.18-17.el7_9 \n psmisc.x86_64 0:22.20-17.el7 \n python-augeas.noarch 0:0.5.0-2.el7 \n python-cffi.x86_64 0:1.6.0-5.el7 \n python-custodia.noarch 0:0.3.1-4.el7 \n python-dateutil.noarch 0:1.5-7.el7 \n python-dns.noarch 0:1.12.0-4.20150617git465785f.el7 \n python-enum34.noarch 0:1.0.4-1.el7 \n python-gssapi.x86_64 0:1.2.0-3.el7 \n python-idna.noarch 0:2.4-1.el7 \n python-javapackages.noarch 0:3.4.1-11.el7 \n python-jwcrypto.noarch 0:0.4.2-1.el7 \n python-kdcproxy.noarch 0:0.3.2-3.el7 \n python-ldap.x86_64 0:2.4.15-2.el7 \n python-libipa_hbac.x86_64 0:1.16.5-10.el7_9.10 \n python-lxml.x86_64 0:3.2.1-4.el7 \n python-netaddr.noarch 0:0.7.5-9.el7 \n python-netifaces.x86_64 0:0.10.4-3.el7 \n python-nss.x86_64 0:0.16.0-3.el7 \n python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n python-qrcode-core.noarch 0:5.0.1-1.el7 \n python-sss-murmur.x86_64 0:1.16.5-10.el7_9.10 \n python-sssdconfig.noarch 0:1.16.5-10.el7_9.10 \n python-yubico.noarch 0:1.2.3-1.el7 \n python2-cryptography.x86_64 0:1.7.2-2.el7 \n python2-ipaclient.noarch 0:4.6.8-5.el7.centos.9 \n python2-ipalib.noarch 0:4.6.8-5.el7.centos.9 \n python2-ipaserver.noarch 0:4.6.8-5.el7.centos.9 \n python2-pyasn1.noarch 0:0.1.9-7.el7 \n python2-pyasn1-modules.noarch 0:0.1.9-7.el7 \n pyusb.noarch 0:1.0.0-0.11.b1.el7 \n qdox.noarch 0:1.12.1-10.el7 \n regexp.noarch 0:1.5-13.el7 \n relaxngDatatype.noarch 0:1.0-11.el7 \n resteasy-base-atom-provider.noarch 0:3.0.6-4.el7 \n resteasy-base-client.noarch 0:3.0.6-4.el7 \n resteasy-base-jackson-provider.noarch 0:3.0.6-4.el7 \n resteasy-base-jaxb-provider.noarch 0:3.0.6-4.el7 \n resteasy-base-jaxrs.noarch 0:3.0.6-4.el7 \n resteasy-base-jaxrs-api.noarch 0:3.0.6-4.el7 \n rngom.noarch 0:201103-0.8.20120119svn.el7 \n samba-client-libs.x86_64 0:4.10.16-15.el7_9 \n samba-common.noarch 0:4.10.16-15.el7_9 \n samba-common-libs.x86_64 0:4.10.16-15.el7_9 \n scannotation.noarch 0:1.0.3-0.7.r12.el7 \n slapi-nis.x86_64 0:0.56.5-3.el7_9 \n slf4j.noarch 0:1.7.4-4.el7_4 \n softhsm.x86_64 0:2.1.0-3.el7 \n sssd.x86_64 0:1.16.5-10.el7_9.10 \n sssd-ad.x86_64 0:1.16.5-10.el7_9.10 \n sssd-client.x86_64 0:1.16.5-10.el7_9.10 \n sssd-common.x86_64 0:1.16.5-10.el7_9.10 \n sssd-common-pac.x86_64 0:1.16.5-10.el7_9.10 \n sssd-dbus.x86_64 0:1.16.5-10.el7_9.10 \n sssd-ipa.x86_64 0:1.16.5-10.el7_9.10 \n sssd-krb5.x86_64 0:1.16.5-10.el7_9.10 \n sssd-krb5-common.x86_64 0:1.16.5-10.el7_9.10 \n sssd-ldap.x86_64 0:1.16.5-10.el7_9.10 \n sssd-proxy.x86_64 0:1.16.5-10.el7_9.10 \n stax-ex.noarch 0:1.7.1-6.el7 \n stax2-api.noarch 0:3.1.1-10.el7 \n svrcore.x86_64 0:4.1.3-2.el7 \n systemd-python.x86_64 0:219-78.el7_9.3 \n tomcat.noarch 0:7.0.76-16.el7_9 \n tomcat-el-2.2-api.noarch 0:7.0.76-16.el7_9 \n tomcat-jsp-2.2-api.noarch 0:7.0.76-16.el7_9 \n tomcat-lib.noarch 0:7.0.76-16.el7_9 \n tomcat-servlet-3.0-api.noarch 0:7.0.76-16.el7_9 \n tomcatjss.noarch 0:7.2.5-1.el7 \n trousers.x86_64 0:0.3.14-2.el7 \n ttmkfdir.x86_64 0:3.0.9-42.el7 \n txw2.noarch 0:20110809-8.el7 \n tzdata-java.noarch 0:2021e-1.el7 \n velocity.noarch 0:1.7-10.el7 \n words.noarch 0:3.0-22.el7 \n ws-jaxme.noarch 0:0.5.2-10.el7 \n xalan-j2.noarch 0:2.7.1-23.el7 \n xerces-j2.noarch 0:2.11.0-17.el7_0 \n xml-commons-apis.noarch 0:1.4.01-16.el7 \n xml-commons-resolver.noarch 0:1.2-15.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n xorg-x11-font-utils.x86_64 1:7.5-21.el7 \n xorg-x11-fonts-Type1.noarch 0:7.5-9.el7 \n xpp3.noarch 0:1.1.3.8-11.el7 \n xsom.noarch 0:0-10.20110809svn.el7 \n\nDependency Updated:\n krb5-libs.x86_64 0:1.15.1-50.el7 openldap.x86_64 0:2.4.44-24.el7_9 \n systemd.x86_64 0:219-78.el7_9.3 systemd-libs.x86_64 0:219-78.el7_9.3 \n systemd-sysv.x86_64 0:219-78.el7_9.3 \n\nComplete!\n"]} TASK [ipaserver : Install - Ensure that IPA server packages for dns are installed] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:10 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["ipa-server-dns"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package ipa-server-dns.noarch 0:4.6.8-5.el7.centos.9 will be installed\n--> Processing Dependency: opendnssec >= 1.4.6-4 for package: ipa-server-dns-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: bind-pkcs11-utils >= 9.9.4-51 for package: ipa-server-dns-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: bind-pkcs11 >= 9.9.4-51 for package: ipa-server-dns-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: bind-dyndb-ldap >= 11.1-4 for package: ipa-server-dns-4.6.8-5.el7.centos.9.noarch\n--> Processing Dependency: bind >= 9.9.4-51 for package: ipa-server-dns-4.6.8-5.el7.centos.9.noarch\n--> Running transaction check\n---> Package bind.x86_64 32:9.11.4-26.P2.el7_9.7 will be installed\n---> Package bind-dyndb-ldap.x86_64 0:11.1-7.el7 will be installed\n---> Package bind-pkcs11.x86_64 32:9.11.4-26.P2.el7_9.7 will be installed\n--> Processing Dependency: bind-pkcs11-libs(x86-64) = 32:9.11.4-26.P2.el7_9.7 for package: 32:bind-pkcs11-9.11.4-26.P2.el7_9.7.x86_64\n--> Processing Dependency: libisc-pkcs11.so.169()(64bit) for package: 32:bind-pkcs11-9.11.4-26.P2.el7_9.7.x86_64\n--> Processing Dependency: libdns-pkcs11.so.1102()(64bit) for package: 32:bind-pkcs11-9.11.4-26.P2.el7_9.7.x86_64\n---> Package bind-pkcs11-utils.x86_64 32:9.11.4-26.P2.el7_9.7 will be installed\n---> Package opendnssec.x86_64 0:1.4.7-4.el7 will be installed\n--> Processing Dependency: opencryptoki for package: opendnssec-1.4.7-4.el7.x86_64\n--> Processing Dependency: libldns.so.1()(64bit) for package: opendnssec-1.4.7-4.el7.x86_64\n--> Running transaction check\n---> Package bind-pkcs11-libs.x86_64 32:9.11.4-26.P2.el7_9.7 will be installed\n---> Package ldns.x86_64 0:1.6.16-10.el7 will be installed\n--> Processing Dependency: libpcap.so.1()(64bit) for package: ldns-1.6.16-10.el7.x86_64\n---> Package opencryptoki.x86_64 0:3.12.1-3.el7_9 will be installed\n--> Processing Dependency: opencryptoki-libs(x86-64) = 3.12.1-3.el7_9 for package: opencryptoki-3.12.1-3.el7_9.x86_64\n--> Processing Dependency: opencryptoki-libs(x86-64) = 3.12.1-3.el7_9 for package: opencryptoki-3.12.1-3.el7_9.x86_64\n--> Processing Dependency: opencryptoki(token) for package: opencryptoki-3.12.1-3.el7_9.x86_64\n--> Processing Dependency: libitm.so.1(LIBITM_1.0)(64bit) for package: opencryptoki-3.12.1-3.el7_9.x86_64\n--> Processing Dependency: libitm.so.1()(64bit) for package: opencryptoki-3.12.1-3.el7_9.x86_64\n--> Running transaction check\n---> Package libitm.x86_64 0:4.8.5-44.el7 will be installed\n---> Package libpcap.x86_64 14:1.5.3-12.el7 will be installed\n---> Package opencryptoki-libs.x86_64 0:3.12.1-3.el7_9 will be installed\n---> Package opencryptoki-swtok.x86_64 0:3.12.1-3.el7_9 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n ipa-server-dns noarch 4.6.8-5.el7.centos.9 updates 194 k\nInstalling for dependencies:\n bind x86_64 32:9.11.4-26.P2.el7_9.7 updates 2.3 M\n bind-dyndb-ldap x86_64 11.1-7.el7 base 121 k\n bind-pkcs11 x86_64 32:9.11.4-26.P2.el7_9.7 updates 362 k\n bind-pkcs11-libs x86_64 32:9.11.4-26.P2.el7_9.7 updates 1.1 M\n bind-pkcs11-utils x86_64 32:9.11.4-26.P2.el7_9.7 updates 209 k\n ldns x86_64 1.6.16-10.el7 base 476 k\n libitm x86_64 4.8.5-44.el7 base 92 k\n libpcap x86_64 14:1.5.3-12.el7 base 139 k\n opencryptoki x86_64 3.12.1-3.el7_9 updates 76 k\n opencryptoki-libs x86_64 3.12.1-3.el7_9 updates 49 k\n opencryptoki-swtok x86_64 3.12.1-3.el7_9 updates 196 k\n opendnssec x86_64 1.4.7-4.el7 base 437 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+12 Dependent packages)\n\nTotal download size: 5.7 M\nInstalled size: 14 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 16 MB/s | 5.7 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : libitm-4.8.5-44.el7.x86_64 1/13 \n Installing : opencryptoki-libs-3.12.1-3.el7_9.x86_64 2/13 \n Installing : 32:bind-9.11.4-26.P2.el7_9.7.x86_64 3/13 \n Installing : 32:bind-pkcs11-libs-9.11.4-26.P2.el7_9.7.x86_64 4/13 \n Installing : 32:bind-pkcs11-9.11.4-26.P2.el7_9.7.x86_64 5/13 \n Installing : 32:bind-pkcs11-utils-9.11.4-26.P2.el7_9.7.x86_64 6/13 \n Installing : bind-dyndb-ldap-11.1-7.el7.x86_64 7/13 \n Installing : opencryptoki-swtok-3.12.1-3.el7_9.x86_64 8/13 \n Installing : opencryptoki-3.12.1-3.el7_9.x86_64 9/13 \n Installing : 14:libpcap-1.5.3-12.el7.x86_64 10/13 \n Installing : ldns-1.6.16-10.el7.x86_64 11/13 \n Installing : opendnssec-1.4.7-4.el7.x86_64 12/13 \n Installing : ipa-server-dns-4.6.8-5.el7.centos.9.noarch 13/13 \n Verifying : 32:bind-pkcs11-9.11.4-26.P2.el7_9.7.x86_64 1/13 \n Verifying : 32:bind-pkcs11-libs-9.11.4-26.P2.el7_9.7.x86_64 2/13 \n Verifying : opendnssec-1.4.7-4.el7.x86_64 3/13 \n Verifying : 32:bind-pkcs11-utils-9.11.4-26.P2.el7_9.7.x86_64 4/13 \n Verifying : ipa-server-dns-4.6.8-5.el7.centos.9.noarch 5/13 \n Verifying : opencryptoki-3.12.1-3.el7_9.x86_64 6/13 \n Verifying : libitm-4.8.5-44.el7.x86_64 7/13 \n Verifying : 32:bind-9.11.4-26.P2.el7_9.7.x86_64 8/13 \n Verifying : 14:libpcap-1.5.3-12.el7.x86_64 9/13 \n Verifying : bind-dyndb-ldap-11.1-7.el7.x86_64 10/13 \n Verifying : ldns-1.6.16-10.el7.x86_64 11/13 \n Verifying : opencryptoki-swtok-3.12.1-3.el7_9.x86_64 12/13 \n Verifying : opencryptoki-libs-3.12.1-3.el7_9.x86_64 13/13 \n\nInstalled:\n ipa-server-dns.noarch 0:4.6.8-5.el7.centos.9 \n\nDependency Installed:\n bind.x86_64 32:9.11.4-26.P2.el7_9.7 \n bind-dyndb-ldap.x86_64 0:11.1-7.el7 \n bind-pkcs11.x86_64 32:9.11.4-26.P2.el7_9.7 \n bind-pkcs11-libs.x86_64 32:9.11.4-26.P2.el7_9.7 \n bind-pkcs11-utils.x86_64 32:9.11.4-26.P2.el7_9.7 \n ldns.x86_64 0:1.6.16-10.el7 \n libitm.x86_64 0:4.8.5-44.el7 \n libpcap.x86_64 14:1.5.3-12.el7 \n opencryptoki.x86_64 0:3.12.1-3.el7_9 \n opencryptoki-libs.x86_64 0:3.12.1-3.el7_9 \n opencryptoki-swtok.x86_64 0:3.12.1-3.el7_9 \n opendnssec.x86_64 0:1.4.7-4.el7 \n\nComplete!\n"]} TASK [ipaserver : Install - Ensure that IPA server packages for adtrust are installed] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:16 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaserver : Install - Ensure that firewall packages installed] *********** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:22 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["firewalld"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package firewalld.noarch 0:0.6.3-13.el7_9 will be installed\n--> Processing Dependency: python-firewall = 0.6.3-13.el7_9 for package: firewalld-0.6.3-13.el7_9.noarch\n--> Processing Dependency: firewalld-filesystem = 0.6.3-13.el7_9 for package: firewalld-0.6.3-13.el7_9.noarch\n--> Processing Dependency: ipset for package: firewalld-0.6.3-13.el7_9.noarch\n--> Processing Dependency: ebtables for package: firewalld-0.6.3-13.el7_9.noarch\n--> Running transaction check\n---> Package ebtables.x86_64 0:2.0.10-16.el7 will be installed\n---> Package firewalld-filesystem.noarch 0:0.6.3-13.el7_9 will be installed\n---> Package ipset.x86_64 0:7.1-1.el7 will be installed\n--> Processing Dependency: ipset-libs(x86-64) = 7.1-1.el7 for package: ipset-7.1-1.el7.x86_64\n--> Processing Dependency: libipset.so.13(LIBIPSET_4.8)(64bit) for package: ipset-7.1-1.el7.x86_64\n--> Processing Dependency: libipset.so.13(LIBIPSET_2.0)(64bit) for package: ipset-7.1-1.el7.x86_64\n--> Processing Dependency: libipset.so.13()(64bit) for package: ipset-7.1-1.el7.x86_64\n---> Package python-firewall.noarch 0:0.6.3-13.el7_9 will be installed\n--> Processing Dependency: python-slip-dbus for package: python-firewall-0.6.3-13.el7_9.noarch\n--> Running transaction check\n---> Package ipset-libs.x86_64 0:7.1-1.el7 will be installed\n---> Package python-slip-dbus.noarch 0:0.4.0-4.el7 will be installed\n--> Processing Dependency: python-slip = 0.4.0-4.el7 for package: python-slip-dbus-0.4.0-4.el7.noarch\n--> Running transaction check\n---> Package python-slip.noarch 0:0.4.0-4.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n firewalld noarch 0.6.3-13.el7_9 updates 449 k\nInstalling for dependencies:\n ebtables x86_64 2.0.10-16.el7 base 123 k\n firewalld-filesystem noarch 0.6.3-13.el7_9 updates 51 k\n ipset x86_64 7.1-1.el7 base 39 k\n ipset-libs x86_64 7.1-1.el7 base 64 k\n python-firewall noarch 0.6.3-13.el7_9 updates 355 k\n python-slip noarch 0.4.0-4.el7 base 31 k\n python-slip-dbus noarch 0.4.0-4.el7 base 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+7 Dependent packages)\n\nTotal download size: 1.1 M\nInstalled size: 4.5 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 3.1 MB/s | 1.1 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : ebtables-2.0.10-16.el7.x86_64 1/8 \n Installing : ipset-libs-7.1-1.el7.x86_64 2/8 \n Installing : ipset-7.1-1.el7.x86_64 3/8 \n Installing : python-slip-0.4.0-4.el7.noarch 4/8 \n Installing : python-slip-dbus-0.4.0-4.el7.noarch 5/8 \n Installing : python-firewall-0.6.3-13.el7_9.noarch 6/8 \n Installing : firewalld-filesystem-0.6.3-13.el7_9.noarch 7/8 \n Installing : firewalld-0.6.3-13.el7_9.noarch 8/8 \n Verifying : ipset-7.1-1.el7.x86_64 1/8 \n Verifying : python-slip-dbus-0.4.0-4.el7.noarch 2/8 \n Verifying : firewalld-filesystem-0.6.3-13.el7_9.noarch 3/8 \n Verifying : firewalld-0.6.3-13.el7_9.noarch 4/8 \n Verifying : python-slip-0.4.0-4.el7.noarch 5/8 \n Verifying : python-firewall-0.6.3-13.el7_9.noarch 6/8 \n Verifying : ipset-libs-7.1-1.el7.x86_64 7/8 \n Verifying : ebtables-2.0.10-16.el7.x86_64 8/8 \n\nInstalled:\n firewalld.noarch 0:0.6.3-13.el7_9 \n\nDependency Installed:\n ebtables.x86_64 0:2.0.10-16.el7 \n firewalld-filesystem.noarch 0:0.6.3-13.el7_9 \n ipset.x86_64 0:7.1-1.el7 \n ipset-libs.x86_64 0:7.1-1.el7 \n python-firewall.noarch 0:0.6.3-13.el7_9 \n python-slip.noarch 0:0.4.0-4.el7 \n python-slip-dbus.noarch 0:0.4.0-4.el7 \n\nComplete!\n"]} TASK [ipaserver : Firewalld service - Ensure that firewalld is running] ******** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:31 changed: [/cache/centos-7.qcow2c] => {"changed": true, "enabled": true, "name": "firewalld", "state": "started", "status": {"ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "polkit.service dbus.service basic.target system.slice", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "multi-user.target shutdown.target network-pre.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedoraproject.FirewallD1", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "yes", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "ip6tables.service shutdown.target ipset.service iptables.service ebtables.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "firewalld - dynamic firewall daemon", "DevicePolicy": "auto", "Documentation": "man:firewalld(1)", "EnvironmentFile": "/etc/sysconfig/firewalld (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStart": "{ path=/usr/sbin/firewalld ; argv[]=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/firewalld.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "firewalld.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "mixed", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14969", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14969", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "firewalld.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "null", "StandardInput": "null", "StandardOutput": "null", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "enabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "Wants": "network-pre.target", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0"}} TASK [Firewalld - Verify runtime zone "{{ ipaserver_firewalld_zone }}"] ******** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:37 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Firewalld - Verify permanent zone "{{ ipaserver_firewalld_zone }}"] ****** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:44 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaserver : include_tasks] *********************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:54 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaserver : Install - Server installation test] ************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:60 ok: [/cache/centos-7.qcow2c] => {"_dirsrv_ca_cert": null, "_dirsrv_pkcs12_info": null, "_hostname_overridden": true, "_http_ca_cert": null, "_http_pkcs12_info": null, "_installation_cleanup": true, "_pkinit_ca_cert": null, "_pkinit_pkcs12_info": null, "changed": false, "domain": "test.local", "domainlevel": 1, "external_ca": false, "external_ca_profile": null, "external_ca_type": null, "hostname": "ipaserver.test.local", "idmax": 778399999, "idstart": 778200000, "ipa_python_version": 40608, "no_host_dns": true, "no_pkinit": false, "ntp_pool": null, "ntp_servers": null, "realm": "TEST.LOCAL", "rid_base": 1000, "secondary_rid_base": 100000000, "setup_adtrust": false, "setup_ca": true, "setup_kra": false} TASK [ipaserver : Install - Master password creation] ************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:137 changed: [/cache/centos-7.qcow2c] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true} TASK [ipaserver : Install - Use new master password] *************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:144 ok: [/cache/centos-7.qcow2c] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [ipaserver : Install - Server preparation] ******************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:152 changed: [/cache/centos-7.qcow2c] => {"_ca_subject": "CN=Certificate Authority,O=TEST.LOCAL", "_subject_base": "O=TEST.LOCAL", "adtrust_netbios_name": null, "adtrust_reset_netbios_name": false, "ca_subject": "CN=Certificate Authority,O=TEST.LOCAL", "changed": true, "dns_ip_addresses": ["10.0.2.15"], "dns_reverse_zones": [], "forward_policy": "only", "forwarders": ["10.0.2.3"], "ip_addresses": ["10.0.2.15"], "no_dnssec_validation": true, "reverse_zones": [], "subject_base": "O=TEST.LOCAL"} TASK [ipaserver : Install - Setup NTP] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:196 changed: [/cache/centos-7.qcow2c] => {"changed": true} TASK [ipaserver : Install - Setup DS] ****************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:203 changed: [/cache/centos-7.qcow2c] => {"changed": true} TASK [ipaserver : Install - Setup KRB] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:232 changed: [/cache/centos-7.qcow2c] => {"changed": true} TASK [ipaserver : Install - Setup custodia] ************************************ task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:259 changed: [/cache/centos-7.qcow2c] => {"changed": true} TASK [ipaserver : Install - Setup CA] ****************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:265 changed: [/cache/centos-7.qcow2c] => {"changed": true, "csr_generated": false} TASK [ipaserver : Copy /root/ipa.csr to "/cache/centos-7.qcow2c-ipa.csr"] ****** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:306 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaserver : Install - Setup otpd] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:315 changed: [/cache/centos-7.qcow2c] => {"changed": true} TASK [ipaserver : Install - Setup HTTP] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:321 changed: [/cache/centos-7.qcow2c] => {"changed": true} TASK [ipaserver : Install - Setup KRA] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:353 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaserver : Install - Setup DNS] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:364 changed: [/cache/centos-7.qcow2c] => {"changed": true} TASK [ipaserver : Install - Setup ADTRUST] ************************************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:381 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaserver : Install - Set DS password] *********************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:396 changed: [/cache/centos-7.qcow2c] => {"changed": true} TASK [Install - Setup client] ************************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:413 TASK [ipaclient : Import variables specific to distribution] ******************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/main.yml:4 ok: [/cache/centos-7.qcow2c] => (item=/tmp/freeipa-repo/roles/ipaclient/vars/CentOS-7.yml) => {"ansible_facts": {"ipaclient_packages": ["ipa-client", "libselinux-python"]}, "ansible_included_var_files": ["/tmp/freeipa-repo/roles/ipaclient/vars/CentOS-7.yml"], "ansible_loop_var": "item", "changed": false, "item": "/tmp/freeipa-repo/roles/ipaclient/vars/CentOS-7.yml"} TASK [ipaclient : Install IPA client] ****************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/main.yml:12 included: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml for /cache/centos-7.qcow2c TASK [ipaclient : Install - Ensure that IPA client packages are installed] ***** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:4 ok: [/cache/centos-7.qcow2c] => {"changed": false, "msg": "", "rc": 0, "results": ["ipa-client-4.6.8-5.el7.centos.9.x86_64 providing ipa-client is already installed", "libselinux-python-2.5-15.el7.x86_64 providing libselinux-python is already installed"]} TASK [Install - Set ipaclient_servers] ***************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:10 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Install - Set ipaclient_servers from cluster inventory] ****************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:15 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : Install - Check that either principal or keytab is set] ****** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:21 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : Install - Set default principal if no keytab is given] ******* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:25 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"ipaadmin_principal": "admin"}, "changed": false} TASK [ipaclient : Install - IPA client test] *********************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:30 ok: [/cache/centos-7.qcow2c] => {"basedn": "dc=test,dc=local", "changed": false, "client_already_configured": false, "client_domain": "test.local", "dnsok": false, "domain": "test.local", "hostname": "ipaserver.test.local", "ipa_python_version": 40608, "kdc": "ipaserver.test.local", "ntp_pool": null, "ntp_servers": null, "realm": "TEST.LOCAL", "servers": ["ipaserver.test.local"], "sssd": true} TASK [ipaclient : Install - Cleanup leftover ccache] *************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:56 ok: [/cache/centos-7.qcow2c] => {"changed": false, "path": "/etc/ipa/.dns_ccache", "state": "absent"} TASK [ipaclient : Install - Configure NTP] ************************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:61 ok: [/cache/centos-7.qcow2c] => {"changed": false} TASK [ipaclient : Install - Make sure One-Time Password is enabled if it's already defined] *** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:73 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : Install - Disable One-Time Password for on_master] *********** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:78 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : Install - Test if IPA client has working krb5.keytab] ******** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:83 ok: [/cache/centos-7.qcow2c] => {"ca_crt_exists": true, "changed": false, "krb5_conf_ok": true, "krb5_keytab_ok": true, "ping_test_ok": false} TASK [ipaclient : Install - Disable One-Time Password for client with working krb5.keytab] *** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:93 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : Install - Keytab or password is required for getting otp] **** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:109 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : Install - Get One-Time Password for client enrollment] ******* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:113 skipping: [/cache/centos-7.qcow2c] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [ipaclient : Install - Report error for OTP generation] ******************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:132 skipping: [/cache/centos-7.qcow2c] => {} TASK [ipaclient : Install - Store the previously obtained OTP] ***************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:138 skipping: [/cache/centos-7.qcow2c] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [ipaclient : Store predefined OTP in admin_password] ********************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:147 skipping: [/cache/centos-7.qcow2c] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [ipaclient : Install - Check if principal and keytab are set] ************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:163 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : Install - Check if one of password or keytabs are set] ******* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:167 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : Install - Purge TEST.LOCAL from host keytab] ***************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:175 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : Install - Backup and set hostname] *************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:188 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : Install - Join IPA] ****************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:193 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : fail] ******************************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:215 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : fail] ******************************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:220 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : fail] ******************************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:223 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : Install - Configure IPA default.conf] ************************ task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:235 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : Install - Configure SSSD] ************************************ task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:244 changed: [/cache/centos-7.qcow2c] => {"changed": true} TASK [ipaclient : Install - Configure krb5 for IPA realm] ********************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:266 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : Install - IPA API calls for remaining enrollment parts] ****** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:280 changed: [/cache/centos-7.qcow2c] => {"ca_enabled": true, "changed": true, "subject_base": "O=TEST.LOCAL"} TASK [ipaclient : Install - Fix IPA ca] **************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:288 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : Install - Create IPA NSS database] *************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:298 changed: [/cache/centos-7.qcow2c] => {"ca_enabled_ra": true, "changed": true} TASK [ipaclient : Install - Configure SSH and SSHD] **************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:329 changed: [/cache/centos-7.qcow2c] => {"changed": true} TASK [ipaclient : Install - Configure automount] ******************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:337 changed: [/cache/centos-7.qcow2c] => {"changed": true} TASK [ipaclient : Install - Configure firefox] ********************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:343 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaclient : Install - Configure NIS] ************************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:349 changed: [/cache/centos-7.qcow2c] => {"changed": true} TASK [ipaclient : Install - Restore original admin password if overwritten by OTP] *** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:367 skipping: [/cache/centos-7.qcow2c] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [ipaclient : Cleanup leftover ccache] ************************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:373 ok: [/cache/centos-7.qcow2c] => {"changed": false, "path": "/etc/ipa/.dns_ccache", "state": "absent"} TASK [ipaclient : Uninstall IPA client] **************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/main.yml:16 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [ipaserver : Install - Enable IPA] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:428 changed: [/cache/centos-7.qcow2c] => {"changed": true} TASK [ipaserver : Install - Cleanup root IPA cache] **************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:435 ok: [/cache/centos-7.qcow2c] => {"changed": false, "path": "/root/.ipa_cache", "state": "absent"} TASK [ipaserver : Install - Configure firewalld] ******************************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:441 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["firewall-cmd", "--permanent", "--zone=", "--add-service=freeipa-ldap", "--add-service=freeipa-ldaps", "--add-service=dns", "--add-service=ntp"], "delta": "0:00:00.304031", "end": "2021-11-03 00:54:30.439224", "rc": 0, "start": "2021-11-03 00:54:30.135193", "stderr": "", "stderr_lines": [], "stdout": "success", "stdout_lines": ["success"]} TASK [ipaserver : Install - Configure firewalld runtime] *********************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:455 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["firewall-cmd", "--zone=", "--add-service=freeipa-ldap", "--add-service=freeipa-ldaps", "--add-service=dns", "--add-service=ntp"], "delta": "0:00:00.342685", "end": "2021-11-03 00:54:31.228968", "rc": 0, "start": "2021-11-03 00:54:30.886283", "stderr": "", "stderr_lines": [], "stdout": "success", "stdout_lines": ["success"]} TASK [ipaserver : Cleanup temporary files] ************************************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:471 ok: [/cache/centos-7.qcow2c] => (item=/etc/ipa/.tmp_pkcs12_dirsrv) => {"ansible_loop_var": "item", "changed": false, "item": "/etc/ipa/.tmp_pkcs12_dirsrv", "path": "/etc/ipa/.tmp_pkcs12_dirsrv", "state": "absent"} ok: [/cache/centos-7.qcow2c] => (item=/etc/ipa/.tmp_pkcs12_http) => {"ansible_loop_var": "item", "changed": false, "item": "/etc/ipa/.tmp_pkcs12_http", "path": "/etc/ipa/.tmp_pkcs12_http", "state": "absent"} ok: [/cache/centos-7.qcow2c] => (item=/etc/ipa/.tmp_pkcs12_pkinit) => {"ansible_loop_var": "item", "changed": false, "item": "/etc/ipa/.tmp_pkcs12_pkinit", "path": "/etc/ipa/.tmp_pkcs12_pkinit", "state": "absent"} TASK [ipaserver : Uninstall IPA server] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/main.yml:16 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY [Issue IPA signed certificates] ******************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_basic_ipa.yml:8 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 ok: [/cache/centos-7.qcow2c] => {"changed": false, "msg": "", "rc": 0, "results": ["python2-pyasn1-0.1.9-7.el7.noarch providing python-pyasn1 is already installed", "python2-cryptography-1.7.2-2.el7.x86_64 providing python-cryptography is already installed", "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 ok: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "msg": "", "rc": 0, "results": ["certmonger-0.78.4-16.el7_9.x86_64 providing certmonger is already installed"]} TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 ok: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "enabled": true, "name": "certmonger", "state": "started", "status": {"ActiveEnterTimestamp": "Wed 2021-11-03 00:51:48 UTC", "ActiveEnterTimestampMonotonic": "212231917", "ActiveExitTimestampMonotonic": "0", "ActiveState": "active", "After": "systemd-journald.socket basic.target network.target dbus.service syslog.target system.slice", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Wed 2021-11-03 00:51:48 UTC", "AssertTimestampMonotonic": "212220232", "Before": "multi-user.target shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Wed 2021-11-03 00:51:48 UTC", "ConditionTimestampMonotonic": "212220231", "Conflicts": "shutdown.target", "ControlGroup": "/system.slice/certmonger.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "13081", "ExecMainStartTimestamp": "Wed 2021-11-03 00:51:48 UTC", "ExecMainStartTimestampMonotonic": "212220833", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestamp": "Wed 2021-11-03 00:51:48 UTC", "InactiveExitTimestampMonotonic": "212220865", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14969", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14969", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "13081", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "WatchdogTimestamp": "Wed 2021-11-03 00:51:48 UTC", "WatchdogTimestampMonotonic": "212231879", "WatchdogUSec": "0"}} TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 changed: [/cache/centos-7.qcow2c] => (item={u'ca': u'ipa', u'name': u'mycert', u'dns': u'ipaserver.test.local', u'principal': u'HTTP/ipaserver.test.local@TEST.LOCAL'}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "ipa", "dns": "ipaserver.test.local", "name": "mycert", "principal": "HTTP/ipaserver.test.local@TEST.LOCAL"}, "msg": "Certificate requested (new)."} changed: [/cache/centos-7.qcow2c] => (item={u'ca': u'ipa', u'group': u'ftp', u'name': u'groupcert', u'dns': u'ipaserver.test.local', u'principal': u'HTTP/ipaserver.test.local@TEST.LOCAL'}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "ipa", "dns": "ipaserver.test.local", "group": "ftp", "name": "groupcert", "principal": "HTTP/ipaserver.test.local@TEST.LOCAL"}, "msg": "Certificate requested (new). File attributes updated."} META: ran handlers META: ran handlers PLAY [Verify certificates] ***************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_basic_ipa.yml:27 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_basic_ipa.yml:84 included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python3"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-18.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-18.el7 for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-18.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-18.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-18.el7 updates 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-18.el7 updates 6.9 M\n python3-pip noarch 9.0.3-8.el7 base 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 base 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 29 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-libs-3.6.8-18.el7.x86_64 1/4 \n Installing : python3-3.6.8-18.el7.x86_64 2/4 \n Installing : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Verifying : python3-libs-3.6.8-18.el7.x86_64 2/4 \n Verifying : python3-3.6.8-18.el7.x86_64 3/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-18.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-18.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Collecting pip\n Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)\nInstalling collected packages: pip\n Found existing installation: pip 9.0.3\n Uninstalling pip-9.0.3:\n Successfully uninstalled pip-9.0.3\nSuccessfully installed pip-21.3.1\n", "stdout_lines": ["Collecting pip", " Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)", "Installing collected packages: pip", " Found existing installation: pip 9.0.3", " Uninstalling pip-9.0.3:", " Successfully uninstalled pip-9.0.3", "Successfully installed pip-21.3.1"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Collecting cryptography<35\n Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)\nCollecting certreader>=0.1.1\n Downloading certreader-0.1.1.tar.gz (4.4 kB)\n Preparing metadata (setup.py): started\n Preparing metadata (setup.py): finished with status 'done'\nCollecting cffi>=1.12\n Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)\nCollecting pyasn1\n Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)\nCollecting pyyaml\n Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)\nCollecting pycparser\n Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)\nUsing legacy 'setup.py install' for certreader, since package 'wheel' is not installed.\nInstalling collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader\n Running setup.py install for certreader: started\n Running setup.py install for certreader: finished with status 'done'\nSuccessfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0\n", "stdout_lines": ["Collecting cryptography<35", " Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)", "Collecting certreader>=0.1.1", " Downloading certreader-0.1.1.tar.gz (4.4 kB)", " Preparing metadata (setup.py): started", " Preparing metadata (setup.py): finished with status 'done'", "Collecting cffi>=1.12", " Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)", "Collecting pyasn1", " Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)", "Collecting pyyaml", " Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)", "Collecting pycparser", " Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)", "Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed.", "Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader", " Running setup.py install for certreader: started", " Running setup.py install for certreader: finished with status 'done'", "Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635900878.7583318, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "252ef63996f52c6d82be44d4ca70b79012763219", "ctime": 1635900878.7553318, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 353859, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635900878.7553318, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1684, "uid": 0, "version": "18446744072651781946", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635900877.4873319, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "81afd2040ce6cee051e81f13f5408adc28d308e6", "ctime": 1635900878.7553318, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 13365360, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635900878.7553318, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744073038015692", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt"], "delta": "0:00:00.288793", "end": "2021-11-03 00:54:55.797774", "rc": 0, "start": "2021-11-03 00:54:55.508981", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"organizationName\",\n \"oid\": \"2.5.4.10\",\n \"value\": \"TEST.LOCAL\"\n },\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"ipaserver.test.local\"\n }\n ],\n \"extensions\": {\n \"authorityKeyIdentifier\": {\n \"value\": \"6F:94:A3:18:14:00:14:FA:03:12:1D:8E:E1:BC:2C:21:2D:0E:E8:D7\",\n \"critical\": false\n },\n \"authorityInfoAccess\": {\n \"value\": [\n {\n \"method\": \"OCSP\",\n \"location\": \"http://ipa-ca.test.local/ca/ocsp\"\n }\n ],\n \"critical\": false\n },\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"content_commitment\",\n \"key_encipherment\",\n \"data_encipherment\"\n ],\n \"critical\": true\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n }\n ],\n \"critical\": false\n },\n \"cRLDistributionPoints\": {\n \"value\": [\n {\n \"full_name\": [\n \"http://ipa-ca.test.local/ipa/crl/MasterCRL.bin\"\n ],\n \"crl_issuer\": [\n {\n \"organizationName\": \"ipaca\",\n \"commonName\": \"Certificate Authority\"\n }\n ]\n }\n ],\n \"critical\": false\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"BC:A9:5F:8A:30:E1:82:BF:0C:1F:B1:09:81:1C:1C:62:3D:8C:27:AF\",\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"ipaserver.test.local\"\n },\n {\n \"name\": \"Universal Principal Name (UPN)\",\n \"value\": \"HTTP/ipaserver.test.local@TEST.LOCAL\",\n \"oid\": \"1.3.6.1.4.1.311.20.2.3\"\n },\n {\n \"name\": \"Kerberos principalname\",\n \"value\": \"HTTP/ipaserver.test.local@TEST.LOCAL\",\n \"oid\": \"1.3.6.1.5.2.2\"\n }\n ],\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"0E:23:93:90:71:36:00:9C:FC:3E:43:F7:30:59:57:98:CC:A9:7B:5F:F5:E7:C6:2C:93:AD:F1:65:46:FE:C7:3B:A8:81:80:6A:C1:16:66:9E:CF:EE:D6:2D:42:C3:CF:30:E3:FC:28:28:F5:68:BB:C7:99:F2:C0:57:B7:93:93:2B:D5:64:E5:8B:33:9B:3F:2C:96:16:78:B6:47:44:74:53:43:99:4B:E2:9F:32:89:B4:9B:23:DC:24:76:A7:69:AD:2D:A7:96:1E:B9:D9:23:0E:1F:0D:9E:0D:98:F5:3F:D2:0E:89:0A:C1:24:7F:AD:F4:BE:16:D4:4F:9B:3E:0E:12:D2:A1:D2:D5:34:EF:44:F3:E8:5E:F9:AB:7B:A2:3D:5D:88:C7:95:88:90:7D:C1:57:57:E4:6E:8E:D1:31:AC:A6:91:46:E5:E3:9B:C4:16:52:B1:13:50:CF:F0:2F:2F:56:D0:E0:5B:C9:A1:34:E6:C4:6A:69:B9:64:82:88:D2:FD:C6:BD:D4:89:EC:F8:E5:0B:9F:5B:54:7A:68:C8:81:08:25:65:48:E2:E9:B2:69:ED:4D:2A:FB:C4:5B:64:BE:E3:56:6E:56:2D:9F:FC:DF:FC:3C:2D:A4:41:84:24:03:54:B5:4E:F3:E8:CA:FF:80:57:4B:F8:D1:A3:B4:96:F9:4F\"\n },\n \"key_size\": 2048,\n \"validity\": {\n \"not_valid_after\": \"2023-11-04 00:54:38\",\n \"not_valid_before\": \"2021-11-03 00:54:38\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"organizationName\",", " \"oid\": \"2.5.4.10\",", " \"value\": \"TEST.LOCAL\"", " },", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"ipaserver.test.local\"", " }", " ],", " \"extensions\": {", " \"authorityKeyIdentifier\": {", " \"value\": \"6F:94:A3:18:14:00:14:FA:03:12:1D:8E:E1:BC:2C:21:2D:0E:E8:D7\",", " \"critical\": false", " },", " \"authorityInfoAccess\": {", " \"value\": [", " {", " \"method\": \"OCSP\",", " \"location\": \"http://ipa-ca.test.local/ca/ocsp\"", " }", " ],", " \"critical\": false", " },", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"content_commitment\",", " \"key_encipherment\",", " \"data_encipherment\"", " ],", " \"critical\": true", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " }", " ],", " \"critical\": false", " },", " \"cRLDistributionPoints\": {", " \"value\": [", " {", " \"full_name\": [", " \"http://ipa-ca.test.local/ipa/crl/MasterCRL.bin\"", " ],", " \"crl_issuer\": [", " {", " \"organizationName\": \"ipaca\",", " \"commonName\": \"Certificate Authority\"", " }", " ]", " }", " ],", " \"critical\": false", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"BC:A9:5F:8A:30:E1:82:BF:0C:1F:B1:09:81:1C:1C:62:3D:8C:27:AF\",", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"ipaserver.test.local\"", " },", " {", " \"name\": \"Universal Principal Name (UPN)\",", " \"value\": \"HTTP/ipaserver.test.local@TEST.LOCAL\",", " \"oid\": \"1.3.6.1.4.1.311.20.2.3\"", " },", " {", " \"name\": \"Kerberos principalname\",", " \"value\": \"HTTP/ipaserver.test.local@TEST.LOCAL\",", " \"oid\": \"1.3.6.1.5.2.2\"", " }", " ],", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"0E:23:93:90:71:36:00:9C:FC:3E:43:F7:30:59:57:98:CC:A9:7B:5F:F5:E7:C6:2C:93:AD:F1:65:46:FE:C7:3B:A8:81:80:6A:C1:16:66:9E:CF:EE:D6:2D:42:C3:CF:30:E3:FC:28:28:F5:68:BB:C7:99:F2:C0:57:B7:93:93:2B:D5:64:E5:8B:33:9B:3F:2C:96:16:78:B6:47:44:74:53:43:99:4B:E2:9F:32:89:B4:9B:23:DC:24:76:A7:69:AD:2D:A7:96:1E:B9:D9:23:0E:1F:0D:9E:0D:98:F5:3F:D2:0E:89:0A:C1:24:7F:AD:F4:BE:16:D4:4F:9B:3E:0E:12:D2:A1:D2:D5:34:EF:44:F3:E8:5E:F9:AB:7B:A2:3D:5D:88:C7:95:88:90:7D:C1:57:57:E4:6E:8E:D1:31:AC:A6:91:46:E5:E3:9B:C4:16:52:B1:13:50:CF:F0:2F:2F:56:D0:E0:5B:C9:A1:34:E6:C4:6A:69:B9:64:82:88:D2:FD:C6:BD:D4:89:EC:F8:E5:0B:9F:5B:54:7A:68:C8:81:08:25:65:48:E2:E9:B2:69:ED:4D:2A:FB:C4:5B:64:BE:E3:56:6E:56:2D:9F:FC:DF:FC:3C:2D:A4:41:84:24:03:54:B5:4E:F3:E8:CA:FF:80:57:4B:F8:D1:A3:B4:96:F9:4F\"", " },", " \"key_size\": 2048,", " \"validity\": {", " \"not_valid_after\": \"2023-11-04 00:54:38\",", " \"not_valid_before\": \"2021-11-03 00:54:38\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityInfoAccess": {"critical": false, "value": [{"location": "http://ipa-ca.test.local/ca/ocsp", "method": "OCSP"}]}, "authorityKeyIdentifier": {"critical": false, "value": "6F:94:A3:18:14:00:14:FA:03:12:1D:8E:E1:BC:2C:21:2D:0E:E8:D7"}, "cRLDistributionPoints": {"critical": false, "value": [{"crl_issuer": [{"commonName": "Certificate Authority", "organizationName": "ipaca"}], "full_name": ["http://ipa-ca.test.local/ipa/crl/MasterCRL.bin"]}]}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}]}, "keyUsage": {"critical": true, "value": ["digital_signature", "content_commitment", "key_encipherment", "data_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "ipaserver.test.local"}, {"name": "Universal Principal Name (UPN)", "oid": "1.3.6.1.4.1.311.20.2.3", "value": "HTTP/ipaserver.test.local@TEST.LOCAL"}, {"name": "Kerberos principalname", "oid": "1.3.6.1.5.2.2", "value": "HTTP/ipaserver.test.local@TEST.LOCAL"}]}, "subjectKeyIdentifier": {"critical": false, "value": "BC:A9:5F:8A:30:E1:82:BF:0C:1F:B1:09:81:1C:1C:62:3D:8C:27:AF"}}, "key_size": 2048, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "0E:23:93:90:71:36:00:9C:FC:3E:43:F7:30:59:57:98:CC:A9:7B:5F:F5:E7:C6:2C:93:AD:F1:65:46:FE:C7:3B:A8:81:80:6A:C1:16:66:9E:CF:EE:D6:2D:42:C3:CF:30:E3:FC:28:28:F5:68:BB:C7:99:F2:C0:57:B7:93:93:2B:D5:64:E5:8B:33:9B:3F:2C:96:16:78:B6:47:44:74:53:43:99:4B:E2:9F:32:89:B4:9B:23:DC:24:76:A7:69:AD:2D:A7:96:1E:B9:D9:23:0E:1F:0D:9E:0D:98:F5:3F:D2:0E:89:0A:C1:24:7F:AD:F4:BE:16:D4:4F:9B:3E:0E:12:D2:A1:D2:D5:34:EF:44:F3:E8:5E:F9:AB:7B:A2:3D:5D:88:C7:95:88:90:7D:C1:57:57:E4:6E:8E:D1:31:AC:A6:91:46:E5:E3:9B:C4:16:52:B1:13:50:CF:F0:2F:2F:56:D0:E0:5B:C9:A1:34:E6:C4:6A:69:B9:64:82:88:D2:FD:C6:BD:D4:89:EC:F8:E5:0B:9F:5B:54:7A:68:C8:81:08:25:65:48:E2:E9:B2:69:ED:4D:2A:FB:C4:5B:64:BE:E3:56:6E:56:2D:9F:FC:DF:FC:3C:2D:A4:41:84:24:03:54:B5:4E:F3:E8:CA:FF:80:57:4B:F8:D1:A3:B4:96:F9:4F"}, "subject": [{"name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL"}, {"name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local"}], "validity": {"not_valid_after": "2023-11-04 00:54:38", "not_valid_before": "2021-11-03 00:54:38"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.063824", "end": "2021-11-03 00:54:56.372405", "rc": 0, "start": "2021-11-03 00:54:56.308581", "stderr": "", "stderr_lines": [], "stdout": "yes", "stdout_lines": ["yes"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 ok: [/cache/centos-7.qcow2c] => {"changed": false, "msg": "", "rc": 0, "results": ["python3-3.6.8-18.el7.x86_64 providing python3 is already installed"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)\n", "stdout_lines": ["Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)\nRequirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)\nRequirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0)\nRequirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)\nRequirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)\nRequirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.20)\n", "stdout_lines": ["Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)", "Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)", "Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0)", "Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)", "Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)", "Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.20)"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635900880.298332, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "e1d751e5d8d0bf16346e42937b9c2ce73d0ae111", "ctime": 1635900880.430332, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 34484, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1635900880.2903318, "nlink": 1, "path": "/etc/pki/tls/certs/groupcert.crt", "pw_name": "root", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1684, "uid": 0, "version": "1908620658", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635900879.598332, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "35fc8bbc3c8abb5ed3c074a4cf21b39815bb55d9", "ctime": 1635900880.430332, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 13365363, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1635900880.2903318, "nlink": 1, "path": "/etc/pki/tls/private/groupcert.key", "pw_name": "root", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072671616884", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/groupcert.crt"], "delta": "0:00:00.259089", "end": "2021-11-03 00:55:00.345747", "rc": 0, "start": "2021-11-03 00:55:00.086658", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"organizationName\",\n \"oid\": \"2.5.4.10\",\n \"value\": \"TEST.LOCAL\"\n },\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"ipaserver.test.local\"\n }\n ],\n \"extensions\": {\n \"authorityKeyIdentifier\": {\n \"value\": \"6F:94:A3:18:14:00:14:FA:03:12:1D:8E:E1:BC:2C:21:2D:0E:E8:D7\",\n \"critical\": false\n },\n \"authorityInfoAccess\": {\n \"value\": [\n {\n \"method\": \"OCSP\",\n \"location\": \"http://ipa-ca.test.local/ca/ocsp\"\n }\n ],\n \"critical\": false\n },\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"content_commitment\",\n \"key_encipherment\",\n \"data_encipherment\"\n ],\n \"critical\": true\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n }\n ],\n \"critical\": false\n },\n \"cRLDistributionPoints\": {\n \"value\": [\n {\n \"full_name\": [\n \"http://ipa-ca.test.local/ipa/crl/MasterCRL.bin\"\n ],\n \"crl_issuer\": [\n {\n \"organizationName\": \"ipaca\",\n \"commonName\": \"Certificate Authority\"\n }\n ]\n }\n ],\n \"critical\": false\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"18:BB:08:78:C6:3A:0C:E3:71:74:9F:24:F7:0B:2E:94:F7:19:6F:A9\",\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"ipaserver.test.local\"\n },\n {\n \"name\": \"Universal Principal Name (UPN)\",\n \"value\": \"HTTP/ipaserver.test.local@TEST.LOCAL\",\n \"oid\": \"1.3.6.1.4.1.311.20.2.3\"\n },\n {\n \"name\": \"Kerberos principalname\",\n \"value\": \"HTTP/ipaserver.test.local@TEST.LOCAL\",\n \"oid\": \"1.3.6.1.5.2.2\"\n }\n ],\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"3F:08:89:27:59:F7:98:5A:47:42:C6:34:32:FC:D5:8A:07:2F:A1:55:11:14:82:D1:5D:C5:A8:5D:88:9B:5B:62:C7:53:69:D9:11:C0:87:82:C1:6D:99:AF:E2:43:0D:F3:49:D3:ED:DA:A3:59:90:4B:71:6A:57:87:60:C0:91:5D:0E:2C:2B:D0:30:D9:F3:DA:3C:C6:B3:8E:70:0E:16:7F:85:68:C5:6E:95:5C:FD:08:A7:3F:48:41:53:A5:E1:96:A8:B8:28:DF:63:0A:0F:01:C3:F0:37:D7:84:E0:CB:C2:89:62:6F:7F:12:CB:19:2E:7B:85:4F:48:39:9E:AA:AA:88:D0:07:51:35:78:D4:8F:F7:C6:81:54:CE:51:6B:BC:41:D4:70:14:F7:D4:69:13:1D:64:1A:CF:60:AA:45:52:02:D7:A0:CF:AA:14:C7:61:F2:E4:9A:48:9C:97:C9:75:73:1A:95:E1:6C:CA:BC:BB:ED:16:4D:B7:52:8B:9A:40:EB:4B:B3:21:E6:1C:FF:2B:23:1E:43:37:AF:49:5A:F5:DA:B3:87:91:06:10:98:1D:65:67:71:AC:C9:0A:DA:14:5E:8C:78:D7:F0:50:07:E2:53:7F:B9:5E:FA:35:EF:DC:6B:BD:40:3E:1E:1D:D1:65:A0:3A:AF:FC:3E:13:8A:9C\"\n },\n \"key_size\": 2048,\n \"validity\": {\n \"not_valid_after\": \"2023-11-04 00:54:40\",\n \"not_valid_before\": \"2021-11-03 00:54:40\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"organizationName\",", " \"oid\": \"2.5.4.10\",", " \"value\": \"TEST.LOCAL\"", " },", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"ipaserver.test.local\"", " }", " ],", " \"extensions\": {", " \"authorityKeyIdentifier\": {", " \"value\": \"6F:94:A3:18:14:00:14:FA:03:12:1D:8E:E1:BC:2C:21:2D:0E:E8:D7\",", " \"critical\": false", " },", " \"authorityInfoAccess\": {", " \"value\": [", " {", " \"method\": \"OCSP\",", " \"location\": \"http://ipa-ca.test.local/ca/ocsp\"", " }", " ],", " \"critical\": false", " },", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"content_commitment\",", " \"key_encipherment\",", " \"data_encipherment\"", " ],", " \"critical\": true", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " }", " ],", " \"critical\": false", " },", " \"cRLDistributionPoints\": {", " \"value\": [", " {", " \"full_name\": [", " \"http://ipa-ca.test.local/ipa/crl/MasterCRL.bin\"", " ],", " \"crl_issuer\": [", " {", " \"organizationName\": \"ipaca\",", " \"commonName\": \"Certificate Authority\"", " }", " ]", " }", " ],", " \"critical\": false", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"18:BB:08:78:C6:3A:0C:E3:71:74:9F:24:F7:0B:2E:94:F7:19:6F:A9\",", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"ipaserver.test.local\"", " },", " {", " \"name\": \"Universal Principal Name (UPN)\",", " \"value\": \"HTTP/ipaserver.test.local@TEST.LOCAL\",", " \"oid\": \"1.3.6.1.4.1.311.20.2.3\"", " },", " {", " \"name\": \"Kerberos principalname\",", " \"value\": \"HTTP/ipaserver.test.local@TEST.LOCAL\",", " \"oid\": \"1.3.6.1.5.2.2\"", " }", " ],", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"3F:08:89:27:59:F7:98:5A:47:42:C6:34:32:FC:D5:8A:07:2F:A1:55:11:14:82:D1:5D:C5:A8:5D:88:9B:5B:62:C7:53:69:D9:11:C0:87:82:C1:6D:99:AF:E2:43:0D:F3:49:D3:ED:DA:A3:59:90:4B:71:6A:57:87:60:C0:91:5D:0E:2C:2B:D0:30:D9:F3:DA:3C:C6:B3:8E:70:0E:16:7F:85:68:C5:6E:95:5C:FD:08:A7:3F:48:41:53:A5:E1:96:A8:B8:28:DF:63:0A:0F:01:C3:F0:37:D7:84:E0:CB:C2:89:62:6F:7F:12:CB:19:2E:7B:85:4F:48:39:9E:AA:AA:88:D0:07:51:35:78:D4:8F:F7:C6:81:54:CE:51:6B:BC:41:D4:70:14:F7:D4:69:13:1D:64:1A:CF:60:AA:45:52:02:D7:A0:CF:AA:14:C7:61:F2:E4:9A:48:9C:97:C9:75:73:1A:95:E1:6C:CA:BC:BB:ED:16:4D:B7:52:8B:9A:40:EB:4B:B3:21:E6:1C:FF:2B:23:1E:43:37:AF:49:5A:F5:DA:B3:87:91:06:10:98:1D:65:67:71:AC:C9:0A:DA:14:5E:8C:78:D7:F0:50:07:E2:53:7F:B9:5E:FA:35:EF:DC:6B:BD:40:3E:1E:1D:D1:65:A0:3A:AF:FC:3E:13:8A:9C\"", " },", " \"key_size\": 2048,", " \"validity\": {", " \"not_valid_after\": \"2023-11-04 00:54:40\",", " \"not_valid_before\": \"2021-11-03 00:54:40\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityInfoAccess": {"critical": false, "value": [{"location": "http://ipa-ca.test.local/ca/ocsp", "method": "OCSP"}]}, "authorityKeyIdentifier": {"critical": false, "value": "6F:94:A3:18:14:00:14:FA:03:12:1D:8E:E1:BC:2C:21:2D:0E:E8:D7"}, "cRLDistributionPoints": {"critical": false, "value": [{"crl_issuer": [{"commonName": "Certificate Authority", "organizationName": "ipaca"}], "full_name": ["http://ipa-ca.test.local/ipa/crl/MasterCRL.bin"]}]}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}]}, "keyUsage": {"critical": true, "value": ["digital_signature", "content_commitment", "key_encipherment", "data_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "ipaserver.test.local"}, {"name": "Universal Principal Name (UPN)", "oid": "1.3.6.1.4.1.311.20.2.3", "value": "HTTP/ipaserver.test.local@TEST.LOCAL"}, {"name": "Kerberos principalname", "oid": "1.3.6.1.5.2.2", "value": "HTTP/ipaserver.test.local@TEST.LOCAL"}]}, "subjectKeyIdentifier": {"critical": false, "value": "18:BB:08:78:C6:3A:0C:E3:71:74:9F:24:F7:0B:2E:94:F7:19:6F:A9"}}, "key_size": 2048, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "3F:08:89:27:59:F7:98:5A:47:42:C6:34:32:FC:D5:8A:07:2F:A1:55:11:14:82:D1:5D:C5:A8:5D:88:9B:5B:62:C7:53:69:D9:11:C0:87:82:C1:6D:99:AF:E2:43:0D:F3:49:D3:ED:DA:A3:59:90:4B:71:6A:57:87:60:C0:91:5D:0E:2C:2B:D0:30:D9:F3:DA:3C:C6:B3:8E:70:0E:16:7F:85:68:C5:6E:95:5C:FD:08:A7:3F:48:41:53:A5:E1:96:A8:B8:28:DF:63:0A:0F:01:C3:F0:37:D7:84:E0:CB:C2:89:62:6F:7F:12:CB:19:2E:7B:85:4F:48:39:9E:AA:AA:88:D0:07:51:35:78:D4:8F:F7:C6:81:54:CE:51:6B:BC:41:D4:70:14:F7:D4:69:13:1D:64:1A:CF:60:AA:45:52:02:D7:A0:CF:AA:14:C7:61:F2:E4:9A:48:9C:97:C9:75:73:1A:95:E1:6C:CA:BC:BB:ED:16:4D:B7:52:8B:9A:40:EB:4B:B3:21:E6:1C:FF:2B:23:1E:43:37:AF:49:5A:F5:DA:B3:87:91:06:10:98:1D:65:67:71:AC:C9:0A:DA:14:5E:8C:78:D7:F0:50:07:E2:53:7F:B9:5E:FA:35:EF:DC:6B:BD:40:3E:1E:1D:D1:65:A0:3A:AF:FC:3E:13:8A:9C"}, "subject": [{"name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL"}, {"name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local"}], "validity": {"not_valid_after": "2023-11-04 00:54:40", "not_valid_before": "2021-11-03 00:54:40"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/groupcert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.058058", "end": "2021-11-03 00:55:00.974366", "rc": 0, "start": "2021-11-03 00:55:00.916308", "stderr": "", "stderr_lines": [], "stdout": "yes", "stdout_lines": ["yes"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=98 changed=34 unreachable=0 failed=0 skipped=35 rescued=0 ignored=0 + cd /tmp/tmpvvgb4zlc/tests; TEST_SUBJECTS=/cache/centos-7.qcow2c TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-100-3dbef8b-centos-7-9qbgm6b2/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpvvgb4zlc/_setup.yml /tmp/tmpvvgb4zlc/tests/tests_basic_self_signed.yml ansible-playbook 2.9.23 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpvvgb4zlc/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpvvgb4zlc/_setup.yml:5 ok: [/cache/centos-7.qcow2c] => { "groups": { "all": [ "/cache/centos-7.qcow2c" ], "localhost": [ "/cache/centos-7.qcow2c" ], "subjects": [ "/cache/centos-7.qcow2c" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpvvgb4zlc/_setup.yml:7 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_basic_self_signed.yml ****************************************** 2 plays in /tmp/tmpvvgb4zlc/tests/tests_basic_self_signed.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_basic_self_signed.yml:2 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python-pyasn1", "python-cryptography"]}, "msg": "warning: /var/cache/yum/x86_64/7/base/packages/python-cffi-1.6.0-5.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nhttp://mirrors.tripadvisor.com/centos/7.9.2009/os/x86_64/Packages/python-idna-2.4-1.el7.noarch.rpm: [Errno 12] Timeout on http://mirrors.tripadvisor.com/centos/7.9.2009/os/x86_64/Packages/python-idna-2.4-1.el7.noarch.rpm: (28, 'Operation too slow. Less than 1000 bytes/sec transferred the last 30 seconds')\nTrying other mirror.\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) \"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-8.2003.0.el7.centos.x86_64 (installed)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n", "rc": 0, "results": ["dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: centos.mirror.constant.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-enum34 noarch 1.0.4-1.el7 base 52 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\nPublic key for python-cffi-1.6.0-5.el7.x86_64.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 40 kB/s | 1.2 MB 00:30 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": {"installed": ["certmonger"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: centos.mirror.constant.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-16.el7_9 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-16.el7_9 updates 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 base 33 k\n libtevent x86_64 0.9.39-1.el7 base 41 k\n psmisc x86_64 22.20-17.el7 base 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 base 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 base 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 981 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 2.5 MB/s | 981 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-16.el7_9.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : certmonger-0.78.4-16.el7_9.x86_64 2/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 3/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-16.el7_9 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": {"ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "systemd-journald.socket basic.target system.slice syslog.target network.target dbus.service", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14969", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14969", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0"}} TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 changed: [/cache/centos-7.qcow2c] => (item={u'ca': u'self-sign', u'name': u'mycert', u'dns': u'www.example.com'}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "self-sign", "dns": "www.example.com", "name": "mycert"}, "msg": "Certificate requested (new)."} META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_basic_self_signed.yml:13 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_basic_self_signed.yml:27 included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python3"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: centos.mirror.constant.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-18.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-18.el7 for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-18.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-18.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-18.el7 updates 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-18.el7 updates 6.9 M\n python3-pip noarch 9.0.3-8.el7 base 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 base 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 11 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-libs-3.6.8-18.el7.x86_64 1/4 \n Installing : python3-3.6.8-18.el7.x86_64 2/4 \n Installing : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Verifying : python3-libs-3.6.8-18.el7.x86_64 2/4 \n Verifying : python3-3.6.8-18.el7.x86_64 3/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-18.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-18.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Collecting pip\n Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)\nInstalling collected packages: pip\n Found existing installation: pip 9.0.3\n Uninstalling pip-9.0.3:\n Successfully uninstalled pip-9.0.3\nSuccessfully installed pip-21.3.1\n", "stdout_lines": ["Collecting pip", " Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)", "Installing collected packages: pip", " Found existing installation: pip 9.0.3", " Uninstalling pip-9.0.3:", " Successfully uninstalled pip-9.0.3", "Successfully installed pip-21.3.1"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Collecting cryptography<35\n Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)\nCollecting certreader>=0.1.1\n Downloading certreader-0.1.1.tar.gz (4.4 kB)\n Preparing metadata (setup.py): started\n Preparing metadata (setup.py): finished with status 'done'\nCollecting cffi>=1.12\n Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)\nCollecting pyasn1\n Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)\nCollecting pyyaml\n Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)\nCollecting pycparser\n Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)\nUsing legacy 'setup.py install' for certreader, since package 'wheel' is not installed.\nInstalling collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader\n Running setup.py install for certreader: started\n Running setup.py install for certreader: finished with status 'done'\nSuccessfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0\n", "stdout_lines": ["Collecting cryptography<35", " Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)", "Collecting certreader>=0.1.1", " Downloading certreader-0.1.1.tar.gz (4.4 kB)", " Preparing metadata (setup.py): started", " Preparing metadata (setup.py): finished with status 'done'", "Collecting cffi>=1.12", " Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)", "Collecting pyasn1", " Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)", "Collecting pyyaml", " Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)", "Collecting pycparser", " Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)", "Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed.", "Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader", " Running setup.py install for certreader: started", " Running setup.py install for certreader: finished with status 'done'", "Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635900970.0515466, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "84e19eda6b1d705f09c5a2c783c9a483e1e05459", "ctime": 1635900970.0485466, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 21600, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635900970.0485466, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "2120437789", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635900970.0085466, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "881e303cf4f0cfb02e1a7d62df6a74b2f62d5679", "ctime": 1635900970.0475466, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12598473, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635900970.0475466, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "112569716", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt"], "delta": "0:00:00.277519", "end": "2021-11-03 00:56:26.935170", "rc": 0, "start": "2021-11-03 00:56:26.657651", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"www.example.com\"\n }\n ],\n \"extensions\": {\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"key_encipherment\"\n ],\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"www.example.com\"\n }\n ],\n \"critical\": false\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n }\n ],\n \"critical\": false\n },\n \"basicConstraints\": {\n \"value\": {\n \"ca\": false\n },\n \"critical\": true\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"99:4D:7D:D8:A9:01:6A:A3:BE:79:6C:06:68:3A:C9:A2:65:0C:4F:D5\",\n \"critical\": false\n },\n \"authorityKeyIdentifier\": {\n \"value\": \"F9:8F:EE:8B:10:A3:1C:9C:95:E8:5F:7A:C1:8D:3D:46:DB:9D:B5:50\",\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"16:FF:10:09:A8:09:45:C2:60:C7:EE:61:7C:09:E0:D7:66:E9:F7:D9:4E:D8:D2:79:2B:98:CB:CE:B0:97:A1:A7:88:0E:97:75:51:1E:9D:25:E0:65:42:44:E5:77:A7:4F:0D:51:FB:51:02:A2:93:A5:DF:59:F9:F9:31:0D:77:A9:4F:DA:65:1D:50:AE:E6:74:91:90:2A:7D:5A:D4:63:29:04:54:05:CA:96:03:C1:09:0A:0F:F6:30:C7:71:33:00:FF:11:59:53:24:A3:34:A1:48:3C:B5:EC:D1:0B:60:7B:66:B7:CB:C3:66:54:1F:EB:96:AC:5D:C9:C7:BF:1A:80:00:92:EC:DC:CA:74:F8:95:2F:68:26:9F:D0:21:23:6F:13:38:9F:FB:E8:CC:43:09:3A:49:9C:A4:F6:3D:00:F7:91:51:E7:70:02:45:68:FF:3A:E5:66:45:E6:17:79:1E:D5:5D:35:C5:D5:B6:F0:5E:02:26:6A:76:EC:CF:C4:47:4D:30:40:96:69:A6:B2:86:89:1F:80:60:A7:AB:E9:62:35:C3:9C:40:CA:D7:42:23:F2:90:B4:AF:B3:27:D5:50:D4:4C:61:58:AE:39:93:C3:7D:8D:90:02:F8:55:E9:F6:5F:36:0F:73:F5:A2:E0:39:00:45:89:77:50:6C:52:29\"\n },\n \"key_size\": 2048,\n \"validity\": {\n \"not_valid_after\": \"2022-11-03 00:56:09\",\n \"not_valid_before\": \"2021-11-03 00:56:10\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"www.example.com\"", " }", " ],", " \"extensions\": {", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"key_encipherment\"", " ],", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"www.example.com\"", " }", " ],", " \"critical\": false", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " }", " ],", " \"critical\": false", " },", " \"basicConstraints\": {", " \"value\": {", " \"ca\": false", " },", " \"critical\": true", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"99:4D:7D:D8:A9:01:6A:A3:BE:79:6C:06:68:3A:C9:A2:65:0C:4F:D5\",", " \"critical\": false", " },", " \"authorityKeyIdentifier\": {", " \"value\": \"F9:8F:EE:8B:10:A3:1C:9C:95:E8:5F:7A:C1:8D:3D:46:DB:9D:B5:50\",", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"16:FF:10:09:A8:09:45:C2:60:C7:EE:61:7C:09:E0:D7:66:E9:F7:D9:4E:D8:D2:79:2B:98:CB:CE:B0:97:A1:A7:88:0E:97:75:51:1E:9D:25:E0:65:42:44:E5:77:A7:4F:0D:51:FB:51:02:A2:93:A5:DF:59:F9:F9:31:0D:77:A9:4F:DA:65:1D:50:AE:E6:74:91:90:2A:7D:5A:D4:63:29:04:54:05:CA:96:03:C1:09:0A:0F:F6:30:C7:71:33:00:FF:11:59:53:24:A3:34:A1:48:3C:B5:EC:D1:0B:60:7B:66:B7:CB:C3:66:54:1F:EB:96:AC:5D:C9:C7:BF:1A:80:00:92:EC:DC:CA:74:F8:95:2F:68:26:9F:D0:21:23:6F:13:38:9F:FB:E8:CC:43:09:3A:49:9C:A4:F6:3D:00:F7:91:51:E7:70:02:45:68:FF:3A:E5:66:45:E6:17:79:1E:D5:5D:35:C5:D5:B6:F0:5E:02:26:6A:76:EC:CF:C4:47:4D:30:40:96:69:A6:B2:86:89:1F:80:60:A7:AB:E9:62:35:C3:9C:40:CA:D7:42:23:F2:90:B4:AF:B3:27:D5:50:D4:4C:61:58:AE:39:93:C3:7D:8D:90:02:F8:55:E9:F6:5F:36:0F:73:F5:A2:E0:39:00:45:89:77:50:6C:52:29\"", " },", " \"key_size\": 2048,", " \"validity\": {", " \"not_valid_after\": \"2022-11-03 00:56:09\",", " \"not_valid_before\": \"2021-11-03 00:56:10\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityKeyIdentifier": {"critical": false, "value": "F9:8F:EE:8B:10:A3:1C:9C:95:E8:5F:7A:C1:8D:3D:46:DB:9D:B5:50"}, "basicConstraints": {"critical": true, "value": {"ca": false}}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}]}, "keyUsage": {"critical": false, "value": ["digital_signature", "key_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "www.example.com"}]}, "subjectKeyIdentifier": {"critical": false, "value": "99:4D:7D:D8:A9:01:6A:A3:BE:79:6C:06:68:3A:C9:A2:65:0C:4F:D5"}}, "key_size": 2048, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "16:FF:10:09:A8:09:45:C2:60:C7:EE:61:7C:09:E0:D7:66:E9:F7:D9:4E:D8:D2:79:2B:98:CB:CE:B0:97:A1:A7:88:0E:97:75:51:1E:9D:25:E0:65:42:44:E5:77:A7:4F:0D:51:FB:51:02:A2:93:A5:DF:59:F9:F9:31:0D:77:A9:4F:DA:65:1D:50:AE:E6:74:91:90:2A:7D:5A:D4:63:29:04:54:05:CA:96:03:C1:09:0A:0F:F6:30:C7:71:33:00:FF:11:59:53:24:A3:34:A1:48:3C:B5:EC:D1:0B:60:7B:66:B7:CB:C3:66:54:1F:EB:96:AC:5D:C9:C7:BF:1A:80:00:92:EC:DC:CA:74:F8:95:2F:68:26:9F:D0:21:23:6F:13:38:9F:FB:E8:CC:43:09:3A:49:9C:A4:F6:3D:00:F7:91:51:E7:70:02:45:68:FF:3A:E5:66:45:E6:17:79:1E:D5:5D:35:C5:D5:B6:F0:5E:02:26:6A:76:EC:CF:C4:47:4D:30:40:96:69:A6:B2:86:89:1F:80:60:A7:AB:E9:62:35:C3:9C:40:CA:D7:42:23:F2:90:B4:AF:B3:27:D5:50:D4:4C:61:58:AE:39:93:C3:7D:8D:90:02:F8:55:E9:F6:5F:36:0F:73:F5:A2:E0:39:00:45:89:77:50:6C:52:29"}, "subject": [{"name": "commonName", "oid": "2.5.4.3", "value": "www.example.com"}], "validity": {"not_valid_after": "2022-11-03 00:56:09", "not_valid_before": "2021-11-03 00:56:10"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.042643", "end": "2021-11-03 00:56:27.675234", "rc": 0, "start": "2021-11-03 00:56:27.632591", "stderr": "", "stderr_lines": [], "stdout": "yes", "stdout_lines": ["yes"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=31 changed=9 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 + cd /tmp/tmpvvgb4zlc/tests; TEST_SUBJECTS=/cache/centos-7.qcow2c TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-100-3dbef8b-centos-7-9qbgm6b2/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpvvgb4zlc/_setup.yml /tmp/tmpvvgb4zlc/tests/tests_default.yml ansible-playbook 2.9.23 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpvvgb4zlc/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpvvgb4zlc/_setup.yml:5 ok: [/cache/centos-7.qcow2c] => { "groups": { "all": [ "/cache/centos-7.qcow2c" ], "localhost": [ "/cache/centos-7.qcow2c" ], "subjects": [ "/cache/centos-7.qcow2c" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpvvgb4zlc/_setup.yml:7 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_default.yml **************************************************** 1 plays in /tmp/tmpvvgb4zlc/tests/tests_default.yml PLAY [Ensure that the role runs with default parameters] *********************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_default.yml:3 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python-pyasn1", "python-cryptography"]}, "msg": "warning: /var/cache/yum/x86_64/7/base/packages/python-enum34-1.0.4-1.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) \"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-8.2003.0.el7.centos.x86_64 (installed)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n", "rc": 0, "results": ["dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-enum34 noarch 1.0.4-1.el7 base 52 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\nPublic key for python-enum34-1.0.4-1.el7.noarch.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 5.4 MB/s | 1.2 MB 00:00 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=4 changed=1 unreachable=0 failed=0 skipped=6 rescued=0 ignored=0 + cd /tmp/tmpvvgb4zlc/tests; TEST_SUBJECTS=/cache/centos-7.qcow2c TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-100-3dbef8b-centos-7-9qbgm6b2/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpvvgb4zlc/_setup.yml /tmp/tmpvvgb4zlc/tests/tests_dns_ip_email.yml ansible-playbook 2.9.23 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpvvgb4zlc/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpvvgb4zlc/_setup.yml:5 ok: [/cache/centos-7.qcow2c] => { "groups": { "all": [ "/cache/centos-7.qcow2c" ], "localhost": [ "/cache/centos-7.qcow2c" ], "subjects": [ "/cache/centos-7.qcow2c" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpvvgb4zlc/_setup.yml:7 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_dns_ip_email.yml *********************************************** 2 plays in /tmp/tmpvvgb4zlc/tests/tests_dns_ip_email.yml PLAY [Issue certificate with dns, ip and email in SAN] ************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_dns_ip_email.yml:2 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python-pyasn1", "python-cryptography"]}, "msg": "warning: /var/cache/yum/x86_64/7/base/packages/python-enum34-1.0.4-1.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) \"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-8.2003.0.el7.centos.x86_64 (installed)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n", "rc": 0, "results": ["dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-enum34 noarch 1.0.4-1.el7 base 52 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\nPublic key for python-enum34-1.0.4-1.el7.noarch.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 1.6 MB/s | 1.2 MB 00:00 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": {"installed": ["certmonger"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-16.el7_9 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-16.el7_9 updates 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 base 33 k\n libtevent x86_64 0.9.39-1.el7 base 41 k\n psmisc x86_64 22.20-17.el7 base 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 base 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 base 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 981 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 4.7 MB/s | 981 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-16.el7_9.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : certmonger-0.78.4-16.el7_9.x86_64 2/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 3/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-16.el7_9 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": {"ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "systemd-journald.socket system.slice network.target basic.target dbus.service syslog.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14969", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14969", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0"}} TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 changed: [/cache/centos-7.qcow2c] => (item={u'name': u'mycert', u'dns': [u'sub1.example.com', u'www.example.com', u'sub2.example.com', u'sub3.example.com'], u'common_name': u'My Certificate with SAN', u'ip': [u'192.0.2.12', u'198.51.100.65', u'2001:db8::2:1'], u'ca': u'self-sign', u'email': [u'sysadmin@example.com', u'support@example.com']}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "self-sign", "common_name": "My Certificate with SAN", "dns": ["sub1.example.com", "www.example.com", "sub2.example.com", "sub3.example.com"], "email": ["sysadmin@example.com", "support@example.com"], "ip": ["192.0.2.12", "198.51.100.65", "2001:db8::2:1"], "name": "mycert"}, "msg": "Certificate requested (new)."} META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_dns_ip_email.yml:24 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_dns_ip_email.yml:54 included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python3"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-18.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-18.el7 for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-18.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-18.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-18.el7 updates 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-18.el7 updates 6.9 M\n python3-pip noarch 9.0.3-8.el7 base 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 base 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 27 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-libs-3.6.8-18.el7.x86_64 1/4 \n Installing : python3-3.6.8-18.el7.x86_64 2/4 \n Installing : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Verifying : python3-libs-3.6.8-18.el7.x86_64 2/4 \n Verifying : python3-3.6.8-18.el7.x86_64 3/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-18.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-18.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Collecting pip\n Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)\nInstalling collected packages: pip\n Found existing installation: pip 9.0.3\n Uninstalling pip-9.0.3:\n Successfully uninstalled pip-9.0.3\nSuccessfully installed pip-21.3.1\n", "stdout_lines": ["Collecting pip", " Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)", "Installing collected packages: pip", " Found existing installation: pip 9.0.3", " Uninstalling pip-9.0.3:", " Successfully uninstalled pip-9.0.3", "Successfully installed pip-21.3.1"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Collecting cryptography<35\n Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)\nCollecting certreader>=0.1.1\n Downloading certreader-0.1.1.tar.gz (4.4 kB)\n Preparing metadata (setup.py): started\n Preparing metadata (setup.py): finished with status 'done'\nCollecting cffi>=1.12\n Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)\nCollecting pyasn1\n Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)\nCollecting pyyaml\n Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)\nCollecting pycparser\n Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)\nUsing legacy 'setup.py install' for certreader, since package 'wheel' is not installed.\nInstalling collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader\n Running setup.py install for certreader: started\n Running setup.py install for certreader: finished with status 'done'\nSuccessfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0\n", "stdout_lines": ["Collecting cryptography<35", " Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)", "Collecting certreader>=0.1.1", " Downloading certreader-0.1.1.tar.gz (4.4 kB)", " Preparing metadata (setup.py): started", " Preparing metadata (setup.py): finished with status 'done'", "Collecting cffi>=1.12", " Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)", "Collecting pyasn1", " Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)", "Collecting pyyaml", " Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)", "Collecting pycparser", " Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)", "Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed.", "Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader", " Running setup.py install for certreader: started", " Running setup.py install for certreader: finished with status 'done'", "Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901043.5922277, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "53e6fced90136a53637b4dca1d9f3a3f4cbdc2de", "ctime": 1635901043.5902276, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 21664, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901043.5902276, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1501, "uid": 0, "version": "1134260360", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901043.5532277, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "a6041647e076fdc300a32a3ff117be0e3315a7a0", "ctime": 1635901043.5902276, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12821923, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901043.5902276, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "1469501576", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt"], "delta": "0:00:00.257249", "end": "2021-11-03 00:57:38.710485", "rc": 0, "start": "2021-11-03 00:57:38.453236", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"My Certificate with SAN\"\n }\n ],\n \"extensions\": {\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"key_encipherment\"\n ],\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"sub1.example.com\"\n },\n {\n \"name\": \"DNS\",\n \"value\": \"www.example.com\"\n },\n {\n \"name\": \"DNS\",\n \"value\": \"sub2.example.com\"\n },\n {\n \"name\": \"DNS\",\n \"value\": \"sub3.example.com\"\n },\n {\n \"name\": \"email\",\n \"value\": \"sysadmin@example.com\"\n },\n {\n \"name\": \"email\",\n \"value\": \"support@example.com\"\n },\n {\n \"name\": \"IP Address\",\n \"value\": \"192.0.2.12\"\n },\n {\n \"name\": \"IP Address\",\n \"value\": \"198.51.100.65\"\n },\n {\n \"name\": \"IP Address\",\n \"value\": \"2001:db8::2:1\"\n }\n ],\n \"critical\": false\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n }\n ],\n \"critical\": false\n },\n \"basicConstraints\": {\n \"value\": {\n \"ca\": false\n },\n \"critical\": true\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"47:D2:31:55:1C:75:62:C1:66:84:B6:35:1B:EA:D7:14:3A:38:C0:66\",\n \"critical\": false\n },\n \"authorityKeyIdentifier\": {\n \"value\": \"62:71:FC:4A:91:E1:5D:A4:D1:DD:F2:C3:B3:03:56:C7:F3:50:00:69\",\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"48:5B:51:63:1F:CF:74:77:83:33:5B:5A:FB:80:83:72:54:15:B2:C8:6E:EE:4C:D9:81:E7:1E:DD:FE:77:75:83:6F:0A:3B:D9:07:CE:C4:A2:DE:2F:91:1C:95:E0:BE:28:73:94:44:90:CE:5B:0D:65:B6:F4:CC:08:64:95:5C:96:0F:3A:E4:B8:2D:3D:E6:DA:47:78:C5:98:86:39:E0:00:EF:62:39:64:DE:E3:EC:90:87:E6:99:31:76:7D:9D:31:B6:88:59:B6:C2:E1:74:E3:52:CD:D8:51:68:83:5D:63:AB:FE:F6:E6:88:64:E2:81:9D:C8:23:A8:C6:A5:72:C6:AB:A6:5A:B2:7A:7B:0F:6F:4C:54:CF:B4:A8:2B:DF:48:8A:97:6E:FA:A7:0F:6C:C7:0A:DD:8B:AC:F5:42:42:E6:6E:FE:75:7E:CB:76:E2:F9:2B:35:0E:EB:73:24:D9:D4:83:3E:ED:67:A2:97:B4:DC:27:DB:07:A3:04:B6:77:2E:C7:83:EC:7F:30:2C:F9:02:CE:6C:B4:8F:E6:0A:AE:E4:82:29:43:4A:C7:6C:59:90:1D:B3:93:B3:5D:61:FF:AA:47:C7:D4:8F:CF:59:B7:03:0C:D5:B5:EE:36:CC:72:5B:0B:CB:6C:01:C9:7B:0D:8D:28:43:58:DA:93:AD:9D:D5\"\n },\n \"key_size\": 2048,\n \"validity\": {\n \"not_valid_after\": \"2022-11-03 00:57:22\",\n \"not_valid_before\": \"2021-11-03 00:57:23\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"My Certificate with SAN\"", " }", " ],", " \"extensions\": {", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"key_encipherment\"", " ],", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"sub1.example.com\"", " },", " {", " \"name\": \"DNS\",", " \"value\": \"www.example.com\"", " },", " {", " \"name\": \"DNS\",", " \"value\": \"sub2.example.com\"", " },", " {", " \"name\": \"DNS\",", " \"value\": \"sub3.example.com\"", " },", " {", " \"name\": \"email\",", " \"value\": \"sysadmin@example.com\"", " },", " {", " \"name\": \"email\",", " \"value\": \"support@example.com\"", " },", " {", " \"name\": \"IP Address\",", " \"value\": \"192.0.2.12\"", " },", " {", " \"name\": \"IP Address\",", " \"value\": \"198.51.100.65\"", " },", " {", " \"name\": \"IP Address\",", " \"value\": \"2001:db8::2:1\"", " }", " ],", " \"critical\": false", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " }", " ],", " \"critical\": false", " },", " \"basicConstraints\": {", " \"value\": {", " \"ca\": false", " },", " \"critical\": true", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"47:D2:31:55:1C:75:62:C1:66:84:B6:35:1B:EA:D7:14:3A:38:C0:66\",", " \"critical\": false", " },", " \"authorityKeyIdentifier\": {", " \"value\": \"62:71:FC:4A:91:E1:5D:A4:D1:DD:F2:C3:B3:03:56:C7:F3:50:00:69\",", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"48:5B:51:63:1F:CF:74:77:83:33:5B:5A:FB:80:83:72:54:15:B2:C8:6E:EE:4C:D9:81:E7:1E:DD:FE:77:75:83:6F:0A:3B:D9:07:CE:C4:A2:DE:2F:91:1C:95:E0:BE:28:73:94:44:90:CE:5B:0D:65:B6:F4:CC:08:64:95:5C:96:0F:3A:E4:B8:2D:3D:E6:DA:47:78:C5:98:86:39:E0:00:EF:62:39:64:DE:E3:EC:90:87:E6:99:31:76:7D:9D:31:B6:88:59:B6:C2:E1:74:E3:52:CD:D8:51:68:83:5D:63:AB:FE:F6:E6:88:64:E2:81:9D:C8:23:A8:C6:A5:72:C6:AB:A6:5A:B2:7A:7B:0F:6F:4C:54:CF:B4:A8:2B:DF:48:8A:97:6E:FA:A7:0F:6C:C7:0A:DD:8B:AC:F5:42:42:E6:6E:FE:75:7E:CB:76:E2:F9:2B:35:0E:EB:73:24:D9:D4:83:3E:ED:67:A2:97:B4:DC:27:DB:07:A3:04:B6:77:2E:C7:83:EC:7F:30:2C:F9:02:CE:6C:B4:8F:E6:0A:AE:E4:82:29:43:4A:C7:6C:59:90:1D:B3:93:B3:5D:61:FF:AA:47:C7:D4:8F:CF:59:B7:03:0C:D5:B5:EE:36:CC:72:5B:0B:CB:6C:01:C9:7B:0D:8D:28:43:58:DA:93:AD:9D:D5\"", " },", " \"key_size\": 2048,", " \"validity\": {", " \"not_valid_after\": \"2022-11-03 00:57:22\",", " \"not_valid_before\": \"2021-11-03 00:57:23\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityKeyIdentifier": {"critical": false, "value": "62:71:FC:4A:91:E1:5D:A4:D1:DD:F2:C3:B3:03:56:C7:F3:50:00:69"}, "basicConstraints": {"critical": true, "value": {"ca": false}}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}]}, "keyUsage": {"critical": false, "value": ["digital_signature", "key_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "sub1.example.com"}, {"name": "DNS", "value": "www.example.com"}, {"name": "DNS", "value": "sub2.example.com"}, {"name": "DNS", "value": "sub3.example.com"}, {"name": "email", "value": "sysadmin@example.com"}, {"name": "email", "value": "support@example.com"}, {"name": "IP Address", "value": "192.0.2.12"}, {"name": "IP Address", "value": "198.51.100.65"}, {"name": "IP Address", "value": "2001:db8::2:1"}]}, "subjectKeyIdentifier": {"critical": false, "value": "47:D2:31:55:1C:75:62:C1:66:84:B6:35:1B:EA:D7:14:3A:38:C0:66"}}, "key_size": 2048, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "48:5B:51:63:1F:CF:74:77:83:33:5B:5A:FB:80:83:72:54:15:B2:C8:6E:EE:4C:D9:81:E7:1E:DD:FE:77:75:83:6F:0A:3B:D9:07:CE:C4:A2:DE:2F:91:1C:95:E0:BE:28:73:94:44:90:CE:5B:0D:65:B6:F4:CC:08:64:95:5C:96:0F:3A:E4:B8:2D:3D:E6:DA:47:78:C5:98:86:39:E0:00:EF:62:39:64:DE:E3:EC:90:87:E6:99:31:76:7D:9D:31:B6:88:59:B6:C2:E1:74:E3:52:CD:D8:51:68:83:5D:63:AB:FE:F6:E6:88:64:E2:81:9D:C8:23:A8:C6:A5:72:C6:AB:A6:5A:B2:7A:7B:0F:6F:4C:54:CF:B4:A8:2B:DF:48:8A:97:6E:FA:A7:0F:6C:C7:0A:DD:8B:AC:F5:42:42:E6:6E:FE:75:7E:CB:76:E2:F9:2B:35:0E:EB:73:24:D9:D4:83:3E:ED:67:A2:97:B4:DC:27:DB:07:A3:04:B6:77:2E:C7:83:EC:7F:30:2C:F9:02:CE:6C:B4:8F:E6:0A:AE:E4:82:29:43:4A:C7:6C:59:90:1D:B3:93:B3:5D:61:FF:AA:47:C7:D4:8F:CF:59:B7:03:0C:D5:B5:EE:36:CC:72:5B:0B:CB:6C:01:C9:7B:0D:8D:28:43:58:DA:93:AD:9D:D5"}, "subject": [{"name": "commonName", "oid": "2.5.4.3", "value": "My Certificate with SAN"}], "validity": {"not_valid_after": "2022-11-03 00:57:22", "not_valid_before": "2021-11-03 00:57:23"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.039433", "end": "2021-11-03 00:57:39.427491", "rc": 0, "start": "2021-11-03 00:57:39.388058", "stderr": "", "stderr_lines": [], "stdout": "yes", "stdout_lines": ["yes"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=31 changed=9 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 + cd /tmp/tmpvvgb4zlc/tests; TEST_SUBJECTS=/cache/centos-7.qcow2c TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-100-3dbef8b-centos-7-9qbgm6b2/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpvvgb4zlc/_setup.yml /tmp/tmpvvgb4zlc/tests/tests_fs_attrs.yml ansible-playbook 2.9.23 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpvvgb4zlc/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpvvgb4zlc/_setup.yml:5 ok: [/cache/centos-7.qcow2c] => { "groups": { "all": [ "/cache/centos-7.qcow2c" ], "localhost": [ "/cache/centos-7.qcow2c" ], "subjects": [ "/cache/centos-7.qcow2c" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpvvgb4zlc/_setup.yml:7 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_fs_attrs.yml *************************************************** 3 plays in /tmp/tmpvvgb4zlc/tests/tests_fs_attrs.yml PLAY [Ensure UID and GID exists] *********************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_fs_attrs.yml:2 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [Ensure user exists] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tests_fs_attrs.yml:5 changed: [/cache/centos-7.qcow2c] => {"changed": true, "comment": "", "create_home": true, "group": 1040, "home": "/home/user1", "name": "user1", "shell": "/bin/bash", "state": "present", "system": false, "uid": 1040} TASK [Ensure group "somegroup" exists] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tests_fs_attrs.yml:9 changed: [/cache/centos-7.qcow2c] => {"changed": true, "gid": 1041, "name": "somegroup", "state": "present", "system": false} META: ran handlers META: ran handlers PLAY [Issue certificate setting user/group] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_fs_attrs.yml:13 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python-pyasn1", "python-cryptography"]}, "msg": "warning: /var/cache/yum/x86_64/7/base/packages/python-enum34-1.0.4-1.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) \"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-8.2003.0.el7.centos.x86_64 (installed)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n", "rc": 0, "results": ["dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-enum34 noarch 1.0.4-1.el7 base 52 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\nPublic key for python-enum34-1.0.4-1.el7.noarch.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 1.7 MB/s | 1.2 MB 00:00 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": {"installed": ["certmonger"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-16.el7_9 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-16.el7_9 updates 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 base 33 k\n libtevent x86_64 0.9.39-1.el7 base 41 k\n psmisc x86_64 22.20-17.el7 base 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 base 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 base 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 981 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 5.1 MB/s | 981 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-16.el7_9.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : certmonger-0.78.4-16.el7_9.x86_64 2/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 3/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-16.el7_9 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": {"ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "basic.target network.target syslog.target system.slice dbus.service systemd-journald.socket", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14969", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14969", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0"}} TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 changed: [/cache/centos-7.qcow2c] => (item={u'owner': u'ftp', u'ca': u'self-sign', u'group': u'ftp', u'name': u'mycert', u'dns': u'www.example.com'}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "self-sign", "dns": "www.example.com", "group": "ftp", "name": "mycert", "owner": "ftp"}, "msg": "Certificate requested (new). File attributes updated."} changed: [/cache/centos-7.qcow2c] => (item={u'owner': 1040, u'ca': u'self-sign', u'group': 1041, u'name': u'certid', u'dns': u'www.example.com'}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "self-sign", "dns": "www.example.com", "group": 1041, "name": "certid", "owner": 1040}, "msg": "Certificate requested (new). File attributes updated."} META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_fs_attrs.yml:31 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_fs_attrs.yml:60 included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python3"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-18.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-18.el7 for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-18.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-18.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-18.el7 updates 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-18.el7 updates 6.9 M\n python3-pip noarch 9.0.3-8.el7 base 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 base 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 34 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-libs-3.6.8-18.el7.x86_64 1/4 \n Installing : python3-3.6.8-18.el7.x86_64 2/4 \n Installing : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Verifying : python3-libs-3.6.8-18.el7.x86_64 2/4 \n Verifying : python3-3.6.8-18.el7.x86_64 3/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-18.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-18.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Collecting pip\n Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)\nInstalling collected packages: pip\n Found existing installation: pip 9.0.3\n Uninstalling pip-9.0.3:\n Successfully uninstalled pip-9.0.3\nSuccessfully installed pip-21.3.1\n", "stdout_lines": ["Collecting pip", " Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)", "Installing collected packages: pip", " Found existing installation: pip 9.0.3", " Uninstalling pip-9.0.3:", " Successfully uninstalled pip-9.0.3", "Successfully installed pip-21.3.1"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Collecting cryptography<35\n Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)\nCollecting certreader>=0.1.1\n Downloading certreader-0.1.1.tar.gz (4.4 kB)\n Preparing metadata (setup.py): started\n Preparing metadata (setup.py): finished with status 'done'\nCollecting cffi>=1.12\n Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)\nCollecting pyasn1\n Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)\nCollecting pyyaml\n Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)\nCollecting pycparser\n Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)\nUsing legacy 'setup.py install' for certreader, since package 'wheel' is not installed.\nInstalling collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader\n Running setup.py install for certreader: started\n Running setup.py install for certreader: finished with status 'done'\nSuccessfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0\n", "stdout_lines": ["Collecting cryptography<35", " Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)", "Collecting certreader>=0.1.1", " Downloading certreader-0.1.1.tar.gz (4.4 kB)", " Preparing metadata (setup.py): started", " Preparing metadata (setup.py): finished with status 'done'", "Collecting cffi>=1.12", " Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)", "Collecting pyasn1", " Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)", "Collecting pyyaml", " Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)", "Collecting pycparser", " Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)", "Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed.", "Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader", " Running setup.py install for certreader: started", " Running setup.py install for certreader: finished with status 'done'", "Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901088.5578296, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "ca98770a402a3a28d40c0174fa42efd77c058d89", "ctime": 1635901088.5918295, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 19674, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1635901088.5548296, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "ftp", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1310, "uid": 14, "version": "18446744073431237171", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901088.5178294, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "d08707bb66cb23d4da199bafff3ece71945f72bb", "ctime": 1635901088.5918295, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 12598299, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1635901088.5548296, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "ftp", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1704, "uid": 14, "version": "1640221455", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt"], "delta": "0:00:00.254582", "end": "2021-11-03 00:58:29.665646", "rc": 0, "start": "2021-11-03 00:58:29.411064", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"www.example.com\"\n }\n ],\n \"extensions\": {\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"key_encipherment\"\n ],\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"www.example.com\"\n }\n ],\n \"critical\": false\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n }\n ],\n \"critical\": false\n },\n \"basicConstraints\": {\n \"value\": {\n \"ca\": false\n },\n \"critical\": true\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"F4:5E:82:77:68:D9:A4:1D:FB:A1:6C:6F:E3:87:7F:20:0F:F9:D4:54\",\n \"critical\": false\n },\n \"authorityKeyIdentifier\": {\n \"value\": \"80:FB:8B:2D:84:A1:76:8A:47:CE:D1:E2:BF:EC:DE:23:94:0E:B6:9B\",\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"86:AF:1E:2E:5D:34:B4:E5:B0:5F:AA:0B:85:61:CF:52:BB:14:3B:9E:FC:12:25:FA:F0:17:66:C4:1E:A9:F9:A0:CC:D8:15:B9:11:66:D9:83:26:35:1A:DC:AF:9E:39:50:DB:2D:BB:21:03:23:AA:3C:09:76:3D:7F:4F:22:47:C6:46:69:1B:40:9E:55:71:87:89:E0:17:37:17:F1:36:2C:9B:6A:57:9A:04:FD:C6:B1:E8:D4:58:15:4B:BF:16:F2:7B:87:B7:F6:B6:7E:72:C0:2F:BF:55:3E:68:9E:27:0C:C3:2E:48:0A:2E:E3:74:4B:FD:D6:A9:5C:E1:BA:EC:4A:A3:CB:20:51:77:8E:6C:AF:A1:D0:84:C9:F5:81:24:C5:0B:2A:FF:1D:8B:0C:2B:EE:CF:90:3A:6C:8D:FE:F1:37:DA:B7:98:4C:65:8C:63:DF:26:BA:01:A1:E0:0B:EE:F1:66:21:14:FE:32:2D:99:D3:69:17:33:70:92:7E:69:9E:74:7D:94:36:1C:8B:34:64:42:11:7E:1A:42:49:FC:6C:C5:83:3B:9A:8B:1E:33:FC:4F:2B:1B:A2:96:87:80:00:9D:4E:9D:CC:8F:6A:C6:D5:44:A6:1F:5C:03:7B:E4:0D:FE:1E:5A:78:6B:6E:B3:03:D5:F0:E5:C1:2A:82:5C:55\"\n },\n \"key_size\": 2048,\n \"validity\": {\n \"not_valid_after\": \"2022-11-03 00:58:07\",\n \"not_valid_before\": \"2021-11-03 00:58:08\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"www.example.com\"", " }", " ],", " \"extensions\": {", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"key_encipherment\"", " ],", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"www.example.com\"", " }", " ],", " \"critical\": false", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " }", " ],", " \"critical\": false", " },", " \"basicConstraints\": {", " \"value\": {", " \"ca\": false", " },", " \"critical\": true", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"F4:5E:82:77:68:D9:A4:1D:FB:A1:6C:6F:E3:87:7F:20:0F:F9:D4:54\",", " \"critical\": false", " },", " \"authorityKeyIdentifier\": {", " \"value\": \"80:FB:8B:2D:84:A1:76:8A:47:CE:D1:E2:BF:EC:DE:23:94:0E:B6:9B\",", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"86:AF:1E:2E:5D:34:B4:E5:B0:5F:AA:0B:85:61:CF:52:BB:14:3B:9E:FC:12:25:FA:F0:17:66:C4:1E:A9:F9:A0:CC:D8:15:B9:11:66:D9:83:26:35:1A:DC:AF:9E:39:50:DB:2D:BB:21:03:23:AA:3C:09:76:3D:7F:4F:22:47:C6:46:69:1B:40:9E:55:71:87:89:E0:17:37:17:F1:36:2C:9B:6A:57:9A:04:FD:C6:B1:E8:D4:58:15:4B:BF:16:F2:7B:87:B7:F6:B6:7E:72:C0:2F:BF:55:3E:68:9E:27:0C:C3:2E:48:0A:2E:E3:74:4B:FD:D6:A9:5C:E1:BA:EC:4A:A3:CB:20:51:77:8E:6C:AF:A1:D0:84:C9:F5:81:24:C5:0B:2A:FF:1D:8B:0C:2B:EE:CF:90:3A:6C:8D:FE:F1:37:DA:B7:98:4C:65:8C:63:DF:26:BA:01:A1:E0:0B:EE:F1:66:21:14:FE:32:2D:99:D3:69:17:33:70:92:7E:69:9E:74:7D:94:36:1C:8B:34:64:42:11:7E:1A:42:49:FC:6C:C5:83:3B:9A:8B:1E:33:FC:4F:2B:1B:A2:96:87:80:00:9D:4E:9D:CC:8F:6A:C6:D5:44:A6:1F:5C:03:7B:E4:0D:FE:1E:5A:78:6B:6E:B3:03:D5:F0:E5:C1:2A:82:5C:55\"", " },", " \"key_size\": 2048,", " \"validity\": {", " \"not_valid_after\": \"2022-11-03 00:58:07\",", " \"not_valid_before\": \"2021-11-03 00:58:08\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityKeyIdentifier": {"critical": false, "value": "80:FB:8B:2D:84:A1:76:8A:47:CE:D1:E2:BF:EC:DE:23:94:0E:B6:9B"}, "basicConstraints": {"critical": true, "value": {"ca": false}}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}]}, "keyUsage": {"critical": false, "value": ["digital_signature", "key_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "www.example.com"}]}, "subjectKeyIdentifier": {"critical": false, "value": "F4:5E:82:77:68:D9:A4:1D:FB:A1:6C:6F:E3:87:7F:20:0F:F9:D4:54"}}, "key_size": 2048, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "86:AF:1E:2E:5D:34:B4:E5:B0:5F:AA:0B:85:61:CF:52:BB:14:3B:9E:FC:12:25:FA:F0:17:66:C4:1E:A9:F9:A0:CC:D8:15:B9:11:66:D9:83:26:35:1A:DC:AF:9E:39:50:DB:2D:BB:21:03:23:AA:3C:09:76:3D:7F:4F:22:47:C6:46:69:1B:40:9E:55:71:87:89:E0:17:37:17:F1:36:2C:9B:6A:57:9A:04:FD:C6:B1:E8:D4:58:15:4B:BF:16:F2:7B:87:B7:F6:B6:7E:72:C0:2F:BF:55:3E:68:9E:27:0C:C3:2E:48:0A:2E:E3:74:4B:FD:D6:A9:5C:E1:BA:EC:4A:A3:CB:20:51:77:8E:6C:AF:A1:D0:84:C9:F5:81:24:C5:0B:2A:FF:1D:8B:0C:2B:EE:CF:90:3A:6C:8D:FE:F1:37:DA:B7:98:4C:65:8C:63:DF:26:BA:01:A1:E0:0B:EE:F1:66:21:14:FE:32:2D:99:D3:69:17:33:70:92:7E:69:9E:74:7D:94:36:1C:8B:34:64:42:11:7E:1A:42:49:FC:6C:C5:83:3B:9A:8B:1E:33:FC:4F:2B:1B:A2:96:87:80:00:9D:4E:9D:CC:8F:6A:C6:D5:44:A6:1F:5C:03:7B:E4:0D:FE:1E:5A:78:6B:6E:B3:03:D5:F0:E5:C1:2A:82:5C:55"}, "subject": [{"name": "commonName", "oid": "2.5.4.3", "value": "www.example.com"}], "validity": {"not_valid_after": "2022-11-03 00:58:07", "not_valid_before": "2021-11-03 00:58:08"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.039611", "end": "2021-11-03 00:58:30.446648", "rc": 0, "start": "2021-11-03 00:58:30.407037", "stderr": "", "stderr_lines": [], "stdout": "yes", "stdout_lines": ["yes"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 ok: [/cache/centos-7.qcow2c] => {"changed": false, "msg": "", "rc": 0, "results": ["python3-3.6.8-18.el7.x86_64 providing python3 is already installed"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)\n", "stdout_lines": ["Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)\nRequirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)\nRequirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0)\nRequirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)\nRequirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)\nRequirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.20)\n", "stdout_lines": ["Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)", "Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)", "Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0)", "Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)", "Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)", "Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.20)"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901089.0888295, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "a725453c2270a6a9dacb0d90434dd860960264f1", "ctime": 1635901089.1338296, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 1041, "gr_name": "somegroup", "inode": 19678, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1635901089.0868294, "nlink": 1, "path": "/etc/pki/tls/certs/certid.crt", "pw_name": "user1", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1310, "uid": 1040, "version": "310929450", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901089.0508294, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "c8fd999e851b2d77c2446be0c0df536b4c5c268e", "ctime": 1635901089.1348295, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 1041, "gr_name": "somegroup", "inode": 12598297, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1635901089.0868294, "nlink": 1, "path": "/etc/pki/tls/private/certid.key", "pw_name": "user1", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1704, "uid": 1040, "version": "18446744072200293168", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/certid.crt"], "delta": "0:00:00.251436", "end": "2021-11-03 00:58:35.222204", "rc": 0, "start": "2021-11-03 00:58:34.970768", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"www.example.com\"\n }\n ],\n \"extensions\": {\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"key_encipherment\"\n ],\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"www.example.com\"\n }\n ],\n \"critical\": false\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n }\n ],\n \"critical\": false\n },\n \"basicConstraints\": {\n \"value\": {\n \"ca\": false\n },\n \"critical\": true\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"E1:13:96:F9:4C:48:5C:FC:60:DC:C2:51:5E:B1:8B:13:76:2F:56:64\",\n \"critical\": false\n },\n \"authorityKeyIdentifier\": {\n \"value\": \"80:FB:8B:2D:84:A1:76:8A:47:CE:D1:E2:BF:EC:DE:23:94:0E:B6:9B\",\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"6D:0F:C4:56:2D:1C:6D:0D:99:0D:3E:A7:A9:90:42:E5:05:2E:33:45:B6:6E:58:A8:E4:89:49:C7:8E:82:D4:33:69:28:D1:A2:46:1B:68:98:12:02:85:31:21:C7:1F:6B:AC:65:F5:79:D9:B0:09:99:BE:84:41:4A:06:C7:1D:3C:DB:1F:D0:CD:F5:A2:DA:C8:B7:D8:6C:24:41:C0:6C:B6:5A:57:8D:44:96:82:D1:46:B5:51:64:D4:BA:C9:F0:69:EB:AC:B2:C3:3F:41:5B:7B:EA:35:97:B5:4D:31:B8:7F:F7:FC:BB:75:4A:68:26:4B:72:58:11:20:34:DD:70:13:B3:E1:9F:76:E3:6E:66:D4:9B:EC:26:EB:27:A4:C9:06:99:48:99:BF:D5:B9:2D:16:BF:5A:FE:24:EA:7C:AB:27:C0:B4:2A:5E:C6:17:BD:7B:16:45:2B:DA:9F:DA:5A:82:E9:81:AF:88:10:D9:03:E2:05:02:B1:41:06:8A:1E:B3:A3:2B:16:35:54:80:F8:44:29:9D:53:46:29:D4:B7:23:0F:1E:1A:97:76:78:36:6D:D7:62:79:5D:D5:27:F9:3F:A4:A2:17:AC:91:F7:81:1D:6B:02:45:C9:51:7C:A9:CC:D6:18:87:75:47:86:08:76:3C:C7:E4:64:A6:B1:1C:5D\"\n },\n \"key_size\": 2048,\n \"validity\": {\n \"not_valid_after\": \"2022-11-03 00:58:07\",\n \"not_valid_before\": \"2021-11-03 00:58:09\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"www.example.com\"", " }", " ],", " \"extensions\": {", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"key_encipherment\"", " ],", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"www.example.com\"", " }", " ],", " \"critical\": false", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " }", " ],", " \"critical\": false", " },", " \"basicConstraints\": {", " \"value\": {", " \"ca\": false", " },", " \"critical\": true", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"E1:13:96:F9:4C:48:5C:FC:60:DC:C2:51:5E:B1:8B:13:76:2F:56:64\",", " \"critical\": false", " },", " \"authorityKeyIdentifier\": {", " \"value\": \"80:FB:8B:2D:84:A1:76:8A:47:CE:D1:E2:BF:EC:DE:23:94:0E:B6:9B\",", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"6D:0F:C4:56:2D:1C:6D:0D:99:0D:3E:A7:A9:90:42:E5:05:2E:33:45:B6:6E:58:A8:E4:89:49:C7:8E:82:D4:33:69:28:D1:A2:46:1B:68:98:12:02:85:31:21:C7:1F:6B:AC:65:F5:79:D9:B0:09:99:BE:84:41:4A:06:C7:1D:3C:DB:1F:D0:CD:F5:A2:DA:C8:B7:D8:6C:24:41:C0:6C:B6:5A:57:8D:44:96:82:D1:46:B5:51:64:D4:BA:C9:F0:69:EB:AC:B2:C3:3F:41:5B:7B:EA:35:97:B5:4D:31:B8:7F:F7:FC:BB:75:4A:68:26:4B:72:58:11:20:34:DD:70:13:B3:E1:9F:76:E3:6E:66:D4:9B:EC:26:EB:27:A4:C9:06:99:48:99:BF:D5:B9:2D:16:BF:5A:FE:24:EA:7C:AB:27:C0:B4:2A:5E:C6:17:BD:7B:16:45:2B:DA:9F:DA:5A:82:E9:81:AF:88:10:D9:03:E2:05:02:B1:41:06:8A:1E:B3:A3:2B:16:35:54:80:F8:44:29:9D:53:46:29:D4:B7:23:0F:1E:1A:97:76:78:36:6D:D7:62:79:5D:D5:27:F9:3F:A4:A2:17:AC:91:F7:81:1D:6B:02:45:C9:51:7C:A9:CC:D6:18:87:75:47:86:08:76:3C:C7:E4:64:A6:B1:1C:5D\"", " },", " \"key_size\": 2048,", " \"validity\": {", " \"not_valid_after\": \"2022-11-03 00:58:07\",", " \"not_valid_before\": \"2021-11-03 00:58:09\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityKeyIdentifier": {"critical": false, "value": "80:FB:8B:2D:84:A1:76:8A:47:CE:D1:E2:BF:EC:DE:23:94:0E:B6:9B"}, "basicConstraints": {"critical": true, "value": {"ca": false}}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}]}, "keyUsage": {"critical": false, "value": ["digital_signature", "key_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "www.example.com"}]}, "subjectKeyIdentifier": {"critical": false, "value": "E1:13:96:F9:4C:48:5C:FC:60:DC:C2:51:5E:B1:8B:13:76:2F:56:64"}}, "key_size": 2048, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "6D:0F:C4:56:2D:1C:6D:0D:99:0D:3E:A7:A9:90:42:E5:05:2E:33:45:B6:6E:58:A8:E4:89:49:C7:8E:82:D4:33:69:28:D1:A2:46:1B:68:98:12:02:85:31:21:C7:1F:6B:AC:65:F5:79:D9:B0:09:99:BE:84:41:4A:06:C7:1D:3C:DB:1F:D0:CD:F5:A2:DA:C8:B7:D8:6C:24:41:C0:6C:B6:5A:57:8D:44:96:82:D1:46:B5:51:64:D4:BA:C9:F0:69:EB:AC:B2:C3:3F:41:5B:7B:EA:35:97:B5:4D:31:B8:7F:F7:FC:BB:75:4A:68:26:4B:72:58:11:20:34:DD:70:13:B3:E1:9F:76:E3:6E:66:D4:9B:EC:26:EB:27:A4:C9:06:99:48:99:BF:D5:B9:2D:16:BF:5A:FE:24:EA:7C:AB:27:C0:B4:2A:5E:C6:17:BD:7B:16:45:2B:DA:9F:DA:5A:82:E9:81:AF:88:10:D9:03:E2:05:02:B1:41:06:8A:1E:B3:A3:2B:16:35:54:80:F8:44:29:9D:53:46:29:D4:B7:23:0F:1E:1A:97:76:78:36:6D:D7:62:79:5D:D5:27:F9:3F:A4:A2:17:AC:91:F7:81:1D:6B:02:45:C9:51:7C:A9:CC:D6:18:87:75:47:86:08:76:3C:C7:E4:64:A6:B1:1C:5D"}, "subject": [{"name": "commonName", "oid": "2.5.4.3", "value": "www.example.com"}], "validity": {"not_valid_after": "2022-11-03 00:58:07", "not_valid_before": "2021-11-03 00:58:09"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/certid.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.035708", "end": "2021-11-03 00:58:35.996739", "rc": 0, "start": "2021-11-03 00:58:35.961031", "stderr": "", "stderr_lines": [], "stdout": "yes", "stdout_lines": ["yes"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=55 changed=11 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 + cd /tmp/tmpvvgb4zlc/tests; TEST_SUBJECTS=/cache/centos-7.qcow2c TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-100-3dbef8b-centos-7-9qbgm6b2/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpvvgb4zlc/_setup.yml /tmp/tmpvvgb4zlc/tests/tests_include_vars_from_parent.yml ansible-playbook 2.9.23 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpvvgb4zlc/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpvvgb4zlc/_setup.yml:5 ok: [/cache/centos-7.qcow2c] => { "groups": { "all": [ "/cache/centos-7.qcow2c" ], "localhost": [ "/cache/centos-7.qcow2c" ], "subjects": [ "/cache/centos-7.qcow2c" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpvvgb4zlc/_setup.yml:7 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_include_vars_from_parent.yml *********************************** 1 plays in /tmp/tmpvvgb4zlc/tests/tests_include_vars_from_parent.yml PLAY [all] ********************************************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_include_vars_from_parent.yml:1 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [create var file in caller that can override the one in called role] ****** task path: /tmp/tmpvvgb4zlc/tests/tests_include_vars_from_parent.yml:3 changed: [/cache/centos-7.qcow2c] => (item=CentOS-7.8) => {"ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpvvgb4zlc/tests/roles/caller/vars/CentOS-7.8.yml", "gid": 0, "group": "root", "item": "CentOS-7.8", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1635901131.64-130781-48767906230102/source", "state": "file", "uid": 0} changed: [/cache/centos-7.qcow2c] => (item=CentOS-7) => {"ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpvvgb4zlc/tests/roles/caller/vars/CentOS-7.yml", "gid": 0, "group": "root", "item": "CentOS-7", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1635901132.29-130781-216599068894151/source", "state": "file", "uid": 0} changed: [/cache/centos-7.qcow2c] => (item=CentOS_7.8) => {"ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpvvgb4zlc/tests/roles/caller/vars/CentOS_7.8.yml", "gid": 0, "group": "root", "item": "CentOS_7.8", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1635901132.55-130781-24730949799395/source", "state": "file", "uid": 0} changed: [/cache/centos-7.qcow2c] => (item=CentOS_7) => {"ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpvvgb4zlc/tests/roles/caller/vars/CentOS_7.yml", "gid": 0, "group": "root", "item": "CentOS_7", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1635901132.8-130781-190836755016918/source", "state": "file", "uid": 0} changed: [/cache/centos-7.qcow2c] => (item=CentOS) => {"ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpvvgb4zlc/tests/roles/caller/vars/CentOS.yml", "gid": 0, "group": "root", "item": "CentOS", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1635901133.06-130781-278578367582812/source", "state": "file", "uid": 0} changed: [/cache/centos-7.qcow2c] => (item=RedHat) => {"ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpvvgb4zlc/tests/roles/caller/vars/RedHat.yml", "gid": 0, "group": "root", "item": "RedHat", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1635901133.33-130781-175267563232911/source", "state": "file", "uid": 0} TASK [include_role : {{ roletoinclude }}] ************************************** task path: /tmp/tmpvvgb4zlc/tests/roles/caller/tasks/main.yml:4 TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python-pyasn1", "python-cryptography"]}, "msg": "warning: /var/cache/yum/x86_64/7/base/packages/python-enum34-1.0.4-1.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) \"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-8.2003.0.el7.centos.x86_64 (installed)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n", "rc": 0, "results": ["dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-enum34 noarch 1.0.4-1.el7 base 52 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\nPublic key for python-enum34-1.0.4-1.el7.noarch.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 5.6 MB/s | 1.2 MB 00:00 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 TASK [caller : assert] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/roles/caller/tasks/main.yml:7 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=6 changed=2 unreachable=0 failed=0 skipped=6 rescued=0 ignored=0 + cd /tmp/tmpvvgb4zlc/tests; TEST_SUBJECTS=/cache/centos-7.qcow2c TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-100-3dbef8b-centos-7-9qbgm6b2/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpvvgb4zlc/_setup.yml /tmp/tmpvvgb4zlc/tests/tests_key_size.yml ansible-playbook 2.9.23 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpvvgb4zlc/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpvvgb4zlc/_setup.yml:5 ok: [/cache/centos-7.qcow2c] => { "groups": { "all": [ "/cache/centos-7.qcow2c" ], "localhost": [ "/cache/centos-7.qcow2c" ], "subjects": [ "/cache/centos-7.qcow2c" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpvvgb4zlc/_setup.yml:7 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_key_size.yml *************************************************** 2 plays in /tmp/tmpvvgb4zlc/tests/tests_key_size.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_key_size.yml:2 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python-pyasn1", "python-cryptography"]}, "msg": "warning: /var/cache/yum/x86_64/7/base/packages/python-enum34-1.0.4-1.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) \"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-8.2003.0.el7.centos.x86_64 (installed)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n", "rc": 0, "results": ["dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirror.cs.pitt.edu\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-enum34 noarch 1.0.4-1.el7 base 52 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\nPublic key for python-enum34-1.0.4-1.el7.noarch.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 5.5 MB/s | 1.2 MB 00:00 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": {"installed": ["certmonger"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirror.cs.pitt.edu\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-16.el7_9 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-16.el7_9 updates 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 base 33 k\n libtevent x86_64 0.9.39-1.el7 base 41 k\n psmisc x86_64 22.20-17.el7 base 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 base 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 base 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 981 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 3.2 MB/s | 981 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-16.el7_9.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : certmonger-0.78.4-16.el7_9.x86_64 2/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 3/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-16.el7_9 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": {"ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "basic.target syslog.target system.slice systemd-journald.socket dbus.service network.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14969", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14969", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0"}} TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 changed: [/cache/centos-7.qcow2c] => (item={u'ca': u'self-sign', u'key_size': 4096, u'name': u'mycert', u'dns': u'www.example.com'}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "self-sign", "dns": "www.example.com", "key_size": 4096, "name": "mycert"}, "msg": "Certificate requested (new)."} META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_key_size.yml:14 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_key_size.yml:29 included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python3"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirror.cs.pitt.edu\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-18.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-18.el7 for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-18.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-18.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-18.el7 updates 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-18.el7 updates 6.9 M\n python3-pip noarch 9.0.3-8.el7 base 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 base 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 14 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-libs-3.6.8-18.el7.x86_64 1/4 \n Installing : python3-3.6.8-18.el7.x86_64 2/4 \n Installing : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Verifying : python3-libs-3.6.8-18.el7.x86_64 2/4 \n Verifying : python3-3.6.8-18.el7.x86_64 3/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-18.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-18.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Collecting pip\n Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)\nInstalling collected packages: pip\n Found existing installation: pip 9.0.3\n Uninstalling pip-9.0.3:\n Successfully uninstalled pip-9.0.3\nSuccessfully installed pip-21.3.1\n", "stdout_lines": ["Collecting pip", " Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)", "Installing collected packages: pip", " Found existing installation: pip 9.0.3", " Uninstalling pip-9.0.3:", " Successfully uninstalled pip-9.0.3", "Successfully installed pip-21.3.1"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Collecting cryptography<35\n Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)\nCollecting certreader>=0.1.1\n Downloading certreader-0.1.1.tar.gz (4.4 kB)\n Preparing metadata (setup.py): started\n Preparing metadata (setup.py): finished with status 'done'\nCollecting cffi>=1.12\n Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)\nCollecting pyasn1\n Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)\nCollecting pyyaml\n Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)\nCollecting pycparser\n Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)\nUsing legacy 'setup.py install' for certreader, since package 'wheel' is not installed.\nInstalling collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader\n Running setup.py install for certreader: started\n Running setup.py install for certreader: finished with status 'done'\nSuccessfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0\n", "stdout_lines": ["Collecting cryptography<35", " Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)", "Collecting certreader>=0.1.1", " Downloading certreader-0.1.1.tar.gz (4.4 kB)", " Preparing metadata (setup.py): started", " Preparing metadata (setup.py): finished with status 'done'", "Collecting cffi>=1.12", " Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)", "Collecting pyasn1", " Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)", "Collecting pyyaml", " Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)", "Collecting pycparser", " Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)", "Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed.", "Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader", " Running setup.py install for certreader: started", " Running setup.py install for certreader: finished with status 'done'", "Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901171.5125194, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "049ddad0f1534f5bf873e52ee29db889aedd9f8d", "ctime": 1635901171.5095193, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 19073, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901171.5095193, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1655, "uid": 0, "version": "18446744071901942552", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901171.4605193, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "e34fb5e9d6577b8c637e22231663fa0d6fc2c883", "ctime": 1635901171.5095193, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12598173, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901171.5095193, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 3272, "uid": 0, "version": "18446744071924809719", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt"], "delta": "0:00:00.267740", "end": "2021-11-03 00:59:57.707231", "rc": 0, "start": "2021-11-03 00:59:57.439491", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"www.example.com\"\n }\n ],\n \"extensions\": {\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"key_encipherment\"\n ],\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"www.example.com\"\n }\n ],\n \"critical\": false\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n }\n ],\n \"critical\": false\n },\n \"basicConstraints\": {\n \"value\": {\n \"ca\": false\n },\n \"critical\": true\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"6F:0C:CD:33:D5:28:B1:B0:A3:CA:4D:6F:4A:4E:5C:F6:41:96:32:CA\",\n \"critical\": false\n },\n \"authorityKeyIdentifier\": {\n \"value\": \"C0:7B:67:8B:C8:37:94:58:86:77:18:FD:E2:C8:CB:82:28:56:D1:B3\",\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"6D:29:9B:2C:D5:AC:45:81:47:3A:93:49:D7:D9:E7:E1:61:20:EC:8D:08:B0:24:12:A7:99:75:35:51:89:3A:66:CD:08:67:72:D4:22:81:67:83:A5:53:59:1D:CB:CA:DB:D5:BB:A6:7E:3D:9E:D6:26:AD:DE:18:00:A2:54:8B:9B:1A:DD:DB:60:F8:6E:45:51:75:13:19:A7:7E:67:D1:7E:A0:E1:D6:D9:05:BC:CF:C1:DB:4F:DD:FF:0B:14:01:4D:23:DA:D0:1C:57:A7:8B:A3:16:56:61:39:18:87:A3:F0:85:B4:28:CF:E8:F2:D9:D1:55:BE:C6:D1:8A:BD:53:54:EB:60:CD:1F:6F:5A:D7:43:07:82:8E:79:23:0B:3E:10:0E:7A:F8:E1:9E:CA:21:41:D5:7F:B5:8B:31:2E:2B:F5:4E:AC:3B:AE:60:65:19:69:16:85:33:74:6E:1E:35:02:7C:8D:E9:0F:78:FB:64:C2:15:EF:CA:CE:35:D3:14:02:EB:47:51:C7:D7:93:F6:83:43:32:57:28:D2:3D:FE:15:16:CD:50:15:17:47:97:57:0C:F7:B8:4A:68:12:60:23:F0:C4:9E:85:90:57:50:89:6E:93:DC:BB:70:A1:8E:3E:DD:2C:3B:5A:74:26:7C:3F:8E:9E:0C:C0:CA:B7:28:BB\"\n },\n \"key_size\": 4096,\n \"validity\": {\n \"not_valid_after\": \"2022-11-03 00:59:29\",\n \"not_valid_before\": \"2021-11-03 00:59:31\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"www.example.com\"", " }", " ],", " \"extensions\": {", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"key_encipherment\"", " ],", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"www.example.com\"", " }", " ],", " \"critical\": false", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " }", " ],", " \"critical\": false", " },", " \"basicConstraints\": {", " \"value\": {", " \"ca\": false", " },", " \"critical\": true", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"6F:0C:CD:33:D5:28:B1:B0:A3:CA:4D:6F:4A:4E:5C:F6:41:96:32:CA\",", " \"critical\": false", " },", " \"authorityKeyIdentifier\": {", " \"value\": \"C0:7B:67:8B:C8:37:94:58:86:77:18:FD:E2:C8:CB:82:28:56:D1:B3\",", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"6D:29:9B:2C:D5:AC:45:81:47:3A:93:49:D7:D9:E7:E1:61:20:EC:8D:08:B0:24:12:A7:99:75:35:51:89:3A:66:CD:08:67:72:D4:22:81:67:83:A5:53:59:1D:CB:CA:DB:D5:BB:A6:7E:3D:9E:D6:26:AD:DE:18:00:A2:54:8B:9B:1A:DD:DB:60:F8:6E:45:51:75:13:19:A7:7E:67:D1:7E:A0:E1:D6:D9:05:BC:CF:C1:DB:4F:DD:FF:0B:14:01:4D:23:DA:D0:1C:57:A7:8B:A3:16:56:61:39:18:87:A3:F0:85:B4:28:CF:E8:F2:D9:D1:55:BE:C6:D1:8A:BD:53:54:EB:60:CD:1F:6F:5A:D7:43:07:82:8E:79:23:0B:3E:10:0E:7A:F8:E1:9E:CA:21:41:D5:7F:B5:8B:31:2E:2B:F5:4E:AC:3B:AE:60:65:19:69:16:85:33:74:6E:1E:35:02:7C:8D:E9:0F:78:FB:64:C2:15:EF:CA:CE:35:D3:14:02:EB:47:51:C7:D7:93:F6:83:43:32:57:28:D2:3D:FE:15:16:CD:50:15:17:47:97:57:0C:F7:B8:4A:68:12:60:23:F0:C4:9E:85:90:57:50:89:6E:93:DC:BB:70:A1:8E:3E:DD:2C:3B:5A:74:26:7C:3F:8E:9E:0C:C0:CA:B7:28:BB\"", " },", " \"key_size\": 4096,", " \"validity\": {", " \"not_valid_after\": \"2022-11-03 00:59:29\",", " \"not_valid_before\": \"2021-11-03 00:59:31\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityKeyIdentifier": {"critical": false, "value": "C0:7B:67:8B:C8:37:94:58:86:77:18:FD:E2:C8:CB:82:28:56:D1:B3"}, "basicConstraints": {"critical": true, "value": {"ca": false}}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}]}, "keyUsage": {"critical": false, "value": ["digital_signature", "key_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "www.example.com"}]}, "subjectKeyIdentifier": {"critical": false, "value": "6F:0C:CD:33:D5:28:B1:B0:A3:CA:4D:6F:4A:4E:5C:F6:41:96:32:CA"}}, "key_size": 4096, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "6D:29:9B:2C:D5:AC:45:81:47:3A:93:49:D7:D9:E7:E1:61:20:EC:8D:08:B0:24:12:A7:99:75:35:51:89:3A:66:CD:08:67:72:D4:22:81:67:83:A5:53:59:1D:CB:CA:DB:D5:BB:A6:7E:3D:9E:D6:26:AD:DE:18:00:A2:54:8B:9B:1A:DD:DB:60:F8:6E:45:51:75:13:19:A7:7E:67:D1:7E:A0:E1:D6:D9:05:BC:CF:C1:DB:4F:DD:FF:0B:14:01:4D:23:DA:D0:1C:57:A7:8B:A3:16:56:61:39:18:87:A3:F0:85:B4:28:CF:E8:F2:D9:D1:55:BE:C6:D1:8A:BD:53:54:EB:60:CD:1F:6F:5A:D7:43:07:82:8E:79:23:0B:3E:10:0E:7A:F8:E1:9E:CA:21:41:D5:7F:B5:8B:31:2E:2B:F5:4E:AC:3B:AE:60:65:19:69:16:85:33:74:6E:1E:35:02:7C:8D:E9:0F:78:FB:64:C2:15:EF:CA:CE:35:D3:14:02:EB:47:51:C7:D7:93:F6:83:43:32:57:28:D2:3D:FE:15:16:CD:50:15:17:47:97:57:0C:F7:B8:4A:68:12:60:23:F0:C4:9E:85:90:57:50:89:6E:93:DC:BB:70:A1:8E:3E:DD:2C:3B:5A:74:26:7C:3F:8E:9E:0C:C0:CA:B7:28:BB"}, "subject": [{"name": "commonName", "oid": "2.5.4.3", "value": "www.example.com"}], "validity": {"not_valid_after": "2022-11-03 00:59:29", "not_valid_before": "2021-11-03 00:59:31"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.041031", "end": "2021-11-03 00:59:58.494036", "rc": 0, "start": "2021-11-03 00:59:58.453005", "stderr": "", "stderr_lines": [], "stdout": "yes", "stdout_lines": ["yes"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=31 changed=9 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 + cd /tmp/tmpvvgb4zlc/tests; TEST_SUBJECTS=/cache/centos-7.qcow2c TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-100-3dbef8b-centos-7-9qbgm6b2/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpvvgb4zlc/_setup.yml /tmp/tmpvvgb4zlc/tests/tests_key_usage_and_extended_key_usage.yml ansible-playbook 2.9.23 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpvvgb4zlc/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpvvgb4zlc/_setup.yml:5 ok: [/cache/centos-7.qcow2c] => { "groups": { "all": [ "/cache/centos-7.qcow2c" ], "localhost": [ "/cache/centos-7.qcow2c" ], "subjects": [ "/cache/centos-7.qcow2c" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpvvgb4zlc/_setup.yml:7 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_key_usage_and_extended_key_usage.yml *************************** 2 plays in /tmp/tmpvvgb4zlc/tests/tests_key_usage_and_extended_key_usage.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_key_usage_and_extended_key_usage.yml:2 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python-pyasn1", "python-cryptography"]}, "msg": "warning: /var/cache/yum/x86_64/7/base/packages/python-enum34-1.0.4-1.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) \"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-8.2003.0.el7.centos.x86_64 (installed)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n", "rc": 0, "results": ["dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-enum34 noarch 1.0.4-1.el7 base 52 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\nPublic key for python-enum34-1.0.4-1.el7.noarch.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 5.7 MB/s | 1.2 MB 00:00 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": {"installed": ["certmonger"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-16.el7_9 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-16.el7_9 updates 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 base 33 k\n libtevent x86_64 0.9.39-1.el7 base 41 k\n psmisc x86_64 22.20-17.el7 base 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 base 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 base 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 981 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 5.7 MB/s | 981 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-16.el7_9.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : certmonger-0.78.4-16.el7_9.x86_64 2/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 3/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-16.el7_9 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": {"ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "dbus.service syslog.target network.target systemd-journald.socket basic.target system.slice", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14969", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14969", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0"}} TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 changed: [/cache/centos-7.qcow2c] => (item={u'ca': u'self-sign', u'key_usage': [u'digitalSignature', u'nonRepudiation', u'keyEncipherment'], u'name': u'mycert', u'dns': u'www.example.com', u'extended_key_usage': [u'id-kp-clientAuth', u'id-kp-serverAuth', u'id-kp-ipsecTunnel', u'1.3.6.1.5.2.3.5']}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "self-sign", "dns": "www.example.com", "extended_key_usage": ["id-kp-clientAuth", "id-kp-serverAuth", "id-kp-ipsecTunnel", "1.3.6.1.5.2.3.5"], "key_usage": ["digitalSignature", "nonRepudiation", "keyEncipherment"], "name": "mycert"}, "msg": "Certificate requested (new)."} META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_key_usage_and_extended_key_usage.yml:22 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_key_usage_and_extended_key_usage.yml:49 included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python3"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-18.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-18.el7 for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-18.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-18.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-18.el7 updates 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-18.el7 updates 6.9 M\n python3-pip noarch 9.0.3-8.el7 base 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 base 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 36 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-libs-3.6.8-18.el7.x86_64 1/4 \n Installing : python3-3.6.8-18.el7.x86_64 2/4 \n Installing : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Verifying : python3-libs-3.6.8-18.el7.x86_64 2/4 \n Verifying : python3-3.6.8-18.el7.x86_64 3/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-18.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-18.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Collecting pip\n Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)\nInstalling collected packages: pip\n Found existing installation: pip 9.0.3\n Uninstalling pip-9.0.3:\n Successfully uninstalled pip-9.0.3\nSuccessfully installed pip-21.3.1\n", "stdout_lines": ["Collecting pip", " Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)", "Installing collected packages: pip", " Found existing installation: pip 9.0.3", " Uninstalling pip-9.0.3:", " Successfully uninstalled pip-9.0.3", "Successfully installed pip-21.3.1"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Collecting cryptography<35\n Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)\nCollecting certreader>=0.1.1\n Downloading certreader-0.1.1.tar.gz (4.4 kB)\n Preparing metadata (setup.py): started\n Preparing metadata (setup.py): finished with status 'done'\nCollecting cffi>=1.12\n Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)\nCollecting pyasn1\n Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)\nCollecting pyyaml\n Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)\nCollecting pycparser\n Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)\nUsing legacy 'setup.py install' for certreader, since package 'wheel' is not installed.\nInstalling collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader\n Running setup.py install for certreader: started\n Running setup.py install for certreader: finished with status 'done'\nSuccessfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0\n", "stdout_lines": ["Collecting cryptography<35", " Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)", "Collecting certreader>=0.1.1", " Downloading certreader-0.1.1.tar.gz (4.4 kB)", " Preparing metadata (setup.py): started", " Preparing metadata (setup.py): finished with status 'done'", "Collecting cffi>=1.12", " Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)", "Collecting pyasn1", " Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)", "Collecting pyyaml", " Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)", "Collecting pycparser", " Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)", "Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed.", "Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader", " Running setup.py install for certreader: started", " Running setup.py install for certreader: finished with status 'done'", "Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901231.7801523, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "7eee2654bd2531d425f45bc3fcc1daa5cec836fc", "ctime": 1635901231.7781525, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 18976, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901231.7781525, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1334, "uid": 0, "version": "232556990", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901231.7401524, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "823c6f1a6649c46ceaf68f62f687707e7b679cc2", "ctime": 1635901231.7781525, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12821918, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901231.7781525, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072064482736", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt"], "delta": "0:00:00.267046", "end": "2021-11-03 01:00:57.989807", "rc": 0, "start": "2021-11-03 01:00:57.722761", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"www.example.com\"\n }\n ],\n \"extensions\": {\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"content_commitment\",\n \"key_encipherment\"\n ],\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"www.example.com\"\n }\n ],\n \"critical\": false\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n },\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-ipsecTunnel\",\n \"oid\": \"1.3.6.1.5.5.7.3.6\"\n },\n {\n \"name\": null,\n \"oid\": \"1.3.6.1.5.2.3.5\"\n }\n ],\n \"critical\": false\n },\n \"basicConstraints\": {\n \"value\": {\n \"ca\": false\n },\n \"critical\": true\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"42:B6:47:09:B9:B5:29:F6:68:6C:0E:C1:1D:98:4F:AF:EF:B5:44:28\",\n \"critical\": false\n },\n \"authorityKeyIdentifier\": {\n \"value\": \"BB:2F:B2:7A:97:B8:CE:1C:93:D7:99:D9:7C:C8:82:43:10:91:10:19\",\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"0C:CA:5F:7D:35:98:1B:E0:12:EA:4F:1B:F7:CC:E1:67:5A:10:A5:4A:89:8F:E6:C8:C0:BA:80:00:92:BB:ED:CB:F0:11:64:25:17:16:39:F5:52:5D:A3:95:9A:8A:86:09:42:ED:22:12:F4:C3:B0:C3:76:A3:F2:25:BA:59:43:19:90:E7:F6:48:55:A7:27:82:E1:48:72:39:B5:13:D9:28:F9:92:A8:E9:9B:23:93:DF:02:56:F3:80:23:C8:B7:D1:75:AE:10:08:14:37:49:98:E0:79:27:BB:75:91:0F:50:1D:12:B6:1D:B1:48:88:1B:69:61:70:DB:07:F3:D7:F4:02:BC:47:35:26:4F:71:72:1A:31:1F:92:84:A0:BA:06:49:C3:A0:94:4A:BD:5A:B5:21:E8:1C:2D:76:78:77:4B:36:64:20:C4:0B:E4:E1:D3:6D:00:04:CF:3B:DB:8C:BF:B5:2D:1E:C8:2A:ED:02:57:78:4F:7E:4D:2B:4B:04:ED:E4:E6:50:8A:13:4F:AC:A8:FC:BC:32:F5:CF:65:73:7D:0F:21:2C:BD:A0:B8:5E:4B:D6:F9:83:12:36:C7:B7:D0:92:38:CD:F8:7C:54:3D:2A:FD:D0:06:3C:51:2F:57:97:6D:E0:F6:94:AE:3F:9C:73:06:36:DE:22:36:EE:1F:08\"\n },\n \"key_size\": 2048,\n \"validity\": {\n \"not_valid_after\": \"2022-11-03 01:00:31\",\n \"not_valid_before\": \"2021-11-03 01:00:31\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"www.example.com\"", " }", " ],", " \"extensions\": {", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"content_commitment\",", " \"key_encipherment\"", " ],", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"www.example.com\"", " }", " ],", " \"critical\": false", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " },", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-ipsecTunnel\",", " \"oid\": \"1.3.6.1.5.5.7.3.6\"", " },", " {", " \"name\": null,", " \"oid\": \"1.3.6.1.5.2.3.5\"", " }", " ],", " \"critical\": false", " },", " \"basicConstraints\": {", " \"value\": {", " \"ca\": false", " },", " \"critical\": true", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"42:B6:47:09:B9:B5:29:F6:68:6C:0E:C1:1D:98:4F:AF:EF:B5:44:28\",", " \"critical\": false", " },", " \"authorityKeyIdentifier\": {", " \"value\": \"BB:2F:B2:7A:97:B8:CE:1C:93:D7:99:D9:7C:C8:82:43:10:91:10:19\",", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"0C:CA:5F:7D:35:98:1B:E0:12:EA:4F:1B:F7:CC:E1:67:5A:10:A5:4A:89:8F:E6:C8:C0:BA:80:00:92:BB:ED:CB:F0:11:64:25:17:16:39:F5:52:5D:A3:95:9A:8A:86:09:42:ED:22:12:F4:C3:B0:C3:76:A3:F2:25:BA:59:43:19:90:E7:F6:48:55:A7:27:82:E1:48:72:39:B5:13:D9:28:F9:92:A8:E9:9B:23:93:DF:02:56:F3:80:23:C8:B7:D1:75:AE:10:08:14:37:49:98:E0:79:27:BB:75:91:0F:50:1D:12:B6:1D:B1:48:88:1B:69:61:70:DB:07:F3:D7:F4:02:BC:47:35:26:4F:71:72:1A:31:1F:92:84:A0:BA:06:49:C3:A0:94:4A:BD:5A:B5:21:E8:1C:2D:76:78:77:4B:36:64:20:C4:0B:E4:E1:D3:6D:00:04:CF:3B:DB:8C:BF:B5:2D:1E:C8:2A:ED:02:57:78:4F:7E:4D:2B:4B:04:ED:E4:E6:50:8A:13:4F:AC:A8:FC:BC:32:F5:CF:65:73:7D:0F:21:2C:BD:A0:B8:5E:4B:D6:F9:83:12:36:C7:B7:D0:92:38:CD:F8:7C:54:3D:2A:FD:D0:06:3C:51:2F:57:97:6D:E0:F6:94:AE:3F:9C:73:06:36:DE:22:36:EE:1F:08\"", " },", " \"key_size\": 2048,", " \"validity\": {", " \"not_valid_after\": \"2022-11-03 01:00:31\",", " \"not_valid_before\": \"2021-11-03 01:00:31\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityKeyIdentifier": {"critical": false, "value": "BB:2F:B2:7A:97:B8:CE:1C:93:D7:99:D9:7C:C8:82:43:10:91:10:19"}, "basicConstraints": {"critical": true, "value": {"ca": false}}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}, {"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-ipsecTunnel", "oid": "1.3.6.1.5.5.7.3.6"}, {"name": null, "oid": "1.3.6.1.5.2.3.5"}]}, "keyUsage": {"critical": false, "value": ["digital_signature", "content_commitment", "key_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "www.example.com"}]}, "subjectKeyIdentifier": {"critical": false, "value": "42:B6:47:09:B9:B5:29:F6:68:6C:0E:C1:1D:98:4F:AF:EF:B5:44:28"}}, "key_size": 2048, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "0C:CA:5F:7D:35:98:1B:E0:12:EA:4F:1B:F7:CC:E1:67:5A:10:A5:4A:89:8F:E6:C8:C0:BA:80:00:92:BB:ED:CB:F0:11:64:25:17:16:39:F5:52:5D:A3:95:9A:8A:86:09:42:ED:22:12:F4:C3:B0:C3:76:A3:F2:25:BA:59:43:19:90:E7:F6:48:55:A7:27:82:E1:48:72:39:B5:13:D9:28:F9:92:A8:E9:9B:23:93:DF:02:56:F3:80:23:C8:B7:D1:75:AE:10:08:14:37:49:98:E0:79:27:BB:75:91:0F:50:1D:12:B6:1D:B1:48:88:1B:69:61:70:DB:07:F3:D7:F4:02:BC:47:35:26:4F:71:72:1A:31:1F:92:84:A0:BA:06:49:C3:A0:94:4A:BD:5A:B5:21:E8:1C:2D:76:78:77:4B:36:64:20:C4:0B:E4:E1:D3:6D:00:04:CF:3B:DB:8C:BF:B5:2D:1E:C8:2A:ED:02:57:78:4F:7E:4D:2B:4B:04:ED:E4:E6:50:8A:13:4F:AC:A8:FC:BC:32:F5:CF:65:73:7D:0F:21:2C:BD:A0:B8:5E:4B:D6:F9:83:12:36:C7:B7:D0:92:38:CD:F8:7C:54:3D:2A:FD:D0:06:3C:51:2F:57:97:6D:E0:F6:94:AE:3F:9C:73:06:36:DE:22:36:EE:1F:08"}, "subject": [{"name": "commonName", "oid": "2.5.4.3", "value": "www.example.com"}], "validity": {"not_valid_after": "2022-11-03 01:00:31", "not_valid_before": "2021-11-03 01:00:31"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.039023", "end": "2021-11-03 01:00:58.713610", "rc": 0, "start": "2021-11-03 01:00:58.674587", "stderr": "", "stderr_lines": [], "stdout": "yes", "stdout_lines": ["yes"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=31 changed=9 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 + cd /tmp/tmpvvgb4zlc/tests; TEST_SUBJECTS=/cache/centos-7.qcow2c TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-100-3dbef8b-centos-7-9qbgm6b2/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpvvgb4zlc/_setup.yml /tmp/tmpvvgb4zlc/tests/tests_many_self_signed.yml ansible-playbook 2.9.23 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpvvgb4zlc/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpvvgb4zlc/_setup.yml:5 ok: [/cache/centos-7.qcow2c] => { "groups": { "all": [ "/cache/centos-7.qcow2c" ], "localhost": [ "/cache/centos-7.qcow2c" ], "subjects": [ "/cache/centos-7.qcow2c" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpvvgb4zlc/_setup.yml:7 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_many_self_signed.yml ******************************************* 2 plays in /tmp/tmpvvgb4zlc/tests/tests_many_self_signed.yml PLAY [Issue many self-signed certificates] ************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_many_self_signed.yml:2 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python-pyasn1", "python-cryptography"]}, "msg": "warning: /var/cache/yum/x86_64/7/base/packages/python-enum34-1.0.4-1.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) \"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-8.2003.0.el7.centos.x86_64 (installed)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n", "rc": 0, "results": ["dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-enum34 noarch 1.0.4-1.el7 base 52 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\nPublic key for python-enum34-1.0.4-1.el7.noarch.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 5.5 MB/s | 1.2 MB 00:00 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": {"installed": ["certmonger"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-16.el7_9 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-16.el7_9 updates 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 base 33 k\n libtevent x86_64 0.9.39-1.el7 base 41 k\n psmisc x86_64 22.20-17.el7 base 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 base 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 base 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 981 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 5.8 MB/s | 981 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-16.el7_9.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : certmonger-0.78.4-16.el7_9.x86_64 2/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 3/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-16.el7_9 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": {"ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "syslog.target system.slice basic.target systemd-journald.socket network.target dbus.service", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14969", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14969", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0"}} TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 changed: [/cache/centos-7.qcow2c] => (item={u'ca': u'self-sign', u'name': u'mycert', u'dns': u'www.example.com'}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "self-sign", "dns": "www.example.com", "name": "mycert"}, "msg": "Certificate requested (new)."} changed: [/cache/centos-7.qcow2c] => (item={u'ca': u'self-sign', u'name': u'other-cert', u'dns': u'www.example.org'}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "self-sign", "dns": "www.example.org", "name": "other-cert"}, "msg": "Certificate requested (new)."} changed: [/cache/centos-7.qcow2c] => (item={u'ca': u'self-sign', u'name': u'another-cert', u'dns': u'www.example.net'}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "self-sign", "dns": "www.example.net", "name": "another-cert"}, "msg": "Certificate requested (new)."} META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_many_self_signed.yml:18 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_many_self_signed.yml:50 included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python3"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-18.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-18.el7 for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-18.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-18.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-18.el7 updates 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-18.el7 updates 6.9 M\n python3-pip noarch 9.0.3-8.el7 base 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 base 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 29 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-libs-3.6.8-18.el7.x86_64 1/4 \n Installing : python3-3.6.8-18.el7.x86_64 2/4 \n Installing : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Verifying : python3-libs-3.6.8-18.el7.x86_64 2/4 \n Verifying : python3-3.6.8-18.el7.x86_64 3/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-18.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-18.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Collecting pip\n Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)\nInstalling collected packages: pip\n Found existing installation: pip 9.0.3\n Uninstalling pip-9.0.3:\n Successfully uninstalled pip-9.0.3\nSuccessfully installed pip-21.3.1\n", "stdout_lines": ["Collecting pip", " Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)", "Installing collected packages: pip", " Found existing installation: pip 9.0.3", " Uninstalling pip-9.0.3:", " Successfully uninstalled pip-9.0.3", "Successfully installed pip-21.3.1"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Collecting cryptography<35\n Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)\nCollecting certreader>=0.1.1\n Downloading certreader-0.1.1.tar.gz (4.4 kB)\n Preparing metadata (setup.py): started\n Preparing metadata (setup.py): finished with status 'done'\nCollecting cffi>=1.12\n Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)\nCollecting pyasn1\n Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)\nCollecting pyyaml\n Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)\nCollecting pycparser\n Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)\nUsing legacy 'setup.py install' for certreader, since package 'wheel' is not installed.\nInstalling collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader\n Running setup.py install for certreader: started\n Running setup.py install for certreader: finished with status 'done'\nSuccessfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0\n", "stdout_lines": ["Collecting cryptography<35", " Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)", "Collecting certreader>=0.1.1", " Downloading certreader-0.1.1.tar.gz (4.4 kB)", " Preparing metadata (setup.py): started", " Preparing metadata (setup.py): finished with status 'done'", "Collecting cffi>=1.12", " Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)", "Collecting pyasn1", " Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)", "Collecting pyyaml", " Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)", "Collecting pycparser", " Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)", "Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed.", "Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader", " Running setup.py install for certreader: started", " Running setup.py install for certreader: finished with status 'done'", "Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901287.484318, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "19d6859ff60ca2cdda5fbac278643ba505665ce7", "ctime": 1635901287.480318, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 21665, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901287.480318, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "18446744071784697799", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901287.4253182, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "493fa628d1b26fef6d9737b5e8810d5d50a40448", "ctime": 1635901287.480318, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12821924, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901287.480318, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072781574931", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt"], "delta": "0:00:00.262532", "end": "2021-11-03 01:01:45.311336", "rc": 0, "start": "2021-11-03 01:01:45.048804", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"www.example.com\"\n }\n ],\n \"extensions\": {\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"key_encipherment\"\n ],\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"www.example.com\"\n }\n ],\n \"critical\": false\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n }\n ],\n \"critical\": false\n },\n \"basicConstraints\": {\n \"value\": {\n \"ca\": false\n },\n \"critical\": true\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"7D:FF:6F:C7:6E:B9:EB:1C:09:D3:7E:E6:EA:89:D6:7F:4F:C0:9B:1B\",\n \"critical\": false\n },\n \"authorityKeyIdentifier\": {\n \"value\": \"47:4C:45:63:D1:85:D8:B5:B3:90:58:74:3F:3D:2D:11:C5:80:6A:FD\",\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"A5:F3:F3:9A:0F:78:CF:02:BA:62:24:12:D0:A7:82:6F:CE:8E:33:23:54:31:2A:D7:F9:9E:36:5A:2F:DB:6C:E6:E3:83:B4:55:34:80:26:65:25:EA:81:29:1D:E8:20:54:AC:90:39:7D:9D:80:8A:7B:92:5C:A3:D9:6B:BD:51:DE:B7:A8:E8:48:93:BF:D4:27:67:74:0E:33:91:CD:29:A8:56:AE:8A:AE:95:09:BD:17:06:D6:05:D1:95:C8:B2:71:1E:62:02:39:94:3B:C9:A3:29:60:63:BE:CD:F8:5F:05:0C:4E:2E:F8:21:C7:9D:57:B8:49:8E:77:B8:33:5C:2E:98:15:30:1B:73:3D:75:DD:D9:24:37:BB:7A:79:75:C4:EA:F0:DE:BE:71:5D:4B:A0:18:4C:6F:6C:1C:C1:95:3A:CA:CA:0A:24:B2:C8:22:B2:18:0B:B0:85:C4:7D:D2:69:88:5A:9D:85:80:4C:1A:8C:39:26:EF:2F:0C:22:1F:CE:1E:63:28:27:DD:D1:82:6F:75:84:14:54:64:04:6E:86:1A:6A:28:36:C2:A9:BB:C0:26:07:98:1A:16:83:A0:45:8C:A6:BF:2A:10:03:22:3D:7D:37:05:46:BD:9A:74:1B:58:A3:30:FE:5E:0D:2A:F1:6D:49:07:8E:9C:3D:8E:44\"\n },\n \"key_size\": 2048,\n \"validity\": {\n \"not_valid_after\": \"2022-11-03 01:01:26\",\n \"not_valid_before\": \"2021-11-03 01:01:27\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"www.example.com\"", " }", " ],", " \"extensions\": {", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"key_encipherment\"", " ],", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"www.example.com\"", " }", " ],", " \"critical\": false", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " }", " ],", " \"critical\": false", " },", " \"basicConstraints\": {", " \"value\": {", " \"ca\": false", " },", " \"critical\": true", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"7D:FF:6F:C7:6E:B9:EB:1C:09:D3:7E:E6:EA:89:D6:7F:4F:C0:9B:1B\",", " \"critical\": false", " },", " \"authorityKeyIdentifier\": {", " \"value\": \"47:4C:45:63:D1:85:D8:B5:B3:90:58:74:3F:3D:2D:11:C5:80:6A:FD\",", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"A5:F3:F3:9A:0F:78:CF:02:BA:62:24:12:D0:A7:82:6F:CE:8E:33:23:54:31:2A:D7:F9:9E:36:5A:2F:DB:6C:E6:E3:83:B4:55:34:80:26:65:25:EA:81:29:1D:E8:20:54:AC:90:39:7D:9D:80:8A:7B:92:5C:A3:D9:6B:BD:51:DE:B7:A8:E8:48:93:BF:D4:27:67:74:0E:33:91:CD:29:A8:56:AE:8A:AE:95:09:BD:17:06:D6:05:D1:95:C8:B2:71:1E:62:02:39:94:3B:C9:A3:29:60:63:BE:CD:F8:5F:05:0C:4E:2E:F8:21:C7:9D:57:B8:49:8E:77:B8:33:5C:2E:98:15:30:1B:73:3D:75:DD:D9:24:37:BB:7A:79:75:C4:EA:F0:DE:BE:71:5D:4B:A0:18:4C:6F:6C:1C:C1:95:3A:CA:CA:0A:24:B2:C8:22:B2:18:0B:B0:85:C4:7D:D2:69:88:5A:9D:85:80:4C:1A:8C:39:26:EF:2F:0C:22:1F:CE:1E:63:28:27:DD:D1:82:6F:75:84:14:54:64:04:6E:86:1A:6A:28:36:C2:A9:BB:C0:26:07:98:1A:16:83:A0:45:8C:A6:BF:2A:10:03:22:3D:7D:37:05:46:BD:9A:74:1B:58:A3:30:FE:5E:0D:2A:F1:6D:49:07:8E:9C:3D:8E:44\"", " },", " \"key_size\": 2048,", " \"validity\": {", " \"not_valid_after\": \"2022-11-03 01:01:26\",", " \"not_valid_before\": \"2021-11-03 01:01:27\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityKeyIdentifier": {"critical": false, "value": "47:4C:45:63:D1:85:D8:B5:B3:90:58:74:3F:3D:2D:11:C5:80:6A:FD"}, "basicConstraints": {"critical": true, "value": {"ca": false}}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}]}, "keyUsage": {"critical": false, "value": ["digital_signature", "key_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "www.example.com"}]}, "subjectKeyIdentifier": {"critical": false, "value": "7D:FF:6F:C7:6E:B9:EB:1C:09:D3:7E:E6:EA:89:D6:7F:4F:C0:9B:1B"}}, "key_size": 2048, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "A5:F3:F3:9A:0F:78:CF:02:BA:62:24:12:D0:A7:82:6F:CE:8E:33:23:54:31:2A:D7:F9:9E:36:5A:2F:DB:6C:E6:E3:83:B4:55:34:80:26:65:25:EA:81:29:1D:E8:20:54:AC:90:39:7D:9D:80:8A:7B:92:5C:A3:D9:6B:BD:51:DE:B7:A8:E8:48:93:BF:D4:27:67:74:0E:33:91:CD:29:A8:56:AE:8A:AE:95:09:BD:17:06:D6:05:D1:95:C8:B2:71:1E:62:02:39:94:3B:C9:A3:29:60:63:BE:CD:F8:5F:05:0C:4E:2E:F8:21:C7:9D:57:B8:49:8E:77:B8:33:5C:2E:98:15:30:1B:73:3D:75:DD:D9:24:37:BB:7A:79:75:C4:EA:F0:DE:BE:71:5D:4B:A0:18:4C:6F:6C:1C:C1:95:3A:CA:CA:0A:24:B2:C8:22:B2:18:0B:B0:85:C4:7D:D2:69:88:5A:9D:85:80:4C:1A:8C:39:26:EF:2F:0C:22:1F:CE:1E:63:28:27:DD:D1:82:6F:75:84:14:54:64:04:6E:86:1A:6A:28:36:C2:A9:BB:C0:26:07:98:1A:16:83:A0:45:8C:A6:BF:2A:10:03:22:3D:7D:37:05:46:BD:9A:74:1B:58:A3:30:FE:5E:0D:2A:F1:6D:49:07:8E:9C:3D:8E:44"}, "subject": [{"name": "commonName", "oid": "2.5.4.3", "value": "www.example.com"}], "validity": {"not_valid_after": "2022-11-03 01:01:26", "not_valid_before": "2021-11-03 01:01:27"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.041082", "end": "2021-11-03 01:01:46.073505", "rc": 0, "start": "2021-11-03 01:01:46.032423", "stderr": "", "stderr_lines": [], "stdout": "yes", "stdout_lines": ["yes"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 ok: [/cache/centos-7.qcow2c] => {"changed": false, "msg": "", "rc": 0, "results": ["python3-3.6.8-18.el7.x86_64 providing python3 is already installed"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)\n", "stdout_lines": ["Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)\nRequirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)\nRequirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0)\nRequirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)\nRequirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)\nRequirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.20)\n", "stdout_lines": ["Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)", "Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)", "Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0)", "Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)", "Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)", "Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.20)"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901288.1693182, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "02cf91c60727678cee596fb0fbdf6e8efda02aa2", "ctime": 1635901288.167318, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 21664, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901288.167318, "nlink": 1, "path": "/etc/pki/tls/certs/other-cert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "1495639519", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901288.131318, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "337b8b692d960617600b8317e6e595ddfece05e6", "ctime": 1635901288.167318, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12598494, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901288.167318, "nlink": 1, "path": "/etc/pki/tls/private/other-cert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744073086397624", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/other-cert.crt"], "delta": "0:00:00.244180", "end": "2021-11-03 01:01:50.172816", "rc": 0, "start": "2021-11-03 01:01:49.928636", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"www.example.org\"\n }\n ],\n \"extensions\": {\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"key_encipherment\"\n ],\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"www.example.org\"\n }\n ],\n \"critical\": false\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n }\n ],\n \"critical\": false\n },\n \"basicConstraints\": {\n \"value\": {\n \"ca\": false\n },\n \"critical\": true\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"81:D3:E1:D6:F1:5F:6A:7A:32:B1:C1:C7:DC:1C:10:C4:82:99:8C:7B\",\n \"critical\": false\n },\n \"authorityKeyIdentifier\": {\n \"value\": \"47:4C:45:63:D1:85:D8:B5:B3:90:58:74:3F:3D:2D:11:C5:80:6A:FD\",\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"7D:6B:12:0C:B7:13:99:30:E2:73:CF:59:AF:8F:1D:E1:55:D9:8B:5B:98:E6:DF:C1:5D:E0:1E:6D:25:DB:AC:27:58:5B:67:4A:5B:77:F5:88:51:BC:34:E6:45:F1:68:83:B7:F8:49:F6:02:E1:DD:29:0E:8A:F7:D4:C2:21:74:F3:94:15:7B:FB:C4:A2:F9:DE:F2:62:30:50:3F:83:ED:55:56:17:5A:18:B8:C9:10:E7:20:DE:BB:66:5F:D0:AA:1C:B1:F2:D2:3A:C9:BC:5C:1D:79:63:06:3E:0E:70:76:C2:3B:64:08:37:59:35:80:2F:88:1C:CE:ED:D9:50:55:3D:9A:1E:75:E3:12:9B:F2:2D:AF:CF:A0:BB:BC:F8:9D:88:B1:39:75:31:0F:0D:36:24:2D:7C:35:18:D0:31:61:B1:1C:FD:2F:36:CC:8F:CD:04:6B:13:47:A1:81:BF:3F:5E:AB:ED:05:16:03:95:46:2A:57:98:11:0C:20:1D:15:7C:CC:7A:15:7A:9B:60:8B:C7:94:B7:1F:81:26:4D:E6:17:67:8C:E0:67:75:AA:D0:86:06:D6:CC:28:03:7B:40:0A:93:1C:E5:48:E4:32:FF:80:F8:D2:F6:03:70:2F:57:9B:6B:26:13:73:44:6C:04:8B:A9:4F:D4:11:8E:51:FA:C4\"\n },\n \"key_size\": 2048,\n \"validity\": {\n \"not_valid_after\": \"2022-11-03 01:01:26\",\n \"not_valid_before\": \"2021-11-03 01:01:28\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"www.example.org\"", " }", " ],", " \"extensions\": {", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"key_encipherment\"", " ],", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"www.example.org\"", " }", " ],", " \"critical\": false", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " }", " ],", " \"critical\": false", " },", " \"basicConstraints\": {", " \"value\": {", " \"ca\": false", " },", " \"critical\": true", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"81:D3:E1:D6:F1:5F:6A:7A:32:B1:C1:C7:DC:1C:10:C4:82:99:8C:7B\",", " \"critical\": false", " },", " \"authorityKeyIdentifier\": {", " \"value\": \"47:4C:45:63:D1:85:D8:B5:B3:90:58:74:3F:3D:2D:11:C5:80:6A:FD\",", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"7D:6B:12:0C:B7:13:99:30:E2:73:CF:59:AF:8F:1D:E1:55:D9:8B:5B:98:E6:DF:C1:5D:E0:1E:6D:25:DB:AC:27:58:5B:67:4A:5B:77:F5:88:51:BC:34:E6:45:F1:68:83:B7:F8:49:F6:02:E1:DD:29:0E:8A:F7:D4:C2:21:74:F3:94:15:7B:FB:C4:A2:F9:DE:F2:62:30:50:3F:83:ED:55:56:17:5A:18:B8:C9:10:E7:20:DE:BB:66:5F:D0:AA:1C:B1:F2:D2:3A:C9:BC:5C:1D:79:63:06:3E:0E:70:76:C2:3B:64:08:37:59:35:80:2F:88:1C:CE:ED:D9:50:55:3D:9A:1E:75:E3:12:9B:F2:2D:AF:CF:A0:BB:BC:F8:9D:88:B1:39:75:31:0F:0D:36:24:2D:7C:35:18:D0:31:61:B1:1C:FD:2F:36:CC:8F:CD:04:6B:13:47:A1:81:BF:3F:5E:AB:ED:05:16:03:95:46:2A:57:98:11:0C:20:1D:15:7C:CC:7A:15:7A:9B:60:8B:C7:94:B7:1F:81:26:4D:E6:17:67:8C:E0:67:75:AA:D0:86:06:D6:CC:28:03:7B:40:0A:93:1C:E5:48:E4:32:FF:80:F8:D2:F6:03:70:2F:57:9B:6B:26:13:73:44:6C:04:8B:A9:4F:D4:11:8E:51:FA:C4\"", " },", " \"key_size\": 2048,", " \"validity\": {", " \"not_valid_after\": \"2022-11-03 01:01:26\",", " \"not_valid_before\": \"2021-11-03 01:01:28\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityKeyIdentifier": {"critical": false, "value": "47:4C:45:63:D1:85:D8:B5:B3:90:58:74:3F:3D:2D:11:C5:80:6A:FD"}, "basicConstraints": {"critical": true, "value": {"ca": false}}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}]}, "keyUsage": {"critical": false, "value": ["digital_signature", "key_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "www.example.org"}]}, "subjectKeyIdentifier": {"critical": false, "value": "81:D3:E1:D6:F1:5F:6A:7A:32:B1:C1:C7:DC:1C:10:C4:82:99:8C:7B"}}, "key_size": 2048, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "7D:6B:12:0C:B7:13:99:30:E2:73:CF:59:AF:8F:1D:E1:55:D9:8B:5B:98:E6:DF:C1:5D:E0:1E:6D:25:DB:AC:27:58:5B:67:4A:5B:77:F5:88:51:BC:34:E6:45:F1:68:83:B7:F8:49:F6:02:E1:DD:29:0E:8A:F7:D4:C2:21:74:F3:94:15:7B:FB:C4:A2:F9:DE:F2:62:30:50:3F:83:ED:55:56:17:5A:18:B8:C9:10:E7:20:DE:BB:66:5F:D0:AA:1C:B1:F2:D2:3A:C9:BC:5C:1D:79:63:06:3E:0E:70:76:C2:3B:64:08:37:59:35:80:2F:88:1C:CE:ED:D9:50:55:3D:9A:1E:75:E3:12:9B:F2:2D:AF:CF:A0:BB:BC:F8:9D:88:B1:39:75:31:0F:0D:36:24:2D:7C:35:18:D0:31:61:B1:1C:FD:2F:36:CC:8F:CD:04:6B:13:47:A1:81:BF:3F:5E:AB:ED:05:16:03:95:46:2A:57:98:11:0C:20:1D:15:7C:CC:7A:15:7A:9B:60:8B:C7:94:B7:1F:81:26:4D:E6:17:67:8C:E0:67:75:AA:D0:86:06:D6:CC:28:03:7B:40:0A:93:1C:E5:48:E4:32:FF:80:F8:D2:F6:03:70:2F:57:9B:6B:26:13:73:44:6C:04:8B:A9:4F:D4:11:8E:51:FA:C4"}, "subject": [{"name": "commonName", "oid": "2.5.4.3", "value": "www.example.org"}], "validity": {"not_valid_after": "2022-11-03 01:01:26", "not_valid_before": "2021-11-03 01:01:28"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/other-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.039226", "end": "2021-11-03 01:01:50.900072", "rc": 0, "start": "2021-11-03 01:01:50.860846", "stderr": "", "stderr_lines": [], "stdout": "yes", "stdout_lines": ["yes"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 ok: [/cache/centos-7.qcow2c] => {"changed": false, "msg": "", "rc": 0, "results": ["python3-3.6.8-18.el7.x86_64 providing python3 is already installed"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)\n", "stdout_lines": ["Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)\nRequirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)\nRequirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0)\nRequirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)\nRequirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)\nRequirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.20)\n", "stdout_lines": ["Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)", "Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)", "Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0)", "Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)", "Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)", "Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.20)"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901289.1593182, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "997a8b65200719574226d6f5f250af4352606eea", "ctime": 1635901289.1563182, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 21668, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901289.1563182, "nlink": 1, "path": "/etc/pki/tls/certs/another-cert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "1454815459", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901289.118318, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "bbfb1d7d511041bfde0446495d5283430aebdce9", "ctime": 1635901289.1563182, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12821923, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901289.1563182, "nlink": 1, "path": "/etc/pki/tls/private/another-cert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1708, "uid": 0, "version": "18446744073372521637", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/another-cert.crt"], "delta": "0:00:00.253873", "end": "2021-11-03 01:01:55.086551", "rc": 0, "start": "2021-11-03 01:01:54.832678", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"www.example.net\"\n }\n ],\n \"extensions\": {\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"key_encipherment\"\n ],\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"www.example.net\"\n }\n ],\n \"critical\": false\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n }\n ],\n \"critical\": false\n },\n \"basicConstraints\": {\n \"value\": {\n \"ca\": false\n },\n \"critical\": true\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"15:75:F6:7A:13:13:A2:31:D2:CC:E3:03:3A:2B:A4:AA:41:04:ED:A8\",\n \"critical\": false\n },\n \"authorityKeyIdentifier\": {\n \"value\": \"47:4C:45:63:D1:85:D8:B5:B3:90:58:74:3F:3D:2D:11:C5:80:6A:FD\",\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"4D:2A:1B:9E:67:8E:40:E5:A9:B6:E2:45:FE:FA:AE:FC:37:97:33:69:49:A0:F7:A6:08:7E:EB:99:C7:D6:EE:33:F4:91:20:66:84:C5:F1:DD:89:49:A0:B2:A4:48:24:9F:B5:8A:13:D6:5D:F2:B6:83:6D:61:CC:C4:0C:4A:9A:AA:08:2C:58:E6:4D:CC:C6:CC:09:24:A9:EC:5E:07:97:42:0C:EA:AD:E1:B1:9E:AA:10:8D:C7:E6:EA:7E:47:87:C0:DB:8E:B9:C5:34:08:1F:B4:54:29:02:3D:70:EA:E7:2C:E6:A0:38:E1:EC:F2:B9:00:48:0C:B5:A0:72:A8:F3:11:71:A7:1E:10:EF:98:33:5E:BF:F9:E4:71:91:5D:3E:DB:6A:F5:B1:65:B9:FD:1A:1C:F1:EA:23:82:3B:AF:00:8E:77:06:57:15:21:55:73:A5:B1:CC:04:51:E8:51:CB:32:F6:0C:35:F5:AA:AF:0B:B7:60:4C:8C:6C:30:AB:C0:EF:49:05:D8:B6:BB:E3:B8:83:83:28:41:4B:67:DA:32:67:16:02:53:CF:2A:4A:E6:33:E0:83:D4:E1:30:71:C2:48:C0:AA:2B:9F:B3:AA:E2:D2:DD:7D:AA:9B:7B:40:0B:F8:9E:50:8B:2C:D6:42:54:F8:1E:E0:F5:A2:9F:BE:CF:28\"\n },\n \"key_size\": 2048,\n \"validity\": {\n \"not_valid_after\": \"2022-11-03 01:01:26\",\n \"not_valid_before\": \"2021-11-03 01:01:29\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"www.example.net\"", " }", " ],", " \"extensions\": {", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"key_encipherment\"", " ],", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"www.example.net\"", " }", " ],", " \"critical\": false", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " }", " ],", " \"critical\": false", " },", " \"basicConstraints\": {", " \"value\": {", " \"ca\": false", " },", " \"critical\": true", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"15:75:F6:7A:13:13:A2:31:D2:CC:E3:03:3A:2B:A4:AA:41:04:ED:A8\",", " \"critical\": false", " },", " \"authorityKeyIdentifier\": {", " \"value\": \"47:4C:45:63:D1:85:D8:B5:B3:90:58:74:3F:3D:2D:11:C5:80:6A:FD\",", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"4D:2A:1B:9E:67:8E:40:E5:A9:B6:E2:45:FE:FA:AE:FC:37:97:33:69:49:A0:F7:A6:08:7E:EB:99:C7:D6:EE:33:F4:91:20:66:84:C5:F1:DD:89:49:A0:B2:A4:48:24:9F:B5:8A:13:D6:5D:F2:B6:83:6D:61:CC:C4:0C:4A:9A:AA:08:2C:58:E6:4D:CC:C6:CC:09:24:A9:EC:5E:07:97:42:0C:EA:AD:E1:B1:9E:AA:10:8D:C7:E6:EA:7E:47:87:C0:DB:8E:B9:C5:34:08:1F:B4:54:29:02:3D:70:EA:E7:2C:E6:A0:38:E1:EC:F2:B9:00:48:0C:B5:A0:72:A8:F3:11:71:A7:1E:10:EF:98:33:5E:BF:F9:E4:71:91:5D:3E:DB:6A:F5:B1:65:B9:FD:1A:1C:F1:EA:23:82:3B:AF:00:8E:77:06:57:15:21:55:73:A5:B1:CC:04:51:E8:51:CB:32:F6:0C:35:F5:AA:AF:0B:B7:60:4C:8C:6C:30:AB:C0:EF:49:05:D8:B6:BB:E3:B8:83:83:28:41:4B:67:DA:32:67:16:02:53:CF:2A:4A:E6:33:E0:83:D4:E1:30:71:C2:48:C0:AA:2B:9F:B3:AA:E2:D2:DD:7D:AA:9B:7B:40:0B:F8:9E:50:8B:2C:D6:42:54:F8:1E:E0:F5:A2:9F:BE:CF:28\"", " },", " \"key_size\": 2048,", " \"validity\": {", " \"not_valid_after\": \"2022-11-03 01:01:26\",", " \"not_valid_before\": \"2021-11-03 01:01:29\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityKeyIdentifier": {"critical": false, "value": "47:4C:45:63:D1:85:D8:B5:B3:90:58:74:3F:3D:2D:11:C5:80:6A:FD"}, "basicConstraints": {"critical": true, "value": {"ca": false}}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}]}, "keyUsage": {"critical": false, "value": ["digital_signature", "key_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "www.example.net"}]}, "subjectKeyIdentifier": {"critical": false, "value": "15:75:F6:7A:13:13:A2:31:D2:CC:E3:03:3A:2B:A4:AA:41:04:ED:A8"}}, "key_size": 2048, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "4D:2A:1B:9E:67:8E:40:E5:A9:B6:E2:45:FE:FA:AE:FC:37:97:33:69:49:A0:F7:A6:08:7E:EB:99:C7:D6:EE:33:F4:91:20:66:84:C5:F1:DD:89:49:A0:B2:A4:48:24:9F:B5:8A:13:D6:5D:F2:B6:83:6D:61:CC:C4:0C:4A:9A:AA:08:2C:58:E6:4D:CC:C6:CC:09:24:A9:EC:5E:07:97:42:0C:EA:AD:E1:B1:9E:AA:10:8D:C7:E6:EA:7E:47:87:C0:DB:8E:B9:C5:34:08:1F:B4:54:29:02:3D:70:EA:E7:2C:E6:A0:38:E1:EC:F2:B9:00:48:0C:B5:A0:72:A8:F3:11:71:A7:1E:10:EF:98:33:5E:BF:F9:E4:71:91:5D:3E:DB:6A:F5:B1:65:B9:FD:1A:1C:F1:EA:23:82:3B:AF:00:8E:77:06:57:15:21:55:73:A5:B1:CC:04:51:E8:51:CB:32:F6:0C:35:F5:AA:AF:0B:B7:60:4C:8C:6C:30:AB:C0:EF:49:05:D8:B6:BB:E3:B8:83:83:28:41:4B:67:DA:32:67:16:02:53:CF:2A:4A:E6:33:E0:83:D4:E1:30:71:C2:48:C0:AA:2B:9F:B3:AA:E2:D2:DD:7D:AA:9B:7B:40:0B:F8:9E:50:8B:2C:D6:42:54:F8:1E:E0:F5:A2:9F:BE:CF:28"}, "subject": [{"name": "commonName", "oid": "2.5.4.3", "value": "www.example.net"}], "validity": {"not_valid_after": "2022-11-03 01:01:26", "not_valid_before": "2021-11-03 01:01:29"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/another-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.036951", "end": "2021-11-03 01:01:55.838792", "rc": 0, "start": "2021-11-03 01:01:55.801841", "stderr": "", "stderr_lines": [], "stdout": "yes", "stdout_lines": ["yes"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=73 changed=9 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 + cd /tmp/tmpvvgb4zlc/tests; TEST_SUBJECTS=/cache/centos-7.qcow2c TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-100-3dbef8b-centos-7-9qbgm6b2/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpvvgb4zlc/_setup.yml /tmp/tmpvvgb4zlc/tests/tests_no_auto_renew.yml ansible-playbook 2.9.23 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpvvgb4zlc/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpvvgb4zlc/_setup.yml:5 ok: [/cache/centos-7.qcow2c] => { "groups": { "all": [ "/cache/centos-7.qcow2c" ], "localhost": [ "/cache/centos-7.qcow2c" ], "subjects": [ "/cache/centos-7.qcow2c" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpvvgb4zlc/_setup.yml:7 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_no_auto_renew.yml ********************************************** 2 plays in /tmp/tmpvvgb4zlc/tests/tests_no_auto_renew.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_no_auto_renew.yml:2 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python-pyasn1", "python-cryptography"]}, "msg": "warning: /var/cache/yum/x86_64/7/base/packages/python-enum34-1.0.4-1.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) \"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-8.2003.0.el7.centos.x86_64 (installed)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n", "rc": 0, "results": ["dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-enum34 noarch 1.0.4-1.el7 base 52 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\nPublic key for python-enum34-1.0.4-1.el7.noarch.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 5.6 MB/s | 1.2 MB 00:00 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": {"installed": ["certmonger"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-16.el7_9 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-16.el7_9 updates 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 base 33 k\n libtevent x86_64 0.9.39-1.el7 base 41 k\n psmisc x86_64 22.20-17.el7 base 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 base 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 base 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 981 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 4.9 MB/s | 981 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-16.el7_9.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : certmonger-0.78.4-16.el7_9.x86_64 2/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 3/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-16.el7_9 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": {"ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "network.target dbus.service systemd-journald.socket basic.target system.slice syslog.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14969", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14969", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0"}} TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 changed: [/cache/centos-7.qcow2c] => (item={u'ca': u'self-sign', u'name': u'mycert', u'dns': u'www.example.com', u'auto_renew': False}) => {"ansible_loop_var": "item", "changed": true, "item": {"auto_renew": false, "ca": "self-sign", "dns": "www.example.com", "name": "mycert"}, "msg": "Certificate requested (new)."} changed: [/cache/centos-7.qcow2c] => (item={u'ca': u'self-sign', u'name': u'defaultcert', u'dns': u'www.example.com'}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "self-sign", "dns": "www.example.com", "name": "defaultcert"}, "msg": "Certificate requested (new)."} META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_no_auto_renew.yml:17 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_no_auto_renew.yml:42 included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python3"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-18.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-18.el7 for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-18.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-18.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-18.el7 updates 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-18.el7 updates 6.9 M\n python3-pip noarch 9.0.3-8.el7 base 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 base 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 32 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-libs-3.6.8-18.el7.x86_64 1/4 \n Installing : python3-3.6.8-18.el7.x86_64 2/4 \n Installing : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Verifying : python3-libs-3.6.8-18.el7.x86_64 2/4 \n Verifying : python3-3.6.8-18.el7.x86_64 3/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-18.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-18.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Collecting pip\n Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)\nInstalling collected packages: pip\n Found existing installation: pip 9.0.3\n Uninstalling pip-9.0.3:\n Successfully uninstalled pip-9.0.3\nSuccessfully installed pip-21.3.1\n", "stdout_lines": ["Collecting pip", " Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)", "Installing collected packages: pip", " Found existing installation: pip 9.0.3", " Uninstalling pip-9.0.3:", " Successfully uninstalled pip-9.0.3", "Successfully installed pip-21.3.1"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Collecting cryptography<35\n Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)\nCollecting certreader>=0.1.1\n Downloading certreader-0.1.1.tar.gz (4.4 kB)\n Preparing metadata (setup.py): started\n Preparing metadata (setup.py): finished with status 'done'\nCollecting cffi>=1.12\n Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)\nCollecting pyasn1\n Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)\nCollecting pyyaml\n Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)\nCollecting pycparser\n Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)\nUsing legacy 'setup.py install' for certreader, since package 'wheel' is not installed.\nInstalling collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader\n Running setup.py install for certreader: started\n Running setup.py install for certreader: finished with status 'done'\nSuccessfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0\n", "stdout_lines": ["Collecting cryptography<35", " Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)", "Collecting certreader>=0.1.1", " Downloading certreader-0.1.1.tar.gz (4.4 kB)", " Preparing metadata (setup.py): started", " Preparing metadata (setup.py): finished with status 'done'", "Collecting cffi>=1.12", " Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)", "Collecting pyasn1", " Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)", "Collecting pyyaml", " Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)", "Collecting pycparser", " Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)", "Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed.", "Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader", " Running setup.py install for certreader: started", " Running setup.py install for certreader: finished with status 'done'", "Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901342.994124, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "bbcda9997008aecd66e7b316d474ce7e3897f90e", "ctime": 1635901342.991124, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 19262, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901342.991124, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "18446744073606339588", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901342.952124, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "ecaab0cee8befb513b05a20d78375cb6bf857b53", "ctime": 1635901342.991124, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12598517, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901342.991124, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744073427588159", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt"], "delta": "0:00:00.260736", "end": "2021-11-03 01:02:40.284680", "rc": 0, "start": "2021-11-03 01:02:40.023944", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"www.example.com\"\n }\n ],\n \"extensions\": {\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"key_encipherment\"\n ],\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"www.example.com\"\n }\n ],\n \"critical\": false\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n }\n ],\n \"critical\": false\n },\n \"basicConstraints\": {\n \"value\": {\n \"ca\": false\n },\n \"critical\": true\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"77:52:C4:7D:9D:B9:2F:FB:75:CC:35:44:03:26:C5:62:DB:3C:B1:0C\",\n \"critical\": false\n },\n \"authorityKeyIdentifier\": {\n \"value\": \"28:93:92:3A:AB:32:F0:14:35:84:3A:49:1B:29:A7:C8:60:FB:3D:F1\",\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"18:58:2A:4C:B1:16:47:A5:0B:AF:BF:C2:6A:47:55:37:84:C9:59:FD:31:B8:9D:F6:0B:01:96:97:DF:CE:24:85:F6:04:01:A4:FA:53:CB:1C:B2:F0:A1:86:F5:9E:F6:F8:48:05:80:67:65:30:4A:95:6B:EE:5E:86:2A:39:CC:8E:A1:5C:18:45:52:82:1E:15:0D:46:E6:62:D3:8A:C9:B2:A7:27:A0:E7:D2:ED:5F:6E:88:83:64:EA:43:35:31:25:D7:EC:6A:5E:4F:AD:36:21:B8:C0:94:B6:AC:E9:1B:04:F1:94:DD:30:84:26:67:4B:E8:06:12:47:AC:0C:4E:DF:FC:01:2E:7D:6E:A5:93:95:BF:EF:A0:4F:49:01:FB:0E:15:0A:40:6A:E3:44:87:8E:73:8C:E1:C5:42:8E:E1:DA:72:04:56:D2:1A:AB:A0:C4:81:C8:D1:CF:41:C5:E3:4D:D1:CF:5C:86:8D:8D:87:CD:B7:99:EF:CD:14:66:51:C8:B7:A0:28:79:4E:2F:FC:C6:5D:BE:22:85:58:69:46:52:1F:64:C3:33:00:44:7D:28:FC:E2:37:DC:D5:3B:F9:2C:4F:57:7D:D5:01:56:68:10:6F:1D:79:E5:E8:D9:81:B1:76:25:6F:8A:11:7D:32:FC:F1:5C:AB:DB:2D:74:78:76\"\n },\n \"key_size\": 2048,\n \"validity\": {\n \"not_valid_after\": \"2022-11-03 01:02:21\",\n \"not_valid_before\": \"2021-11-03 01:02:22\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"www.example.com\"", " }", " ],", " \"extensions\": {", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"key_encipherment\"", " ],", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"www.example.com\"", " }", " ],", " \"critical\": false", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " }", " ],", " \"critical\": false", " },", " \"basicConstraints\": {", " \"value\": {", " \"ca\": false", " },", " \"critical\": true", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"77:52:C4:7D:9D:B9:2F:FB:75:CC:35:44:03:26:C5:62:DB:3C:B1:0C\",", " \"critical\": false", " },", " \"authorityKeyIdentifier\": {", " \"value\": \"28:93:92:3A:AB:32:F0:14:35:84:3A:49:1B:29:A7:C8:60:FB:3D:F1\",", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"18:58:2A:4C:B1:16:47:A5:0B:AF:BF:C2:6A:47:55:37:84:C9:59:FD:31:B8:9D:F6:0B:01:96:97:DF:CE:24:85:F6:04:01:A4:FA:53:CB:1C:B2:F0:A1:86:F5:9E:F6:F8:48:05:80:67:65:30:4A:95:6B:EE:5E:86:2A:39:CC:8E:A1:5C:18:45:52:82:1E:15:0D:46:E6:62:D3:8A:C9:B2:A7:27:A0:E7:D2:ED:5F:6E:88:83:64:EA:43:35:31:25:D7:EC:6A:5E:4F:AD:36:21:B8:C0:94:B6:AC:E9:1B:04:F1:94:DD:30:84:26:67:4B:E8:06:12:47:AC:0C:4E:DF:FC:01:2E:7D:6E:A5:93:95:BF:EF:A0:4F:49:01:FB:0E:15:0A:40:6A:E3:44:87:8E:73:8C:E1:C5:42:8E:E1:DA:72:04:56:D2:1A:AB:A0:C4:81:C8:D1:CF:41:C5:E3:4D:D1:CF:5C:86:8D:8D:87:CD:B7:99:EF:CD:14:66:51:C8:B7:A0:28:79:4E:2F:FC:C6:5D:BE:22:85:58:69:46:52:1F:64:C3:33:00:44:7D:28:FC:E2:37:DC:D5:3B:F9:2C:4F:57:7D:D5:01:56:68:10:6F:1D:79:E5:E8:D9:81:B1:76:25:6F:8A:11:7D:32:FC:F1:5C:AB:DB:2D:74:78:76\"", " },", " \"key_size\": 2048,", " \"validity\": {", " \"not_valid_after\": \"2022-11-03 01:02:21\",", " \"not_valid_before\": \"2021-11-03 01:02:22\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityKeyIdentifier": {"critical": false, "value": "28:93:92:3A:AB:32:F0:14:35:84:3A:49:1B:29:A7:C8:60:FB:3D:F1"}, "basicConstraints": {"critical": true, "value": {"ca": false}}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}]}, "keyUsage": {"critical": false, "value": ["digital_signature", "key_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "www.example.com"}]}, "subjectKeyIdentifier": {"critical": false, "value": "77:52:C4:7D:9D:B9:2F:FB:75:CC:35:44:03:26:C5:62:DB:3C:B1:0C"}}, "key_size": 2048, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "18:58:2A:4C:B1:16:47:A5:0B:AF:BF:C2:6A:47:55:37:84:C9:59:FD:31:B8:9D:F6:0B:01:96:97:DF:CE:24:85:F6:04:01:A4:FA:53:CB:1C:B2:F0:A1:86:F5:9E:F6:F8:48:05:80:67:65:30:4A:95:6B:EE:5E:86:2A:39:CC:8E:A1:5C:18:45:52:82:1E:15:0D:46:E6:62:D3:8A:C9:B2:A7:27:A0:E7:D2:ED:5F:6E:88:83:64:EA:43:35:31:25:D7:EC:6A:5E:4F:AD:36:21:B8:C0:94:B6:AC:E9:1B:04:F1:94:DD:30:84:26:67:4B:E8:06:12:47:AC:0C:4E:DF:FC:01:2E:7D:6E:A5:93:95:BF:EF:A0:4F:49:01:FB:0E:15:0A:40:6A:E3:44:87:8E:73:8C:E1:C5:42:8E:E1:DA:72:04:56:D2:1A:AB:A0:C4:81:C8:D1:CF:41:C5:E3:4D:D1:CF:5C:86:8D:8D:87:CD:B7:99:EF:CD:14:66:51:C8:B7:A0:28:79:4E:2F:FC:C6:5D:BE:22:85:58:69:46:52:1F:64:C3:33:00:44:7D:28:FC:E2:37:DC:D5:3B:F9:2C:4F:57:7D:D5:01:56:68:10:6F:1D:79:E5:E8:D9:81:B1:76:25:6F:8A:11:7D:32:FC:F1:5C:AB:DB:2D:74:78:76"}, "subject": [{"name": "commonName", "oid": "2.5.4.3", "value": "www.example.com"}], "validity": {"not_valid_after": "2022-11-03 01:02:21", "not_valid_before": "2021-11-03 01:02:22"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.040592", "end": "2021-11-03 01:02:41.035241", "rc": 0, "start": "2021-11-03 01:02:40.994649", "stderr": "", "stderr_lines": [], "stdout": "no", "stdout_lines": ["no"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 ok: [/cache/centos-7.qcow2c] => {"changed": false, "msg": "", "rc": 0, "results": ["python3-3.6.8-18.el7.x86_64 providing python3 is already installed"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)\n", "stdout_lines": ["Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1)"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)\nRequirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)\nRequirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0)\nRequirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)\nRequirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)\nRequirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.20)\n", "stdout_lines": ["Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8)", "Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1)", "Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0)", "Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8)", "Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0)", "Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.20)"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901343.685124, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "c7fdaa49a02c9155d692357202df7e5eb33c2ab6", "ctime": 1635901343.682124, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 19260, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901343.682124, "nlink": 1, "path": "/etc/pki/tls/certs/defaultcert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "226358482", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901343.644124, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "aeca58d9d293723973ea669f8d4e542e0f0c3c51", "ctime": 1635901343.682124, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12598514, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901343.682124, "nlink": 1, "path": "/etc/pki/tls/private/defaultcert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072725567816", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/defaultcert.crt"], "delta": "0:00:00.262241", "end": "2021-11-03 01:02:45.306456", "rc": 0, "start": "2021-11-03 01:02:45.044215", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"www.example.com\"\n }\n ],\n \"extensions\": {\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"key_encipherment\"\n ],\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"www.example.com\"\n }\n ],\n \"critical\": false\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n }\n ],\n \"critical\": false\n },\n \"basicConstraints\": {\n \"value\": {\n \"ca\": false\n },\n \"critical\": true\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"C6:C1:C1:9F:63:8F:80:6C:65:12:3A:D7:9A:A4:7C:B2:4B:E0:E4:CA\",\n \"critical\": false\n },\n \"authorityKeyIdentifier\": {\n \"value\": \"28:93:92:3A:AB:32:F0:14:35:84:3A:49:1B:29:A7:C8:60:FB:3D:F1\",\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"54:4D:FE:BD:0F:A2:80:57:F9:1F:0D:29:5C:CE:FE:1F:B5:BA:87:BE:BA:DE:5D:3C:F6:D4:55:02:20:D0:B9:69:B0:A9:4B:DC:13:D9:57:03:32:FC:1C:97:EA:ED:EC:E0:F3:8A:B0:15:60:89:2F:BB:87:09:6C:0F:33:7D:06:37:E3:1E:04:90:BB:26:0A:28:22:06:94:09:AF:D3:05:27:C8:ED:04:03:CD:0F:73:5E:43:D4:DC:88:8C:22:D9:30:8C:9E:33:79:EB:65:F6:14:49:94:33:EB:38:1B:56:96:81:26:56:54:7B:07:62:28:5D:49:B2:CC:FC:9D:A1:96:0B:C3:9C:04:57:A9:E3:32:19:43:D9:15:6F:6E:FE:2B:F7:BE:D0:80:E3:BB:E8:C5:DF:51:A9:E8:FB:0E:44:B5:67:81:C7:73:61:03:5C:DA:7E:4E:13:9C:9E:38:99:41:AE:FD:42:07:3F:7A:8C:17:DC:BE:41:91:CE:FF:8B:FA:E3:D3:EF:79:F8:37:EC:F2:17:EB:17:B2:9F:9D:F9:C3:8E:98:65:03:6E:06:49:48:6B:1A:8F:7F:AC:62:F5:4D:A0:C1:2D:A4:26:8C:D9:23:27:83:17:E6:40:56:01:EC:A2:71:BC:88:6C:8A:54:F4:2A:27:4F:F1:E4:6F:F5:CF\"\n },\n \"key_size\": 2048,\n \"validity\": {\n \"not_valid_after\": \"2022-11-03 01:02:21\",\n \"not_valid_before\": \"2021-11-03 01:02:23\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"www.example.com\"", " }", " ],", " \"extensions\": {", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"key_encipherment\"", " ],", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"www.example.com\"", " }", " ],", " \"critical\": false", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " }", " ],", " \"critical\": false", " },", " \"basicConstraints\": {", " \"value\": {", " \"ca\": false", " },", " \"critical\": true", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"C6:C1:C1:9F:63:8F:80:6C:65:12:3A:D7:9A:A4:7C:B2:4B:E0:E4:CA\",", " \"critical\": false", " },", " \"authorityKeyIdentifier\": {", " \"value\": \"28:93:92:3A:AB:32:F0:14:35:84:3A:49:1B:29:A7:C8:60:FB:3D:F1\",", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"54:4D:FE:BD:0F:A2:80:57:F9:1F:0D:29:5C:CE:FE:1F:B5:BA:87:BE:BA:DE:5D:3C:F6:D4:55:02:20:D0:B9:69:B0:A9:4B:DC:13:D9:57:03:32:FC:1C:97:EA:ED:EC:E0:F3:8A:B0:15:60:89:2F:BB:87:09:6C:0F:33:7D:06:37:E3:1E:04:90:BB:26:0A:28:22:06:94:09:AF:D3:05:27:C8:ED:04:03:CD:0F:73:5E:43:D4:DC:88:8C:22:D9:30:8C:9E:33:79:EB:65:F6:14:49:94:33:EB:38:1B:56:96:81:26:56:54:7B:07:62:28:5D:49:B2:CC:FC:9D:A1:96:0B:C3:9C:04:57:A9:E3:32:19:43:D9:15:6F:6E:FE:2B:F7:BE:D0:80:E3:BB:E8:C5:DF:51:A9:E8:FB:0E:44:B5:67:81:C7:73:61:03:5C:DA:7E:4E:13:9C:9E:38:99:41:AE:FD:42:07:3F:7A:8C:17:DC:BE:41:91:CE:FF:8B:FA:E3:D3:EF:79:F8:37:EC:F2:17:EB:17:B2:9F:9D:F9:C3:8E:98:65:03:6E:06:49:48:6B:1A:8F:7F:AC:62:F5:4D:A0:C1:2D:A4:26:8C:D9:23:27:83:17:E6:40:56:01:EC:A2:71:BC:88:6C:8A:54:F4:2A:27:4F:F1:E4:6F:F5:CF\"", " },", " \"key_size\": 2048,", " \"validity\": {", " \"not_valid_after\": \"2022-11-03 01:02:21\",", " \"not_valid_before\": \"2021-11-03 01:02:23\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityKeyIdentifier": {"critical": false, "value": "28:93:92:3A:AB:32:F0:14:35:84:3A:49:1B:29:A7:C8:60:FB:3D:F1"}, "basicConstraints": {"critical": true, "value": {"ca": false}}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}]}, "keyUsage": {"critical": false, "value": ["digital_signature", "key_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "www.example.com"}]}, "subjectKeyIdentifier": {"critical": false, "value": "C6:C1:C1:9F:63:8F:80:6C:65:12:3A:D7:9A:A4:7C:B2:4B:E0:E4:CA"}}, "key_size": 2048, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "54:4D:FE:BD:0F:A2:80:57:F9:1F:0D:29:5C:CE:FE:1F:B5:BA:87:BE:BA:DE:5D:3C:F6:D4:55:02:20:D0:B9:69:B0:A9:4B:DC:13:D9:57:03:32:FC:1C:97:EA:ED:EC:E0:F3:8A:B0:15:60:89:2F:BB:87:09:6C:0F:33:7D:06:37:E3:1E:04:90:BB:26:0A:28:22:06:94:09:AF:D3:05:27:C8:ED:04:03:CD:0F:73:5E:43:D4:DC:88:8C:22:D9:30:8C:9E:33:79:EB:65:F6:14:49:94:33:EB:38:1B:56:96:81:26:56:54:7B:07:62:28:5D:49:B2:CC:FC:9D:A1:96:0B:C3:9C:04:57:A9:E3:32:19:43:D9:15:6F:6E:FE:2B:F7:BE:D0:80:E3:BB:E8:C5:DF:51:A9:E8:FB:0E:44:B5:67:81:C7:73:61:03:5C:DA:7E:4E:13:9C:9E:38:99:41:AE:FD:42:07:3F:7A:8C:17:DC:BE:41:91:CE:FF:8B:FA:E3:D3:EF:79:F8:37:EC:F2:17:EB:17:B2:9F:9D:F9:C3:8E:98:65:03:6E:06:49:48:6B:1A:8F:7F:AC:62:F5:4D:A0:C1:2D:A4:26:8C:D9:23:27:83:17:E6:40:56:01:EC:A2:71:BC:88:6C:8A:54:F4:2A:27:4F:F1:E4:6F:F5:CF"}, "subject": [{"name": "commonName", "oid": "2.5.4.3", "value": "www.example.com"}], "validity": {"not_valid_after": "2022-11-03 01:02:21", "not_valid_before": "2021-11-03 01:02:23"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/defaultcert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.038920", "end": "2021-11-03 01:02:46.049730", "rc": 0, "start": "2021-11-03 01:02:46.010810", "stderr": "", "stderr_lines": [], "stdout": "yes", "stdout_lines": ["yes"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=52 changed=9 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 + cd /tmp/tmpvvgb4zlc/tests; TEST_SUBJECTS=/cache/centos-7.qcow2c TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-100-3dbef8b-centos-7-9qbgm6b2/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpvvgb4zlc/_setup.yml /tmp/tmpvvgb4zlc/tests/tests_not_wait_for_cert.yml ansible-playbook 2.9.23 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpvvgb4zlc/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpvvgb4zlc/_setup.yml:5 ok: [/cache/centos-7.qcow2c] => { "groups": { "all": [ "/cache/centos-7.qcow2c" ], "localhost": [ "/cache/centos-7.qcow2c" ], "subjects": [ "/cache/centos-7.qcow2c" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpvvgb4zlc/_setup.yml:7 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_not_wait_for_cert.yml ****************************************** 2 plays in /tmp/tmpvvgb4zlc/tests/tests_not_wait_for_cert.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_not_wait_for_cert.yml:2 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python-pyasn1", "python-cryptography"]}, "msg": "warning: /var/cache/yum/x86_64/7/base/packages/python-cffi-1.6.0-5.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nhttp://mirrors.tripadvisor.com/centos/7.9.2009/os/x86_64/Packages/python-enum34-1.0.4-1.el7.noarch.rpm: [Errno 12] Timeout on http://mirrors.tripadvisor.com/centos/7.9.2009/os/x86_64/Packages/python-enum34-1.0.4-1.el7.noarch.rpm: (28, 'Operation too slow. Less than 1000 bytes/sec transferred the last 30 seconds')\nTrying other mirror.\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) \"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-8.2003.0.el7.centos.x86_64 (installed)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n", "rc": 0, "results": ["dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: centos.mirror.constant.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-enum34 noarch 1.0.4-1.el7 base 52 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\nPublic key for python-cffi-1.6.0-5.el7.x86_64.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 40 kB/s | 1.2 MB 00:30 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": {"installed": ["certmonger"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: centos.mirror.constant.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-16.el7_9 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-16.el7_9 updates 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 base 33 k\n libtevent x86_64 0.9.39-1.el7 base 41 k\n psmisc x86_64 22.20-17.el7 base 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 base 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 base 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 981 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 3.2 MB/s | 981 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-16.el7_9.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : certmonger-0.78.4-16.el7_9.x86_64 2/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 3/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-16.el7_9 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": {"ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "system.slice systemd-journald.socket network.target basic.target dbus.service syslog.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14969", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14969", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0"}} TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 changed: [/cache/centos-7.qcow2c] => (item={u'ca': u'self-sign', u'name': u'mycert', u'dns': u'www.example.com'}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "self-sign", "dns": "www.example.com", "name": "mycert"}, "msg": "Certificate requested (new)."} META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_not_wait_for_cert.yml:14 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [Wait for certificate] **************************************************** task path: /tmp/tmpvvgb4zlc/tests/tests_not_wait_for_cert.yml:28 ok: [/cache/centos-7.qcow2c] => (item={u'path': u'/etc/pki/tls/certs/mycert.crt', u'key_path': u'/etc/pki/tls/private/mycert.key', u'subject_alt_name': [{u'name': u'DNS', u'value': u'www.example.com'}], u'subject': [{u'oid': u'2.5.4.3', u'name': u'commonName', u'value': u'www.example.com'}]}) => {"ansible_loop_var": "item", "changed": false, "elapsed": 0, "gid": 0, "group": "root", "item": {"key_path": "/etc/pki/tls/private/mycert.key", "path": "/etc/pki/tls/certs/mycert.crt", "subject": [{"name": "commonName", "oid": "2.5.4.3", "value": "www.example.com"}], "subject_alt_name": [{"name": "DNS", "value": "www.example.com"}]}, "match_groupdict": {}, "match_groups": [], "mode": "0600", "owner": "root", "path": "/etc/pki/tls/certs/mycert.crt", "port": null, "search_regex": null, "secontext": "system_u:object_r:cert_t:s0", "size": 1310, "state": "file", "uid": 0} TASK [Verify each certificate] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_not_wait_for_cert.yml:34 included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python3"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: centos.mirror.constant.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-18.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-18.el7 for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-18.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-18.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-18.el7 updates 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-18.el7 updates 6.9 M\n python3-pip noarch 9.0.3-8.el7 base 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 base 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 29 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-libs-3.6.8-18.el7.x86_64 1/4 \n Installing : python3-3.6.8-18.el7.x86_64 2/4 \n Installing : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Verifying : python3-libs-3.6.8-18.el7.x86_64 2/4 \n Verifying : python3-3.6.8-18.el7.x86_64 3/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-18.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-18.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Collecting pip\n Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)\nInstalling collected packages: pip\n Found existing installation: pip 9.0.3\n Uninstalling pip-9.0.3:\n Successfully uninstalled pip-9.0.3\nSuccessfully installed pip-21.3.1\n", "stdout_lines": ["Collecting pip", " Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)", "Installing collected packages: pip", " Found existing installation: pip 9.0.3", " Uninstalling pip-9.0.3:", " Successfully uninstalled pip-9.0.3", "Successfully installed pip-21.3.1"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Collecting cryptography<35\n Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)\nCollecting certreader>=0.1.1\n Downloading certreader-0.1.1.tar.gz (4.4 kB)\n Preparing metadata (setup.py): started\n Preparing metadata (setup.py): finished with status 'done'\nCollecting cffi>=1.12\n Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)\nCollecting pyasn1\n Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)\nCollecting pyyaml\n Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)\nCollecting pycparser\n Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)\nUsing legacy 'setup.py install' for certreader, since package 'wheel' is not installed.\nInstalling collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader\n Running setup.py install for certreader: started\n Running setup.py install for certreader: finished with status 'done'\nSuccessfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0\n", "stdout_lines": ["Collecting cryptography<35", " Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)", "Collecting certreader>=0.1.1", " Downloading certreader-0.1.1.tar.gz (4.4 kB)", " Preparing metadata (setup.py): started", " Preparing metadata (setup.py): finished with status 'done'", "Collecting cffi>=1.12", " Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)", "Collecting pyasn1", " Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)", "Collecting pyyaml", " Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)", "Collecting pycparser", " Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)", "Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed.", "Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader", " Running setup.py install for certreader: started", " Running setup.py install for certreader: finished with status 'done'", "Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901435.020833, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "98dee0e8e5f6e866be547f71e52d836711520ec6", "ctime": 1635901435.017833, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 18885, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901435.017833, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "299326707", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901434.9798331, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "71fce2a467a8adb134b1a6db922fddd3de3e10b8", "ctime": 1635901435.017833, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12598471, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901435.017833, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1708, "uid": 0, "version": "18446744071972450415", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt"], "delta": "0:00:00.265701", "end": "2021-11-03 01:04:10.726572", "rc": 0, "start": "2021-11-03 01:04:10.460871", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"www.example.com\"\n }\n ],\n \"extensions\": {\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"key_encipherment\"\n ],\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"www.example.com\"\n }\n ],\n \"critical\": false\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n }\n ],\n \"critical\": false\n },\n \"basicConstraints\": {\n \"value\": {\n \"ca\": false\n },\n \"critical\": true\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"18:A1:AC:A6:EF:98:3D:5D:28:92:A8:3E:54:70:8D:83:13:FA:66:41\",\n \"critical\": false\n },\n \"authorityKeyIdentifier\": {\n \"value\": \"05:BA:D6:6C:81:9D:DB:7E:97:5E:E9:82:B9:B4:8B:48:7B:14:7F:AA\",\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"21:4B:B2:E5:BA:DF:8A:27:FE:14:55:58:6B:26:5F:57:94:EE:41:9E:8C:D4:4D:C4:B9:49:9D:A6:30:D9:15:BB:2C:D8:A6:F3:23:A1:25:61:D7:B3:37:55:45:82:35:6B:CC:DC:79:71:70:2C:1A:C8:A7:F7:C6:31:45:0D:B5:87:0D:0B:1A:CB:8E:53:DC:08:90:CF:17:0A:A7:4B:15:F0:B2:60:11:D5:E2:11:22:CD:9D:DC:96:98:1C:D6:B7:F8:90:70:23:9E:79:E3:6A:00:F2:AB:59:15:02:A8:5D:B5:8C:58:17:E6:4E:64:A6:DA:49:03:3A:E5:85:45:08:51:72:CA:15:59:62:10:5D:E6:B1:D6:46:CF:A9:EC:3F:1E:84:5F:B5:94:FE:6F:04:EC:CB:C6:6F:12:14:D5:14:26:E1:78:22:DC:AB:9D:E3:C6:E6:EE:F2:47:DA:45:38:07:F0:F6:84:5C:25:C2:C1:9B:CB:6E:8C:62:48:AF:65:C3:0C:F7:DF:5E:69:2C:F2:A3:93:E7:A0:9A:C3:6B:B3:7E:57:01:90:CC:14:BF:15:6A:DC:D2:FE:66:E5:42:BF:B5:83:DF:83:26:17:84:DF:95:94:1E:46:F9:EA:67:68:30:97:28:E8:8B:0B:B0:0A:92:B3:45:4A:44:ED:9B:41:9C\"\n },\n \"key_size\": 2048,\n \"validity\": {\n \"not_valid_after\": \"2022-11-03 01:03:54\",\n \"not_valid_before\": \"2021-11-03 01:03:55\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"www.example.com\"", " }", " ],", " \"extensions\": {", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"key_encipherment\"", " ],", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"www.example.com\"", " }", " ],", " \"critical\": false", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " }", " ],", " \"critical\": false", " },", " \"basicConstraints\": {", " \"value\": {", " \"ca\": false", " },", " \"critical\": true", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"18:A1:AC:A6:EF:98:3D:5D:28:92:A8:3E:54:70:8D:83:13:FA:66:41\",", " \"critical\": false", " },", " \"authorityKeyIdentifier\": {", " \"value\": \"05:BA:D6:6C:81:9D:DB:7E:97:5E:E9:82:B9:B4:8B:48:7B:14:7F:AA\",", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"21:4B:B2:E5:BA:DF:8A:27:FE:14:55:58:6B:26:5F:57:94:EE:41:9E:8C:D4:4D:C4:B9:49:9D:A6:30:D9:15:BB:2C:D8:A6:F3:23:A1:25:61:D7:B3:37:55:45:82:35:6B:CC:DC:79:71:70:2C:1A:C8:A7:F7:C6:31:45:0D:B5:87:0D:0B:1A:CB:8E:53:DC:08:90:CF:17:0A:A7:4B:15:F0:B2:60:11:D5:E2:11:22:CD:9D:DC:96:98:1C:D6:B7:F8:90:70:23:9E:79:E3:6A:00:F2:AB:59:15:02:A8:5D:B5:8C:58:17:E6:4E:64:A6:DA:49:03:3A:E5:85:45:08:51:72:CA:15:59:62:10:5D:E6:B1:D6:46:CF:A9:EC:3F:1E:84:5F:B5:94:FE:6F:04:EC:CB:C6:6F:12:14:D5:14:26:E1:78:22:DC:AB:9D:E3:C6:E6:EE:F2:47:DA:45:38:07:F0:F6:84:5C:25:C2:C1:9B:CB:6E:8C:62:48:AF:65:C3:0C:F7:DF:5E:69:2C:F2:A3:93:E7:A0:9A:C3:6B:B3:7E:57:01:90:CC:14:BF:15:6A:DC:D2:FE:66:E5:42:BF:B5:83:DF:83:26:17:84:DF:95:94:1E:46:F9:EA:67:68:30:97:28:E8:8B:0B:B0:0A:92:B3:45:4A:44:ED:9B:41:9C\"", " },", " \"key_size\": 2048,", " \"validity\": {", " \"not_valid_after\": \"2022-11-03 01:03:54\",", " \"not_valid_before\": \"2021-11-03 01:03:55\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityKeyIdentifier": {"critical": false, "value": "05:BA:D6:6C:81:9D:DB:7E:97:5E:E9:82:B9:B4:8B:48:7B:14:7F:AA"}, "basicConstraints": {"critical": true, "value": {"ca": false}}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}]}, "keyUsage": {"critical": false, "value": ["digital_signature", "key_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "www.example.com"}]}, "subjectKeyIdentifier": {"critical": false, "value": "18:A1:AC:A6:EF:98:3D:5D:28:92:A8:3E:54:70:8D:83:13:FA:66:41"}}, "key_size": 2048, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "21:4B:B2:E5:BA:DF:8A:27:FE:14:55:58:6B:26:5F:57:94:EE:41:9E:8C:D4:4D:C4:B9:49:9D:A6:30:D9:15:BB:2C:D8:A6:F3:23:A1:25:61:D7:B3:37:55:45:82:35:6B:CC:DC:79:71:70:2C:1A:C8:A7:F7:C6:31:45:0D:B5:87:0D:0B:1A:CB:8E:53:DC:08:90:CF:17:0A:A7:4B:15:F0:B2:60:11:D5:E2:11:22:CD:9D:DC:96:98:1C:D6:B7:F8:90:70:23:9E:79:E3:6A:00:F2:AB:59:15:02:A8:5D:B5:8C:58:17:E6:4E:64:A6:DA:49:03:3A:E5:85:45:08:51:72:CA:15:59:62:10:5D:E6:B1:D6:46:CF:A9:EC:3F:1E:84:5F:B5:94:FE:6F:04:EC:CB:C6:6F:12:14:D5:14:26:E1:78:22:DC:AB:9D:E3:C6:E6:EE:F2:47:DA:45:38:07:F0:F6:84:5C:25:C2:C1:9B:CB:6E:8C:62:48:AF:65:C3:0C:F7:DF:5E:69:2C:F2:A3:93:E7:A0:9A:C3:6B:B3:7E:57:01:90:CC:14:BF:15:6A:DC:D2:FE:66:E5:42:BF:B5:83:DF:83:26:17:84:DF:95:94:1E:46:F9:EA:67:68:30:97:28:E8:8B:0B:B0:0A:92:B3:45:4A:44:ED:9B:41:9C"}, "subject": [{"name": "commonName", "oid": "2.5.4.3", "value": "www.example.com"}], "validity": {"not_valid_after": "2022-11-03 01:03:54", "not_valid_before": "2021-11-03 01:03:55"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.039725", "end": "2021-11-03 01:04:11.517671", "rc": 0, "start": "2021-11-03 01:04:11.477946", "stderr": "", "stderr_lines": [], "stdout": "yes", "stdout_lines": ["yes"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=32 changed=9 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 + cd /tmp/tmpvvgb4zlc/tests; TEST_SUBJECTS=/cache/centos-7.qcow2c TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-100-3dbef8b-centos-7-9qbgm6b2/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpvvgb4zlc/_setup.yml /tmp/tmpvvgb4zlc/tests/tests_principal.yml ansible-playbook 2.9.23 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpvvgb4zlc/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpvvgb4zlc/_setup.yml:5 ok: [/cache/centos-7.qcow2c] => { "groups": { "all": [ "/cache/centos-7.qcow2c" ], "localhost": [ "/cache/centos-7.qcow2c" ], "subjects": [ "/cache/centos-7.qcow2c" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpvvgb4zlc/_setup.yml:7 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_principal.yml ************************************************** 3 plays in /tmp/tmpvvgb4zlc/tests/tests_principal.yml PLAY [Test issuing certificate with principal.] ******************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_principal.yml:2 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python-pyasn1", "python-cryptography"]}, "msg": "warning: /var/cache/yum/x86_64/7/base/packages/python-enum34-1.0.4-1.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) \"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-8.2003.0.el7.centos.x86_64 (installed)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n", "rc": 0, "results": ["dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-enum34 noarch 1.0.4-1.el7 base 52 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\nPublic key for python-enum34-1.0.4-1.el7.noarch.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 5.5 MB/s | 1.2 MB 00:00 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": {"installed": ["certmonger"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-16.el7_9 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-16.el7_9 updates 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 base 33 k\n libtevent x86_64 0.9.39-1.el7 base 41 k\n psmisc x86_64 22.20-17.el7 base 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 base 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 base 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 981 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 5.6 MB/s | 981 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-16.el7_9.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : certmonger-0.78.4-16.el7_9.x86_64 2/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 3/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-16.el7_9 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": {"ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "basic.target systemd-journald.socket network.target system.slice dbus.service syslog.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14969", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14969", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0"}} TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 changed: [/cache/centos-7.qcow2c] => (item={u'ca': u'self-sign', u'name': u'mycert', u'dns': u'www.example.com', u'principal': u'HTTP/www.example.com@EXAMPLE.COM'}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "self-sign", "dns": "www.example.com", "name": "mycert", "principal": "HTTP/www.example.com@EXAMPLE.COM"}, "msg": "Certificate requested (new)."} META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_principal.yml:13 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_principal.yml:33 included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python3"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-18.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-18.el7 for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-18.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-18.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-18.el7 updates 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-18.el7 updates 6.9 M\n python3-pip noarch 9.0.3-8.el7 base 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 base 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 34 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-libs-3.6.8-18.el7.x86_64 1/4 \n Installing : python3-3.6.8-18.el7.x86_64 2/4 \n Installing : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Verifying : python3-libs-3.6.8-18.el7.x86_64 2/4 \n Verifying : python3-3.6.8-18.el7.x86_64 3/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-18.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-18.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Collecting pip\n Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)\nInstalling collected packages: pip\n Found existing installation: pip 9.0.3\n Uninstalling pip-9.0.3:\n Successfully uninstalled pip-9.0.3\nSuccessfully installed pip-21.3.1\n", "stdout_lines": ["Collecting pip", " Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)", "Installing collected packages: pip", " Found existing installation: pip 9.0.3", " Uninstalling pip-9.0.3:", " Successfully uninstalled pip-9.0.3", "Successfully installed pip-21.3.1"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Collecting cryptography<35\n Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)\nCollecting certreader>=0.1.1\n Downloading certreader-0.1.1.tar.gz (4.4 kB)\n Preparing metadata (setup.py): started\n Preparing metadata (setup.py): finished with status 'done'\nCollecting cffi>=1.12\n Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)\nCollecting pyasn1\n Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)\nCollecting pyyaml\n Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)\nCollecting pycparser\n Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)\nUsing legacy 'setup.py install' for certreader, since package 'wheel' is not installed.\nInstalling collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader\n Running setup.py install for certreader: started\n Running setup.py install for certreader: finished with status 'done'\nSuccessfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0\n", "stdout_lines": ["Collecting cryptography<35", " Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)", "Collecting certreader>=0.1.1", " Downloading certreader-0.1.1.tar.gz (4.4 kB)", " Preparing metadata (setup.py): started", " Preparing metadata (setup.py): finished with status 'done'", "Collecting cffi>=1.12", " Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)", "Collecting pyasn1", " Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)", "Collecting pyyaml", " Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)", "Collecting pycparser", " Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)", "Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed.", "Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader", " Running setup.py install for certreader: started", " Running setup.py install for certreader: finished with status 'done'", "Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901480.2938185, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "d23b64a3dbc7c4592b58666992a121a37a98b490", "ctime": 1635901480.2918184, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 19061, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901480.2918184, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1472, "uid": 0, "version": "18446744072852683079", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901480.2528183, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "b1d4818bc3992ae48dafc971a4605e31bedce2a6", "ctime": 1635901480.2918184, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12598631, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901480.2918184, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072368698473", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt"], "delta": "0:00:00.259697", "end": "2021-11-03 01:04:55.706838", "rc": 0, "start": "2021-11-03 01:04:55.447141", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"www.example.com\"\n }\n ],\n \"extensions\": {\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"key_encipherment\"\n ],\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"www.example.com\"\n },\n {\n \"name\": \"Universal Principal Name (UPN)\",\n \"value\": \"HTTP/www.example.com@EXAMPLE.COM\",\n \"oid\": \"1.3.6.1.4.1.311.20.2.3\"\n },\n {\n \"name\": \"Kerberos principalname\",\n \"value\": \"HTTP/www.example.com@EXAMPLE.COM\",\n \"oid\": \"1.3.6.1.5.2.2\"\n }\n ],\n \"critical\": false\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n }\n ],\n \"critical\": false\n },\n \"basicConstraints\": {\n \"value\": {\n \"ca\": false\n },\n \"critical\": true\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"64:12:71:1F:4F:62:F4:A2:4A:BF:9E:9B:FF:28:1C:56:51:B1:FA:5A\",\n \"critical\": false\n },\n \"authorityKeyIdentifier\": {\n \"value\": \"39:B2:78:FA:DE:00:1B:51:29:B8:E8:51:84:5C:1B:8C:ED:70:D5:0E\",\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"5A:FC:02:44:75:2D:6A:37:E7:E9:57:09:1D:62:68:45:00:BC:0F:FC:08:FD:3C:42:0D:05:49:D0:18:2B:4F:63:AF:C4:FE:61:31:67:95:18:A2:E4:AC:D7:0D:E2:B0:8B:84:23:5F:3B:9D:D3:A0:76:3F:DE:F4:29:5E:94:1A:C6:EF:7F:7B:41:BA:48:8B:52:9D:27:CF:1C:C3:29:F2:C9:25:CF:BA:05:06:A0:1C:6B:DE:C2:F9:C2:39:2C:DE:61:83:B3:91:0A:91:F3:8F:BD:CE:B8:F1:C8:46:51:F8:6D:8C:D9:ED:48:3A:E5:13:FC:65:0A:24:EC:2E:0A:D2:BF:F3:E8:06:A7:80:C3:8E:18:F6:5B:D5:53:6D:27:B8:59:3B:65:56:6A:1B:83:B3:CC:C2:FA:92:6F:40:C1:D3:00:50:6A:7E:A2:A3:09:E1:07:A0:F4:39:5F:2E:8D:0A:B3:05:D7:41:B1:68:E4:E4:E7:14:DB:D1:1B:CE:4A:5E:48:CA:C4:43:A9:15:5D:13:34:F2:EE:34:51:C9:86:0C:8A:B1:C0:84:DB:CA:9A:CD:32:1A:7F:30:64:04:11:39:D2:19:8A:DB:AD:49:0D:7D:0D:6E:A3:CB:96:FF:4A:A6:77:77:D0:76:EE:07:16:DF:BD:E1:F3:84:B9:27:9A:10:8E\"\n },\n \"key_size\": 2048,\n \"validity\": {\n \"not_valid_after\": \"2022-11-03 01:04:39\",\n \"not_valid_before\": \"2021-11-03 01:04:40\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"www.example.com\"", " }", " ],", " \"extensions\": {", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"key_encipherment\"", " ],", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"www.example.com\"", " },", " {", " \"name\": \"Universal Principal Name (UPN)\",", " \"value\": \"HTTP/www.example.com@EXAMPLE.COM\",", " \"oid\": \"1.3.6.1.4.1.311.20.2.3\"", " },", " {", " \"name\": \"Kerberos principalname\",", " \"value\": \"HTTP/www.example.com@EXAMPLE.COM\",", " \"oid\": \"1.3.6.1.5.2.2\"", " }", " ],", " \"critical\": false", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " }", " ],", " \"critical\": false", " },", " \"basicConstraints\": {", " \"value\": {", " \"ca\": false", " },", " \"critical\": true", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"64:12:71:1F:4F:62:F4:A2:4A:BF:9E:9B:FF:28:1C:56:51:B1:FA:5A\",", " \"critical\": false", " },", " \"authorityKeyIdentifier\": {", " \"value\": \"39:B2:78:FA:DE:00:1B:51:29:B8:E8:51:84:5C:1B:8C:ED:70:D5:0E\",", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"5A:FC:02:44:75:2D:6A:37:E7:E9:57:09:1D:62:68:45:00:BC:0F:FC:08:FD:3C:42:0D:05:49:D0:18:2B:4F:63:AF:C4:FE:61:31:67:95:18:A2:E4:AC:D7:0D:E2:B0:8B:84:23:5F:3B:9D:D3:A0:76:3F:DE:F4:29:5E:94:1A:C6:EF:7F:7B:41:BA:48:8B:52:9D:27:CF:1C:C3:29:F2:C9:25:CF:BA:05:06:A0:1C:6B:DE:C2:F9:C2:39:2C:DE:61:83:B3:91:0A:91:F3:8F:BD:CE:B8:F1:C8:46:51:F8:6D:8C:D9:ED:48:3A:E5:13:FC:65:0A:24:EC:2E:0A:D2:BF:F3:E8:06:A7:80:C3:8E:18:F6:5B:D5:53:6D:27:B8:59:3B:65:56:6A:1B:83:B3:CC:C2:FA:92:6F:40:C1:D3:00:50:6A:7E:A2:A3:09:E1:07:A0:F4:39:5F:2E:8D:0A:B3:05:D7:41:B1:68:E4:E4:E7:14:DB:D1:1B:CE:4A:5E:48:CA:C4:43:A9:15:5D:13:34:F2:EE:34:51:C9:86:0C:8A:B1:C0:84:DB:CA:9A:CD:32:1A:7F:30:64:04:11:39:D2:19:8A:DB:AD:49:0D:7D:0D:6E:A3:CB:96:FF:4A:A6:77:77:D0:76:EE:07:16:DF:BD:E1:F3:84:B9:27:9A:10:8E\"", " },", " \"key_size\": 2048,", " \"validity\": {", " \"not_valid_after\": \"2022-11-03 01:04:39\",", " \"not_valid_before\": \"2021-11-03 01:04:40\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityKeyIdentifier": {"critical": false, "value": "39:B2:78:FA:DE:00:1B:51:29:B8:E8:51:84:5C:1B:8C:ED:70:D5:0E"}, "basicConstraints": {"critical": true, "value": {"ca": false}}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}]}, "keyUsage": {"critical": false, "value": ["digital_signature", "key_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "www.example.com"}, {"name": "Universal Principal Name (UPN)", "oid": "1.3.6.1.4.1.311.20.2.3", "value": "HTTP/www.example.com@EXAMPLE.COM"}, {"name": "Kerberos principalname", "oid": "1.3.6.1.5.2.2", "value": "HTTP/www.example.com@EXAMPLE.COM"}]}, "subjectKeyIdentifier": {"critical": false, "value": "64:12:71:1F:4F:62:F4:A2:4A:BF:9E:9B:FF:28:1C:56:51:B1:FA:5A"}}, "key_size": 2048, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "5A:FC:02:44:75:2D:6A:37:E7:E9:57:09:1D:62:68:45:00:BC:0F:FC:08:FD:3C:42:0D:05:49:D0:18:2B:4F:63:AF:C4:FE:61:31:67:95:18:A2:E4:AC:D7:0D:E2:B0:8B:84:23:5F:3B:9D:D3:A0:76:3F:DE:F4:29:5E:94:1A:C6:EF:7F:7B:41:BA:48:8B:52:9D:27:CF:1C:C3:29:F2:C9:25:CF:BA:05:06:A0:1C:6B:DE:C2:F9:C2:39:2C:DE:61:83:B3:91:0A:91:F3:8F:BD:CE:B8:F1:C8:46:51:F8:6D:8C:D9:ED:48:3A:E5:13:FC:65:0A:24:EC:2E:0A:D2:BF:F3:E8:06:A7:80:C3:8E:18:F6:5B:D5:53:6D:27:B8:59:3B:65:56:6A:1B:83:B3:CC:C2:FA:92:6F:40:C1:D3:00:50:6A:7E:A2:A3:09:E1:07:A0:F4:39:5F:2E:8D:0A:B3:05:D7:41:B1:68:E4:E4:E7:14:DB:D1:1B:CE:4A:5E:48:CA:C4:43:A9:15:5D:13:34:F2:EE:34:51:C9:86:0C:8A:B1:C0:84:DB:CA:9A:CD:32:1A:7F:30:64:04:11:39:D2:19:8A:DB:AD:49:0D:7D:0D:6E:A3:CB:96:FF:4A:A6:77:77:D0:76:EE:07:16:DF:BD:E1:F3:84:B9:27:9A:10:8E"}, "subject": [{"name": "commonName", "oid": "2.5.4.3", "value": "www.example.com"}], "validity": {"not_valid_after": "2022-11-03 01:04:39", "not_valid_before": "2021-11-03 01:04:40"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.037009", "end": "2021-11-03 01:05:01.461907", "rc": 0, "start": "2021-11-03 01:05:01.424898", "stderr": "", "stderr_lines": [], "stdout": "yes", "stdout_lines": ["yes"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY [Test issuing certificate with invalid principal.] ************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_principal.yml:40 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 ok: [/cache/centos-7.qcow2c] => {"changed": false, "msg": "", "rc": 0, "results": ["python2-pyasn1-0.1.9-7.el7.noarch providing python-pyasn1 is already installed", "python2-cryptography-1.7.2-2.el7.x86_64 providing python-cryptography is already installed", "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 ok: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "msg": "", "rc": 0, "results": ["certmonger-0.78.4-16.el7_9.x86_64 providing certmonger is already installed"]} TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 ok: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 ok: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 ok: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "enabled": true, "name": "certmonger", "state": "started", "status": {"ActiveEnterTimestamp": "Wed 2021-11-03 01:04:39 UTC", "ActiveEnterTimestampMonotonic": "24040495", "ActiveExitTimestampMonotonic": "0", "ActiveState": "active", "After": "basic.target syslog.target system.slice dbus.service systemd-journald.socket network.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Wed 2021-11-03 01:04:39 UTC", "AssertTimestampMonotonic": "24014864", "Before": "shutdown.target multi-user.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "yes", "ConditionTimestamp": "Wed 2021-11-03 01:04:39 UTC", "ConditionTimestampMonotonic": "24014864", "Conflicts": "shutdown.target", "ControlGroup": "/system.slice/certmonger.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "9175", "ExecMainStartTimestamp": "Wed 2021-11-03 01:04:39 UTC", "ExecMainStartTimestampMonotonic": "24015728", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[Wed 2021-11-03 01:04:39 UTC] ; stop_time=[n/a] ; pid=9175 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestamp": "Wed 2021-11-03 01:04:39 UTC", "InactiveExitTimestampMonotonic": "24016152", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14969", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14969", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "9175", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "WatchdogTimestamp": "Wed 2021-11-03 01:04:39 UTC", "WatchdogTimestampMonotonic": "24040470", "WatchdogUSec": "0"}} TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 failed: [/cache/centos-7.qcow2c] (item={u'ca': u'self-sign', u'name': u'mycertinvalid', u'dns': u'www.example.com', u'principal': u'HTTP/abc'}) => {"ansible_loop_var": "item", "changed": false, "item": {"ca": "self-sign", "dns": "www.example.com", "name": "mycertinvalid", "principal": "HTTP/abc"}, "msg": "Invalid principal 'HTTP/abc'. It should be formatted as 'primary/instance@REALM'"} TASK [assert...] *************************************************************** task path: /tmp/tmpvvgb4zlc/tests/tests_principal.yml:59 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=39 changed=9 unreachable=0 failed=0 skipped=1 rescued=1 ignored=0 + cd /tmp/tmpvvgb4zlc/tests; TEST_SUBJECTS=/cache/centos-7.qcow2c TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-100-3dbef8b-centos-7-9qbgm6b2/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpvvgb4zlc/_setup.yml /tmp/tmpvvgb4zlc/tests/tests_provider.yml ansible-playbook 2.9.23 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpvvgb4zlc/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpvvgb4zlc/_setup.yml:5 ok: [/cache/centos-7.qcow2c] => { "groups": { "all": [ "/cache/centos-7.qcow2c" ], "localhost": [ "/cache/centos-7.qcow2c" ], "subjects": [ "/cache/centos-7.qcow2c" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpvvgb4zlc/_setup.yml:7 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_provider.yml *************************************************** 2 plays in /tmp/tmpvvgb4zlc/tests/tests_provider.yml PLAY [Test issuing certificate with certmonger provider] *********************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_provider.yml:2 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python-pyasn1", "python-cryptography"]}, "msg": "warning: /var/cache/yum/x86_64/7/base/packages/python-enum34-1.0.4-1.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) \"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-8.2003.0.el7.centos.x86_64 (installed)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n", "rc": 0, "results": ["dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-enum34 noarch 1.0.4-1.el7 base 52 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\nPublic key for python-enum34-1.0.4-1.el7.noarch.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 5.7 MB/s | 1.2 MB 00:00 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": {"installed": ["certmonger"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-16.el7_9 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-16.el7_9 updates 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 base 33 k\n libtevent x86_64 0.9.39-1.el7 base 41 k\n psmisc x86_64 22.20-17.el7 base 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 base 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 base 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 981 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 5.4 MB/s | 981 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-16.el7_9.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : certmonger-0.78.4-16.el7_9.x86_64 2/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 3/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-16.el7_9 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": {"ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "basic.target dbus.service network.target systemd-journald.socket syslog.target system.slice", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14969", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14969", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0"}} TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 changed: [/cache/centos-7.qcow2c] => (item={u'ca': u'self-sign', u'name': u'mycert', u'dns': u'www.example.com', u'provider': u'certmonger'}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "self-sign", "dns": "www.example.com", "name": "mycert", "provider": "certmonger"}, "msg": "Certificate requested (new)."} META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_provider.yml:13 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_provider.yml:27 included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python3"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-18.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-18.el7 for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-18.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-18.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-18.el7 updates 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-18.el7 updates 6.9 M\n python3-pip noarch 9.0.3-8.el7 base 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 base 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 19 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-libs-3.6.8-18.el7.x86_64 1/4 \n Installing : python3-3.6.8-18.el7.x86_64 2/4 \n Installing : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Verifying : python3-libs-3.6.8-18.el7.x86_64 2/4 \n Verifying : python3-3.6.8-18.el7.x86_64 3/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-18.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-18.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Collecting pip\n Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)\nInstalling collected packages: pip\n Found existing installation: pip 9.0.3\n Uninstalling pip-9.0.3:\n Successfully uninstalled pip-9.0.3\nSuccessfully installed pip-21.3.1\n", "stdout_lines": ["Collecting pip", " Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)", "Installing collected packages: pip", " Found existing installation: pip 9.0.3", " Uninstalling pip-9.0.3:", " Successfully uninstalled pip-9.0.3", "Successfully installed pip-21.3.1"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Collecting cryptography<35\n Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)\nCollecting certreader>=0.1.1\n Downloading certreader-0.1.1.tar.gz (4.4 kB)\n Preparing metadata (setup.py): started\n Preparing metadata (setup.py): finished with status 'done'\nCollecting cffi>=1.12\n Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)\nCollecting pyasn1\n Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)\nCollecting pyyaml\n Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)\nCollecting pycparser\n Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)\nUsing legacy 'setup.py install' for certreader, since package 'wheel' is not installed.\nInstalling collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader\n Running setup.py install for certreader: started\n Running setup.py install for certreader: finished with status 'done'\nSuccessfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0\n", "stdout_lines": ["Collecting cryptography<35", " Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)", "Collecting certreader>=0.1.1", " Downloading certreader-0.1.1.tar.gz (4.4 kB)", " Preparing metadata (setup.py): started", " Preparing metadata (setup.py): finished with status 'done'", "Collecting cffi>=1.12", " Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)", "Collecting pyasn1", " Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)", "Collecting pyyaml", " Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)", "Collecting pycparser", " Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)", "Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed.", "Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader", " Running setup.py install for certreader: started", " Running setup.py install for certreader: finished with status 'done'", "Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901533.8028347, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "83ac1200efd1f24734747114a26afd3d09165dfe", "ctime": 1635901533.800835, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 19262, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901533.800835, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "1989433349", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901533.7638347, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "f8c7eeec7cb6545d57ea07017434829681d9e653", "ctime": 1635901533.800835, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12598518, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901533.800835, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072709158687", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt"], "delta": "0:00:00.257130", "end": "2021-11-03 01:05:49.523563", "rc": 0, "start": "2021-11-03 01:05:49.266433", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"www.example.com\"\n }\n ],\n \"extensions\": {\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"key_encipherment\"\n ],\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"www.example.com\"\n }\n ],\n \"critical\": false\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n }\n ],\n \"critical\": false\n },\n \"basicConstraints\": {\n \"value\": {\n \"ca\": false\n },\n \"critical\": true\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"D0:E1:1E:6D:D1:11:8D:2C:2B:7D:14:41:89:ED:6F:78:A8:B2:6B:62\",\n \"critical\": false\n },\n \"authorityKeyIdentifier\": {\n \"value\": \"2F:8C:3D:4A:AE:79:3A:CE:B0:F8:EF:70:5C:05:88:FF:52:23:8E:89\",\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"6D:34:EA:F4:23:34:0C:E1:6B:CA:5B:3F:12:31:09:FE:FB:C9:01:8F:96:56:A6:F0:2F:ED:61:E1:37:7C:7D:F7:1E:FA:4A:03:FE:4A:18:17:0B:D3:72:8A:0B:45:15:63:5F:EC:82:82:C9:6F:B8:8D:31:07:00:7F:81:8B:C0:CD:9C:F4:6D:A2:C4:ED:DC:A2:DE:03:CB:BF:06:90:23:A8:B1:26:52:03:7E:C9:BB:C0:FC:1C:40:7D:28:63:78:8E:0D:A0:2B:1B:EB:2A:1A:CC:BE:98:20:AB:4E:52:5B:E4:95:24:31:32:0B:62:94:ED:02:A4:37:84:83:27:F5:A4:54:E7:46:E3:41:3E:24:03:AC:CC:BB:C5:7B:0B:50:1F:B1:71:EE:9F:3F:54:FD:BC:62:E7:F5:BF:77:07:3F:20:47:60:6D:26:AD:73:8B:C2:B8:A8:40:F2:35:05:9C:4E:52:95:7B:3A:20:36:A9:3D:9C:2D:4C:E6:61:D5:DC:2A:26:F8:EE:D4:BD:4F:E4:AE:E5:6E:F8:FA:53:89:6C:15:D4:89:E7:D7:0B:56:2B:7F:78:82:4F:3D:0F:16:CF:85:16:F7:F5:27:A2:19:8C:9B:32:F4:A3:07:D2:16:8F:18:D9:D2:00:E8:18:40:50:5C:64:8A:B1:87:93:58:66:85\"\n },\n \"key_size\": 2048,\n \"validity\": {\n \"not_valid_after\": \"2022-11-03 01:05:32\",\n \"not_valid_before\": \"2021-11-03 01:05:33\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"www.example.com\"", " }", " ],", " \"extensions\": {", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"key_encipherment\"", " ],", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"www.example.com\"", " }", " ],", " \"critical\": false", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " }", " ],", " \"critical\": false", " },", " \"basicConstraints\": {", " \"value\": {", " \"ca\": false", " },", " \"critical\": true", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"D0:E1:1E:6D:D1:11:8D:2C:2B:7D:14:41:89:ED:6F:78:A8:B2:6B:62\",", " \"critical\": false", " },", " \"authorityKeyIdentifier\": {", " \"value\": \"2F:8C:3D:4A:AE:79:3A:CE:B0:F8:EF:70:5C:05:88:FF:52:23:8E:89\",", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"6D:34:EA:F4:23:34:0C:E1:6B:CA:5B:3F:12:31:09:FE:FB:C9:01:8F:96:56:A6:F0:2F:ED:61:E1:37:7C:7D:F7:1E:FA:4A:03:FE:4A:18:17:0B:D3:72:8A:0B:45:15:63:5F:EC:82:82:C9:6F:B8:8D:31:07:00:7F:81:8B:C0:CD:9C:F4:6D:A2:C4:ED:DC:A2:DE:03:CB:BF:06:90:23:A8:B1:26:52:03:7E:C9:BB:C0:FC:1C:40:7D:28:63:78:8E:0D:A0:2B:1B:EB:2A:1A:CC:BE:98:20:AB:4E:52:5B:E4:95:24:31:32:0B:62:94:ED:02:A4:37:84:83:27:F5:A4:54:E7:46:E3:41:3E:24:03:AC:CC:BB:C5:7B:0B:50:1F:B1:71:EE:9F:3F:54:FD:BC:62:E7:F5:BF:77:07:3F:20:47:60:6D:26:AD:73:8B:C2:B8:A8:40:F2:35:05:9C:4E:52:95:7B:3A:20:36:A9:3D:9C:2D:4C:E6:61:D5:DC:2A:26:F8:EE:D4:BD:4F:E4:AE:E5:6E:F8:FA:53:89:6C:15:D4:89:E7:D7:0B:56:2B:7F:78:82:4F:3D:0F:16:CF:85:16:F7:F5:27:A2:19:8C:9B:32:F4:A3:07:D2:16:8F:18:D9:D2:00:E8:18:40:50:5C:64:8A:B1:87:93:58:66:85\"", " },", " \"key_size\": 2048,", " \"validity\": {", " \"not_valid_after\": \"2022-11-03 01:05:32\",", " \"not_valid_before\": \"2021-11-03 01:05:33\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityKeyIdentifier": {"critical": false, "value": "2F:8C:3D:4A:AE:79:3A:CE:B0:F8:EF:70:5C:05:88:FF:52:23:8E:89"}, "basicConstraints": {"critical": true, "value": {"ca": false}}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}]}, "keyUsage": {"critical": false, "value": ["digital_signature", "key_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "www.example.com"}]}, "subjectKeyIdentifier": {"critical": false, "value": "D0:E1:1E:6D:D1:11:8D:2C:2B:7D:14:41:89:ED:6F:78:A8:B2:6B:62"}}, "key_size": 2048, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "6D:34:EA:F4:23:34:0C:E1:6B:CA:5B:3F:12:31:09:FE:FB:C9:01:8F:96:56:A6:F0:2F:ED:61:E1:37:7C:7D:F7:1E:FA:4A:03:FE:4A:18:17:0B:D3:72:8A:0B:45:15:63:5F:EC:82:82:C9:6F:B8:8D:31:07:00:7F:81:8B:C0:CD:9C:F4:6D:A2:C4:ED:DC:A2:DE:03:CB:BF:06:90:23:A8:B1:26:52:03:7E:C9:BB:C0:FC:1C:40:7D:28:63:78:8E:0D:A0:2B:1B:EB:2A:1A:CC:BE:98:20:AB:4E:52:5B:E4:95:24:31:32:0B:62:94:ED:02:A4:37:84:83:27:F5:A4:54:E7:46:E3:41:3E:24:03:AC:CC:BB:C5:7B:0B:50:1F:B1:71:EE:9F:3F:54:FD:BC:62:E7:F5:BF:77:07:3F:20:47:60:6D:26:AD:73:8B:C2:B8:A8:40:F2:35:05:9C:4E:52:95:7B:3A:20:36:A9:3D:9C:2D:4C:E6:61:D5:DC:2A:26:F8:EE:D4:BD:4F:E4:AE:E5:6E:F8:FA:53:89:6C:15:D4:89:E7:D7:0B:56:2B:7F:78:82:4F:3D:0F:16:CF:85:16:F7:F5:27:A2:19:8C:9B:32:F4:A3:07:D2:16:8F:18:D9:D2:00:E8:18:40:50:5C:64:8A:B1:87:93:58:66:85"}, "subject": [{"name": "commonName", "oid": "2.5.4.3", "value": "www.example.com"}], "validity": {"not_valid_after": "2022-11-03 01:05:32", "not_valid_before": "2021-11-03 01:05:33"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.037894", "end": "2021-11-03 01:05:50.224310", "rc": 0, "start": "2021-11-03 01:05:50.186416", "stderr": "", "stderr_lines": [], "stdout": "yes", "stdout_lines": ["yes"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=31 changed=9 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 + cd /tmp/tmpvvgb4zlc/tests; TEST_SUBJECTS=/cache/centos-7.qcow2c TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-100-3dbef8b-centos-7-9qbgm6b2/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpvvgb4zlc/_setup.yml /tmp/tmpvvgb4zlc/tests/tests_run_hooks.yml ansible-playbook 2.9.23 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpvvgb4zlc/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpvvgb4zlc/_setup.yml:5 ok: [/cache/centos-7.qcow2c] => { "groups": { "all": [ "/cache/centos-7.qcow2c" ], "localhost": [ "/cache/centos-7.qcow2c" ], "subjects": [ "/cache/centos-7.qcow2c" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpvvgb4zlc/_setup.yml:7 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_run_hooks.yml ************************************************** 2 plays in /tmp/tmpvvgb4zlc/tests/tests_run_hooks.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_run_hooks.yml:2 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python-pyasn1", "python-cryptography"]}, "msg": "warning: /var/cache/yum/x86_64/7/base/packages/python-enum34-1.0.4-1.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) \"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-8.2003.0.el7.centos.x86_64 (installed)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n", "rc": 0, "results": ["dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-enum34 noarch 1.0.4-1.el7 base 52 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\nPublic key for python-enum34-1.0.4-1.el7.noarch.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 5.6 MB/s | 1.2 MB 00:00 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": {"installed": ["certmonger"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-16.el7_9 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-16.el7_9 updates 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 base 33 k\n libtevent x86_64 0.9.39-1.el7 base 41 k\n psmisc x86_64 22.20-17.el7 base 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 base 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 base 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 981 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 5.5 MB/s | 981 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-16.el7_9.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : certmonger-0.78.4-16.el7_9.x86_64 2/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 3/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-16.el7_9 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": {"ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "system.slice dbus.service systemd-journald.socket network.target syslog.target basic.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14969", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14969", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0"}} TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 changed: [/cache/centos-7.qcow2c] => (item={u'run_before': u'touch /etc/pki/before_cert.tmp\n', u'ca': u'self-sign', u'name': u'mycert', u'dns': u'www.example.com', u'run_after': u'touch /etc/pki/after_cert.tmp\n'}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "self-sign", "dns": "www.example.com", "name": "mycert", "run_after": "touch /etc/pki/after_cert.tmp\n", "run_before": "touch /etc/pki/before_cert.tmp\n"}, "msg": "Certificate requested (new). Pre/Post run hooks updated."} META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_run_hooks.yml:17 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_run_hooks.yml:31 included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python3"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-18.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-18.el7 for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-18.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-18.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-18.el7 updates 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-18.el7 updates 6.9 M\n python3-pip noarch 9.0.3-8.el7 base 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 base 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 32 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-libs-3.6.8-18.el7.x86_64 1/4 \n Installing : python3-3.6.8-18.el7.x86_64 2/4 \n Installing : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Verifying : python3-libs-3.6.8-18.el7.x86_64 2/4 \n Verifying : python3-3.6.8-18.el7.x86_64 3/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-18.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-18.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Collecting pip\n Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)\nInstalling collected packages: pip\n Found existing installation: pip 9.0.3\n Uninstalling pip-9.0.3:\n Successfully uninstalled pip-9.0.3\nSuccessfully installed pip-21.3.1\n", "stdout_lines": ["Collecting pip", " Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)", "Installing collected packages: pip", " Found existing installation: pip 9.0.3", " Uninstalling pip-9.0.3:", " Successfully uninstalled pip-9.0.3", "Successfully installed pip-21.3.1"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Collecting cryptography<35\n Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)\nCollecting certreader>=0.1.1\n Downloading certreader-0.1.1.tar.gz (4.4 kB)\n Preparing metadata (setup.py): started\n Preparing metadata (setup.py): finished with status 'done'\nCollecting cffi>=1.12\n Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)\nCollecting pyasn1\n Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)\nCollecting pyyaml\n Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)\nCollecting pycparser\n Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)\nUsing legacy 'setup.py install' for certreader, since package 'wheel' is not installed.\nInstalling collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader\n Running setup.py install for certreader: started\n Running setup.py install for certreader: finished with status 'done'\nSuccessfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0\n", "stdout_lines": ["Collecting cryptography<35", " Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)", "Collecting certreader>=0.1.1", " Downloading certreader-0.1.1.tar.gz (4.4 kB)", " Preparing metadata (setup.py): started", " Preparing metadata (setup.py): finished with status 'done'", "Collecting cffi>=1.12", " Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)", "Collecting pyasn1", " Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)", "Collecting pyyaml", " Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)", "Collecting pycparser", " Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)", "Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed.", "Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader", " Running setup.py install for certreader: started", " Running setup.py install for certreader: finished with status 'done'", "Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901578.4564154, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "f337a46639dce90c110130b7e42ec01338fc69c0", "ctime": 1635901578.4544156, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 19198, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901578.4544156, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "18446744071656859148", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901578.4104154, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "cf6b71f218cc42b3a979beb7a43b20ef6af20ddf", "ctime": 1635901578.4544156, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12598496, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901578.4544156, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744073164921603", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt"], "delta": "0:00:00.266673", "end": "2021-11-03 01:06:38.972946", "rc": 0, "start": "2021-11-03 01:06:38.706273", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"www.example.com\"\n }\n ],\n \"extensions\": {\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"key_encipherment\"\n ],\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"www.example.com\"\n }\n ],\n \"critical\": false\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n }\n ],\n \"critical\": false\n },\n \"basicConstraints\": {\n \"value\": {\n \"ca\": false\n },\n \"critical\": true\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"E6:69:7D:D0:30:43:4F:F6:B9:F9:13:DD:5F:75:7A:2F:1C:FA:5F:6F\",\n \"critical\": false\n },\n \"authorityKeyIdentifier\": {\n \"value\": \"7D:FA:E4:C3:C3:60:A1:63:24:B4:96:03:0C:9F:72:AB:72:6B:70:4D\",\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"85:20:7D:5E:49:7A:D2:EE:9B:C9:2B:BD:A2:82:EB:8B:55:CC:70:DD:1A:B3:57:03:21:15:CF:33:FF:9B:4D:B5:0B:38:32:93:7C:24:9D:28:29:04:EB:3D:C5:07:62:11:19:6E:5A:E0:A4:3C:06:BE:2C:88:3D:0E:51:43:2B:40:64:47:02:5D:EB:6C:D9:52:62:AD:17:D1:C6:2A:24:52:1C:AC:7B:06:95:31:30:6B:DB:5C:72:9B:C4:70:FD:7F:CB:9F:6C:D0:03:F4:AB:D8:AD:B5:86:92:16:70:59:D8:31:9A:4D:F6:68:C0:94:3E:E8:CE:53:4E:E2:EC:32:A3:FA:69:BF:BE:FD:86:56:A2:A1:40:18:16:8B:96:EC:77:77:DF:58:74:90:74:3A:54:26:3F:AC:C0:9B:31:56:87:4B:89:C6:AA:32:C8:D0:A9:FA:8B:82:23:84:ED:BD:FD:7B:34:40:80:D1:2E:47:DD:C8:A2:0D:B8:C4:A4:EB:72:6B:5C:A8:CC:25:6E:38:7C:92:FB:83:00:D1:1E:90:73:CA:F7:E5:C0:4D:82:73:4D:2C:18:CD:12:5E:F8:B1:DF:D4:44:A7:0B:4C:9F:8F:8C:D4:88:1B:CF:C5:2B:D5:0B:49:9A:FF:74:45:CA:3B:AC:90:37:FB:E6:E9:AF:E4:DF\"\n },\n \"key_size\": 2048,\n \"validity\": {\n \"not_valid_after\": \"2022-11-03 01:06:17\",\n \"not_valid_before\": \"2021-11-03 01:06:18\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"www.example.com\"", " }", " ],", " \"extensions\": {", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"key_encipherment\"", " ],", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"www.example.com\"", " }", " ],", " \"critical\": false", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " }", " ],", " \"critical\": false", " },", " \"basicConstraints\": {", " \"value\": {", " \"ca\": false", " },", " \"critical\": true", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"E6:69:7D:D0:30:43:4F:F6:B9:F9:13:DD:5F:75:7A:2F:1C:FA:5F:6F\",", " \"critical\": false", " },", " \"authorityKeyIdentifier\": {", " \"value\": \"7D:FA:E4:C3:C3:60:A1:63:24:B4:96:03:0C:9F:72:AB:72:6B:70:4D\",", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"85:20:7D:5E:49:7A:D2:EE:9B:C9:2B:BD:A2:82:EB:8B:55:CC:70:DD:1A:B3:57:03:21:15:CF:33:FF:9B:4D:B5:0B:38:32:93:7C:24:9D:28:29:04:EB:3D:C5:07:62:11:19:6E:5A:E0:A4:3C:06:BE:2C:88:3D:0E:51:43:2B:40:64:47:02:5D:EB:6C:D9:52:62:AD:17:D1:C6:2A:24:52:1C:AC:7B:06:95:31:30:6B:DB:5C:72:9B:C4:70:FD:7F:CB:9F:6C:D0:03:F4:AB:D8:AD:B5:86:92:16:70:59:D8:31:9A:4D:F6:68:C0:94:3E:E8:CE:53:4E:E2:EC:32:A3:FA:69:BF:BE:FD:86:56:A2:A1:40:18:16:8B:96:EC:77:77:DF:58:74:90:74:3A:54:26:3F:AC:C0:9B:31:56:87:4B:89:C6:AA:32:C8:D0:A9:FA:8B:82:23:84:ED:BD:FD:7B:34:40:80:D1:2E:47:DD:C8:A2:0D:B8:C4:A4:EB:72:6B:5C:A8:CC:25:6E:38:7C:92:FB:83:00:D1:1E:90:73:CA:F7:E5:C0:4D:82:73:4D:2C:18:CD:12:5E:F8:B1:DF:D4:44:A7:0B:4C:9F:8F:8C:D4:88:1B:CF:C5:2B:D5:0B:49:9A:FF:74:45:CA:3B:AC:90:37:FB:E6:E9:AF:E4:DF\"", " },", " \"key_size\": 2048,", " \"validity\": {", " \"not_valid_after\": \"2022-11-03 01:06:17\",", " \"not_valid_before\": \"2021-11-03 01:06:18\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityKeyIdentifier": {"critical": false, "value": "7D:FA:E4:C3:C3:60:A1:63:24:B4:96:03:0C:9F:72:AB:72:6B:70:4D"}, "basicConstraints": {"critical": true, "value": {"ca": false}}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}]}, "keyUsage": {"critical": false, "value": ["digital_signature", "key_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "www.example.com"}]}, "subjectKeyIdentifier": {"critical": false, "value": "E6:69:7D:D0:30:43:4F:F6:B9:F9:13:DD:5F:75:7A:2F:1C:FA:5F:6F"}}, "key_size": 2048, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "85:20:7D:5E:49:7A:D2:EE:9B:C9:2B:BD:A2:82:EB:8B:55:CC:70:DD:1A:B3:57:03:21:15:CF:33:FF:9B:4D:B5:0B:38:32:93:7C:24:9D:28:29:04:EB:3D:C5:07:62:11:19:6E:5A:E0:A4:3C:06:BE:2C:88:3D:0E:51:43:2B:40:64:47:02:5D:EB:6C:D9:52:62:AD:17:D1:C6:2A:24:52:1C:AC:7B:06:95:31:30:6B:DB:5C:72:9B:C4:70:FD:7F:CB:9F:6C:D0:03:F4:AB:D8:AD:B5:86:92:16:70:59:D8:31:9A:4D:F6:68:C0:94:3E:E8:CE:53:4E:E2:EC:32:A3:FA:69:BF:BE:FD:86:56:A2:A1:40:18:16:8B:96:EC:77:77:DF:58:74:90:74:3A:54:26:3F:AC:C0:9B:31:56:87:4B:89:C6:AA:32:C8:D0:A9:FA:8B:82:23:84:ED:BD:FD:7B:34:40:80:D1:2E:47:DD:C8:A2:0D:B8:C4:A4:EB:72:6B:5C:A8:CC:25:6E:38:7C:92:FB:83:00:D1:1E:90:73:CA:F7:E5:C0:4D:82:73:4D:2C:18:CD:12:5E:F8:B1:DF:D4:44:A7:0B:4C:9F:8F:8C:D4:88:1B:CF:C5:2B:D5:0B:49:9A:FF:74:45:CA:3B:AC:90:37:FB:E6:E9:AF:E4:DF"}, "subject": [{"name": "commonName", "oid": "2.5.4.3", "value": "www.example.com"}], "validity": {"not_valid_after": "2022-11-03 01:06:17", "not_valid_before": "2021-11-03 01:06:18"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.041347", "end": "2021-11-03 01:06:39.714003", "rc": 0, "start": "2021-11-03 01:06:39.672656", "stderr": "", "stderr_lines": [], "stdout": "yes", "stdout_lines": ["yes"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Get certificate timestamp] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tests_run_hooks.yml:39 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901578.4564154, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "f337a46639dce90c110130b7e42ec01338fc69c0", "ctime": 1635901578.4544156, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 19198, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901578.4544156, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "18446744071656859148", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Get pre-run file timestamp] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tests_run_hooks.yml:43 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901578.4524155, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 0, "charset": "binary", "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "ctime": 1635901578.4524155, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 640, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "inode/x-empty", "mode": "0600", "mtime": 1635901578.4524155, "nlink": 1, "path": "/etc/pki/before_cert.tmp", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 0, "uid": 0, "version": "622894312", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Get post-run file timestamp] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_run_hooks.yml:47 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901578.4814155, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 0, "charset": "binary", "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "ctime": 1635901578.4814155, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 641, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "inode/x-empty", "mode": "0600", "mtime": 1635901578.4814155, "nlink": 1, "path": "/etc/pki/after_cert.tmp", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 0, "uid": 0, "version": "552055812", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Assert file created before cert] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tests_run_hooks.yml:51 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Assert file created after cert] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tests_run_hooks.yml:58 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=36 changed=9 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 + cd /tmp/tmpvvgb4zlc/tests; TEST_SUBJECTS=/cache/centos-7.qcow2c TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-100-3dbef8b-centos-7-9qbgm6b2/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpvvgb4zlc/_setup.yml /tmp/tmpvvgb4zlc/tests/tests_subject.yml ansible-playbook 2.9.23 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpvvgb4zlc/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpvvgb4zlc/_setup.yml:5 ok: [/cache/centos-7.qcow2c] => { "groups": { "all": [ "/cache/centos-7.qcow2c" ], "localhost": [ "/cache/centos-7.qcow2c" ], "subjects": [ "/cache/centos-7.qcow2c" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpvvgb4zlc/_setup.yml:7 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_subject.yml **************************************************** 2 plays in /tmp/tmpvvgb4zlc/tests/tests_subject.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_subject.yml:2 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python-pyasn1", "python-cryptography"]}, "msg": "warning: /var/cache/yum/x86_64/7/base/packages/python-enum34-1.0.4-1.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) \"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-8.2003.0.el7.centos.x86_64 (installed)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n", "rc": 0, "results": ["dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirror.siena.edu\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-enum34 noarch 1.0.4-1.el7 base 52 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\nPublic key for python-enum34-1.0.4-1.el7.noarch.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 5.7 MB/s | 1.2 MB 00:00 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": {"installed": ["certmonger"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirror.siena.edu\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-16.el7_9 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-16.el7_9 updates 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 base 33 k\n libtevent x86_64 0.9.39-1.el7 base 41 k\n psmisc x86_64 22.20-17.el7 base 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 base 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 base 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 981 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 5.2 MB/s | 981 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-16.el7_9.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : certmonger-0.78.4-16.el7_9.x86_64 2/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 3/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-16.el7_9 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": {"ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "system.slice systemd-journald.socket syslog.target basic.target network.target dbus.service", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14969", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14969", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0"}} TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 changed: [/cache/centos-7.qcow2c] => (item={u'name': u'mycert', u'locality': u'Raleigh', u'country': u'US', u'ca': u'self-sign', u'state': u'NC', u'organizational_unit': u'Linux', u'dns': u'www.example.com', u'common_name': u'Some other common name', u'organization': u'Red Hat'}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "self-sign", "common_name": "Some other common name", "country": "US", "dns": "www.example.com", "locality": "Raleigh", "name": "mycert", "organization": "Red Hat", "organizational_unit": "Linux", "state": "NC"}, "msg": "Certificate requested (new)."} META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_subject.yml:19 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_subject.yml:48 included: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml for /cache/centos-7.qcow2c TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__virtualenv_path": "/tmp/certificate-tests-venv"}, "changed": false} TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:6 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python3"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirror.siena.edu\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-18.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-18.el7 for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-18.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-18.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-18.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-18.el7 updates 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-18.el7 updates 6.9 M\n python3-pip noarch 9.0.3-8.el7 base 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 base 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 17 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-libs-3.6.8-18.el7.x86_64 1/4 \n Installing : python3-3.6.8-18.el7.x86_64 2/4 \n Installing : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Verifying : python3-libs-3.6.8-18.el7.x86_64 2/4 \n Verifying : python3-3.6.8-18.el7.x86_64 3/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-18.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-18.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n"]} TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:11 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip"], "name": ["pip"], "requirements": null, "state": "latest", "stderr": "", "stderr_lines": [], "stdout": "Collecting pip\n Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)\nInstalling collected packages: pip\n Found existing installation: pip 9.0.3\n Uninstalling pip-9.0.3:\n Successfully uninstalled pip-9.0.3\nSuccessfully installed pip-21.3.1\n", "stdout_lines": ["Collecting pip", " Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)", "Installing collected packages: pip", " Found existing installation: pip 9.0.3", " Uninstalling pip-9.0.3:", " Successfully uninstalled pip-9.0.3", "Successfully installed pip-21.3.1"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Install certreader] ****************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:18 changed: [/cache/centos-7.qcow2c] => {"changed": true, "cmd": ["/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1"], "name": ["cryptography<35", "certreader>=0.1.1"], "requirements": null, "state": "present", "stderr": "", "stderr_lines": [], "stdout": "Collecting cryptography<35\n Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)\nCollecting certreader>=0.1.1\n Downloading certreader-0.1.1.tar.gz (4.4 kB)\n Preparing metadata (setup.py): started\n Preparing metadata (setup.py): finished with status 'done'\nCollecting cffi>=1.12\n Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)\nCollecting pyasn1\n Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)\nCollecting pyyaml\n Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)\nCollecting pycparser\n Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)\nUsing legacy 'setup.py install' for certreader, since package 'wheel' is not installed.\nInstalling collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader\n Running setup.py install for certreader: started\n Running setup.py install for certreader: finished with status 'done'\nSuccessfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0\n", "stdout_lines": ["Collecting cryptography<35", " Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB)", "Collecting certreader>=0.1.1", " Downloading certreader-0.1.1.tar.gz (4.4 kB)", " Preparing metadata (setup.py): started", " Preparing metadata (setup.py): finished with status 'done'", "Collecting cffi>=1.12", " Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB)", "Collecting pyasn1", " Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)", "Collecting pyyaml", " Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)", "Collecting pycparser", " Downloading pycparser-2.20-py2.py3-none-any.whl (112 kB)", "Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed.", "Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader", " Running setup.py install for certreader: started", " Running setup.py install for certreader: finished with status 'done'", "Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.20 pyyaml-6.0"], "version": null, "virtualenv": "/tmp/certificate-tests-venv"} TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:26 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901667.123513, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "6b814a71ca0303fdfa1304bc02c4ebf406171a69", "ctime": 1635901667.120513, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 19262, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901667.120513, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1428, "uid": 0, "version": "795375964", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:31 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:37 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:49 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:55 ok: [/cache/centos-7.qcow2c] => {"changed": false, "stat": {"atime": 1635901667.0825129, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "95032572749a5f782e37fce387f009e805961f3c", "ctime": 1635901667.120513, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12598517, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1635901667.120513, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1708, "uid": 0, "version": "1929344176", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:60 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:66 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Parse certificate] ******************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:78 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": ["/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt"], "delta": "0:00:00.267197", "end": "2021-11-03 01:08:02.893394", "rc": 0, "start": "2021-11-03 01:08:02.626197", "stderr": "", "stderr_lines": [], "stdout": "{\n \"subject\": [\n {\n \"name\": \"localityName\",\n \"oid\": \"2.5.4.7\",\n \"value\": \"Raleigh\"\n },\n {\n \"name\": \"countryName\",\n \"oid\": \"2.5.4.6\",\n \"value\": \"US\"\n },\n {\n \"name\": \"stateOrProvinceName\",\n \"oid\": \"2.5.4.8\",\n \"value\": \"NC\"\n },\n {\n \"name\": \"commonName\",\n \"oid\": \"2.5.4.3\",\n \"value\": \"Some other common name\"\n },\n {\n \"name\": \"organizationName\",\n \"oid\": \"2.5.4.10\",\n \"value\": \"Red Hat\"\n },\n {\n \"name\": \"organizationalUnitName\",\n \"oid\": \"2.5.4.11\",\n \"value\": \"Linux\"\n }\n ],\n \"extensions\": {\n \"keyUsage\": {\n \"value\": [\n \"digital_signature\",\n \"key_encipherment\"\n ],\n \"critical\": false\n },\n \"subjectAltName\": {\n \"value\": [\n {\n \"name\": \"DNS\",\n \"value\": \"www.example.com\"\n }\n ],\n \"critical\": false\n },\n \"extendedKeyUsage\": {\n \"value\": [\n {\n \"name\": \"id-kp-serverAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.1\"\n },\n {\n \"name\": \"id-kp-clientAuth\",\n \"oid\": \"1.3.6.1.5.5.7.3.2\"\n }\n ],\n \"critical\": false\n },\n \"basicConstraints\": {\n \"value\": {\n \"ca\": false\n },\n \"critical\": true\n },\n \"subjectKeyIdentifier\": {\n \"value\": \"47:9A:51:3B:F8:C0:C5:39:78:DD:58:D5:E1:04:22:9A:B7:F5:E6:CF\",\n \"critical\": false\n },\n \"authorityKeyIdentifier\": {\n \"value\": \"37:CC:87:39:55:95:C5:F1:98:E4:E9:AC:BC:7F:AA:94:62:AE:01:AE\",\n \"critical\": false\n }\n },\n \"signature_algorithm\": {\n \"algorithm\": \"sha256WithRSAEncryption\",\n \"signature\": \"7C:AC:E1:6B:C9:E4:16:75:CE:FA:49:D7:54:C3:4E:A6:EA:D1:95:E9:DB:2A:14:EF:4E:C2:6D:36:B6:93:68:39:E2:45:34:D4:1F:98:42:69:B8:5E:25:F1:FD:58:18:2F:A3:A0:D4:05:51:F5:FE:A3:FA:E5:FD:A3:8E:9E:BC:18:F7:E2:51:41:90:59:AA:CA:43:87:2F:EC:AA:7D:E5:8E:A0:08:3F:B7:37:7E:D1:38:88:95:69:DD:E1:CF:5D:61:D2:F1:64:85:4B:9F:DE:2E:47:BE:69:27:D3:F4:69:F1:F1:53:21:41:F0:5B:92:94:6D:36:57:7D:71:F4:D3:58:DF:BE:B5:79:A3:5B:98:6F:24:FD:48:3E:5A:5B:05:1F:48:48:BF:3B:32:ED:C6:8B:C8:10:E1:3E:FC:B6:22:F0:7A:58:D2:F1:87:86:A7:45:AE:B4:44:83:4D:88:BB:66:38:2B:E0:95:28:34:6D:E6:09:EB:AC:72:E2:02:43:B9:F7:C2:47:35:A7:7C:2F:F2:9B:BA:B0:19:E5:19:1E:9C:EA:3E:4C:79:3B:39:C6:CA:77:A1:E8:8D:77:5E:F8:C0:B1:AD:DE:6E:00:67:DA:1D:61:21:87:14:49:F4:88:6D:4C:95:25:15:20:2F:10:D9:AD:13:35:F6:31:01:47:63\"\n },\n \"key_size\": 2048,\n \"validity\": {\n \"not_valid_after\": \"2022-11-03 01:07:46\",\n \"not_valid_before\": \"2021-11-03 01:07:47\"\n }\n}", "stdout_lines": ["{", " \"subject\": [", " {", " \"name\": \"localityName\",", " \"oid\": \"2.5.4.7\",", " \"value\": \"Raleigh\"", " },", " {", " \"name\": \"countryName\",", " \"oid\": \"2.5.4.6\",", " \"value\": \"US\"", " },", " {", " \"name\": \"stateOrProvinceName\",", " \"oid\": \"2.5.4.8\",", " \"value\": \"NC\"", " },", " {", " \"name\": \"commonName\",", " \"oid\": \"2.5.4.3\",", " \"value\": \"Some other common name\"", " },", " {", " \"name\": \"organizationName\",", " \"oid\": \"2.5.4.10\",", " \"value\": \"Red Hat\"", " },", " {", " \"name\": \"organizationalUnitName\",", " \"oid\": \"2.5.4.11\",", " \"value\": \"Linux\"", " }", " ],", " \"extensions\": {", " \"keyUsage\": {", " \"value\": [", " \"digital_signature\",", " \"key_encipherment\"", " ],", " \"critical\": false", " },", " \"subjectAltName\": {", " \"value\": [", " {", " \"name\": \"DNS\",", " \"value\": \"www.example.com\"", " }", " ],", " \"critical\": false", " },", " \"extendedKeyUsage\": {", " \"value\": [", " {", " \"name\": \"id-kp-serverAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.1\"", " },", " {", " \"name\": \"id-kp-clientAuth\",", " \"oid\": \"1.3.6.1.5.5.7.3.2\"", " }", " ],", " \"critical\": false", " },", " \"basicConstraints\": {", " \"value\": {", " \"ca\": false", " },", " \"critical\": true", " },", " \"subjectKeyIdentifier\": {", " \"value\": \"47:9A:51:3B:F8:C0:C5:39:78:DD:58:D5:E1:04:22:9A:B7:F5:E6:CF\",", " \"critical\": false", " },", " \"authorityKeyIdentifier\": {", " \"value\": \"37:CC:87:39:55:95:C5:F1:98:E4:E9:AC:BC:7F:AA:94:62:AE:01:AE\",", " \"critical\": false", " }", " },", " \"signature_algorithm\": {", " \"algorithm\": \"sha256WithRSAEncryption\",", " \"signature\": \"7C:AC:E1:6B:C9:E4:16:75:CE:FA:49:D7:54:C3:4E:A6:EA:D1:95:E9:DB:2A:14:EF:4E:C2:6D:36:B6:93:68:39:E2:45:34:D4:1F:98:42:69:B8:5E:25:F1:FD:58:18:2F:A3:A0:D4:05:51:F5:FE:A3:FA:E5:FD:A3:8E:9E:BC:18:F7:E2:51:41:90:59:AA:CA:43:87:2F:EC:AA:7D:E5:8E:A0:08:3F:B7:37:7E:D1:38:88:95:69:DD:E1:CF:5D:61:D2:F1:64:85:4B:9F:DE:2E:47:BE:69:27:D3:F4:69:F1:F1:53:21:41:F0:5B:92:94:6D:36:57:7D:71:F4:D3:58:DF:BE:B5:79:A3:5B:98:6F:24:FD:48:3E:5A:5B:05:1F:48:48:BF:3B:32:ED:C6:8B:C8:10:E1:3E:FC:B6:22:F0:7A:58:D2:F1:87:86:A7:45:AE:B4:44:83:4D:88:BB:66:38:2B:E0:95:28:34:6D:E6:09:EB:AC:72:E2:02:43:B9:F7:C2:47:35:A7:7C:2F:F2:9B:BA:B0:19:E5:19:1E:9C:EA:3E:4C:79:3B:39:C6:CA:77:A1:E8:8D:77:5E:F8:C0:B1:AD:DE:6E:00:67:DA:1D:61:21:87:14:49:F4:88:6D:4C:95:25:15:20:2F:10:D9:AD:13:35:F6:31:01:47:63\"", " },", " \"key_size\": 2048,", " \"validity\": {", " \"not_valid_after\": \"2022-11-03 01:07:46\",", " \"not_valid_before\": \"2021-11-03 01:07:47\"", " }", "}"]} TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:83 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"cert_issued": {"extensions": {"authorityKeyIdentifier": {"critical": false, "value": "37:CC:87:39:55:95:C5:F1:98:E4:E9:AC:BC:7F:AA:94:62:AE:01:AE"}, "basicConstraints": {"critical": true, "value": {"ca": false}}, "extendedKeyUsage": {"critical": false, "value": [{"name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1"}, {"name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2"}]}, "keyUsage": {"critical": false, "value": ["digital_signature", "key_encipherment"]}, "subjectAltName": {"critical": false, "value": [{"name": "DNS", "value": "www.example.com"}]}, "subjectKeyIdentifier": {"critical": false, "value": "47:9A:51:3B:F8:C0:C5:39:78:DD:58:D5:E1:04:22:9A:B7:F5:E6:CF"}}, "key_size": 2048, "signature_algorithm": {"algorithm": "sha256WithRSAEncryption", "signature": "7C:AC:E1:6B:C9:E4:16:75:CE:FA:49:D7:54:C3:4E:A6:EA:D1:95:E9:DB:2A:14:EF:4E:C2:6D:36:B6:93:68:39:E2:45:34:D4:1F:98:42:69:B8:5E:25:F1:FD:58:18:2F:A3:A0:D4:05:51:F5:FE:A3:FA:E5:FD:A3:8E:9E:BC:18:F7:E2:51:41:90:59:AA:CA:43:87:2F:EC:AA:7D:E5:8E:A0:08:3F:B7:37:7E:D1:38:88:95:69:DD:E1:CF:5D:61:D2:F1:64:85:4B:9F:DE:2E:47:BE:69:27:D3:F4:69:F1:F1:53:21:41:F0:5B:92:94:6D:36:57:7D:71:F4:D3:58:DF:BE:B5:79:A3:5B:98:6F:24:FD:48:3E:5A:5B:05:1F:48:48:BF:3B:32:ED:C6:8B:C8:10:E1:3E:FC:B6:22:F0:7A:58:D2:F1:87:86:A7:45:AE:B4:44:83:4D:88:BB:66:38:2B:E0:95:28:34:6D:E6:09:EB:AC:72:E2:02:43:B9:F7:C2:47:35:A7:7C:2F:F2:9B:BA:B0:19:E5:19:1E:9C:EA:3E:4C:79:3B:39:C6:CA:77:A1:E8:8D:77:5E:F8:C0:B1:AD:DE:6E:00:67:DA:1D:61:21:87:14:49:F4:88:6D:4C:95:25:15:20:2F:10:D9:AD:13:35:F6:31:01:47:63"}, "subject": [{"name": "localityName", "oid": "2.5.4.7", "value": "Raleigh"}, {"name": "countryName", "oid": "2.5.4.6", "value": "US"}, {"name": "stateOrProvinceName", "oid": "2.5.4.8", "value": "NC"}, {"name": "commonName", "oid": "2.5.4.3", "value": "Some other common name"}, {"name": "organizationName", "oid": "2.5.4.10", "value": "Red Hat"}, {"name": "organizationalUnitName", "oid": "2.5.4.11", "value": "Linux"}], "validity": {"not_valid_after": "2022-11-03 01:07:46", "not_valid_before": "2021-11-03 01:07:47"}}}, "changed": false} TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:87 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:96 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify key size] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:105 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:112 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:125 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:141 ok: [/cache/centos-7.qcow2c] => {"changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.038175", "end": "2021-11-03 01:08:03.677622", "rc": 0, "start": "2021-11-03 01:08:03.639447", "stderr": "", "stderr_lines": [], "stdout": "yes", "stdout_lines": ["yes"]} TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpvvgb4zlc/tests/tasks/assert_certificate_parameters.yml:150 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=31 changed=9 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 + cd /tmp/tmpvvgb4zlc/tests; TEST_SUBJECTS=/cache/centos-7.qcow2c TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-100-3dbef8b-centos-7-9qbgm6b2/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpvvgb4zlc/_setup.yml /tmp/tmpvvgb4zlc/tests/tests_subject_complex.yml ansible-playbook 2.9.23 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpvvgb4zlc/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpvvgb4zlc/_setup.yml:5 ok: [/cache/centos-7.qcow2c] => { "groups": { "all": [ "/cache/centos-7.qcow2c" ], "localhost": [ "/cache/centos-7.qcow2c" ], "subjects": [ "/cache/centos-7.qcow2c" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpvvgb4zlc/_setup.yml:7 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_subject_complex.yml ******************************************** 2 plays in /tmp/tmpvvgb4zlc/tests/tests_subject_complex.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_subject_complex.yml:2 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python-pyasn1", "python-cryptography"]}, "msg": "warning: /var/cache/yum/x86_64/7/base/packages/python-enum34-1.0.4-1.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) \"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-8.2003.0.el7.centos.x86_64 (installed)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n", "rc": 0, "results": ["dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-enum34 noarch 1.0.4-1.el7 base 52 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\nPublic key for python-enum34-1.0.4-1.el7.noarch.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 5.6 MB/s | 1.2 MB 00:00 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": {"installed": ["certmonger"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-16.el7_9 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-16.el7_9.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-16.el7_9 updates 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 base 33 k\n libtevent x86_64 0.9.39-1.el7 base 41 k\n psmisc x86_64 22.20-17.el7 base 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 base 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 base 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 981 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 5.0 MB/s | 981 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-16.el7_9.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : certmonger-0.78.4-16.el7_9.x86_64 2/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 3/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-16.el7_9 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 changed: [/cache/centos-7.qcow2c] => (item=certmonger) => {"__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": {"ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "network.target systemd-journald.socket system.slice syslog.target dbus.service basic.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14969", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14969", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0"}} TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 changed: [/cache/centos-7.qcow2c] => (item={u'common_name': u'# \\\\Every"thing+that,ne;edsing\\0 ', u'ca': u'self-sign', u'contact_email': u'admin@example.com', u'name': u'mycert', u'dns': u'www.example.com'}) => {"ansible_loop_var": "item", "changed": true, "item": {"ca": "self-sign", "common_name": "# \\\\Every\"thing+that,ne;edsing\\0 ", "contact_email": "admin@example.com", "dns": "www.example.com", "name": "mycert"}, "msg": "Certificate requested (new)."} META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_subject_complex.yml:16 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_subject_complex.yml:36 skipping: [/cache/centos-7.qcow2c] => (item={u'path': u'/etc/pki/tls/certs/mycert.crt', u'key_path': u'/etc/pki/tls/private/mycert.key', u'subject_alt_name': [{u'name': u'DNS', u'value': u'www.example.com'}], u'subject': [{u'oid': u'1.2.840.113549.1.9.1', u'name': u'emailAddress', u'value': u'admin@example.com'}, {u'oid': u'2.5.4.3', u'name': u'commonName', u'value': u'# \\\\Every"thing+that,ne;edsing\\0 '}]}) => {"ansible_loop_var": "cert", "cert": {"key_path": "/etc/pki/tls/private/mycert.key", "path": "/etc/pki/tls/certs/mycert.crt", "subject": [{"name": "emailAddress", "oid": "1.2.840.113549.1.9.1", "value": "admin@example.com"}, {"name": "commonName", "oid": "2.5.4.3", "value": "# \\\\Every\"thing+that,ne;edsing\\0 "}], "subject_alt_name": [{"name": "DNS", "value": "www.example.com"}]}, "changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=10 changed=6 unreachable=0 failed=0 skipped=2 rescued=0 ignored=0 + cd /tmp/tmpvvgb4zlc/tests; TEST_SUBJECTS=/cache/centos-7.qcow2c TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-100-3dbef8b-centos-7-9qbgm6b2/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpvvgb4zlc/_setup.yml /tmp/tmpvvgb4zlc/tests/tests_wrong_provider.yml ansible-playbook 2.9.23 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpvvgb4zlc/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpvvgb4zlc/_setup.yml:5 ok: [/cache/centos-7.qcow2c] => { "groups": { "all": [ "/cache/centos-7.qcow2c" ], "localhost": [ "/cache/centos-7.qcow2c" ], "subjects": [ "/cache/centos-7.qcow2c" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpvvgb4zlc/_setup.yml:7 skipping: [/cache/centos-7.qcow2c] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_wrong_provider.yml ********************************************* 1 plays in /tmp/tmpvvgb4zlc/tests/tests_wrong_provider.yml PLAY [Test issuing certificate with nonexistent provider] ********************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpvvgb4zlc/tests/tests_wrong_provider.yml:2 ok: [/cache/centos-7.qcow2c] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpvvgb4zlc/tasks/main.yml:2 ok: [/cache/centos-7.qcow2c] => {"ansible_facts": {"__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": ["python-pyasn1", "python-cryptography", "python-dbus"]}, "ansible_included_var_files": ["/tmp/tmpvvgb4zlc/vars/CentOS_7.yml"], "changed": false} TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:17 changed: [/cache/centos-7.qcow2c] => {"changed": true, "changes": {"installed": ["python-pyasn1", "python-cryptography"]}, "msg": "warning: /var/cache/yum/x86_64/7/base/packages/python-enum34-1.0.4-1.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) \"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-8.2003.0.el7.centos.x86_64 (installed)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n", "rc": 0, "results": ["dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.jaleco.com\n * extras: mirror.umd.edu\n * updates: mirrors.advancedhosters.com\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 base 502 k\n python2-pyasn1 noarch 0.1.9-7.el7 base 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 base 218 k\n python-enum34 noarch 1.0.4-1.el7 base 52 k\n python-idna noarch 2.4-1.el7 base 94 k\n python-ply noarch 3.4-11.el7 base 123 k\n python-pycparser noarch 2.14-1.el7 base 104 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\nPublic key for python-enum34-1.0.4-1.el7.noarch.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 3.4 MB/s | 1.2 MB 00:00 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n"]} TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:34 skipping: [/cache/centos-7.qcow2c] => (item=fake-provider) => {"__certificate_provider": "fake-provider", "ansible_loop_var": "__certificate_provider", "changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:45 skipping: [/cache/centos-7.qcow2c] => (item=fake-provider) => {"__certificate_provider": "fake-provider", "ansible_loop_var": "__certificate_provider", "changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:71 skipping: [/cache/centos-7.qcow2c] => (item=fake-provider) => {"__certificate_provider": "fake-provider", "ansible_loop_var": "__certificate_provider", "changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpvvgb4zlc/tasks/main.yml:100 skipping: [/cache/centos-7.qcow2c] => (item=fake-provider) => {"__certificate_provider": "fake-provider", "ansible_loop_var": "__certificate_provider", "changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpvvgb4zlc/tasks/main.yml:112 failed: [/cache/centos-7.qcow2c] (item={u'ca': u'self-sign', u'name': u'mycert', u'dns': u'www.example.com', u'provider': u'fake-provider'}) => {"ansible_loop_var": "item", "changed": false, "item": {"ca": "self-sign", "dns": "www.example.com", "name": "mycert", "provider": "fake-provider"}, "msg": "Chosen provider 'fake-provider' is not available."} TASK [assert...] *************************************************************** task path: /tmp/tmpvvgb4zlc/tests/tests_wrong_provider.yml:22 ok: [/cache/centos-7.qcow2c] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/centos-7.qcow2c : ok=5 changed=1 unreachable=0 failed=0 skipped=5 rescued=1 ignored=0